Security Architect

We are partnered with a reputable global consultancy that is looking for 2 SECURITY ARCHITECTS to work on a very exciting LONG-TERM PROJECT in the financial services sector. These roles would require experience in either Payments or Mortgages.

Role: SECURITY ARCHITECT – PAYMENTS / MORTGAGES

Location: Swindon / London

Vacancies: 2 openings

Duration: 6 months (initially – view to extend)

Role Description:

As a Security Architect focusing on Mortgages systems, your primary responsibility will be design, implement, and maintain robust security architectures for payment systems within a financial organization. This role involves ensuring the security of financial transactions, protecting sensitive data, and complying with industry regulations.

Key Responsibilities:

• Develop and implement comprehensive security strategies for Payments System Upgrades.
  
  
• Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies.
  
  
• Create comprehensive threat models aligning with MITRE ATTACK/STRIDE frameworks.
  
  
• Recommend the best controls & mitigations to potential vulnerabilities
  
  
• Ensure the design comply with relevant regulations and standards, including GDPR, SOX, and PCI-DSS.
  
  
• Implement advanced encryption and access control mechanisms to safeguard data integrity and confidentiality.
  
  
• Implement Cloud Security controls through Firewalls and leverage Defender for Cloud capabilities in the Security design
  
  
• Ensure data at rest and data in transit are encrypted using appropriate mechanisms.
  
  
• Communicate security risks and strategies effectively to stakeholders, including executive leadership and IT teams.
  
  Key Skills:
  
  
• Should have proven experience as a Security Architect working in a large, complex organization. Ideally, this experience would be within a financially regulated enterprise (e.g., PCI compliance).
  
  
• Proven experience working previously for for financial organizations
  
  
• Previous relevant experience in developing bespoke Threat Models leveraging frameworks like MITRE ATTACK & STRIDE
  
  
• Proficiency in assessing the Identity & Access Management functions & associated risks during Acquisition process.
  
  
• Be able to understand and assess the security elements of technical designs / solutions and have a proven ability to constructively challenge to deliver better business and security outcomes.
  
  
• Good knowledge of cryptography
  
  
• Knowledge of MS Defender for Cloud
  
  
• Basic understanding of Mortgage systems / SAP Architecture in finance