Security Architect
London, United Kingdom
Ocorian
Ocorian is a global leader in fund administration, capital markets, corporate and fiduciary services. Discover more here.Company Description
Fund services | Corporate | Capital markets | Private client | Regulatory & Compliance
We help clients succeed by unlocking new value through expertise, trust and scale. We deliver solutions that solve complex challenges faced by asset managers, financial institutions, corporates, high net-worth individuals and family offices.
With a curious mindset, we ask the right questions to get to the right solution, faster. We collaborate to win together, sharing successes and shaping the future of our global business. Our culture of support and recognition provides the tools and opportunities for you to grow, while unlocking the most value for our clients and making your mark with Ocorian.
Expertise: We deliver specialist, tech-enabled solutions for our clients grounded on deep industry expertise.
Trust: We’re a trusted partner to over 8,000 clients globally. We are proud to have long-lasting partnerships with our clients.
Scale: With more than 1,500 colleagues, we operate across 20+ countries, our scale enables us to support our clients globally and locally, providing a seamless client experience across borders and service lines.
Job Description
Purpose of the Job
Reporting to CISO; the Security Architect is responsible for designing, implementing, and maintaining the security architecture of our organization. You will work closely with cross-functional teams to identify security requirements, assess current systems, and develop comprehensive security solutions to safeguard our assets. The ideal candidate will possess a strong background in information security, a deep understanding of emerging threats, and a proven track record of implementing effective security measures.
Main Responsibilities
- Security Architecture Design: Develop and maintain the overall security architecture framework, ensuring alignment with business objectives and regulatory requirements.
- Risk Assessment: Conduct regular risk assessments and vulnerability analyses to identify potential security weaknesses and recommend mitigating controls.
- Security Policies and Procedures: Establish and enforce security policies, standards, and procedures to maintain the confidentiality, integrity, and availability of assets.
- Technology Evaluation: Evaluate new security technologies and products, making recommendations for their integration into existing systems to enhance overall security posture.
- Incident Response Planning: Develop incident response plans and lead incident response efforts in the event of security breaches or incidents.
- Security Awareness and Training: Provide security awareness training to employees and promote a culture of security awareness throughout the organization.
- Compliance and Audit Support: Ensure compliance with relevant regulations and standards (e.g., GDPR, ISO 27001) and support internal and external audits as needed.
- Security Governance: Collaborate with key stakeholders to establish and maintain effective security governance processes and structures.
- Security Testing and Assessment: Coordinate and oversee security testing activities, including penetration testing, vulnerability scanning, and security assessments.
- Participate in designated projects and business initiatives as the security subject matter expert.
- Review and uncover new and evolving threats and report these to Infosec with appropriate plans for combating such threats
Qualifications
Experience, Skills & Experience
Preferred experience in some of the following areas:
- Identity and Access Management
- Application Security, cryptography, and protocols
- Secure System Development Live Cycle
- Security Incident Management and monitoring
- Security Operations, and Cyber Security
- Vulnerability management and penetration testing
- Information Security Management, Risk Management, and Asset Security
- Computer, IT Security, Network Security, and Cloud Security
- Security standards, laws, and compliance
- Experience in implementing security controls to improve system/platform overall security.
- Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
- Ability to work independently and pro-actively contribute to a global team environment.
- Excellent interpersonal, communication and presenting skills; able to concisely communicate security risks to both technical and business audiences
"Nice to have" experience in:
- Digital Transformation Programmes
- Agile Methodology
- JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience
- Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
- Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan
Additional Information
All staff are expected to embody our core values that underpin everything that we do and that reflect the skills and behaviours we all need to be successful. These are:
- We are CLIENT CENTRIC – Clients are at the centre of our world, and we’re committed to providing expertise and specialist solutions to meet their most complex challenges.
- We are AMBITIOUS – We aim high. We think and act globally, seizing every opportunity to delight our clients and support our colleagues - wherever in the world they may be.
- We are AGILE – We act on our initiative to get things done for our clients. Our independence gives us the flexibility and freedom to keep things simple, efficient and effective.
- We are COLLABORATIVE – With a curious mindset, we ask the right questions to get to the right solution, for our clients faster. We collaborate to win together and share our successes.
- We are ETHICAL – We behave with integrity at all times and assume positive intent, building trust through responsible actions and honest relationships.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Application security Audits C CISO Cloud Compliance CompTIA Cryptography GDPR GIAC Governance IAM Incident response ISACA ISO 27001 ITIL Java Monitoring Network security OWASP Pentesting Perl PHP Python Risk assessment Risk management Ruby Security assessment Vulnerabilities Vulnerability management
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs