Security Architect
Liverpool, United Kingdom
Applications have closed
Evelyn Partners
We've been experts in wealth, accountancy and business advisory services since 1836.Company Description
Evelyn Partners is the UK’s leading integrated wealth management and professional services group, with over 186 years of experience in helping generations of people and businesses to thrive. We offer an extensive range of financial and professional services to individuals, family trusts, professional intermediaries, charities and businesses.
We provide an award-winning service for our clients by employing the best people. Join us on our mission to place the power of good advice into more hands because we believe that everyone deserves access to good advice, regardless of where they’re at in their financial journey.
An exceptional track record of growth and innovation is driven by our core values of: Personal, offering advice based on a true understanding of what matters to our clients; Partnership, working with our clients in a joined-up, collaborative way; and Performance, demonstrating a breadth and depth of advice expertise to deliver first-class results.
Read more about us and available career opportunities here:
Wealth, accountancy and business advisory services | Evelyn Partners
Job Description
The Security Architecture/ Manager will be responsible for developing, implementing, and running our security engineering and operations processes.
This role will involve overseeing security design/architecture of our security tooling; GRC, security engineering (Software/DevSecOps & Platform Infrastructure), security operations (including 24/7 SOC) and threat intelligence/vulnerability management.
They will also be responsible for liaising with the Portfolio, Architecture and Solution Design boards to ensure that new change requirements/designs are triaged for security impact and ‘secure by design’ by adhering to our baseline security controls. Working with an internal team of 12 security professionals, along with 3rd party support partners, the successful candidate will play a critical role in ensuring the security of our systems, networks, and data.
- Develop and implement information Security Design Principles, Baselines & Standards: Formulate and execute a long-term security operations strategy aligned with the organisations goals and industry best practices.
- Security Design & Technology Evaluation: Complete Threat Modelling and Security Design/Review activity for business and technology solutions. Evaluate and recommend security technologies and solutions to improve the organisation's security posture.
- Project/ Programme: Be the security point of contact for business and technology change. Understanding requirements and providing impact assessments/costs associated with security’s involvement in the project
- Security Operations: Provide support and guidance to enhance operation tooling/automation and provide expert knowledge to incident response teams when required.
- Compliance and Risk Management: Ensure compliance with industry regulations, standards (e.g., Cyber Essentials, NIST, GDPR, HIPAA, ISO 27001), and internal policies. Identify and assess security risks and develop risk management strategies.
- Security Awareness and Training: Support development and delivery or technical security awareness programs to business and DTS technology managers/professionals about cybersecurity best practices and threats; build a security culture.
- Vendor Management: Evaluate and manage third-party security vendors, products, and services to ensure they are adhering to agreed SLAs and adding value to our organisation
- Continuous Improvement: Incept and lead delivery of security improvement initiatives and changes following internal processes to improve the security posture of our environment and maturity against frameworks such as NIST
- Collaborate with the wider Digital Technology Services (DTS) teams such as Infrastructure, Service Management, Data & Analytics and Engineering/Development teams as well as teams outside of DTS to ensure security supports the achievement of business objectives
- Team Development: Act as a security/technical mentor to the wider security team. Act as technical/engineering security expert, primarily in cloud/infrastructure security.
Qualifications
- Bachelor's or Master's degree in Computer Science, Security Engineering or related field
- Relevant Industry certifications such as CISSP, CISM, CISA, or other security certifications
- Proven hands on experience in senior architecture, or engineering roles, managing hybrid (internal & 3rd party) operating models
- Prove experience of producing and representing architecture & design artefacts (options papers, high level designs, detailed designs)
- Experience/Understanding of GRC, Threat Intelligence, Security Assurance & Testing, Security Engineering, Security Operations, Vulnerability Management and KPI/KRI reporting
- Excellent leadership and team management skills
- Exceptional communication and interpersonal skills
- Excellent documentation, presentation and reporting skills
- Good commercial and contract awareness skills
- Good project management skills
- Experience of working in Financial Services, Private Equity owned and/or M&A environments
- Experience of People/Line Management would be beneficial
Additional Information
As a colleague here at Evelyn Partners, you will have access to benefits that include:
- Competitive salary
- Private medical insurance
- Life assurance
- Pension contribution
- Hybrid working model (role dependant)
- Generous holiday package
- Option to purchase additional holiday
- Shared parental leave
We are proud to value the differences that a diverse workforce brings, representative of society and our clients. At Evelyn Partners we have a wide range of highly active employee resource groups and we’re delivering multiple diversity, equity and inclusion initiatives across the organisation. It is our commitment to provide a workspace where all colleagues, regardless of identity, background, or circumstance, feel respected as individuals and feel that they can achieve their full potential and work in a safe, supportive, and inclusive environment.
We are happy to make any reasonable adjustments to accommodate for your needs throughout the application process. Please let your Recruiter know.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation CISA CISM CISSP Cloud Compliance Computer Science DevSecOps GDPR HIPAA Incident response ISO 27001 NIST Risk management SLAs SOC Strategy Threat intelligence Vendor management Vulnerability management
Perks/benefits: Career development Competitive pay Equity Health care Medical leave Parental leave Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs