Manager – Principal Security Architect: Secure Design (IC)

Manager – Principal Security Architect: Secure Design (IC)

Join to apply for the

Manager – Principal Security Architect: Secure Design (IC)

role at

LSEGManager – Principal Security Architect: Secure Design (IC)

2 days ago Be among the first 25 applicantsJoin to apply for the

Manager – Principal Security Architect: Secure Design (IC)

role at

LSEGGet AI-powered advice on this job and more exclusive features.Security Architecture - Secure Design Team

Role:

Manager - Principal Security Architect: Secure Design (Individual Contributor)

Grade:

GG14

The Security Architecture Design team is responsible for developing Security Architecture patterns, developing security controls needed for new technology, promoting the use of the architectural patterns into development projects, leading the Security Architecture Design Forum, Evaluating architectural security risks in existing systems, consulting with system development teams and architects on building security into their design.

This key task of this role is accelerating the delivery of secure design artefacts and leading secure design interventions - by adding capacity and capability to the team.

Reports to:

Senior Manager - Secure Design

Key Relationships

Business Aligned Principal Security ArchitectsCyberSecurity EngineeringCyberSecurity Testing and Vulnerability ManagementCloud SecurityIdentity ManagementSecurity Architecture Design Forum (member)Project teamsBISOs

Key Responsibilities

Develop Security Architecture Design Patterns and Standards to comply with group security requirements, industry standards, customer requirements, regulatory requirements and good practices.Assist the development of and champion a Security Architecture control framework.Research, design and document the security posture requirements and controls of new technology introduced into the Group. Engage with technology acquisition processes to ensure all new technology introduced is evaluated.Research industry trends and regulatory requirements.Lead the Security Architecture evaluation of risks identified in systems, including reviewing, and proposing tactical and strategic remediation plans, and evaluation of the cost / risk benefits of remediations.Actively contribute to the adoption of secure by design practices, with technical delivery teams for both existing systems and new systems, e.g. use of internal or external guidance, leading Threat Modelling activity.Nurture the use of secure technical practices to deliver technical excellence.Support experimentation and innovation in solving problemsSupervise third parties in their deliveries related to the domain areaProvide company representation, internally and externally, related to information security, as needed.Contributes to the development of metrics and their monitoring to report the effectiveness and efficiency of the Security Architecture function.Contributes to the content and management of the Security Architecture intranet presence.

Team Responsibilities

Guiding and mentoring other team members as requiredDeputising for Senior Manager - Secure Design when required

Critical Deliverables

Developing and prioritising the security design pattern libraryDeveloping and delivering the security design patterns - individually or in conjunction with other teams, as necessaryWorking with the neighbouring security teams and delivery projects to address emerging areas of secure design guidance and interventionsDeveloping security architecture interventions in business specific process for acquiring and developing new technologyContributing to the development and reporting of metrics for the Secure Design team, within the broader Security Architecture function

Impact

This is a group-wide role which is key to effective and efficient management of security risks associated with business technology systems.

The success of the post holder will be in balancing the major aspects of the role:

the ability to work effectively and pragmatically with project teams, to drive secure by design outcomes, while enabling projects to deliver.develop or refresh security architectural collateral - based on the planned and emerging needs of the businessduring project delivery, identifying gaps in security architecture collateral to be added to the security design pattern library

Key Performance Indicators

Delivery of design patterns (timeframe from development initiation to substantive draft, through to general availability)Successful outcomes from security architectural interventions with delivery projects

Functional Knowledge And Experience

7+ years of increasing responsibility in technical engineering or information security roles, security architecture preferred.

Experience of enterprise architecture frameworks and their applicationExperience in threat modelling / design pattern developmentProven Experience in designing and applying security controls into distributed systems (on premises and cloud)Thorough understanding of the latest security principles, techniques and protocolsCritical, independent thinkingProblem solving skills, ability to work under pressure and self-starterDeep understanding of both common and emerging vulnerabilities including their manifestation in different architectures (web applications, thick clients, APIs, networked infrastructure etc)Familiarity with industry standard guidance OWASP Top 10, SANS Top 25, NIST / CSC, CIS, NCSC etc.Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security.Experience of writing succinct, reader oriented, visually compelling documentationFamiliarity with common Developer Tools (GitLab/Azure DevOps etc) and some experience with using YAML/Markdown/Terraform.

Business and sector expertise

Preferred prior experience in the financial services and / or technology sectorPreferred prior experience in a heavily regulated environment

Leadership And Management Experience

Experience in supervising and supporting specialist individual contributors in technology domains; inspiring others to delivery of outcomes.Experience in working collaboratively with remote and offshore team membersMust have a collaborative work style ensuring that stakeholders are engaged in decision making processes.Highly adaptable and able to approach challenges differently in order to achieve goals.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of

Integrity, Partnership ,

Excellence

and

Change

underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants'' and employees'' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.Seniority level

Seniority level Mid-Senior levelEmployment type

Employment type Full-timeJob function

Job function Information TechnologyIndustries IT Services and IT Consulting and Financial ServicesReferrals increase your chances of interviewing at LSEG by 2xGet notified about new Security Architect jobs in

London, England, United Kingdom .Security Consultant (Hybrid, UK - 1 day per week with possible to increase)

London, England, United Kingdom 1 month agoSenior Information Security Engineer – Telecoms - Up to £100,000 Starting base + Bonus

Network and Infra Endpoint Security Architect - London

London, England, United Kingdom 2 weeks agoLondon, England, United Kingdom 1 week agoLondon, England, United Kingdom 2 weeks agoInformation Security Analyst - Audit, Compliance and Cybersecurity

London, England, United Kingdom 1 day agoSecurity Architect: Contract £900 p/d (Investment Banking)

London, England, United Kingdom 1 week agoCity Of London, England, United Kingdom 5 days agoLondon, England, United Kingdom 1 week agoInformation Security Analyst - Audit, Compliance and Cybersecurity

London, England, United Kingdom 1 week agoLondon, England, United Kingdom 1 week agoInformation Security Analyst - Audit, Compliance and Cybersecurity

London, England, United Kingdom 1 month agoCity Of London, England, United Kingdom £110,000.00-£130,000.00 5 days agoPrincipal Cyber Security Consultant - Hybrid

Head for Platform Security and Data Privacy

Greater London, England, United Kingdom 2 weeks agoSecurity Operations Analyst – Detection Engineering and Threat Hunting, Global SOC

London, England, United Kingdom 1 week agoLondon, England, United Kingdom 1 month agoSecurity Architects (DV Security Clearance)

London, England, United Kingdom 1 week agoLondon, England, United Kingdom 2 months agoLondon, England, United Kingdom 2 days agoLondon, England, United Kingdom 9 hours agoGreater London, England, United Kingdom 2 weeks agoHead of Security Architecture - London Stock Exchange Group

London, England, United Kingdom 5 days agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of ..... full job details .....