Information Security Architect - Banking

Information Security Architect - Banking

Excellent contract opportunity opens for a versatile and proactive Information Security Consultant to join a leading Bank which is currently undergoing a major technology transformation programme. The successful candidate will be Embedded within a technology delivery team, playing a critical role in ensuring that security is integrated seamlessly into change initiatives from inception through delivery.

Main Responsibilities

• Problem Solving - You will develop a deep knowledge of your workstreams technology stack and business outcomes allowing you to not only identify security risks but identify and propose practical solutions to the team. This role is all about helping teams deliver securely not just calling out risks.
• Risk and Control Assessments - You will lead risk & control assessments using the Banks defined processes, covering supplier due diligence, privacy impact assessments and project security.
• Risk Management - You will support your workstream identify and articulate risks, steering them towards appropriate treatment plans, documenting mitigating controls and ensuring these are actions within agreed timeframes. You will operate in line with the Bank's Risk Management framework (including sub-frameworks) and relevant risk and compliance policies and procedures, ensuring appropriate and timely escalation of any concerns to your line manager.
• Advisory - You will provide specialist advice and interpretation of Information Security best practice and UK regulatory requirements to a range of different stakeholders as new products, processes and systems are developed. You will need to be aware of your own knowledge gaps and when & where to seek specialist input to solve a particular problem or query
• Subject Matter Expertise - You will develop a deep knowledge of the Banks secure change processes and procedures, shepherding your workstream through various assessments and approval gates
• Relationship Management - You will build deep, trust based relationships with key stakeholders within your delivery team such as developers, testers, product managers, delivery leads and tech leads. You will be an active member of the delivery team, attending daily stand-ups, PI planning sessions and working groups.

About You

• Information Security - Solid, practical and demonstrable experience of information security (technical and non technical aspects)
• Privacy - You don't need to be a privacy expert but you will require a good understanding of core privacy concepts and how these apply to technology change initiatives
• Technology Change - Demonstrable experience of supporting technology change initiatives to deliver solutions securely
• You understand the intersection of Risk Management and Information Security and how these relate to each other in a Financial Service business (3LoD model)

Interested? Please Apply!