Manager Principal Security Architect: Secure Design (IC)

Join to apply for the Manager Principal Security Architect: Secure Design (IC) role at LSEG

Manager Principal Security Architect: Secure Design (IC)

2 days ago Be among the first 25 applicants

Join to apply for the Manager Principal Security Architect: Secure Design (IC) role at LSEG

Get AI-powered advice on this job and more exclusive features.

Security Architecture - Secure Design Team

• Business Aligned Principal Security Architects
• CyberSecurity Engineering
• CyberSecurity Testing and Vulnerability Management
• Cloud Security
• Identity Management
• Security Architecture Design Forum (member)
• Project teams
• BISOs

• Develop Security Architecture Design Patterns and Standards to comply with group security requirements, industry standards, customer requirements, regulatory requirements and good practices.
• Assist the development of and champion a Security Architecture control framework.
• Research, design and document the security posture requirements and controls of new technology introduced into the Group. Engage with technology acquisition processes to ensure all new technology introduced is evaluated.
• Research industry trends and regulatory requirements.
• Lead the Security Architecture evaluation of risks identified in systems, including reviewing, and proposing tactical and strategic remediation plans, and evaluation of the cost / risk benefits of remediations.
• Actively contribute to the adoption of secure by design practices, with technical delivery teams for both existing systems and new systems, e.g. use of internal or external guidance, leading Threat Modelling activity.
• Nurture the use of secure technical practices to deliver technical excellence.
• Support experimentation and innovation in solving problems
• Supervise third parties in their deliveries related to the domain area
• Provide company representation, internally and externally, related to information security, as needed.
• Contributes to the development of metrics and their monitoring to report the effectiveness and efficiency of the Security Architecture function.
• Contributes to the content and management of the Security Architecture intranet presence.

• Guiding and mentoring other team members as required
• Deputising for Senior Manager - Secure Design when required

• Developing and prioritising the security design pattern library
• Developing and delivering the security design patterns - individually or in conjunction with other teams, as necessary
• Working with the neighbouring security teams and delivery projects to address emerging areas of secure design guidance and interventions
• Developing security architecture interventions in business specific process for acquiring and developing new technology
• Contributing to the development and reporting of metrics for the Secure Design team, within the broader Security Architecture function

• the ability to work effectively and pragmatically with project teams, to drive secure by design outcomes, while enabling projects to deliver.
• develop or refresh security architectural collateral - based on the planned and emerging needs of the business
• during project delivery, identifying gaps in security architecture collateral to be added to the security design pattern library

• Delivery of design patterns (timeframe from development initiation to substantive draft, through to general availability)
• Successful outcomes from security architectural interventions with delivery projects

• Experience of enterprise architecture frameworks and their application
• Experience in threat modelling / design pattern development
• Proven Experience in designing and applying security controls into distributed systems (on premises and cloud)
• Thorough understanding of the latest security principles, techniques and protocols
• Critical, independent thinking
• Problem solving skills, ability to work under pressure and self-starter
• Deep understanding of both common and emerging vulnerabilities including their manifestation in different architectures (web applications, thick clients, APIs, networked infrastructure etc)
• Familiarity with industry standard guidance OWASP Top 10, SANS Top 25, NIST / CSC, CIS, NCSC etc.
• Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security.
• Experience of writing succinct, reader oriented, visually compelling documentation
• Familiarity with common Developer Tools (GitLab/Azure DevOps etc) and some experience with using YAML/Markdown/Terraform.

• Preferred prior experience in the financial services and / or technology sector
• Preferred prior experience in a heavily regulated environment

• Experience in supervising and supporting specialist individual contributors in technology domains; inspiring others to delivery of outcomes.
• Experience in working collaboratively with remote and offshore team members
• Must have a collaborative work style ensuring that stakeholders are engaged in decision making processes.
• Highly adaptable and able to approach challenges differently in order to achieve goals.

Seniority level

• Seniority level

  Mid-Senior level

Employment type

• Employment type

  Full-time

Job function