Architect, Application Security

Role profile:

Are you a hard-working security specialist looking for a great opportunity to make business-critical high-performance systems secure? Are you interested in getting involved in the full SDLC from design to deployment of such systems? If yes, then this Security Architect position may be a perfect fit for you!

Role summary:

We are looking for an Application Security Architect who will be responsible for ensuring the security of the business-critical high-performance applications built and deployed by Market Infrastructure Technology (MIT) at LSEG. The role involves crafting secure applications, defining security policies and standards aligned with LSEG, and performing security assessments and testing. The role will collaborate with development teams, IT, Group security, and other teams to integrate security into the software development lifecycle (SDLC) and provide guidance on best practices in secure coding, architecture, and threat mitigation.

What you'll be doing:

Secure Application Design:

Work closely with development and engineering teams to design applications with a focus on security from the ground up. Create security architecture standards, patterns, and frameworks aligned with Group security. Ensure that security requirements are met at every stage of the development process, including design, implementation, and deployment.

Policies and Governance:

Define, develop, and enforce security policies, procedures, and standards for application development and deployment aligned with LSEG. Develop secure coding guidelines and educate developers on secure development. Implement and maintain governance over security controls to ensure compliance with industry regulations and Group policies.

Security Testing and Assessments:

Conduct threat modeling, vulnerability assessments, and risk analysis to identify potential security risks in applications. Perform and coordinate security testing, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Penetration Testing. Collaborate with QA and Dev teams to integrate automated security testing into the CI/CD pipelines.

Risk Management and Mitigation:

Work with development teams to prioritize and remediate vulnerabilities found during security assessments. Provide technical expertise and guidance on application security vulnerabilities and mitigation strategies. Participate in incident response and post-incident reviews to improve security posture.

Teamwork and Training:

Serve as a security domain expert and advisor for teams, IT, and leadership. Provide ongoing security training and awareness programs for all teams. Stay ahead with emerging security trends, threats, and technologies to continuously improve security processes and strategies.

What you'll bring:

• Master’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 10+ years of experience in application security, or security architecture roles.
• Strong understanding of secure coding practices, software architecture, and security design patterns.
• Proficiency in performing security assessments, including threat modeling, penetration testing, and vulnerability analysis.
• Experience with security tools such as SAST, DAST, and runtime application self-protection (RASP).
• Knowledge of industry standards and frameworks, such as OWASP Top 10, NIST, and ISO 27001.
• Familiarity with cloud security architecture, microservices, and containerized application security.
• In depth knowledge and experience in developing and securing business-critical, high performance financial systems.
• Security certifications such as CISSP, CISM, CEH, or OSCP.
• Excellent interpersonal skills with the ability to convey complex security concepts to both technical and non-technical teams.

What you’ll get in return:

Opportunity to work with elite talent in building business critical, high-performance system.

To be part of a global brand where security is a top priority.

Experience an amazing work culture.

We recognize that to attract the best talent, we need to be flexible, and we are open to discussing work arrangements with you. We take a hybrid approach to workplace, this role is a blended work model.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.