Security Architect
London, United Kingdom
Department Overview
Reporting to the UK CIO and part of the Technology department, the Principal Security Architect is responsible for designing and implementing robust security architectures to protect ING WB UK’s information assets. This role involves leading the development of security strategies, ensuring compliance with industry standards, and collaborating with various teams to enhance the overall security posture.
Main Duties and Responsibilities of Role:
Key responsibilities:
IT Risk Roadmap: Collaborate with IT Security and DevOps squads to develop and maintain the IT Risk Roadmap, ensuring alignment with organisational goals and local WB UK ambitions.
Security Architecture Design: Develop and maintain security architectures for applications, infrastructure, and cloud environments aligned with ING Security Architecture guidance and ING Security Standards.
Compliance: Ensure compliance with relevant security standards and regulations, such as DORA and GDPR.
Security Initiatives and Major Changes: Leading the design, providing guidance, and performing verification of architecture implementation on global programmes for WB UK.
Ad-hoc Security design advisory: Support DevOps squads by investigating and designing appropriate security solutions/services to be leveraged within ING.
Design Deviations: Review deviations against designs and provide risk assessment for waiver.
Security Architecture community: Participate to Group Architecture forums and receive regular update on changes to security architectures to address emerging threats and technologies.
Qualification/Education
Essential: Relevant certifications such as CISSP, CISM, CEH, or equivalent.
Desirable: Master’s degree in Computer Science, Information Security, or a related field.
Experience/Knowledge
Essential:
Minimum of 10 years of experience in information security
Desirable
In-depth knowledge of security frameworks and standards (e.g., NIST, ISO)
Experience with cloud security (e.g., AWS, Azure, Google Cloud).
Proficiency in security technologies such as firewalls, IDS/IPS, SIEM, and encryption.
Personal Competencies
Essential:
Excellent problem-solving and analytical skills.
Strong communication and leadership abilities.
The ability to communicate complex security concepts to non-technical stakeholders.
Desirable:
Experience working in regulated industry (Financial Institutions)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure CEH CISM CISSP Cloud Compliance Computer Science DevOps Encryption Firewalls GCP GDPR IDS IPS NIST Risk assessment SIEM
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.