Principal Security Architect

Purpose of the role

To develop, implement and manage the banks cloud and security infrastructure, including the development and implementation of effective security administration processes for all platforms. 

Accountabilities

• Execution of assessments and analysis on new security technologies in the bank, including cloud access security brokers (CASBs), cloud data loss prevention (DLP) solutions, and cloud encryption solutions, to secure the banks cloud environments through seamless integration.
• Development and implementation of effective security administrative processes for all platforms, including cloud security architecture, aligned to the organisations security and regulatory requirements.
• Implementation of cloud security monitoring solutions to detect and alert on potential security threats and anomalies.
• Execution of incident investigations related to cloud security to identify the root causes and implement corrective measures promptly to minimise damage and return to normal operations.
• Identification, analysis and implementation of emerging cloud security technologies and solutions to prevent threats and enhance the banks cloud security posture.
• Development and maintenance of comprehensive documents and reports for senior stakeholders on cloud security architecture, policies, procedures and incidents.
• Collaboration with cloud operation team to manage the banks cloud security infrastructure, including identity and access management (IAM), network security, and data security controls, to protect cloud resources from unauthorized access and data breaches.

Director Expectations

• To manage a business function, providing significant input to function wide strategic initiatives. Contribute to and influence policy and procedures for the function and plan, manage and consult on multiple complex and critical strategic projects, which may be business wide..
• They manage the direction of a large team or sub-function, leading other people managers and embedding a performance culture aligned to the values of the business. Or for an individual contributor, they lead organisation wide projects and act as deep technical expert and thought leader, identifying new ways of working and collaborating cross functionally. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions..
• Provide expert advice to senior functional management and committees to influence decisions made outside of own function, offering significant input to function wide strategic initiatives.
• Manage, coordinate and enable resourcing, budgeting and policy creation for a significant sub-function.
• Escalates breaches of policies / procedure appropriately.
• Foster and guide compliance, ensure regulations are observed that relevant processes in place to facilitate adherence.
• Focus on the external environment, regulators, or advocacy groups to both monitor and influence on behalf of Barclays, when appropriate.
• Demonstrate extensive knowledge of how the function integrates with the business division / Group to achieve the overall business objectives.
• Maintain broad and comprehensive knowledge of industry theories and practices within own discipline alongside up-to-date relevant sector / functional knowledge, and insight into external market developments / initiatives.
• Use interpretative thinking and advanced analytical skills to solve problems and design solutions in often complex/ sensitive situations.
• Exercise management authority to make significant decisions and certain strategic decisions or recommendations within own area.
• Negotiate with and influence stakeholders at a senior level both internally and externally.
• Act as principal contact point for key clients and counterparts in other functions/ businesses divisions.
• Mandated as a spokesperson for the function and business division.

All Senior Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L – Listen and be authentic, E – Energise and inspire, A – Align across the enterprise, D – Develop others.

All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship – our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset – to Empower, Challenge and Drive – the operating manual for how we behave.

• The Chief Information Security Office (CISO) is a global team, with colleagues across Europe, Asia and the Americas. It sits within BX and supports the business in ensuring confidentiality, integrity and availability of the firm’s information assets. It is also responsible for implementing and operating world-class security solutions to meet business needs. CISO operates critical controls and works in partnership with the business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained. 
• The Principal Security Architect is a recognized cyber security expert who will work with the Chief Technology Officer (CTO) and across the firm’s Chief Information Officers (CIOs) to design and govern the application of patterns developers use to efficiently and effectively meet security requirements while building the systems that support the business. 
• Security is an emergent property of the many design decisions made across the set of technologists that created the components developers ultimately use to create applications. As a result, this role requires collaboration across multiple departments within the global organization.
• The Principal Security Architect will lead a team of dedicated architects to engage in and review internally developed solutions and third-party integrated systems to ensure designs include all necessary security controls and adopt established patterns where appropriate. The Principal Security Architect will ensure security is integrated into our technology infrastructure and then correctly applied in the development of business applications.
• The team works alongside Barclay’s engineering and operations teams including the Global Technology Infrastructure Service to ensure security is baked into major infrastructure projects such as enabling the bank’s cloud environments.
• In addition, the Principal Security Architect will oversee architect and engineering efforts to identify requirements and use cases and evaluate technologies against them and support product owners and engineers in development of efficient and effective designs for identified technologies. The intended result is a global team with visibility and reach across the entire Barclays technical community and with the ability to provide solutions to security challenges wherever they occur.