Security Architect

**JOB SUMMARY**
- As a Security Architect, you will have the opportunity to lead initiatives that protect our digital assets and maintain the trust of our customers. Your contributions will directly impact the resilience and integrity of our banking services in an increasingly complex cybersecurity landscape. If you are passionate about cybersecurity and thrive in a collaborative environment, we invite you to join us in shaping the future of secure banking operations.

**BUSINESS BACKGROUND**
- In the banking sector, ensuring robust cybersecurity measures is imperative to protect sensitive financial data, maintain customer trust and adhere to stringent regulatory requirements. The role of a Security Architect is pivotal in this landscape, responsible for designing and implementing security solutions that safeguard against sophisticated cyber threats such as data breaches, fraud, and malware attacks.
- As financial institutions increasingly rely on digital platforms for transactions and client interactions, the Security Architect plays a crucial role in integrating security controls seamlessly into organization’s technology infrastructure. This includes collaborating closely with IT teams, development groups, and compliance officers to ensure that security measures are not only effective but also compliant with industry standards and regulations such as GDPR, PCI-DSS, and local banking regulations.
- Moreover, the Security Architect must stay abreast of emerging cybersecurity trends and technologies to proactively address potential vulnerabilities and adapt security strategies accordingly. By maintaining a proactive approach to cybersecurity, the Security Architect helps mitigate risks, protect sensitive financial information, and uphold the integrity of banking operations in an increasingly interconnected digital ecosystem.

**KEY STAKEHOLDERS**
- Lines of Business and Ventures
- Tech Organization and Platform Owners
- Engineering Teams
- Compliance and Risk Management
- Executive Management
- Audit
- Suppliers and partners

**RESPONSIBILITIES**
- A Security Architect will be responsible for one or more of the following at the same time.

**Create Security Architectures**

**Automate Security Design**
- Implement and manage blueprints templates to standardize and automate security measures and controls across security domains and platforms.
- Establish Security Architecture Methodologies and Frameworks
- Establish security principles, policies, standards, methodologies, and frameworks for various platforms used by the Group to run its business.

**Security Architecture Governance**
- Participate in the governance forums of Business Units to ensure Enterprise Security Architecture practices are carried out and provide the necessary support to enable Security Architecture practices within the Lines of Businesses.

**Collaborate with Delivery Teams**
- Work closely with development and IT teams to integrate security measures into the software development lifecycle (SDLC), ensuring that security is prioritized from design through deployment.

**Conduct Risk Assessments**
- Perform regular risk assessments and vulnerability assessments to identify potential security weaknesses and develop effective mitigation strategies.

**Achieve systemic risk reduction**
- Lead security domain practices to create security strategy for the domain, including baseline security architecture, target security architecture, roadmaps, risks and mitigation plans.

**Evaluate and Recommend Security Technologies**
- Stay current with emerging security technologies and trends, evaluate their applicability to our environment, and recommend solutions that enhance our security posture.

**KEY REQUIREMENTS**
- Proven experience as a Security Architect or in a similar role within information security.
- Extensive Knowledge and hands-on experience with Infrastructure as a code (e.g Terraform), Policy as Code frameworks (e.g. OPA, HashiCorp Sentinel) and configuration management tools (e.g. Ansible)
- Familiarity with Blueprints templates for securing architecture is a plus.
- Excellent analytic and problem-solving skills with a proactive mindset.
- Strong communication skills, capable of conveying complex security concepts to technical and non-technical stakeholders.
- Effective collaboration, capable of working with cross-functional teams, including IT, legal, compliance, and business units.
- Demonstrated ability to adapt to changing technologies, security threats, and business needs, while maintaining a proactive approach to security.

**Qualification**
- Education Bachelor’s degree in computer science, Information Security, or in a related field.
- Training Security Architecture and Security Design relevant training
- Languages English

**Role Specific Technical Competencies**
- Information Security Architecture
- Information Security Technologies
- Software Engineering
- Software Development
- Emerging Technologies

**About Standard Chart