Application Security Solution Architect
Our client, a Data Protection and Application Security organization, has global responsibility for the design, delivery and operational support for business critical security services within a global financial institution.
They are responsible for the design and delivery of the key products and services related to information security. This includes public key infrastructure, data leakage prevention, information right management, application security and testing (DMZ: De-militarized Zone, WAF: Web Application Firewall, SSO: Single Sign-On, reverse Proxy) and cloud security.
The successful candidate will be joining the Solution Architecture team, part of the Application Security Capability, and will be mainly responsible for the Internet-facing infrastructure and cloud initiatives across all regions. The applications that rely on our client’s systems and expertise include E-banking, trading systems, information portals and many more. The team is spread across Europe and it has a dynamic and multicultural atmosphere.
The Solution Architect role scope includes Internet facing applications, cloud security, federation authentication and token management. The activities related to the Architect within our client’s organization work on a wide variety of tasks and activities that are closely aligned with the financial institution’s strategic programs:
- Preparing and presenting strategy that define Application Security activities in the financial institution.
- Acting as a liaison with the financial institution’s other team to elicit their security requirements for Data Protection and Application Security Products.
- Identifying gaps and deficiencies in their security landscape and working with other architecture functions on defining strategy to address them.
- Working alongside product management to help define and shape the product and service strategy. Acting as the voice of the customer within the solution design process.
- Delivering security solutions for the Internet-facing infrastructure that runs in multiple data centers around the globe.
- Converting requirements into business cases and translating them into architecture and design for solutions providing IT security infrastructure.
- Design technical blueprints for the solution based on requirements from various stakeholders including: Business Customers, Compliance, Risk, IT Security and IT Architecture.
- Ensuring that individual security solutions form an effective, holistic security mechanism.
- Documenting the conceptual, physical and logical configuration of vendor products, in-house solutions and other technical components with necessary and sufficient detail.
- Working with engineering leads, SMEs and external parties ensuring product and service are designed in line with security architectural guiding principles, the financial institution’s control environment and industry best practices.
Essentials Skills and Qualifications:
- Overall 4+ years of experience working as an IAM Authentication SME in a large organisation with either ForgeRock or PingIdentity Authentication, Federation products & Ping Access.
- Overall 7+ years of experience which span one or more IT disciplines like: designing, IT business analysis, IT security and/or development of software or infrastructure in the relevant areas.
- Overall 4+ years of experience in a role dedicated to architecting/implementing solutions utilizing recognized design and architecture patterns and industry standards.
- Excellent and proven knowledge of Application/Cloud Security concepts and the IT Security Domain.
- Confident, assertive and effective communicator with strong influencing skills.
- Able to prepare and deliver professional presentations to senior level audience.
- Fluent written and spoken English.
- Deep understanding of Modern protocols such as OAuth, OIDC & SAML.
Desired Skills and Qualifications:
- Experience in the financial sector will be an additional asset.
- Experience and good knowledge of global jurisdictional practices/financial regulators requirements.
- Security certification is an advantage: CISSP, CISA, CSSLP, TOGAF.
- Experience with the following products: Federation Hubs, Entry Server solutions, 2FA providers, IaaS/PaaS platforms, WAFs.
- Experience in DevOps and Agile.
Should you be interested in the above position, please feel free to submit your CV and call for further information. Costello & Reyes Group Limited is one of the UK’s leading providers of recruitment advice and services and acts as a recruiter on behalf of our client.