Senior Security Architect
CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.
Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.
CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.
Our ambition to make a positive difference starts with our people. Our values – Protect, Improve, Grow – underpin everything that we do at CLS and define and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking.
We are looking for a highly motivated Senior IT Security Architect who is able to operate with a high level of autonomy to conduct the required architectural analysis and design in line with the enterprise security strategy.
The Security Architect supports the Security Architecture team to implement the Security Architecture Strategy and Framework across the CLS enterprise. The Security Architect will collaborate with Enterprise Architecture / Technology to provide and recommend effective solutions meeting requirements of the business through effective control of security risks and countering the threat landscape.
The Security Architect will partner with multiple divisions and technical managers to maximize the effectiveness of Security Architecture requirements in the implementation of products, environments and services. The Security Architect will be responsible for supporting the analysis of potential weaknesses and identifying recommendations to improve the security of all services across CLS. Provide technical security advice, guidance, design and review in support of all business-related products and services, reporting to a Security Architecture Manager.
Essential Function / major duties and responsibilities of the job
· Work closely with Enterprise Architecture in the effective delivery of solutions
· A high-level knowledge of all key areas of Information Security Technology and an ability to apply them appropriately
· Work with other Security Architects to build security into infrastructure and architecture designs
· Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture
· Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary
· Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives
· Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA
· Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement
· Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture
· Interface with program and project managers to ensure appropriate security architecture engagement as necessary
· Develop a strong interlock with the other security functions to support transition of projects into operation with effective governance
· Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise
· Ensure appropriate interlock and attestation against security controls where appropriate
· Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods
· Ability to take initiative, self-motivated to work independently to deliver against project requirements
· Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk
· Lead by example in the engagement of Security Architecture of projects across the enterprise
Experience / essential and desired for successful job performance
· 5+ years security architecture expertise with broad understanding of multiple security domains
· Ability to collaborate effectively with others to drive forward key security objectives
· Strong documentation and report writing skills (to both technical and business audiences)
· Excellent time management and organizational skills
· Knowledge of policy frameworks and understanding of policies, procedures, guideline structure
· Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software
Qualifications / certifications
· Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
· Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred
· Knowledge of Risk Management life cycles based on an established framework: ISO 27001, SANS, NIST SP 800-53
· Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM
Success factors / ‘How’. Personal characteristics contributing to an individual’s ability to excel in the position
· Excellent verbal, written and interpersonal communication skills
· Strong service-oriented mindset to consistently deliver balanced security solutions that include people, process and technology
· Strong technical, analytical and problem-solving skills
· Self-motivated to exceed management expectations and objectives
· Ability to effectively communicate complex technical issues to both business and technical staff at all levels.
· Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups
· Able to effectively cope with change and comfortably handle risk and ambiguity
· Positive attitude in challenging situations
Our commitment to employees
At CLS, we celebrate diversity and consider this to be one of our strongest assets. We are committed to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including:
- Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
- 2 paid volunteer days so that you can actively support causes within your community that are important to you.
- Generous parental leave policies to ensure you can enjoy valuable time with your family.
- Parental transition coaching programmes and support services.
- Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
- Affinity Groups (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I.
- Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
- Active support of flexible working for all employees where possible.
- Monthly ‘Heads Down Days’ with no meetings across the whole company.
- Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
- Private medical insurance and dental coverage.
- Social events that give you opportunities to meet new people and broaden your network across the organisation.
- Annual flu vaccinations.
- Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
- Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
- All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
- Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.