Cyber Security Vendor Assurance Architect

Job Title: Cyber Security Vendor Assurance Architect
Corporate Title: AVP/VP
Department: Chief Information Security Office ('CISO')
Location: London

Overview

The Cyber Security Vendor Assurance Architect is responsible for managing the bank's strategic partners to deliver products and services in alignment with the bank's security architecture, regulatory requirements as well as its overall business strategy.

The successful candidate will work with the bank's Chief Information Security Office (CISO) organization as well as various business lines to ensure there is effective monitoring, oversight and alignment of vendor relationships - including supporting mapping of security requirements to solution design and integration work with the bank's security tools and services.

The candidate will contribute to, and operate within, a cyber-security vendor governance framework to ensure consistency in governing vendor relationships and leveraging cross vendor / cross function knowledge and strategy within the organization.

Key responsibilities

- Ensures effective on boarding and service readiness assessment of vendors in line with the cyber-security vendor governance framework, requirements and processes
- Review and validate security architectures and designs, taking into consideration specific business and technical constraints, requirements and dependencies
- Review and validate, or where required document, high-level security designs and detailed-level designs
- Measure the quality of the solution from an security architectural perspective and ensure the conformance of delivered solutions to predefined quality metrics
- Manages vendor issues to resolve appropriately and escalates to senior management, where needed
- Provides expertise in the bank's design templates and frameworks throughout their lifecycle including RFI/RPF and renewal activities.
- Contributes to the build and enablement of a standardised set of procedures and tools to reduce complexity
- Supports clients and peers with sourcing activities - promoting standardised processes and best practices. Understands client's requirements, vision and promote 'win-win' outcomes
- Provides business analysis and project management skills to co-ordinate security requirements with solution architects
- Identifies and manages potential security risks within sourcing arrangements, service (and operating) level agreements, to ensure tracking and resolution by vendors or otherwise. Will include the definition and assessment of tactical and strategic mitigation methods
- Ensures compliance with the bank's defined governance, relevant training and maintains awareness of regional (local), industry governing bodies' standards and their impact on design
- Supports supply chain risk management in promoting good practices and providing early risk/issue identification and mitigation, with appropriate escalation
- Actively communicates and cascades the CISO strategy, plans and values at all levels in the organisation driving a high performance culture, enabling effective navigation of the organisation, and supporting efficient decision making

Experience and Skills

- 5+ years' experience in the field of IT Security and/or Information Assurance
- Good knowledge of architecture methods such as TOGAF and SABSA
- Experience in vendor and contract management in the Financial Services/Management industry
- Relevant Bachelor or Master Degree (or equivalent) in Computer Science or Engineering (or other relevant discipline) from an accredited college or university (or equivalent)
- Proven experience in identifying and delivering process improvement projects in a complex operating environment using strong relationship building skills
- Good working knowledge of international security standards such as ISO, NIST and global financial industry regulations.
- Good working knowledge of security services such as vulnerability management, security incident management, security problem management, compliance management etc.
- Excellent strategic agility, critical thinker, communication, influencing
- Strong business planning skills, able to drive change
- Fluent in English (written/verbal) with excellent communication and presentation skills

To apply for this role please click the APPLY button.