Not currently receiving applications. For agency users and internal applicant, please login, or register.
Job Title
Head of Security Architecture and Engineering
Job Location
Kansas City
Job Type
Business Services
Country/Territory
United States
Region
The Americas
Description
The Head of Security Architecture and
Engineering will be responsible for enhancing and leading Clyde
& Co's global Security Architecture and Engineering function.
The function is responsible for ensuring that the design of business
solutions meets security and compliance mandates.
The Head of Security Architecture and
Engineering will partner with stakeholders across the organisation
to securely achieve the functional requirements of business
initiatives and be the technical authority on information security
architecture within the Clyde & Co.
The focus of this role will be to help us
mature our Security Architecture and Engineering capability by
effectively engaging with IT, business stakeholders and third
parties to efficiently design and implement effective security
solutions.
This is an exciting opportunity to help us
build a high performing Security Architecture and Engineering
function and will report directly to the CISO.
Key responsibilities
As the Head of Security Architecture and Engineering this role will
be accountable for the definition, maintenance, and implementation of
the security architecture in support of the business and technical
architecture. The role is also accountable for ensuring that a
Security by Design approach is taken with new programmes, projects,
and major change initiatives to deliver security assured and compliant
solutions. The successful individual will be able to identify
emerging technical risks and associated remediation responses to
anticipate and address avoidable security events and incidents. This
will include network security, application security, cloud security
and endpoint security. Primary responsibilities include:
Security Architecture and Consulting
Providing security subject matter
expertise and consulting to all new initiatives to ensure positive
security outcomes are delivered, including the early definition of
security controls required, definition and implementation of clear
secure development design principles and developing a Security
Testing & Assurance capability
Implementation and management of a
stringent Secure Development Lifecycle programme, aligned to the
Clyde & Co project methodology, to ensure the effective
security governance of Clyde & Co.'s application portfolio.
Ensure that relevant security policies
are in place, reviewed and applied effectively.
Participate in the architecture review
board (ARB) to provide guidance on the architecture and design of
security solutions for applications or systems
Lead the continuous identification of
technical risks and threats to our network security provisions.
Accountable for the definition,
maintenance and implementation of network security controls and technologies.
Security Architecture and Engineering
Providing input to the global security
strategy & investment plan creation and maintenance.
Lead the definition, review and
implementation of the cloud security architecture and supporting
controls to ensure that security is built into the design of our
cloud technology and services.
Identify opportunities to standardise
and simplify our security technology stack by leveraging native
cloud capabilities.
Lead key security architecture and
engineering transformation projects designed to enhance our
current measures and protect Clyde & Co against our key threats.
Build strong relationships with the rest
of the cyber security and wider IT teams to collaborate on
initiatives and raise awareness of the technical threat landscape.
Review and improve hardening security
standards for endpoints, server, firewalls etc, to aligned with
good practice.
Enhance and implement endpoint
protection and monitoring solutions.
Review data egress and ingress points
and identify opportunities enhance current controls and
technologies to effectively protect and monitor data leaving the organisation.
Ensure that data leakage protection
measures are defined, designed, and implemented to minimise
internal data leakage incidents
Collaborate with the Security Operations
team in the assessment of new technologies and products for IT and
business solutions.
Leading the team
Identify resourcing requirements and
hire, train and retain our security architecture and engineering team.
Experience and skills required
The ideal candidate will have the
following experience and skills:
5+ years of technical security
architecture and engineering experience in a global security function.
2+ years of experience in leading a
global security architecture and engineering function.
Expert-level knowledge of security
principles and technologies.
Experience designing and implementing
security solutions with a specific focus on cloud solutions.
A sound understanding of emerging
threats and industry trends.
Strong interpersonal, communication and
influencing skills with the ability to operate and communicate
effectively at all levels.
Experience with cloud networking
architecture and operations as well as security automation and orchestration.
A sound understanding of Information
Security Forum Standard of Good Practice (ISF SOGP). ISO/IEC
27001/2, NIST and OWASP Top 10.
Ideally knowledge of the legal industry
but not essential.
Education
A technical degree and / or industry
recognised qualification and demonstrable experience in
Information Security Management (e.g. CISSP, CISM or GIAC certification).
Demonstrable experience in architecture
and engineering principles (e.g. SABSA, TOGAF).
Clyde & Co shifted to virtual work for the majority of our
lawyers and business services team with the global outbreak of
Covid-19. This precaution was taken to help protect our people,
clients and communities. It is likely that this role will start
virtually while the firm continues to evaluate the situation.
-Principals Only-
We offer a rewarding work environment that supports professional
growth and opportunities. We value diversity in our work place and
it is the policy of the Firm to recruit, hire, promote, reassign,
compensate and train highly qualified persons without regard to
race, color, sex, sexual orientation, gender identity or expression,
religion, national origin, age, disability or any other basis
protected by applicable law.
CLYDE & CO PRIVACY NOTICE: https://www.clydeco.com/help/privacy