Location: East London – Canary Wharf
Salary: £190k base / 25% bonus plus benefits
Job Role: Head of IT Security Architecture
- HSBC is organized by a number of lines of business and global functions. Two of these functions HSBC Technology Services (HTS) and Risk have respective departments, IT (composed of Software Delivery and IT Operations) and Information Security Risk (ISR) within them.
- IT Security, in the first line of defence, will serve as the focal point in IT for security related activities ensuring that HSBC’s electronic based assets are monitored, managed, accessed and protected effectively so that only those people with a legitimate business need can access or modify them, when they need to do so.
- Working with IT and Information Security Risk (ISR), IT Security will ensure that key security risks related to IT are identified, assessed and managed. The controls implemented must also be monitored for completeness, performance & efficiency.
- The purpose of this role is to form the Security Architecture sub function focused on information security activities. The jobholder will develop a global function to deliver security Architecture to the entire group. They will own the accountability for ensuring the Security Future State Architecture definition and on-going evolution, communicating, promoting and influencing to ensure its adoption. Defines and measures KPI’s and KRI’s that provide visibility in to the deployment of FSA initiatives. Provides architecture guidance and advice to other IT teams and the global businesses and functions. Formalise the use of SABSA as the architecture framework for Security. The jobholder will also have accountability for Cryptographic strategy and expertise, and house the Innovation R&D team for IT Security.
The services the team will provide are: –
- Define, design, evaluate and maintain the enterprise IT Security Architecture
- Drive the implementation of It Security Technical Solutions and associated processes and controls
- Measure adherence to the Architecture within IT to drive progress.
- Security Product Selection & Implementation with associated processes and controls
- Delivery of world class solutions architecture consulting
- The Head of IT Security architecture assists the GCOO/Heads of IT with defining the Bank wide future strategy and leads the Principal and Lead Architects to articulate and execute the strategy across HSBC. The jobholder will be responsible for directing and managing staff across the whole function. The Head of IT Security architecture shapes the future of Architecture both within HSBC and across the industry. The jobholder will be a visionary and through-leading, shaping the future of technology across having reached the pinnacle of Architectural achievement within the Bank. As part of creating the IT Security sub function the job holder will be expected to propose, gain acceptance and implement the team and processes associated with building a best in class IT Security function. The jobholder will also be responsible for introducing controls to be able to demonstrate that IT is adhering to Information Security policies and process. Forming the IT Security sub function will involve strong, organizational, man management and interpersonal skills as it will involve resolving the demarcation of current responsibilities and activities between IT and ISR
- This role cuts across all the Architecture disciplines: Application, Solution, Technical, Information & Enterprise
- A track record of providing architectural guidance and input to complex programmes and projects
- Demonstrated ability to rapidly build relationships with key stakeholders and effectively manage the concerns of all senior stakeholders effectively by concentrating on the critical details and interfaces that fulfil these concerns
- Extremely strong leadership and management ability, motivating IT Security employees
- Understand and interpret complex business and IT Security requirements
- Prioritize work to successfully deliver service to agreed levels in a diverse and constantly changing technical and business environment, effectively coordinating delivery involving elements delivered by other teams
- Excellent communication and interpersonal skills, including the capacity to articulate the case for IT Security investments
- Have the ability to compare and contrast different technologies to meet business requirements. Have in-depth conceptual functional and non-functional knowledge of technologies including: Networking, Server OS internals, benchmarking/HW (x86/Mainframe) & Server Virtualization, Storage, DBs, Cloud, Big Data, Mobile & Tablets
Desired Skills and Experience
- Knowledge & Experience / Qualifications (For the role – not the role holder)
- Typically educated to degree level
- Working and managing a global function with a geographically dispersed team
- Influencing technical designs to best meet security needs
- Ability to build strong relationships and communicate with a wide spectrum of stakeholders
- Excellent knowledge of the project lifecycle and Group Strategy
- Comprehensive understanding of positioning Bank approach and policy in context of wider industry trends and direction
- Technology being used to deliver value and knowledge of opportunity cost
- Practical and pragmatic, including appropriate use of technical debt