Security Architect - Google
HSBC Group
London, England
30d ago


Role Title : Security Architect - Google

Business : HSBC Global Services

Role Purpose

  • In today’s digital world, HSBC needs to develop secure solutions for our customers and have appropriate defences to address evolving security threats.
  • The Enterprise Security Architecture defines the security capabilities and functions (services, building blocks, and roadmap) that support the strategic business objectives at an enterprise level.

    The Enterprise Security Architecture will enable HSBC to make good strategic and operational decisions in relation to information security.

  • Security Architecture is a global function responsible for the definition of the future state security, and architectural roadmap.
  • The Security Architecture team is responsible for the ongoing evolution, communication and creation of Security Architectural patterns and influencing the adoption.

  • Security Architecture is a sub function of Architecture.The Security Architecture team is accountable for the development of the Security Future State Architecture, ongoing evolution, communicating, promoting and influencing to ensure its adoption.
  • Security Architecture will provide architecture guidance and advice to other IT teams and the global businesses and functions.
  • The Architecture team will be using SABSA as the architecture framework for Security.

  • The overall services that the team will provide are as follows :
  • Define, design, evaluate and maintain the enterprise CyberSecurity architecture
  • Drive the implementation of Technology Security Technical Solutions and associated processes and controls
  • Measure adherence to the architecture within IT to drive progress.
  • Security Product Selection & Implementation with associated processes and controls
  • Delivery of solutions architecture consulting.
  • The role cuts across all the Architecture disciplines : Application, Solution, Technical, Information and Enterprise.
  • Impact on Business

  • Champion the development and implementation of HSBC’s Future State Security Architecture on behalf of Global Business / Global Functions & CIOs.
  • Govern the introduction of new techniques, products, services, technologies and standards where needed against identified use cases and taking into account commercial factors through the Technology Design Board (TDB), External Hosting Committee (EHC).
  • Govern architecture standards and have a holistic knowledge of the Group’s most critical business systems
  • Stay abreast of technology trends and advise IT and the business about potential benefits / impacts.
  • Responsible for leading a commercially aware architectural design practice for multiple Global Businesses and / or Global Functions
  • Propose innovative architectural solutions to address security capability and control gaps
  • Plan strategic roadmaps and position the bank to provide new customer services secured by the latest security capabilities
  • Work with business to understand Cloud related requirements and provide security subject matter expertise in this area
  • Actively research and investigate new security technologies, and stay abreast of latest in the information security field
  • Assist in evaluation and selection of new products or solutions, and Conduct pilots or research on new security solutions
  • Own Cloud related security patterns for all layers of the stack (from network fabric, to hardware and OS) as well as service models (IaaS, PaaS, Saas), and ensure alignment with security policies and standards
  • Provide input into the Cloud security standard updates based on industry best practices and alignment with policies and other related standards
  • Customers / Stakeholders

  • Work closely with Architects, Solution Designers, as well as ITID, ADM Excos, and other HTS / SFR Function Heads
  • Maintain key partnerships with Strategic Vendors
  • Work with stakeholders to communicate, educate and influence key security controls and strategic direction
  • Participate in continual improvement of CyberSecurity by investigating new security processes, technologies, and tools, and regular communication of related information.
  • Provide input into the Cloud security standard updates based on industry best practices and alignment with policies and other related standards
  • Participate in creating the end-to-end security architecture for cloud solutions
  • Leadership & Teamwork

  • Evangelize the benefits of architecture, accepted best practice techniques, standards and tools to the Group and external suppliers where necessary
  • Develop and evolve best practice both within HSBC and in the wider Architectural Standards community
  • Drive Future State Architecture execution in collaboration with stakeholders
  • Drive partnerships with technology vendors to influence industry direction
  • Represent HSBC at industry round table forums & conferences
  • Manage the Architecture function or sub-function
  • Lead information sharing across the Architecture community
  • Ensure all teams within IT Security are in sync with respect to Cloud security related topics
  • Provide security direction and thought leadership to enterprise-wide initiatives related to Cloud computing
  • Operational Effectiveness & Control

  • Manage security architecture reviews through Solutions Architecture Board (SAB) ensuring peer review of all projects
  • Ensure that any new technology products are taken through the Technology Design Board (TDB) clear choice / Proof of Concept
  • Ensure that all existing / new service patterns / deployments guides are taken through the Technology Catalogue Board (TCB)
  • Governs HSBC’s Evergreening priorities
  • Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group’s standards of ethical behaviour
  • Major Challenges

  • Understand HSBC’s Global Businesses and Global Function strategies and drive the IT Security Future State Architecture to ensure IT’s current and future capabilities satisfy these business needs.
  • Conducts analysis of demand for services and influences IT stakeholders to ensure that the necessary investments are made to deliver required services and that appropriate service level agreements are defined.

    Initiates improvement in services, products and systems.

  • Leads development and communication of HSBC’s CyberSecurity governance.Ensure HSBC’s governance framework provides clear decision-
  • making leading to valid reasons for IT acquisitions.Promotes IT policies, practices and decisions that recognise the current and evolving needs of all the stakeholders.

  • Provision of Architecture consultancy services aligned across multiple Global Businesses and Global Functions including a systems design practice.
  • Takes full responsibility for the balance between non-functional, service quality and systems management requirements.

  • Analyses business processes improvement opportunities; identifies alternative technical solutions, assesses feasibility, and recommends new approaches, typically seeking to exploit technology components
  • Ensures sustainability is incorporated into the specification and design of systems and services.
  • Establishes policy and strategy for the selection of systems architecture components, and co-ordinates design activities, promoting the discipline to ensure consistency.
  • Ensure appropriate adherence to HSBC standards.

  • Provides organisational leadership to promote the development and exploitation of technical knowledge in HSBC.
  • Coordinates the identification and assessment of emerging technologies & innovation opportunities, new methods and trends in IT capabilities and products to the advancement of the organisation.
  • Sets research goals, makes effective proposals for the investment of funds in PoCs.

  • Ensures systems are reviewed for compliance with HSBC’s standards, policies and Future State Architecture strategy.Ensures that any identified technical risks are highlighted appropriately (e.
  • g. to the Global Business / Global Function & HTS RMM).

    Role Context

  • A track record of providing architectural guidance and input to complex programmes and projects
  • Demonstrated ability to rapidly build relationships with key stakeholders and effectively manage the concerns of all senior stakeholders effectively by concentrating on the critical details and interfaces that fulfill these concerns
  • Understand and interpret complex business and CyberSecurity requirements
  • Prioritize work to successfully deliver service to agreed levels in a diverse and constantly changing technical and business environment, effectively coordinating delivery involving elements delivered by other teams
  • Excellent communication and interpersonal skills, including the capacity to articulate the case for IT Security investments
  • Have the ability to compare and contrast different technologies to meet business requirements.Have in-depth conceptual functional and non-
  • functional knowledge of technologies including : Networking, Server OS internals, benchmarking / HW (x86 / Mainframe) & Server Virtualization, Storage, DBs, Cloud, Big Data, Mobile & Tablets.

    Role Dimensions

  • Relationships : Global Businesses & Global Functions COOs; ITO & SWD Excos; Other HTS / SFR Function Heads; Key partnerships with Strategic Vendors
  • Strategic Importance - High : Champion the development and implementation of HSBC’s Future State Architecture on behalf of Global Business / Global Functions & CIOs.
  • Regulatory & Risk E Sustains a risk aware culture across all Global Business and Global Functions through the Solution Architecture Boards (SABs), communicates changes in Architecture policy & governance effectively
  • Management of Risk

  • Demonstrate leadership on Regulatory & Compliance matters. Maintain awareness of architecture risks and operational risks and minimize the likelihood of it occurring including its identification, assessment, mitigation and controls, loss identification and reporting in accordance with HTS and IT policies in the Information Technology FIM
  • Observation of Internal Controls

  • Maintain and observe HSBC internal control standards, including the timely implementation of recommendations made by internal / external auditors and external regulators
  • Foster a compliance culture and implement Information Technology Policy by managing architecture risks and diligently executing ratified the relevant architecture processes
  • Qualifications

  • Bachelor’s degree in Computer Science, Cyber Security or a related field
  • At least 10+ years of relevant IT experience, including exposure to business planning, systems analysis and application development (3-
  • 5 of those years to be devoted specifically to security)

  • Experience with role-based authorization methodologies, authentication technologies and security attack pathologies
  • Familiarity with ISO 27001 / 27002, ITIL, COBIT, and other industry standard security frameworks
  • In-depth knowledge of key IT domains particularly computing platforms (Windows, UNIX and Linux) and networking technologies
  • Knowledge and experience with perimeter security controls such as firewall, IDS / IPS, network access control, and network segmentation
  • Proficient in security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Security Architectural experience working in complex organizations.
  • Experience in defining future architectural strategy and roadmaps
  • Ability to work with project teams to define and provide guidance on strategic security controls and direction.
  • Comfortable working with ambiguity and conducting research as well as managing third party vendor(s).
  • Ability to write position papers on highly complex topics for a business audience to assist in decision making
  • Experience building reference Cloud architectures and adapting them for enterprise use cases.
  • Understanding of Cloud service models (IaaS, PaaS, SaaS), and supporting technologies.
  • Experience with any of the industry Cloud technologies such as Amazon Web Service, Azure, Google Cloud, etc, as well as virtualization technologies (VMWare, MVS, xEN, Virtual Box, etc...)
  • Understanding of network technologies including SDN, routing (including VRFs), and enterprise network designs.
  • Familiarity with deploying and securing container technology, VM Ware ESXi, and OpenStack is desirable
  • Knowledge of third party auditing and cloud risk assessment methodologies
  • Under the Company's internal 'Back to Front' / ’Front to Back’ transfer policy this role may be classed as High Risk. As a result, internal candidates may require enhanced approvals and vetting checks if they are currently employed in a Front Office department, or if they have worked in a Front Office department within the last 5 years (please refer to the HR FIM definition for further guidance).

    The enhanced approvals and vetting would need to be completed before the candidate will be confirmed in the role.

    For more information about the relevant additional checks for this role please contact the hiring manager.

    We are an equal opportunity employer and are committed to creating a diverse environment.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form