Job
Description
of experience 3+years Security Architecture Experience Experience 3+ years Security Architecture Experience 1+ years focusing on Cloud/SaaS Security. Banking/Finance experience (highly preferred) 3 rd party risk/supplier security management (desirable) Collaborate with cross-functional teams to define security-related processes and contribute by providing inputs to deliver enhanced vendor management, SaaS assurance and monitoring framework. Be a part of the workgroup to identify areas for improvement and process efficiencies. Assess and document existing SaaS applications in line with the enhanced vendor management framework to identify control gaps, security risks, and propose mitigation controls. Assess the source of control gap and provide practical and achievable recommendations to mitigate the risk. Influence domain architecture, business/technology owners to ensure alignment with security requirements. Manage significant decisions with senior management, Technology and Business owners to ensure secure outcomes and appropriate governance practices are adhered to. Proactively managing identified risk of the solutions risk posture within agreed Risk Appetite and ensure compliance. Prepare executive summaries to keep stakeholders informed of progress and seek guidance where and as applicable. Train other team members on the new framework and associated process. Banking/Finance experience (highly preferred) Decision Quality , Strategic Mindset, Situational Adaptability, Self-awareness, Courage, Ensures Accountability Other capabilities (technical) Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Mandatory skills Cloud/SaaS Security , GRC with TPRM Desired/ Secondary skills Group Security Executives and Leadership Teams Strategic Sourcing and Third-Party Risks teams Governance, Risk and Compliance Technology delivery teams / execs Architecture Strategy Advisory Business domain Execs, Product Owners Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Understand the trade-offs involved in security vs change while simultaneously delivering technical capability business benefit.
