Principal Security Architect

Principal Security Architects serve as the key point of contact between the Security Architecture team, and CIO technology teams. Each business unit has a Principal Security Architect aligned to that CIO.

The Principal Security Architect works with their aligned business unit, ensuring the security posture of new systems and significant change to existing systems; Proactively working with the head of architecture to ensure security is built into the design of systems; Representing cyber security at Architecture Governance Boards for their business unit; Working with the aligned BISO to endure security risks and requirements are understood.

Key responsibilities:

Represent Security Architecture, and the wider CISO function, in the divisional technology team.
Ensure that all new systems (and significant changes to existing systems) have been reviewed to ensure appropriate security controls are in place
Be a member of the divisional architecture function, and lead security initiatives in that function.
Represent the CISO team in the Architecture Review Boards.
Ensure Security Architecture Reviews are built into the division’s technology acquisition and delivery processes / software development lifecycle processes / architecture governance processes
Collaborating with the wider Cyber Security team to develop the teams controls, processes and frameworks.
Advocate into the central Security Architecture team and broader CISO function, on behalf of their aligned business unit.
Attend and contribute to relevant design forums.
Suggesting and developing security architecture design patterns and guidance.
Nurture and ensure technical practices are implemented to support delivering technical excellence.
Champion and support experimentation and innovation in solving problems.
Provide company representation, internally and externally, related to information security, as needed.
Establish metrics and monitoring to report the effectiveness and efficiency of the Security Architecture function.

Leadership responsibilities:

Although this is an individual contributor role, this is also a technical leadership role, with responsibility of leading the adoption of the cyber security program into the business unit, alongside the BISO.

Key activities:

Providing security architecture and design consulting to business units.

Delivering security reviews for all relevant projects in the division.

Ensuring Security Architecture Review is built into divisional processes for acquiring and developing new technology, including developing any needed processes.

Provide expert guidance the business unit and BISO teams on technical risks and issues.

Impact:

This is a broad technology role which is highly important to the management of security risks associated with business technology systems in that division.

In addition the role holder will provide input int group-wide security patterns, frameworks and processes.

The role is key to addressing regulatory concerns for all of our regulated entities related to cyber security and cyber resilience.

As well as being key to securing the groups systems, this role also delivers the ability to demonstrate to regulators, auditors and internal control functions that security is being delivered.  

Technical / job functional knowledge:

Required:

Extensive experience in technical engineering or information security roles, security architecture preferred

Familiar threat modelling techniques.
Proven Experience in designing and applying security controls into distributed systems (on-premise and in public cloud)
Detailed understanding of the latest security principles, attack techniques and protocols

Hands-on experience of designing and implementing systems in public-cloud computing (Azure, AWS, GCP, IaaS, PaaS, Containers).

A solid understanding of identity and access control systems (e.g. Microsoft Active Directory, Entra ID, Okta, Forgerock, Ping Identity, etc).

Experience of architecting security into customer facing, transactional systems (e.g. banking, trading, e-commerce).

Familiarity of common as well as emerging vulnerabilities and how they manifest in different types of applications.
Working knowledge of the OWASP Top 10, SANS Top 25, NIST, NCSC, CIS controls.
Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security.

Critical thinker
Problem solving skills and the ability to handle a varied workload and take ownership for activities.

Preferred:

Experience and/or interest in developing experience in new and emerging technologies and their security impact, such as generative artificial intelligence, machine learning, digital ledgers, quantum computing and data platforms.

Experience in architecting or operating high-performance and/or low-latency computer systems.

Experience in the use and implementation enterprise architecture frameworks.

Business and sector expertise:

Preferred prior experience in the financial services, a regulated environment or technology sector.

.

Leadership and management experience:

Must have a collaborative work style ensuring that stakeholders are engaged in decision making processes.
Highly adaptable and able to approach challenges differently in order to achieve goals.
Experience in bringing in and managing third party consultants / scale-out of partner resources preferred.

Personal skills and capabilities:

Must take ownership of tasks and demonstrate high degree of automatic responsibility to ensure completion.
Must be personable and foster good team deliverable output and good team morale.
Must possess clear oral and written communication skills and be able to clearly articulate complex concepts to a broad audience.
Must have ability to successfully work as a part of a globally disparate team as well as work independently.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject.

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.