About the opportunity
The Cybersecurity department is a part of the Global Technology function that provides IT services to the Fidelity International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Cybersecurity is responsible for protecting the technology environment from internal and external security threats:
- Application Security (through secure coding practices, penetration testing, and developer training)
- Centralised Access Management – working to principles of least privilege, access appropriate to role, and Role Based Access Control
- Infrastructure Security
- Security Architecture and Engineering
- Security Application Support
- Cyber Defence Operations (CDO)
Purpose of your role
The Network Security Architect works within the Security Architecture and Engineering team in the Cyber Security group. The Security Architect is the primary contact for network related engagement with change programs, and the Fidelity Enterprise Networking function, driving interaction with core stakeholders including with other Cyber Security teams and Product Delivery teams.
The Security Architect is expected to be an expert in the implementation of network security capabilities, products and configurations in a secure and compliant manner. The Security Architect will drive engagement with Product Delivery teams to support the definition of security requirements for new services and consult on the modification and creation of operational processes.
The architect is expected to perform secure solution design, ensuring standardisation and consistency in the definition of security principles and ensuring that security is built in by design and complies with Fidelity International security requirements.
- Delivering network security capability in collaboration with Fidelity project teams.
- Working with stakeholders to implement secure and compliant network services across Fidelity global locations.
- Designing security in from the start and supporting the companies security strategies.
- Creating, reviewing and enforcing security design patterns to support desired architecture.
- Empowering Product Teams and Fidelity Enterprise Networks to achieve secure delivery of strategic and iterative change.
- An evangelist, passionate about driving innovation of security and technology.
- Responsible for defining how Fidelity will utilise network services in a secure and compliant manner.
- Responsible for ensuring that all security designs; blueprints and artefacts are maintained and adhere to good practice.
- Acting as the central point of contact for Network Security Architecture for other Technology teams within the organisation.
- Leading the assessment of Network Security products and services, and how they may be consumed in a financial services organisation globally.
- Responsible for identifying and recommending security design changes to achieve compliance with security policies and the enterprise security architecture blueprints and roadmaps.
Experience and Qualifications Required
- Recent and practical experience of designing and implementing secure networks.
- Experience of complex enterprise networks - routing, switching architectures.
- Proficient in the design and implementation of network security technology, for example; IPS, Firewalls, Content Inspection, network DLP, device privilege management, netflow, taps, SDN, SD-WAN VPN and cloud integration.
- In-depth knowledge of the OWASP top 10 vulnerabilities.
- Understanding of off-cloud technologies; storage, server, network, middleware etc and how they may interact in a hybrid cloud environment.
- Working knowledge of enterprise technologies for example PaloAlto, Cisco ACI, F5 etc
- Familiarity with NIST 800-53, Cloud Security Alliance and ISO27001 control frameworks.
- Working understanding of GDPR, FCA regulations, Privacy regulations and practices.
- Experience of platform and application layer encryption concepts and practices.
- Team player, collaborator and educator.
- Able to operate with autonomy and build relationships - become the “go-to” person.
- Ability to consume and define integration technology and patterns.
- Concise and effective communicator confident with presenting to audiences at all levels in an organisation and will mixed levels of technical understanding.
- Scrum/Kanban experience.
- Undergraduate degree in a relevant technology field or significant relevant experience.
- Security accreditations such as CISM, CISSP or CISA by a recognised body are required.
- Cloud security certification such as CCSK or other relevant and recognised qualification desired.
- Relevant network security certifications desired.
About you About Fidelity International
Fidelity International offers world class investment solutions and retirement expertise. As a privately owned, independent company, investment is our only business. We are driven by the needs of our clients, not by shareholders. Our vision is to deliver innovative client solutions for a better future.
Our people are passionate, engaged, smart and curious, and we give them the independence and the confidence to make a difference. While we take pride in the excellence of our investment solutions and client service, we know we can always do better. We are honest, respectful and make tough calls, challenging the status quo to achieve better outcomes through innovation. Above all else, we always put our clients first.
Find out more about what we do, our history, and how you could be part of our future at:
Applying to this Job Role: Please note you are only required to upload your CV/Resume to the application screen. Full time