- Permanent, Full time
- Schroders Investment Management
- London, England, United Kingdom
- Full time
Lead Security Architect (Wealth)
Lead Security Architect (Wealth)Company Overview
Cazenove Capital is part of the Schroders group and provides a complete wealth management service by delivering tailored portfolio management and wealth planning, together with banking and treasury services.
Private individuals, family offices, trusts, businesses and pension plans all rely on us to provide them with bespoke, discretionary and advisory investment services. We are a leading charity fund manager in the UK.
We employ over 700 talented people worldwide operating from 16 offices in 9 different countries across Europe and Asia with over £41billion of assets under management.
Schroders has developed under stable ownership for over 200 years and long-term thinking governs our approach to in vesting, building client relationships and growing our business.
Schroders Global Technology (GT) function is organised into a number of teams, distributed across Schroders' global offices, with technology hubs in London, Zurich, Luxembourg, Singapore and New York.
The software engineering and technology change function is split between 5 domains: Investment, Portfolio Operations and Data; Distribution and Product; Corporate; Wealth and; Digital. In addition there are teams which operate as shared services to provide Technology Infrastructure, Production Services (production support, release and access control), Quality Assurance, Information Security and Business Management (change management, assurance and reporting).
Our application estate is comprised mainly of commercially available off the shelf software packages best suited to Schroders' operational needs, complimented by a number of internally developed proprietary systems to support the specific needs of the clients and products that our colleagues support.
The Global Technology vision is to ensure a stable operating environment that can function at multiple speeds, that focuses on value delivered to our external and internal customers. With a culture of excellence through collaboration, innovation and continuous improvement, Global Technology will enable Schroders to deliver the best outcomes for clients and shareholders.
In order to ensure that the emergent technology needs of our clients, regulators and internal stakeholders are able to be met quickly and effectively Schroders is undertaking the Leading Enterprise Agile Programme (LEAP) within Global Technology. In order to ensure this is achieved without compromising the stability and security of the platform, Schroders Global Technology is implementing a bespoke agile operating model, based on the SAFe methodology, which ensures that technology support and infrastructure is unaffected and the requisite governance and control is in place.
Overview of role
Schroders are seeking a Head of Information Security for the Wealth Management domain to lead delivery and operation of Information Security services across all countries where Schroders Wealth management operate.
The successful candidate will lead a team of 2 specialists aligned to each of the global Information Security functions to provide technical and non-technical information security consultancy, architecture and project services to the Schroders Wealth business units and IT, and support the global Information Security team in the development, implementation, maintenance and enhancement of domain information security-related activities. The role necessitates an ability to influence senior business representatives and to engage with internal stakeholders in all areas of technical and non-technical information security.
Key responsibilities for this role include
• Delivering a portfolio information security services, including Security Architecture, Security Consultancy and Security Projects
• Managing all information security service requests from all Wealth regions.
• Managing the implementation of regional and global information security projects and initiatives, influencing global level stakeholders to ensure regional requirements are met, and reporting any information security risks that may be identified.
• Acting as the Information Security point of contact for external and internal audits.
• Providing technical and non-technical information security consultative support and guidance to the regional business units and technology teams.
• Providing technical information security advice to internal stakeholders with regard to technology projects.
• Providing technical and process-based support to information security initiatives including Security Administration, third party due diligence, Penetration Tests, Vulnerability Assessments, and Security Monitoring.
• Developing effective working relationships with the broader business and technology teams. The ability to influence and drive change in a collaborative way.
• Actively champion Information Security and raising awareness about its role, objectives and initiatives.
• Demonstrating strong analytical skills with the capability to assess information provided, and provide clear and appropriate direction based on this
• Excellent communication and reporting skills, including the ability to simplify complex technical information into clear executable Business intelligence.
• Knowledge of current technological trends and developments in the area of information security and risk management.
• Demonstrated experience working in information security either from an end-user or consultancy environment.
• Conversant of the regulatory environment, information security standards and best practices.
• Excellent relationship building and stakeholder management experience
• Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls.
• Excellent time, resource and project management skills in order to manage multiple information security initiative
• Ability to work across multiple geographical borders and timelines
• Professional information security or risk qualification e.g. CISSP, CRISC, CISA CISM.
• Strong technical background either in application development or infrastructure