Security Architect - London
14th May 2012
Monitise plc is a technology and services company delivering mobile banking, payments and commerce networks worldwide with the proven technology and expertise to enable financial institutions and other organisations to offer a wide range of services to their customers in developed and emerging markets. Our technology platform is used by millions of consumers around the world to securely interact with their money via their mobile phones.
With live services in the UK, the US, India and Africa, the company is working with international partners to extend trusted and secure mobile banking, payment and commerce services in territories worldwide, including Europe, Asia Pacific and Latin America. Monitise has a global alliance agreement with Visa Inc. and strategic partnerships with Visa Europe, RBS Group and FIS. Other leading partners and clients include RBS, NatWest, HSBC, Lloyds Banking Group, First Direct, FIS, U.S. Bank, Ulster Bank, Standard Chartered Bank, Travelex, Vocalink, Vodafone, Orange, O2, T-Mobile, 3 UK, Research In Motion, Best Buy Europe, The Carphone Warehouse, First Eastern, Astra, JETCO and PCCW mobile
Key Duties and Responsibilities
- Strategic Security Requirements Management. Elicitation, documentation and verification of strategic requirements for the use of IT concerning a particular business area.
- Group IT (Sub) Strategy Development. Development of a IT Security Strategy in response to strategic requirements.
- Secure Architecture Development Standardisation. Promoting and supporting the establishment and embedding of security best practise in architecture development processes.
- Enterprise Architecture Development. Development of significant aspects of Monitise’s Enterprise Architecture and ensuring appropriate security of these and compliance to the Corporate Key Controls.
Although the scope and focus of the day to day activities within the role will change dependent on business requirements, the following should be considered the core accountable activities:
- Works with senior management within the organisation to review the effectiveness of the current strategies in supporting business objectives. Leads the creation of strategies, specifying requirements, conducting feasibility studies to identify the business benefits of alternative strategies, and producing strategic models of the organisation’s information technology needs.
- Identifies and responds to the key business drivers and those areas of business need which are not adequately supported by current and planned IT, within the strategic planning time frame. Develops the strategic response to the business requirement, and produces business cases for recommended new applications of information and communications technologies.
- Develops enterprise-wide information security technology architecture and processes which ensure that the strategic application of technology is embedded in the management of the organisation.
- Taking account of the business objectives and culture, evaluates major options for providing IT services effectively and efficiently and recommends solutions such as outsourcing, new approaches to recruitment and retention, and global supply contracts.
- Draws up plans for the implementation of new applications and infrastructure support, identifying budgetary, technical and staffing constraints, and clearly showing costs and expected benefits.
- Previous experience of working in a highly available, performance critical technology environment
- Ideally, financial services experience (particularly in payments)
- Extensive IT security experience across delivery and strategy disciplines
- Familiar with industry standard methods, tools and processes to support an Enterprise Architecture function, such as TOGAF and the embedding of security principles within this
- Experience across several architecture disciplines, such as Business, Application, Infrastructure, Data & Security
- Worked with industry standard processes relating to change management and governance, such as Prince2 and COBIT
- Broad and demonstrable experience of working with a diverse set of stakeholders, applying technology capability for business benefit
- Experience with a broad range of technical security disciplines such as Encryption, Access Control, Security Monitoring, Compliance Management, Identity Management, Mobile Security, Application Authentication, Virtualization Security, etc
- Broad knowledge of Java, Oracle Solaris Platforms, Oracle Databases, Hardware Security Modules
- Experience with PCI-DSS
- Demonstrable experience with balancing the range of administrative and technical security controls to meet business security requirements
Education and Qualifications
Candidates must be educated to at least degree level or have equivalent experience in a relevant field.
Skills and Competencies
- Architecture Development: Proven experience in creating cohesive enterprise scope architecture for applications, information and infrastructure; overseen the integration and migration to a target, enterprise-scope, architecture including identification and consultation regarding planning, migration and implementation issues. Has defined architectural principles and standards for an organisation. Has proven experience with service-oriented analysis, definition, and design; able to discuss concepts of discoverable services, associated discovery mechanisms, and service autonomy; identifies core SOA technologies, their interrelationships and applications.
- Effective Communications: Communicates well downward, upward, and outward, employing appropriate methods of persuasion when soliciting agreement and demonstrating both empathy and assertiveness when communicating a need or defending a position.
- Problem Solving: Uses varying problem-solving approaches and techniques as appropriate, developing successful resolutions to critical or wide-impact problems. Has the ability to organise potential problem solvers and lead problem resolution efforts, ensuring lessons learnt are captured.
- Simplifying Complex Concepts: Introduces technical terminology to listeners in the context of the product or service and explains important details as they relate to the basic value of the product or service. Approaches communication challenges from various angles to find the one that works.
- Team Work: Works with a wide range of teams across various issues, locations, and time zones. Develops an effective working relationship with each team member identifying and addresses potential problems or issues within the team. Earns trust, respect and loyalty, coordinating roles, responsibilities and interdependencies of all team members.
- Written Communications: Produces excellent written materials in business and industry specific technical language seeking to ensure that the key messages are understood as intended.
- Analytical Thinking: Is able to choose among a diverse set of analytical tools according to the nature of the situation, identifying many possible causes for a problem based on prior experience and current research. Weighs the costs, benefits, risks, and chances for success before recommending a course of action.
- Facilitation: Plans, coordinates and facilitates group sessions, participating in the identification and selection of the most qualified candidates for the group, achieving group agreement on the purpose and goals of the session; experience of employing formal facilitation methods and techniques.
- Influencing: Persuasively presents suggestions or ideas to business managers, internal or external, utilising specific techniques for establishing rapport and gaining commitment; delivers well-received presentations of cost, benefits, risks, and other considerations; achieves influencing impact even when holding a position contrary to the majority; discards examples of persuasive arguments lacking substance or impact.
- Planning, Tactical and Strategic: Develops, refines, and communicates tactical plans for own responsibilities, providing the right level of detail as input for strategic plan development and demonstrating the value and necessity of linking tactical plans to the overall strategic plan.