Security Architect – Payments at Stack Digital, Swindon/Remote, 6 Months, £525 per day

£525 per day
6 Months or more Finance Information Technology

Contract Description

Job Title: Security Architect – Payments

Work Location: Hybrid – 2 days from the office (Swindon and London, UK&I)Rate Payable to Contractors: £525 per day

Duration of Assignment: 6 months

 

Role Description:

As a Security Architect focusing on Payment systems, your primary responsibility will be to design, implement, and maintain robust security architectures for payment systems within a financial organization. This role involves ensuring the security of financial transactions, protecting sensitive data, and complying with industry regulations.

 

 

Key Responsibilities:

 

Develop and implement comprehensive security strategies for payment system upgrades.

  • Conduct thorough risk assessments to identify potential security threats and develop mitigation strategies.
  • Create comprehensive threat models aligning with MITRE ATT&CK and STRIDE frameworks.
  • Recommend the best controls and mitigations for potential vulnerabilities.
  • Ensure designs comply with relevant regulations and standards, including GDPR, SOX, and PCI-DSS.
  • Implement advanced encryption and access control mechanisms to safeguard data integrity and confidentiality.
  • Collaborate with cross-functional teams to integrate security measures seamlessly with downstream systems.
  • Ensure data at rest and in transit is encrypted using appropriate mechanisms.
  • Communicate security risks and strategies effectively to stakeholders, including executive leadership and IT teams.

 

Key Skills, Knowledge, and Experience:

Proven experience as a Security Architect working in a large, complex organization, ideally within a financially regulated enterprise (e.g., PCI compliance).

  • Extensive experience in financial organizations.
  • Expertise in developing bespoke threat models leveraging frameworks like MITRE ATT&CK and STRIDE.
  • Proficiency in assessing Identity and Access Management (IAM) functions and associated risks during acquisition processes.
  • Ability to understand and assess the security aspects of technical designs/solutions and constructively challenge to deliver better business and security outcomes.
  • Strong knowledge of cryptography.
  • Basic understanding of SAP architecture in finance is a plus.

 

Person Specification:

Previous experience working in UK Financial Services or other highly regulated industries.

  • Relevant professional qualifications (or working toward certification), such as CISM or CISSP.
  • Familiarity with M&A processes and their unique security challenges.
  • Knowledge and experience with PCI-DSS, including PCI-P qualification.
  • Knowledge and experience with data privacy and GDPR.
  • Experience with regulatory compliance frameworks specific to financial organizations.
  • Excellent interpersonal and communication skills.
  • Ability to work independently and collaboratively within a team.