Information Security Architect
Knaresborough, United Kingdom | TSYS
Functions:IT / Information Technology
Job Description:89 people have viewed this job
Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services.Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results.We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions.Join our dynamic team and make your mark on the payments technology landscape of tomorrow.
Global Payments is the parent company for TSYS, Netspend, Heartland, TouchNet, OpenEdge, Xenial, Greater Giving, ACTIVE Network, and AdvancedMD.Headquartered in Georgia with over 24,000 employees worldwide, Global Payments is a member of the S&P 500 with worldwide reach spanning over 100 countries throughout North America, Europe, Asia Pacific and Latin America. For more information, visit globalpaymentsinc.com and follow Global Payments on Twitter (@globalpayments), LinkedIn and Facebook.
Summary of This Role
Security Architecture and Design Specialist required for a dynamic and challenging role, based in our Knaresborough office.A key member of the Global Information Security Architecture team you will work closely with the other members of the Information Security (IS) team to deliver security policies, processes and standards into the design and build of Global Payment solutions.Focused on cloud initiatives you will work with business units and other functions to identify security requirements, using methods that may include risk and business impact assessments. Your day to day role will be alongside the Global Technical Services (GTS) department and associated business units to design and ensure the implementation of appropriate technical security controls to meet the security requirements.
What Part Will You Play?
Works with IT and IS teams to identify, select and implement technical security controls.
Consults with IT solution designers (cloud and on-prem) to assure and ultimately approve designs and system changes in line with policy,agreed standards and/or risk profile.
Develops security processes and procedures to ensure that security controls are managed and maintained.
Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
Maintains an in depth understanding of financial and credit card industry standards (e.g. PCI standards, card association requirements, GDPR) and ensures that all projects are delivered to these standards.
Assesses IT operational activities for compliance and security gaps both periodically (e.g. PCI assessments) and as an ongoing activity (e.g. day to day interactions).
Prioritises remedial work, driving security improvements across the business. Trains non-security staff on risks and sensible approaches for mitigation.
Supports incident response from a security technology perspective.
Assess the impact of business change on the IT security model and associated artefacts.
Develops architecture strategy and creating models/pattern
What Are We Looking For in This Role?
- Bachelor's Degree
- Relevant Experience or Degree in: in Information Security or Computer Science
- Typically Minimum 6 Years Relevant Exp
- PCI DSS experience mandatory
- One or more of the following (or similar) -CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, Security +, CGEIT
- Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) and/or TOGAF qualification highly desired.
- CCSP or AWS Cloud Certifications highly desired.
- ISO 27001 or NIST CSF experience highly desired.
What Are Our Desired Skills and Capabilities?
- Strong understanding of business applications, including internet facing and financial systems.
- Excellent technical knowledge and preferably design experience of: Mainstream operating systems [for example, Microsoft Windows, Macintosh, Linux, AIX] databases, middleware, virtualisation and storage technologies.
- A wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, cryptography, SIEM, anti-malware solutions, automated policy compliance tools, and desktop security tools.
- Network infrastructure and design, including routers, switches, firewalls, and the associated network protocols and concepts.
- Application and web technology and security issues (for example OWASP).
- Ability to apply skills to new technology stacks including Public Cloud and Containerisation.
- Technical knowledge of mainframe systems (desirable).
- Proficiency in performing risk, business impact, control and vulnerability assessments.
- Ability to absorb and understand complex 24x7 enterprise IT environments and rapidly identify potential vulnerabilities, security risks and impacts.
- Strong analytical and conceptual skills; ability to create original concepts/theories for a variety of stakeholders.
- Excellent communication skills with the ability to communicate highly technical issues and strategy to both technical and non-technical audiences at all levels within the company.
- Experience of working in an international organisation and handling issues that cross cultural boundaries.
- Able to deliver results through virtual teams and matrix managed resources.
Already a member? Sign In