Manager - Principal Security Architect: Secure Design (IC)

Security Architecture - Secure Design Team

Grade: GG14

The Security Architecture Design team is responsible for developing security architecture patterns, security controls for new technology, promoting architectural patterns into development projects, leading the Security Architecture Design Forum, evaluating security risks in existing systems, and consulting with system development teams and architects on building security into their designs.

This role's key task is accelerating the delivery of secure design artefacts and leading secure design interventions by adding capacity and capability to the team.

Reports to: Senior Manager - Secure Design

• Business Aligned Principal Security Architects
• CyberSecurity Engineering
• CyberSecurity Testing and Vulnerability Management
• Cloud Security
• Identity Management
• Security Architecture Design Forum (member)
• Project teams

• Develop and support security architecture design patterns and standards to ensure compliance with security requirements, industry standards, customer needs, and regulations.
• Assist in developing and championing a Security Architecture control framework.
• Research, design, and document security posture requirements for new technology, engaging in technology acquisition processes.
• Research industry trends and regulatory requirements.
• Lead security architecture risk evaluations, review systems, propose remediation plans, and evaluate cost/risk benefits.
• Promote secure by design practices with technical delivery teams, including threat modeling activities.
• Nurture secure technical practices to achieve technical excellence.
• Support experimentation and innovation in security solutions.
• Supervise third-party deliveries related to security architecture.
• Represent the company internally and externally on information security matters.
• Develop and monitor metrics to assess the effectiveness of the Security Architecture function.
• Manage content for the Security Architecture intranet platform.

• Guide and mentor team members.
• Deputize for the Senior Manager - Secure Design as needed.

• Develop and prioritize the security design pattern library.
• Deliver security design patterns individually or with other teams.
• Collaborate with security teams and projects on secure design guidance.
• Develop security architecture interventions for business-specific processes.
• Contribute to metrics development and reporting for the team.

This is a group-wide role crucial for managing security risks associated with business technology systems. Success involves balancing effective collaboration with project teams, developing security collateral, and identifying gaps during project delivery.

• Timely delivery of design patterns.
• Successful security architectural interventions.

• 7+ years in technical engineering or information security, with security architecture preferred.
• Experience with enterprise architecture frameworks, threat modeling, and security controls in distributed systems.
• Knowledge of security principles, vulnerabilities, and standards like OWASP, SANS, NIST, CIS, NCSC.
• Understanding of authentication, access control, encryption, cloud, network, and database security.
• Ability to produce clear, engaging documentation.
• Familiarity with developer tools and YAML/Markdown/Terraform.

• Preferred experience in financial services or technology sectors, and regulated environments.

• Experience supervising technical specialists and collaborating with remote teams.
• Collaborative work style and adaptability.

LSEG is a leading global financial markets infrastructure and data provider committed to driving financial stability, sustainable growth, and inclusive economic opportunities. We value diversity, integrity, partnership, excellence, and change. We offer tailored benefits including healthcare, retirement, volunteering days, and wellbeing initiatives. We are an equal opportunities employer, supporting applicants' religious, mental health, and physical needs.