Cybersecurity Design Reviewer Architect

ROLE: Cybersecurity Design Reviewer/Architect

WHO WE ARE:

We are responsible for detecting and preventing attempted cyber intrusions against the firm, helping the firm develop more secure applications and infrastructure, developing software in support of our efforts, measuring cybersecurity risk, and designing and driving implementation of cybersecurity controls. The team has a global presence across the Americas, APAC, India, and EMEA.

Within Technology Risk, Advisory is the consultative and technology subject matter expertise arm, responsible for assessing new technology initiatives for risk, partnering with engineers to architect, design, and maintain secure applications and infrastructure, embedding implementation reviews as part of the SDLC and CI/CD pipeline via code analysis and penetration testing, and guiding technology innovation in terms of security and control.

The team plays a critical role in designing and assessing controls for our transition to building native public cloud applications.

HOW YOU WILL FULFILL YOUR POTENTIAL:

You will be part of the global Technology Risk organization, overseeing a subset of business-critical applications. Within that scope, your job will be to review and consult major application changes at the design/architecture stage, from the information security perspective. You will be the security-related single point of contact for your application teams, aggregating signals from additional sources like penetration tests and bug bounty reports, to advocate for best-in-class security standards.

Your responsibilities will include:

Conduct cybersecurity design reviews , including those for AI and machine learning solutions, challenging and validating architectures prepared by development teams to ensure robust security practices are embedded from the start.

Serve as a cybersecurity advisor , providing expert guidance and best practices to teams on secure design and implementation strategies, with a particular emphasis on web applications and AWS infrastructure.

Drive organizational change by creating, documenting, and promoting effective security patterns, and actively supporting developers in applying them within their projects.

Conduct Read-out Calls with the business to articulate risk and recommend a mitigation strategy.

Analyse reports and findings from penetration tests and code reviews, guiding development teams in the effective resolution of identified security issues.

Mentor and support junior team members, fostering their growth and development within the cybersecurity discipline.

BASIC QUALIFICATIONS:

4+ years’ experience in one or more technical roles (focusing on application security and cloud security).

Prior experience in performing Threat Modeling, Secure Design Reviews or Secure Architecture Reviews.

Degree in Computer Science, System/Computer Engineering, Cyber-Security, or Information Secu