Job Description
Who we are:
Nutmeg is Europe’s leading Digital Wealth Manager, but we don’t want to stop there! We’re continuing to build our platform to help us achieve our mission of being the most trusted Digital Wealth Manager in the world.
Job in a nutshell:
We are in the process of expanding our security function with the addition of a Security Architect.
As the Security Architect, you will be taking on the development and continual improvement of security processes and controls within our award-winning web and investment management platform.
With a wide range of responsibilities, the Security Architect will be a key, hands on individual who will help to drive the business forward in a secure and compliant manner, ensuring that Nutmeg maintains its position as a leader in the FinTech sector.
Requirements
Defend the business by building and implementing security processes and procedures in order to identify, protect, and respond to risk
Continuous development, implementation, and monitoring of a strategic and comprehensive information security and IT risk management programme
Work with engineering teams to educate them on best practices like OWASP, encryption standards (in transit and at rest), data security, integrity and API security
Partner with stakeholders across the company to raise awareness of security concerns and promote responsible behaviour by improving the security culture internally
Your skills:
Excellent knowledge of the cybersecurity threatscape (including keeping up to date with the security industry)
Strong cloud experience, ideally with AWS, including relevant security tools, features and best practices
Experience of IDS, anomaly detection, WAF, vulnerability management, penetration testing (including tools like Burp and Nessus)
Proven knowledge of SIEM, including setup and patterns for working with custom log formats
First class understanding of secret management both at application level (ideally with Vault) and for internal users
Professional security management certification
Understanding of ISO27001 and ability to implement the policy according to legislation
Ideally, an understanding of container schedulers (we use Kubernetes), and associated tools like Terraform, Harbor, service meshes, mTLS, etc
Proven leadership, management (including managed services), senior stakeholder engagement, and contract & vendor negotiations.
Benefits
25 days’ holiday
Birthday day off
2 days’ paid community leave
Daily delivery of fresh fruit and artisanal coffee
Cycle storage and showers onsite
Choice of hardware
Generous pension plan
Private healthcare from day 1
Season ticket loans
Competitive salary
Access to coaching platform & regular knowledge sharing
Part of a diverse and inclusive Nutmeg team
