Nutmeg is hiring a

Security Architect

London, United Kingdom

Who we are:

Nutmeg is Europe’s leading Digital Wealth Manager, but we don’t want to stop there! We’re continuing to build our platform to help us achieve our mission of being the most trusted Digital Wealth Manager in the world.


Job in a nutshell:

We are in the process of expanding our security function with the addition of a Security Architect.

As the Security Architect, you will be taking on the development and continual improvement of security processes and controls within our award-winning web and investment management platform.

With a wide range of responsibilities, the Security Architect will be a key, hands on individual who will help to drive the business forward in a secure and compliant manner, ensuring that Nutmeg maintains its position as a leader in the FinTech sector.

Requirements

    • Defend the business by building and implementing security processes and procedures in order to identify, protect, and respond to risk
    • Continuous development, implementation, and monitoring of a strategic and comprehensive information security and IT risk management programme
    • Work with engineering teams to educate them on best practices like OWASP, encryption standards (in transit and at rest), data security, integrity and API security
    • Partner with stakeholders across the company to raise awareness of security concerns and promote responsible behaviour by improving the security culture internally

Your skills:

    • Excellent knowledge of the cybersecurity threatscape (including keeping up to date with the security industry)
    • Strong cloud experience, ideally with AWS, including relevant security tools, features and best practices
    • Experience of IDS, anomaly detection, WAF, vulnerability management, penetration testing (including tools like Burp and Nessus)
    • Proven knowledge of SIEM, including setup and patterns for working with custom log formats
    • First class understanding of secret management both at application level (ideally with Vault) and for internal users
    • Professional security management certification
    • Understanding of ISO27001 and ability to implement the policy according to legislation
    • Ideally, an understanding of container schedulers (we use Kubernetes), and associated tools like Terraform, Harbor, service meshes, mTLS, etc
    • Proven leadership, management (including managed services), senior stakeholder engagement, and contract & vendor negotiations.

Benefits

  • 25 days’ holiday
  • Birthday day off
  • 2 days’ paid community leave
  • Daily delivery of fresh fruit and artisanal coffee
  • Cycle storage and showers onsite
  • Choice of hardware
  • Generous pension plan
  • Private healthcare from day 1
  • Season ticket loans
  • Competitive salary
  • Access to coaching platform & regular knowledge sharing
  • Part of a diverse and inclusive Nutmeg team