Company overview
Nomura is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com
Job Description:
Seeking an experienced Senior Data Security Architect with expertise in enterprise data security and protection, secrets management, and encryption to join our Global IT Security Organization. The ideal candidate will be responsible for designing, implementing and maintaining a comprehensive security architecture framework to protect sensitive data and secrets across the organization.
Key objectives critical to success:
An individual with extensive experience in data security at an enterprise level. The role will require in-depth understanding of cyber security data principles, technologies and best practices. This is a technical leadership position that requires previous experience with the different cyber security solutions/products and technology. The successful candidate will be responsible for driving data security architecture practices and patterns across Nomura to ensure that projects, software and services meet defined security standards.
The team’s focus is to utilise industry frameworks to embed a security reference architecture for
the design, implementation and enhancement of our security controls and roadmaps for our security technologies. Successful candidate will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex data security challenges, and communicating to all levels of the business, domestic and international entities, provide subject matter expertise and serve as trusted advisor to the broader technology functions and business lines.
Responsibilities:
- Develop and maintain a deep understanding of the organization's data security, protection and secrets management and encryption needs.
- Design and implement a comprehensive security architecture framework and reference architectures for data protection, secrets management and cryptography.
- Continuously develop and mature the program and roadmaps in line with industry best practice and the evolving threat landscape.
- Develop and maintain security policies and standards for data protection, secrets management and cryptography.
- Provide guidance and technical leadership to project teams to ensure data security requirements are properly integrated into software development and infrastructure projects.
- Partner and collaborate with cross-functional teams including the Global Data Management Group to identify and address data security risks across the organization.
- Define key management solutions and patterns to protect sensitive data and secrets.
- Stay up-to-date with industry best practices and emerging trends in data protection, secrets management and cryptography, and incorporate them into the security architecture framework.
- Experience coaching, mentoring and leading less experienced colleagues.
Skills, experience, qualifications and knowledge required:
- Established Data Security Architect with at least 10 years within the broader IT Security disciplines and technologies.
- At least 3-5 years of experience in data security architecture, with a focus on data protection, secrets management, and encryption.
- Experience with cloud security, especially related to data protection and secrets management.
- Experience with developing requirements and models for the future-state, current state and gaps in data
- Data security architecture experience in applying enterprise architecture principles and methods in supporting IT programs and Projects
- Demonstrable understanding of security solutions and designs from a people, process and technology
- Strong knowledge of encryption standards and technologies, such as AES, RSA, and PKI.
- Familiarity with secrets management tools and technologies, such as HashiCorp Vault , Conjur, or AWS Secrets Manager.
- Experience with compliance standards and regulations
- Knowledge of established information security frameworks and standards (i.e. NIST, ISO2700, CSA, SCF) and their application into diverse environments.
- Cyber Security related qualification (s) such as CISSP, CISM, CISA, CRISC
- Strong relationship, communication and stakeholder management skills. Ability to deal effectively with key stakeholders, internal and external to the Technology Division
- Ability to act pro-actively to ensure and effectively collaborate with regional and global counterparts
- Excellent interpersonal skills with the ability to build and influence; and self-motivated
- Committed to continuous improvement for team and self.
- Ability to run with a number of tasks concurrently and manage expectations appropriately
Diversity Statement
Nomura is committed to an employment policy of equal opportunities, and is fundamentally opposed to any less favourable treatment accorded to existing or potential members of staff on the grounds of race, creed, colour, nationality, disability, marital status, pregnancy, gender or sexual orientation.
DISCLAIMER: This Job Description is for reference only, and whilst this is intended to be an accurate reflection of the current job, it is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job. The management reserves the right to revise the job and may, at his or her discretion, assign or reassign duties and responsibilities to this job at any time.
SFID: 4796