Director of DevOps & Information Security

Are you a Sr DevOps resources who is ready to be handed the keys to the castle for a global fintech firm? If so, let's talk.

The Director of DevOps and Information Security is responsible for defining, managing, and governing DevOps and Information Security patterns and practices for the new platform for our Institutional and Investment Management division. The Director will design, plan, and implement the DevOps and Information Security best practices, manage the quality and security of data flows to and from the new platform, reconcile and resolve any reconciliation issues for client onboarding, mange secure coding practices and security testing methodology, drive the security testing of the platform for both internal testing and external penetration testing, and ensure that the platform satisfies industry certification standards.

Specific roles and responsibilities include:

• Manages, execute, and govern a DevOps process that will bridge the gap between development and operations to ensure smooth rollout from development through to the client production environment.
• Program manage the technical deployment of features to the UAT and Production Cloud environments and manage those environments on an ongoing basis for reliability, performance, interoperability, and security
• Define and deliver an automated data migration process and toolset that develops the data brokers needed to automate the data migration and continually enhance them to ensure that data migrations for client onboarding are efficient and optimized
• For client onboarding, run an automated, efficient reconciliation process that captures all data exceptions and drive resolution to all reconciliation issues
• Define the optimal interoperability model at client onboarding for how the platform will interact with each data flow (e.g. change from file based to message-based or REST API based where possible) for client operations
• Verify the flows for accuracy and for performance and work with the platform product teams as needed to resolve any issues
• Provide technical leadership in the comprehensive planning, development, and execution of SS&C information security and software security efforts.
• Work closely with product and engineering development teams to ensure that products meet or exceed customer security and certification requirements. This includes ensuring that the security architecture is well documented and communicated.
• Monitor security technology trends and requirements, such as emerging standards, for new technology opportunities.
• Liaise with corporate level security team to ensure conformity with any existing standards, technologies etc.
• Develop and execute security plans. This may include managing across third-party vendors, and providing guidance (with other departments) to the engineering and testing practices.
• Ensure, and create as needed, security policies, processes, practices, and operations to ensure reproducible development and high quality, while keeping costs under control.
• Guide SS&C software development teams through the Secure Development Lifecycle (SDL) by participating in design reviews, threat modeling, and in-depth security penetration testing of code and systems. These responsibilities extend to providing input on application design, secure coding practices, log forensics, log design, and application code security.
• Select, implement, and maintain all tools and platforms required for all phases of the SDL.

Requirements and Preferences

• Experience implementing complex investment management solutions for global clients
• Bachelors/Masters in Computer Science or related field (ideally with a focus on Information Assurance/Cybersecurity)
• Demonstrated working knowledge of Data Privacy, Cyber Security & Governance regulations and industry standards
• Recognized industry security certifications (e.g. CISSP / CISM)
• Hands-on experience deploying software to public cloud providers (e.g. AWS, Azure)
• Strong background with evidence of success in Program Management and Project Management (ideally with certification in Agile methodologies such as Certified Scrum Master or Scaled Agile program management)