Head of Security Architecture

London, England, United Kingdom

7/14/2025

Job Introduction

We are looking for a Head of Security Architecture with a great track record of building and running security architecture functions. This is a critical and high-impact leadership role supporting a large portfolio of change initiatives across the bank. The portfolio is characterised by a high volume of regulatory-driven, mandatory, and modernisation projects as well as large scale transformation initiatives often with tight timelines and complex technical requirements.

You will define and execute the vision, strategy, and roadmap for the security architecture function, establishing the teams governance, frameworks, and operating model to bring structure and repeatability to the function.

The role will report to the Head of Information Security, be a member of the UK Information Security leadership team, and oversee the design, implementation and continuous enhancement of the Security Architecture capability. This role works strategically across IT and the wider Bank to deliver Security improvements, helping our stakeholders manage their Information Security risk effectively and influencing good security outcomes.

Main Responsibilities

• Lead small influential team of Security Architects, providing a supportive environment that attracts and retains talent to provide an authoritative reference point for security technologies, principles and patterns within the overall Handelsbanken technical architecture.
• Be responsible for the definition and application of Security Architecture processes and working practices, ensuring alignment with other stakeholders including Enterprise Architecture, Secure Change Consulting and Group.
• By working with strong partnerships with Engineering & Development teams, ensure robustness, compliance and alignment to architectural principles of designs presented at Design Authority, Technical Design authority and implemented into Live.
• Provide thought leadership and guidance on security risks, policies, and controls to senior management and stakeholders, influencing key business decisions.
• Forge strong partnerships with Engineering/Development teams including “3-in-a-box” to integrate Security and ensure security is considered as part of the project and agile change lifecycles with risks identified, assessed and managed.
• Ensure transparency (aligned to the ORMF) in the management of Security and Privacy risks within Change workstreams and transparency on Operational Risk accepted into Run
• Take responsibility to identify, diagnose, establish facts and solution complex technical and organisational security issues, ensuring documented transparent risk management. Receive and resolve complex technical and organisational escalations.
• Influence at Roadmap steerco and risk committees to achieve good security outcomes
• Mobilise the Security Architecture practice, with robust plan to fully operationalise and embed, aligned to wider Bank and Group architecture teams. Act as authoritative architectural escalation point.
• Represent the UK Information Security Team at Governance Committees, and coordinate regular reporting and submissions, to ensure and support the Committee’s oversight
• Maintain close relationships with stakeholders such as UK Technology, Group Security, Risk, Project Demanders, Internal Audit
• Risk and Issue Management.
• Stakeholder Management, including but not limited to, the Project Sponsor; in some cases C-level, and other Project Responsible Business stakeholders of varying levels of seniority.
• Presentation at senior management committees up to C-level on progress and issues
• Ensuring that the end to end solution follows the Bank’s architecture and Security Directives.
• Support wider team embedding risk culture, ensuring management are aware of the risk and control environment they have responsibility for
• Provide specialist Information Security advice and challenge on mitigation plans
  
  

Ideal Candidate

Research (by Harvard University) shows that women are particularly likely to second guess themselves and not apply - so if you are worried you don't meet all the criteria, get in touch anyhow and let us do the worrying…

• Ability to solve complex problems, provide objective and supportive challenge whilst demonstrating “security as an enabler”
• Expert knowledge of DevSecOps practices and embedding security into the software development and release lifecycles.
• Ability to rapidly analyse and translate complex technical issues to be understood by audiences at different levels in the organisation
• Ability to rapidly context switch, support team to decisively tackle design issues and influence at multiple levels
• Be comfortable and confident to switch between established and emerging technologies
• Proven ability to translate Group wide policy, Standards and regulatory requirements into architectural processes, patterns and techniques
• Ability to drive continual and incremental improvement outside of immediate area of responsibility in a respectful way
• Hands-on experience integrating threat modelling into Security Design
• Experience of IT & Security in a Financial Services organisation, and an understanding of regulatory requirements
• Ability to establish facts, develop & document potential solutions and ensure views are aligned with pragmatic transparent risk management
• Ability to build and deploy matrix teams empowered to act autonomously but aligned to core methods and controls
• Take long term strategic ownership of security capabilities within area of responsibility defining and agreeing current and target state and multi-year plans to achieve them
• Good understanding of IT Risk Management and practical experience applying it to significant Change projects
• Be able to take responsibility and act autonomously
• influence decision making to surface and enable resolution of issues and risks across a wide range of stakeholders, up to and including senior management / executive
• be able to interact proactively and confidently with all areas of business, including senior management and product owners
• pragmatic, and effectively balances risk and control requirements with commercial drivers and customer outcomes
• Be able to plan, organise and prioritise tasks and projects, relating progress and costs to anchors such as the Information & Cyber Security Strategy and UKTI Business Plan
• Have the ability to solve problems creatively and effectively, build business cases and influence direction
• Excellent verbal and written communication skills.
• The ability to build effective networks with stakeholders, both internally and externally.
• A desire to continually improve the quality of services and products delivered to customers, and the quality and pace of delivery.
  
  

Company Information

Handelsbanken is a relationship bank with a decentralised way of working, a strong local presence thanks to a nationwide network of branches, and a long-term approach to customer relations. Each Handelsbanken branch operates as a local business enabling it to make decisions at a local level and provide a bespoke service. The focus is always on the need of the individual customer and not on the sale of specific products.

We are embarking on an exciting Business Transformation journey. This transformation will significantly enhance our technology system systems, processes and services, bringing evolution to our ways of working. Join us in this transformative journey, where your dedication, adaptability and commitment will play a crucial role in shaping the future of banking for our valued customers.

The Bank is deeply committed to embedding good equality and diversity practice into all of our activities. This is so that we are an inclusive, welcoming and inspiring place to work that encourages everyone to apply, regardless of socio-economic background, age, disability, pregnancy and/or parental status, race (including colour, nationality, and ethnic or national origin), veteran status, marital and civil partnership status, religion or belief, sex, gender reassignment or sexual orientation.

Check our Handelsbanken website for further information

At Handelsbanken, we deeply value our unique culture and values including trust in and respect for each individual. We take pride in nurturing a work environment where people flourish, and where they are empowered to take decisions in their areas of expertise. We take a long term perspective in everything we do and want each employee who joins us to build a long terms successful career with the Bank.

What is in it for you?

• We have a wide range of learning and development available, empowering and enabling our colleagues to take ownership of their own development.
• Competitive Salary and an extensive range of benefits is provided, including private medical insurance, income protection and life assurance
• A market-leading pension contribution of 15% paid by the bank, which can be invested in a wide range of funds (including ESG and Shariah funds)
  
  

Application next steps

Your journey with us begins once you have submitted your application. One of our Handelsbanken recruiters will be reviewing your details and will later organise a phone conversation if you match the role requirements. If there is a mutual fit, we will extend an invitation for you to participate in an interview.

How can we support you to be your best self? Our Talent Acquisition team will be happy to provide support e.g. if you need additional time to prepare for an interview or you have any requirements for any part of the interview/hiring process – just let us know by email [email protected] .

This advert will be live for a minimum of two weeks. However, please note that after the two weeks, the closing date could change at any time depending on the number of responses received.