Information Security Officer - London

Role purpose

Support both the Head of IT and IT manager to ensure that the Banks Data, information and infrastructure are secure and resilient.

Key responsibilities

• Monitor for attacks, intrusions and unusual, unauthorised or illegal activity using current security tools and measures in place.
• Evaluate the effectiveness of existing security measures, such as firewalls, security policies and cyber tools, etc. and make recommendations to improve security based on their assessments and knowledge of current and emerging threats
• Regularly review and assess the security of the Bank infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in line with changing threats.
• Investigate security alerts and provide incident response
• Monitor identity and access management, including monitoring for abuse of permissions by authorised system users
• Keep up to date with the latest security and technology developments, and evaluate emerging cyber security threats and ways to manage them
• Identify potential weaknesses in the IT Infrastructure and implement measures, such as firewalls and encryption
• Test and evaluate security products and make recommendations for new systems or upgrades to existing.
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Liaise with 3rd parties such as auditors, SOC, pen testers to ensure all actions and findings are closed
• Advise the CMT and Plan for disaster recovery in the event of any security breaches
• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain the Banks IT Information and cyber security related policies & procedures
• Assist with the creation, maintenance, and delivery of cyber security awareness training for colleagues

Also assist the Head of IT & IT Manager: -

• Implementing the IT architecture
• Delivery projects
• Maintenance of IT policies and procedures
• Documentation
• Change management control
• On boarding new outsources and suppliers

Skills required

• A passion for cyber security and a keen interest in IT
• Excellent IT skills, including knowledge of computer networks, operating systems, software, hardware and security
• A broader understanding of the cyber security risks associated with various technologies and infrastructure and ways to manage them
• A good working knowledge of the some of the information and cyber security frameworks
• A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
• The ability to work as part of a team and to build strong relationships with staff at all levels and other relevant individuals
• Verbal communication skills, including presentation skills, with an ability to communicate with a range of technical and non-technical team members and other relevant individuals
• Written communication skills, for example to write technical reports
• Excellent attention to detail, analytical skills and an ability to analyse complex technical information in order to identify patterns and trends
• An ability to work under pressure, particularly when dealing with threats and at times of high demand

Additional details

We offer a highly attractive reward package; the typical benefits include:

• 25 days holiday entitlement increasing with service
• Pension Plan
• Private Medical Insurance
• Dental Cover
• Income Protection
• Life Assurance
• Employee Referral Bonus