Principal, IT Security Operations - City of London

IT/Information/Cyber Security
Ref: 66 Date Posted: Monday 20 Jan 2020
LinkedIn ShareShare
Company: Financial Organisation
Location: City of London
Reports to Head of IT Security & Business Continuity
Salary: £80,000-£85,000
Benefits: Very Generous

The Role

The post holder is responsible for overseeing the overall day-to-day operations of the Banks IT security function including the management of Security operations provided by the selected outsource provider.
The role will work with the outsource provider to safeguard the Bank from intrusion, security threats, security weaknesses, software bugs and exploits, and will have responsibility for the IT Security management processes ensuring the ongoing security of the Banks data and resources. This role is the Banks representative for all operational security items.
The role sits within the IT Security team within Infrastructure and Operations. Though the primary focus of the role is IT security, the role also works closely with, the Operational Risk and Information Security team
Accountabilities & Responsibilities
Responsible for IT Security Incident response, including the definition of policy and process.
Management of the IT Security service providers, vendors, and consultants to ensure key objectives and deliverables are met in an efficient manner
Managing the day-to-day Security operations function provided by the outsource provider through daily calls and regular communications
Responsible for working with the Infrastructure and Operations technical teams responsible for the support and maintenance of all security related Infrastructure and applications.
Manage the interaction between the Managed Security Service Provider and the Infrastructure Service Provider
Oversight, planning and execution of any required vulnerability audits, penetration tests or forensic IT audits or related investigations. 
Ensure findings are discussed with the Associate Director, IT Security and are fed into projects improving the banks overall IT Security.
Liaison with senior level directors and other key stakeholders plus managers, analysts, and other IT Security risk-assessment professionals.
Development of clear and concise operational reporting suitable to be presented to Senior IT Management. This includes submissions of regular Key Risk Indicator reports that can be used to prioritise IT Security activities,
Coordinate responses to Internal Audit recommendations to ensure that audit observations related to IT Security are appropriately managed.
Coordinate vulnerability assessment and penetration testing as well as managing the associated remediation activities.
Work with suppliers to perform due diligence and security assessments of third party IT services and Cloud Service Providers to ensure IT Security is adequately addressed.
Oversee and manage the relevant change/incident/problem/etc processes applicable for each Security service and making sure IT  processes are followed
Ensures security incidents are logged, escalated and responded in line with SLAs defined for Security Operations Centre services
Monitors Security Operations Centre service provider and identifies any areas of improvements by producing relevant KPIs and metrics. Report with recommendations on how to improve services to Senior IT Management
Provide the initial point of contact for cyber related incidents and ensure appropriate escalation as and when required
Attend Security Operations Centre service review meetings with the service provider
Build and maintain a positive working relationship with the service provider

Knowledge, Skills, Experience & Qualifications

Educated to honours degree level and/or a relevant and recognised Professional level IT Security accreditation
Detailed working knowledge of ITIL framework and Business Continuity practices.
Proven ability to accurately take decisive action based on available information in a timely manner
In-depth knowledge of technical security solutions covering areas such as data leakage prevention, Security Information and Event Management, anti-malware, vulnerability management, threat assessment, encryption, Public Key Infrastructure, and cloud computing. 
Experience coordinating and supporting incident handling and remediation
Extensive experience in IT Security Operations
Relevant experience in the Financial Services sector.
Broad understanding of corporate IT infrastructures and technologies.
Experience of successfully working under pressure to challenging deadlines.
Experienced in leveraging core security and infrastructure technologies during investigations like firewall logs, network security tools, malware detonation devices, proxies, or IPS/IDS
Proven ability to analyse and identify common application and network based attacks
Practical experience of computer operating systems such as MS Windows, UNIX/Linux
Ability to quickly get to the root cause of issues
You will need to be organised, efficient and able to work unsupervised under their own
Technical skills: 
Experience of ServiceNow. 
Desired knowledge of Firewall Technologies, End Point protection, Malware Protection.
Experience of Data Loss Prevention and Security Information and Event Management tools.
Good working knowledge and understanding of (with particular emphasis on IT Security aspects) in the following areas: server virtualisation, VMware, Microsoft W2K8, W2K12 & W2K16, Windows 7 & 10, HP UX, RedHat Linux and Oracle, NetApp storage consolidation, Cisco Networking
Ability to operate sensitively and effectively in a multicultural environment.
Ability to communicate effectively to a wide variety of audiences both within and outside of the Bank.
Ability to handle pressure and work to challenging deadlines.
Ability to work both independently and as part of a team.
Good team player with strong interpersonal and diplomatic skills.
Fluency in oral and written English is essential.
Good organisational and multi-tasking skills.