Company: Financial Services
Reports to Head of Information Security
This role sits within the Information Security Team, part of Group Risk and Compliance, reporting into the Head of Information Security. The candidate will be responsible for ensuring that data and information processing systems are protected in-line with the information & cyber security programme.
The role will be responsible for information security event monitoring; the day-to-day operation of the internal technical vulnerability management programme, including review of emerging threats; reviews of user IT system acceptable use; assisting with information security risk assessment delivery and control audits towards internal/external compliance and regulation.
• Ensure the risks to our IT are identified and appropriately managed
• Ensure that the organisation has the appropriate controls to protect, detect, respond and recover from a security related incident.
• Perform risk assessments, agree risk remediation action plans and track to completion.
• Performs analysis of applications and systems, identifies weaknesses and designs security controls (people, process and technology)
• Considers privacy implications and develop controls to protect customer and employee data
• Maintains security documentation and develops architecture approaches to new technologies aligned to the security principles.
• Carry out regular monitoring of the IT security related controls, ensuring threats to business information are identified, logged and escalated in a timely manner:
o SIEM - Security events
o IDS/IPS - Intrusion detection/prevention
o Data Loss Prevention
o Web Application Firewall
o Email and Web content control
• Vulnerability Management - Monitor the IT systems against our technical vulnerability standards
• Research and advise on emerging threat actors/sources, zero-day exploits, vulnerabilities, Malware, APTs and data exfiltration methods
• Participate in InfoSec incident response, providing cover for out-of-hours security alerts and ensuring appropriate and timely response actions and escalation
• Carry out regular security reviews on identity and access management, user data permissions and IT security control policies
• Conduct vendor/supply chain security assessments
• Help develop and manage the Security Operations Centre
• Co-ordinate third party internal/external network, wireless and application penetration testing engagements
• Oversight of and reporting on the implementation of the organisation's IT, Data and Information Security policies.
• Maintains a high level of technical expertise and awareness in the field of information security, including security standards and good practice, current and emerging threats and vulnerabilities in ICT and appropriate and evolving mitigating strategies and counter-measures.
• Gains a good understanding of the techniques, tactics and procedures of cyber network attack originating for hacktivism, organised crime, state motivated actors resulting in crime, subversion, espionage, sabotage and terrorism.
Skills, Qualifications and Experience relevant to the Role
• Knowledge and Experience:
• At least 3 yrs Experience in an information or IT security related role within a financial or regulated firm
• Applicants will have a technical background with exposure to IT, security, network or cloud infrastructure administration
• Knowledge of current security threats and trends; exposure and/or appreciation of root causes of cyberattack methodologies
• Previous roles may include: Network Security Engineer, IT Service Desk, Security Administrator
• Technical threat analysis & cyber incidents e.g. e-mail phishing, malware, data breaches
• Fully understand security and implemented concepts such as identity access management, defence in depth, zero trust, least privilege, single points of failure, segregation (networks & duties), cloud security
• Leading and liaising cross team incident management, including identification, triage, response and root cause analysis
• Familiar with standards such as: NIST CSF, ISO 27001, CIS Top 20 Benchmarks, PCI DSS and NCSC guidance
Skills and Competencies:
• Analytical skills and an ability to analyse technical information in order to identify patterns and trends
• Maintain a current understanding of common vulnerabilities and appropriate remediation
• Communicating and documenting user reported security problems and incidents
• Appreciate when to escalate issues upwards
• Proven IT knowledge and background, ideally including:
o Active Directory (Identity Access Management)
o LAN/WAN networking, VPNs & TCP/IP fundamentals
• Working knowledge of various security technologies such as:
o Identity Access Management e.g. Active Directory
o E-mail & Web filtering appliances
o Anti-malware protection
o Vulnerability Scanners
o Host intrusion prevention
o Network and application firewalls
o Securing Cloud Architecture, preference MS Azure
• BSc/MSc in Information Security, computing, science, technology, engineering or mathematics (STEM) subject
• Known security qualifications such as CISSP, SSCP, CSSLP, CEH, EC-Council ECSA, GIAC GSEC / GCIH / GCIA, ISACA CISM / CRISC, CompTIA Security+, CySA+, CASP (highly advantageous)
• Any Microsoft Azure Security certification
• Portuguese would be a benefit
• A passion for cyber security and a keen interest in IT
• Highly motivated, responsible, reliable and organised individual able to use own initiative, manage own time and workload and an excellent attention to detail
• Capable of developing a strong working relationship with peers to encourage good security practices
• Collaborative and team-oriented, flexible attitude, adhering to a high standard of ethical behaviour