Senior IT Securty Officer (2046/33) - London

 

 

 

As the Senior IT Security Officer, you will work on the security aspects of project delivery across the Group, including but not limited to design, delivery, and building processes to ensure the controls remain in place into BAU. Working with IT teams across the organisation to achieve secure solutions through assessing risk and building pragmatic solutions to mitigate those risks within the risk appetite.

 

 

Liaise with UK CTO and other assigned groups to manage the security portions of strategic projects, working within the project teams to achieve goals on time and on budget

Deliver assigned UK Security projects, enhancing our controls and closing new risks, on time and on budget

Form ad-hoc cross-department teams as required to make decisions that support project delivery and solve important security problems

Liaise with Group, UK CTO and Operating entity architecture teams, including Security architecture, to maintain consistency across group strategy, and to maintain governance over the UK IT Systems.

With the UK Security team to provide consultancy on the security aspects of business goals and plans outside CTO

Build secure solutions which can be measured, for example on Coverage, Quantity, and Quality metrics, and can be moved into a supportable and maintainable Business As Usual state

Assist the rest of UK Security producing risk assessments of Group and 3rd party tools and platforms, as required

Provide technical consultancy on 3rd party risk for specific solutions.

Act as subject matter expert to the business and to other members of the Security team as required

Proactively investigate new threats to the business, and propose solutions to address them

Ensure the Security Policies are met and maintained, and that new technology build has a net positive on the controls and risk posture to the UK

Prepare, and when appropriate, deliver oral and written reports to the Head of UK Security as well as other key senior managers both within Corporate Centre and the Operating companies

Work with the UK Security team on process redevelopment, working to streamline processes, and develop new processes that allow us to improve the efficiency and/or reduce the risk of information security.

 

 

 

Relevant Professional Qualification – e.g. CISSP, CISM, MIISP desirable but not required

Disciplined and organised mind-set with a good attention to detail

Excellent time management skills, including the ability to manage a demanding and variable workload with tight deadlines

Excellent communication and interpersonal skills, including the ability to negotiate and resolve conflict

Good analytical skills and the ability to clearly identify key issues

A strong customer focus to ensure internal stakeholder needs are met

Some knowledge and understanding of the issues and key information requirements affecting the IT environment

Project management skills

Excellent Word, PowerPoint and Excel skills

PCI/DSS knowledge extremely desirable but not required

IFC/SOX knowledge extremely desirable but not required

Knowledge of FSA regulations desirable but not required

Knowledge and skills in the following areas are desirable but not required:

• ITIL

• Cloud Security

• Coding and Scripting

• Application Security

• Big Data

• Architecture

• Networking

 

 

Bonus Scheme linked to yours and the company’s performance 

Pension scheme with employer contributions as well as your own

35 hour working week

25 days holiday (increases with service) with ability or purchase additional days plus bank holidays

Interest free season ticket loan scheme

Share Plan Scheme

Flexible benefits scheme

Discount on all of the Groups financial products, including insurance, breakdown cover & healthcare