Information Security Manager
Remote
London, United Kingdom
Freelance
13-02-2025
Job Specifications
About Us
BACB is a UK bank that offers trade finance and investment expertise to clients in specialist markets, especially Africa and the Middle East
We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK.
Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first.
Additional Info
Hybrid Working: 3 days onsite, 2 from home
Location: City of London
Contract Type: Fixed Term Contract
Contract Length: 12 months
Job Summary
Reporting to the Head of Operational Risk and working closely with the Head of Information Security, the role will support in managing the Bank’s Second line of Defence (2LOD) for cyber security, assuring compliance with the Bank's Information Security Policies and Standards and overseeing the effective implementation of security controls through engagement with the Bank’s cyber security operations team (1LOD).
Key Work Outputs and Accountabilities
Supporting the management of the Bank’s Cyber Security function maintaining compliance with our NIST based cyber security framework.
Responsible to Head of Operational Risk for Information Security RCSA framework, in particular regulatory compliance, and tolerated risk exposure.
Act as Cyber Security expert within the Second Line of Defence (2LOD), providing advice and guidance to 1LOD on best practice cyber security and to business driven change activity.
Working with the Bank’s Enterprise Architect to ensure solutions are delivered in accordance with BACB’s IT Security policies and Standards
Ensure the Bank can effectively respond and recover from Cyber Security Incidents.
Working with the Head of Information Security on ways to defend the Bank from current cyber threat landscape, identifying emergent threats and recommending innovative controls and mitigations.
Work together with the 1LOD and provide evidence that IT Security operations are within risk tolerances (e.g., Evergreen IT, Patching, Vulnerability scanning and Pen Testing) (supported by a 2nd member of the 2LOD team)
Oversee compliance with the Bank’s cyber security standards and policies liaising with CIO (1LOD) where responsibility spans Lines of Defence.
Maintain security performance metrics/ KPIs, recommending improvements where appropriate.
Effective use of specialist tools and logging to review the Bank’s cyber status and perform requested “deep dives” as necessary as well as define automated alerting mechanisms, ensuring that these alerts can be assessed and investigates independently by 1LOD and 2LOD.
Engaging with the CIO and the Head of Information Security to ensure that sufficient/ effective cyber defences are implemented, giving the Bank value for money for any procured Cyber Security solutions, including Cyber Risk Insurance.
Responsibility for the effective bank-wide cyber security training and awareness.
Required Qualifications and Experience
Educated to degree level (or equivalent), possessing at least one security accreditation (e.g., CISM or CISSP)
Good working knowledge of cyber security standards (i.e. NIST, ISO 27001, Cyber Essentials, GDPR).
Previous experience in the practical use and management of products such as Defender, Darktrace and Mimecast
IT security management knowledge, skills, and experience.
Familiarity of firewall rulesets and the requirements for effective cyber defence.
Familiar with the Microsoft stack from Desktop products to server products to Azure
Working in Financial Services or another regulated market, such as aviation or energy.
Managing the delivery of an organization-wide information security related strategy
Knowledgeable in common Data Leakage reasons and effective prevention.
Working with on premise, public and/or hybrid cloud environments
Conducting security-based investigations, the management of such inquiries and liaison with external BACB engaged investigation parties.
About the Company
BACB is an international wholesale bank. We provide tailored trade solutions to clients, with a focus on facilitating trade to and from specialist markets in Africa and the Middle East. Established in 1972, BACB is a UK-registered public limited company. We are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and Prudential Regulation Authority. We are based in multicultural London, banking capital of the world, which provides our clients with the assurance of dealing with... Know more
Related Jobs
- Company Name
- Experis IT
- Job Title
- Network Architect - SC Cleared
- Job Description
- Network Architect - Pre-Sales & Bid Specialist - MUST BE SC CLEARED Are you ready to shape the future of secure networking? We are looking for Network Architects with pre-sales and bid experience to join our dynamic Networks Practice. You'll work on cutting-edge high-assurance solutions for customers in the UK and overseas, collaborating with Solution Owners, Delivery Executives, and vendors to create innovative network designs that exceed expectations.What We're Looking For: Experience in designing innovative network solutions that meet customer needs. Ability to produce High-Level Designs (HLDs) and detailed bid documentation. Skilled in network and routing protocols with a strong technical background. Hands-on experience working with Sales, Bid Managers, Commercial teams, and Architects. Strong communication skills with the ability to engage multiple stakeholders. Proven track record of working on bids and delivering complex network changes. What You'll Do: Develop cutting-edge network solutions tailored to customer requirements. Work closely with stakeholders to define, design, and cost solutions. Support bids, proposals, and complex change projects, ensuring alignment with objectives. Create estimates, BOMs, and licensing recommendations. Take ownership of designs and provide expert input to customers and internal teams. Ready to take your career to the next level? Apply now! Note: Due to the high volume of applications, we may not be able to respond to all applicants. If you haven't heard from us within 14 days, please consider your application unsuccessful.
- Company Name
- Next Ventures
- Job Title
- Network Field Engineer
- Job Description
- My client is currently hiring for 2x Senior Field Network Engineers. Job Information: Working across 2 sites (Harlow & Farnborough) Immediate start You'll need to be BPPS eligible Happy to work shift patterns (including overnights) Expenses will be available Roles is OUTSIDE IR35 Initial 6 month contract, expectation for extension Relevant Experience Cisco LAN & WAN Skills Routing & Switching experience Experience with Planning, Troubleshooting & Configuration Experience working in the Telco sector would be a bonus
- Company Name
- Experis IT
- Job Title
- Cyber Security Engineer/Specialist - Urgent
- Job Description
- Hybrid Working, Cyber Security Engineer, Cyber Secuirity Specialist, Azure, Entra, Intune, Defender XDR, MFA, Security Monitoring, Immeidate Start My leading client has an immediate requirement for a Cyber Security Technical Engineer to assist in a range internal projects. This is a really hands on role where you will be working through a range of delivery priorities, which include, EnsuringEntra, InTune and Defender XDR are configured with appropriate security controls and integrated effectively. There is project work around MFA's to ensure controls defined across the Azure Estate. Also you will be working on the effective monitoring and reporting for alerts and incidents from Azure suite, and ensuring the feeds are appropriately ingested into Azure and reported on, if this sounds of interest please send me your CV for review.
- Company Name
- Square One Resources
- Job Title
- Security Master Data Analyst
- Job Description
- Job Title: Security Master Data Analyst Location: London, United Kingdom (Hybrid Working) Day Rate: £550 - £600 (Inside IR35) Job Type: 6months + Contract I am looking for a skilled Security Master Data Analyst to support a project focused on derived ratings and classifications. The role involves documenting existing logic, working with an outsourcer to implement it, and ensuring the final output meets business requirements. The analyst will also manage a backlog of derived data items, collaborate with stakeholders for approval, and establish an operating model for change and issue management. Job Responsibilities/Objectives Document and communicate derived ratings and classification logic for outsourcing. Work with business stakeholders to define and agree on data specifications. Translate codified rules into actionable specifications and ensure correct implementation with the outsourcer. Define and implement an operating model for change and issue management. Manage the backlog of derived data items independently. Use SQL for data analysis to support technical tasks. Required Skills/Experience The ideal candidate will have the following: Experience in asset management security master data, especially derived ratings and classifications. Strong stakeholder management skills for defining data specifications. Technical knowledge to translate rules into specifications and work with outsourcers. Ability to define operating models for issue and change management. Strong SQL skills for data analysis. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.