Home
Jobs
ION
Markets Product Security Engineer - UK

Markets Product Security Engineer - UK

On site

London, United Kingdom

Full Time

04-03-2025

Share this job:

Score my CV Apply

Job Specifications

The Role

This is an amazing opportunity to work with Information Security and Compliance Team at ION. As a Product Security Engineer, you would be the key enabler of secure and compliant products. You should have knowledge of attack paths across the technology stack, including tactics, techniques and procedures (TTPs) used by adversaries to exploit vulnerabilities. You will be trusted advisor throughout the product development lifecycle, incorporating knowledge of emerging threats, business goals and system design to improve platform security posture. You will be responsible for aligning the Markets security strategy, security design and controls engineering to product roadmap. You will also be responsible for providing transparency to leadership on product control performance and associated risk.

Key Responsibilities

Within the Product Security Team as part of the ION Markets CISO function, you will deal with the following activities:
Monitor and identify security events and emerging threats associated with the product line you are managing and any dependencies;
Act as the interface between CSIRT and Product teams as part of security incident activities;
Deliver threat modelling and hunting to identify vulnerabilities in product design and provide control recommendations to mitigate those risks;
Engage in architecture and design reviews to ensure product alignment with Security strategy and industry best practices;
Stay up to date with industry trends, best practices and regulatory standards that may impact product implementations;
Support the engineering of control solutions where existing offerings are not available;
Provide security expertise during incident and problem management.
Produce threat intelligence briefings and other work products to share information across the organisation
Respond to ad-hoc requests for platform security related guidance
This role may require some overnight, weekend and on-call activities.

Required Skills, Qualifications And Experience

Knowledge of:
Working within the financial services industry, or other highly regulated industries in a technical role.
Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR;
Information technology systems and processes, network infrastructure, data architecture, data processes and protocols;
Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF;
Skills in:
Security Tooling: Proficiency in common security tools, such as SIEMs, vulnerability scanners, firewalls and EDR products;
Scripting: Proficiency in scripting languages like Python, BASH, or PowerShell;
Security Incident Management: Ability to assist with the detection, response, and recovery of escalated security incidents and manage backlog/lessons learned actions;
Risk Assessment: Proficiency in conducting security risk assessments and providing thorough post-event analyses;
Security Expertise: Providing security expertise during incident and problem management;
Communication: Strong communication skills to explain complex security issues to both technical and non-technical audiences.
Ability to:
Effectively communicate technical issues to diverse audiences, both in writing and verbally;
Handle sensitive and confidential matters, situations, and data;
Understand and follow broad and complex instructions;
Comprehend technical language and to confer, analyse and write in an objective, lucid manner;
Work independently and prioritize multiple tasks and adapt to needed changes;
Remain calm under high pressure/difficult situations.

Preferred Certifications

GCIH;
CSEC;
CSSLP;
CISSP.
CASP+

About Us

We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.

Over 2,000 of the world’s leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.
Over 800 of the world’s leading banks and broker-dealers use our electronic trading platforms to operate the world’s financial market infrastructure.

ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe. Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.

ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.

ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.

About the Company

We’re visionary innovators who are delivering mission-critical trading and workflow automation software to financial institutions, corporations, central banks, and governments. By combining our passion for automation with a strategic view on the industries we serve, we design solutions that improve decision-making, simplify complex processes, and empower people. Simply put, we help our customers do more, faster and better than before. We believe our investments in research and development are shaping the future of automation... Know more

Related Jobs

Company Name: Cumberland Building Society
Job Title: Information Security Assurance Officer
Job Description: Working at the Cumberland, you become part of something special. We’re a Mutual organisation, committed to improving the lives of our colleagues, customers, and community. Our values are incredibly important to us. We’re on an exciting transformational journey with our people firmly at the forefront of our plans. If you want to work for a team integral in helping to drive cultural change, a team where you can bring your whole self to work bringing your energy and creativity to make a positive difference, then this is the job for you. As our Information Security Assurance Officer, you'll be responsible for assisting in the oversight and control of all aspects of the Information Security Management System, ensuring controls and reviews are in place to prevent/minimise threats such as security breaches, computer viruses or attacks by cyber criminals. This covers Risk Management, External Assurance, Supplier Management, Training and Awareness, Policy Management. You’ll also play a pivotal role in providing subject matter expertise to projects to ensure they have security controls included by design. You’ll have depth of knowledge in information security, with an excellent understanding of the technical side, having very good experience of compliance such as ISO27001, NIST, CBEST & CQUEST requirements. The Benefits Competitive salary – depending on skills and experience. Holidays - 25 days holiday plus public holidays and the opportunity to buy and sell up to 2 days. Learning and Development opportunities - We want you to grow in your role. We’ll work together to support your personal and professional development. Hybrid Working - the tools and equipment you need to be able to work from home when you need to, depending on your role. Health and Wellbeing - a calendar of events and activities throughout the year, Mental Health & Wellbeing champions, and Cycle to Work scheme. Community Day - We offer our people an extra paid day off every year to help local charities and community organisations. The Role Main Responsibilities Include Engagement with projects to provide advice, guidance and non-functional requirements to ensure security is being built in by design. Support and execute all group-wide Assurance tasks, initiatives and assignments, including monitoring the assurance inbox and responding to queries. Assist in the ongoing program of information security assurance covering all aspects of ISO27001 and the controls set out in the Society. Support the management of the Information Security Management System on behalf of the Society and ensure compliance with its components. Support the Information Security Assurance Manager in working with information security operations to maintain acceptable levels of control and risk throughout the Society. Carry out assurance reviews in line with the schedules calendar, producing reports, feedback and managing actions/non-conformities through to satisfactory conclusion. To assist in the maintenance of the Information Security (COO) Risks and Controls register and work closely with other information security colleagues and carry out actions to mitigate the risks identified. To keep up to date with security trends, threats and control measures and recommend new solutions and initiatives that will enhance the protection of the Society’s assets and data. Support in phishing campaigns and the management the outcomes and necessary training. Identify risks and ensure these are presented in accordance with procedures and are given the appropriate level of attention. Conducting third party supplier reviews. Work closely with key stakeholders including Risk, Audit, Technology and Information Security Operations to assist and provide input to ensure that Society policies and procedures for Information/Cyber Security Operations are effective and adhered to. To be proactive in making recommendations for updates to policies and procedures as required All potential candidates should read through the following details of this job with care before making an application. About You You’ll have strong, demonstrable experience in an Information Security role, ideally within a Financial Services led environment or equivalent highly regulated industry. You’ll ideally have a formal qualification in an Information Security discipline, e.g. CISM or equivalent significant experience, as well as experience of ISO27001 audits, NIST audits or similar, ideally being a Certified ISMS Lead Auditor (CIS LA). In Addition To This We’d Love To See A strong technical understanding and background Full UK driving license Excellent interpersonal, written and verbal communication skills and the ability to work well with people at every level. Ability to work with autonomy, flexibility, be organised and able to work under pressure. Strong relationship management and influencing skills. Attention to detail to ensure accurate assessment and management of risk. Strong analytical skillset. A good level of understanding on general IT security concepts and principles. Ability to effectively prioritise situations requiring urgent attention. Ability to work as a team and on own initiative to think ‘outside of the box’ and go the extra mile. Pro-activity and self-motivated with the proven ability to drive results and provide excellent customer services to all levels of the organisation. High level of motivation to see success delivered through own personal efforts and those around them. About Us We’re here to create a banking experience that’s kinder to people and planet. Unlike banks, we don’t have public or private shareholders which means we can invest 100% of our profits back into our business. As a result, our business is purpose-led, financially strong, socially responsible and always focused on our people, planet and communities. Recently we were presented with a Highly Commended award in the Financial Services Company of the year category at the British HR Awards in London. Our entry was recognised for our continued commitment to wellbeing. Where you will work Our aim is to keep the great balance we have achieved with hybrid working. The successful candidate would therefore be willing to work remotely and be able to work from Cumberland House as and when required. The closing date for completed applications is 20th March 2025, however it may be closed earlier if enough applications are received. We’re here to create a banking experience that’s kinder to people and planet. Unlike banks, we don’t have public or private shareholders which means we can invest 100% of our profits back into our business. As a result, our business is purpose-led, financially strong, socially responsible and always focused on our people, planet and communities.

Carlisle, United Kingdom

On site

Full Time

07-03-2025

Company Name: CGI
Job Title: DevOps Engineer (DV Security Clearance)
Job Description: Position Description The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. CGI was recognised in the Sunday Times Best Places to Work List 2023 and has been named one of the ‘World’s Best Employers’ by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a member not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go. As a DevOps Engineer within the Space, Defence and Intelligence business unit, you will apply your technical expertise to the design, implementation, testing and ongoing support of CGI's tool chain. With strong skills in Terraform and Azure, you will be responsible for the automation of the software development lifecycle. Your future duties and responsibilities Utilise a diverse set of tools such as Azure and Terraform and Jira to automate the software development lifecycle. Participate in Kanban and/or Scrum meetings to plan, prioritise and estimate work. Work with developers and testers to troubleshoot specific issues, including recreating tests, validation configuration, etc. Install, configure and manage both cloud-based and on-premise applications. Required Qualifications To Be Successful In This Role Azure Terraform Continuous Integration Continuous Deployment Docker Linux Amazon Web Services Cloud Desired Competencies: Kubernetes Agile Ansible Security Clearance: Must be a sole UK national – and either hold, or willing to gain higher level clearance. Any individual without security clearance is welcome to apply and will always be considered for this or wider opportunities in CGI, where appropriate. Working pattern: due to the secure nature of the work we are operating with a hybrid working policy however due to the secure nature of some projects with this area we would expect our members to be in their local when required. Some travel to other CGI or client sites might also be required (all travel away from your base office is expensed) Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Manchester, United Kingdom

On site

Full Time

06-03-2025

Company Name: Harnham
Job Title: Security Consultant - Vulnerability Management
Job Description: Job Title: Security Consultant - Vulnerability Management Contract Duration: 3 Months (Potential for Extension) Location: Remote IR35: Outside IR35 The Role: We are seeking an experienced Security Engineer specialising in Vulnerability Management to enhance our security posture. You will be responsible for identifying, assessing, and mitigating vulnerabilities across our infrastructure, ensuring proactive risk management and compliance with security standards. Key Responsibilities: Lead the vulnerability management program, including scanning, assessment, and remediation coordination. Deploy, configure, and manage vulnerability scanning tools (e.g., Qualys, Tenable, Rapid7). Analyze and prioritize vulnerabilities based on risk, impact, and exploitability. Work closely with IT and security teams to develop and implement remediation plans. Provide threat intelligence insights to enhance vulnerability detection and response. Ensure compliance with security standards such as ISO 27001, NIST, CIS, and GDPR. Generate reports and dashboards to communicate risk posture to stakeholders. Key Skills & Requirements: Proven experience in Vulnerability Management, Threat Intelligence, and Risk Assessment. Strong understanding of network security, operating systems, cloud security, and DevSecOps. Hands-on experience with vulnerability scanning and risk assessment tools. Familiarity with patch management, secure coding practices, and remediation strategies. Strong analytical and problem-solving skills with a proactive security mindset. Relevant certifications (e.g., CISSP, CEH, GIAC GSEC, OSCP) are desirable.

London, United Kingdom

On site

Full Time

07-03-2025

Company Name: Office for National Statistics
Job Title: Cyber Security Apprenticeship - Level 3 (Newport)
Job Description: ONS operates a flexible hybrid working model across the UK, with colleagues linked to our contractual locations in Newport and working between office and remote throughout the week. As part of the hybrid working arrangement there is a 40% minimum office attendance requirement. Please note due to the nature of the role, you may need to attend the office 80% of working week. Attendance is typically at your contractual office, with occasional travel to alternative locations. Please note only candidates living in Wales will be eligible to apply for this role due to the requirements of the apprenticeship providers. Job Summary The Office for National Statistics (ONS) is the UK’s largest producer of official statistics, covering a range of key economic, social and demographic topics. These include measuring changes in the value of the UK economy, estimating the size, geographic distribution, and characteristics of the population, and providing indicators of price inflation, employment, earnings, crime, and migration. The last few years has seen an extensive overhaul of security and information management to meet the challenges of corporate and statistics transformation in technology, methods and practice, the Digital Economy Act and organisational risk appetite. The capability is evolving and expanding to address changes in threat and business direction. Do you have an interest in Cyber Security......and are interested in completing an apprenticeship? Well, this could be the role for you. We’re looking for two candidates to become Cyber Security Level 3 Apprentices. Job Description The Cyber Security Apprenticeship is an opportunity for individuals interested in cyber security to work toward a formal qualification alongside full time employment in Government. The role will involve shadowing, observing, and learning various cyber security related skills and gaining experience within a cyber security function. You will be working across the Triage and Investigation functions to build knowledge & experience within cyber security to enable completion of each module within the Cyber Security Apprenticeship. Responsibilities Working towards completing modules within the apprenticeship and completing assessments as required. Fulfil all responsibilities to commit to and complete apprenticeship as informed by apprenticeship provider. Areas covered in apprenticeship will include (but not limited to): Principles of Information Governance and Assurance Carrying out Information Security Risk Assessment Carrying out Information Security Incident Management Activities Investigating Information Security Incidents Threat Analysis IT System Security What qualifications will I get? Level 3 Cyber Security Apprenticeship. The Cyber Security Apprenticeship is an opportunity for individuals interested in cyber security to work toward a formal qualification alongside full time employment in Government. The role will involve shadowing, observing, and learning various cyber security related skills and gaining experience within a cyber security function. You will be working across the Triage and Investigation functions to build knowledge & experience within cyber security to enable completion of each module within the Cyber Security Apprenticeship. Responsibilities Working towards completing modules within the apprenticeship and completing assessments as required. Fulfil all responsibilities to commit to and complete apprenticeship as informed by apprenticeship provider. Areas covered in apprenticeship will include (but not limited to): Principles of Information Governance and Assurance Carrying out Information Security Risk Assessment Carrying out Information Security Incident Management Activities Investigating Information Security Incidents Threat Analysis IT System Security What qualifications will I get? Level 3 Cyber Security Apprenticeship. Person specification Essential Criteria Interested to learn about Cyber Security. Have a real enthusiasm and curiosity to tasks. To be able to deliver to timescales, with a good attention to detail, responding effectively to changing priorities. Good interpersonal skills, both written and verbal, with an ability to interact well with people across the organisation, including those more senior to you. Ability to proactively work well as part of a team, taking responsibility for delivering agreed business objectives. Ability to work independently with minimal supervision, across a range of tasks, seeking advice and guidance from managers as appropriate. Standard Eligibility Criteria For Apprenticeships Apply: You must not already hold a similar, or the same, qualification at Level 3 or above. You must be living in Wales. You must be at least 16 years old by 31st August 2024, and no longer be in full time education or plan to return to full time education in the next 12 months. You must have the legal right to live and work in the UK. You must not be taking part in any other employment or enterprise programmes funded directly by the UK Government or the Welsh Government. You must not be taking part in any other EU funded employment or enterprise programme or vocational learning programme You must not be supported by the UK Government’s Work programme with a contract of employment for less than 16 hours per week. You must not be in receipt of an Assembly Learning Grant or Education Maintenance Allowance. Is not an ineligible overseas national. Is not in custody or on remand in custody. Please note the training provider makes the final decision on whether funding can be provided per person and the job offer will be made on the condition that funding is available. Qualifications To apply for this apprenticeship, you need to have either qualifications or relevant experience in this field: GCSEs in Maths and English at Grade C or above. or Relevant experience - learners will be considered for entry based on previous experience. Standard eligibility criteria for apprenticeships still apply and any specific programme entry criteria listed above. Behaviours We'll assess you against these behaviours during the selection process: Working Together Communicating and Influencing Changing and Improving Alongside your salary of £24,137, Office for National Statistics contributes £6,992 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. The Office for National Statistics is part of the Civil Service, and as such we share a number of key benefits with other departments, whilst also having our own unique offerings to support our 5400 valued colleagues across the business. Whether you are hearing about us for the first time or already know a bit about our organisation, we hope that the benefits pack attached (bottom of page) will give you a great insight into the benefits and facilities available to our colleagues, and our fantastic working culture. I...

Newport, United Kingdom

On site

Full Time

07-03-2025