Senior Information Security Engineer
On site
London, United Kingdom
£ 200,000 / year
Full Time
25-10-2024
Job Specifications
Senior Information Security Engineer
Location: London, UK (Hybrid)
Salary: Up to £200k + Bonus
Role Overview
We are looking for a dynamic Senior Information Security Engineer to join a prominent macro trading firm based in London. This position is vital for safeguarding the organization’s infrastructure and sensitive information across both on-premises and AWS cloud environments. As a senior member of the security team, you will be responsible for shaping security strategies, managing vulnerabilities, leading incident response, and enhancing threat detection efforts, while collaborating with IT and DevOps teams to bolster the overall security framework.
The ideal candidate will possess a comprehensive, hands-on background in infrastructure security within a hybrid cloud context, with significant experience in Linux systems. We seek someone with a proactive attitude and flexible mindset, equipped with broad expertise in various security domains, including infrastructure, security operations, and compliance. A minimum of 7 years of experience is required, preferably in smaller financial or trading institutions.
Key Responsibilities
Security Framework Development: Create, implement, and enhance security frameworks for both AWS cloud and on-premise systems to safeguard infrastructure, applications, and sensitive data.
Vulnerability Oversight: Direct the vulnerability management process, encompassing scanning, analysis, and the development of remediation strategies.
Incident Management: Lead the response to security incidents and conduct forensic investigations, coordinating actions to minimize disruption.
Risk Analysis: Perform risk assessments on the organization's IT infrastructure to ensure compliance with industry standards and identify areas for improvement.
Security Event Monitoring: Manage the monitoring of security events to detect and escalate potential threats, providing reports on security metrics and incidents to leadership.
Integration with DevOps: Work closely with DevOps teams to incorporate security measures within CI/CD processes, ensuring secure software development practices.
Training and Mentorship: Provide guidance and training on security best practices to internal teams and mentor junior engineers.
Technology Assessment: Evaluate and implement advanced security technologies to improve the organization’s capabilities in threat detection, prevention, and response.
Policy Implementation: Ensure that security policies and standards are consistently enforced and work with compliance teams to meet regulatory requirements.
Qualifications and Skills
Education & Experience: A Bachelor’s degree in Computer Science, Information Security, or a related field, along with a minimum of 7 years in security engineering roles.
Comprehensive Security Knowledge: Strong understanding of security frameworks (e.g., NIST, ISO 27001), cloud and on-premise security, and threat detection mechanisms.
Cloud & Infrastructure Expertise: Proficient in managing hybrid cloud environments, particularly AWS, with a solid grounding in Linux-based infrastructure.
DevSecOps Familiarity: Understanding of DevSecOps principles and secure development methodologies.
Security Tools Proficiency: Experience with security technologies such as firewalls, IDS/IPS, SIEM, and EDR, as well as scripting and automation/SOAR tools.
Relevant Certifications: Preferred certifications include CISSP, CISM, or CEH.
Financial Services Experience: Previous work experience in trading environments or financial services is advantageous, particularly in smaller firms where diverse roles are common.
About the Company
Hunter Bond is a global firm specialising in the finance and technology recruitment sectors with the aim to provide a thorough, effective and transparent solution to their client and candidates needs. Hunter Bond directors have 20 years experience specialising in financial and technology jobs. With this experience comes a desire to provide the best recruitment service. Integrity is delivered by Hunter Bond at its upmost. Clients and candidates alike will have transparency and dedication from start to finish. Founding Direct... Know more
Related Jobs
- Company Name
- Inspire People
- Job Title
- Lead Network Infrastructure Engineer
- Job Description
- HM Land Registry ("HMLR") and Inspire People are partnering to bring you an exciting opportunity for a Lead Network Infrastructure Engineer to help shape the technical direction of HMLR's established network function and infrastructure across all 14 UK offices. You will actively engage in series of network re-designs and upgrades including new office topology, firewalls and routing designs. Salary of £54,388 to £68,900 dependent upon interview assessment plus excellent Civil Service benefits and 28% pension contribution. Flexible, hybrid working from several UK locations. The IT Operations Practice contains an established network function who are responsible for the design, delivery, and maintenance of HM Land Registry network infrastructure. This encompasses data centres, local offices across England and Wales in addition to cloud infrastructure hosted on AWS and Azure. These services underpin all of HMLRs IT services. The team are actively engaged in a series of exciting network re-designs, consolidations and upgrades including new local office topology and design, new switching, firewalls and routing designs. Responsibilities include: Be the subject matter expert on networks within HM Land Registry, taking accountability for design and management of network infrastructure. Provide technical leadership to the practice, working as a Lead Infrastructure Engineering team to provide guidance and technical decision making within BAU and change portfolio deliverables Support HM Land registry Network Infrastructure, encompassing data centres, local offices across England and Wales in addition to cloud infrastructure hosted on AWS and Azure. Use networking skills to continually design and develop the network topology to meet business needs Maintain effective relationships with other practices in order to meet operational requirements and service levels agreements. Contribute to the continual improvement of the practise and the IT Operations community, supporting community members to build and maintain cohesion Occasional hands-on with reconfiguration, troubleshooting, rolling out new equipment and quality assurance. Essential skills: CCNP qualification or equivalent experience Routing configurations using standard enterprise routing protocols including OSP and BGP. Firewall configuration including policy, routing and design. Switching protocols (HSRP/VLAN/port-channels) Physical network design. Design and operation of cloud network solutions (Any cloud) Experience of planning and leading on the delivery of large-scale network infrastructure change Experience of technical leadership in an enterprise technical environment. Effective communication skills, including the ability to interact and build working relationships with stakeholders. Location Expectation is to be working from the Plymouth, Croydon or Peterborough office 60% of your time across the month (typically 3 days/week). Benefits Salary between £54,388 - £68,900 depending on skills assessed at interview and location Alongside your salary, HM Land Registry contributes £9,881 towards you being a member of the Civil Service Defined Benefit Pension Scheme Annual leave of 28.5 days' paid holiday during each holiday year plus 8 days public holidays Personalised training and development plans including expensed accreditations with training days set aside Flexi-time scheme (You decide what working hours work best for you) Social and sports club Access to our employee assistance programme for counselling and support on a wide range of issues Interest-free loan for season tickets Cycle to work scheme (salary sacrifice). HMLR have a strong and positive culture, a commitment to inclusivity, an emphasis on continuous learning and development and flexible ways of working. Further information This role requires SC clearance, a condition of which is to have been present in the UK for 5 out of the past 5 years. This post may include participation in an on-call rota, subject to additional pay. If you are a Network Engineer with experience of providing technical leadership to Network teams, keen to make significant impact to over 6000 users and work on Critical National Infrastructure then apply today or contact Zymante Gintalaite (Zee) at Inspire People in complete confidence for further information.
- Company Name
- ARC IT Recruitment
- Job Title
- Business Information Security Officer
- Job Description
- Information Security Officer Dublin, Ireland £Competitive plus bonus, plus benefits including full health cover Dora Information Security Officer/BISO is required by Dublin based offices of global financial services organisation. This role enables secure business strategies and processes by providing advisory services to leaders and effectively connecting business needs to security solutions. The position is based within the Cyber Security team. Key Responsibilities: Serves as the primary Interface to the Cyber Security (CS) organisation supporting Lines of businesses, operations, and technology. Serves as the BISO for the business partners to share emerging risks and focus areas with business and technology management teams. Facilitate the implementation and monitoring of corporate CS policies/standards/programs within lines of business, to ensure timely program delivery of programs and management of risk within tolerance. Partner with the Technology Teams to ensure implementation and sustainability of controls. Partner with the Outsourcing Supplier Risk Management team to ensure remediation of risks. Develop strong understanding of underlying technical requirements of the Enterprise technical CS and IT standards, identification of security gaps and provide consultation to the businesses for remediation options. Maintain and enhance status as a subject matter expert for all CS matters Partner with the CS Operations team to provide support on cyber security investigations and incident response. Provide oversight to ensure that processes and projects are completed in a timely manner. Monitor risk exceptions, and resolutions, in response to security events, assessment and audit results. Maintain and socialize the status of CS programs and initiatives within lines of businesses. Respond to security events by initiating and coordinating actions needed to protect the business and its clients. Provides expert advice to the business on current cyber threats affecting the business and clients. Engage with regulators and auditors on key Cyber Security matters. Contribute to and maintain an effective Operational Risk Management Framework, escalating any observed operational risk matters to the Operational Risk Manager. Key Requirements: 7+ years of experience in information security or related discipline. Financial industry experience is preferred. Degree in Engineering - computer science/electrical/electronic/Information Systems or equivalent. Information Security Certifications preferred, CISSP, CISM, CISA, ISO27001 Skills. Ability to prioritise, execute tasks and handle multiple projects concurrently. Ability to communicate and present effectively through a range of mediums, to various audiences, in a way that demonstrates subject matter knowledge. Strong influencing and negotiation skills-- with the demonstrated ability to engage and persuade stakeholders to act and make decisions that aim to further business objectives. Strong service management and service delivery orientation Strong conceptual skills: ability to deal with ambiguity; creativity; lateral thinker. Strong working knowledge of local and European Laws and Regulations (DORA, CBI, EU etc) You will be working for a globally recognised financial services organisation who offer fantastic career progression and total comp. For a full consultation on this role please email your CV to Arc IT Recruitment.
- Company Name
- i3 Resourcing
- Job Title
- Cyber Security Analyst
- Job Description
- Cyber Security Analyst Insurance City, London/Hybrid (3-4 days in the office) Permanent Circa £55,000-£70,000 I am seeking an experienced Cyber Security Analyst to join my client to run the day to day cyber security operations as part of our cyber security program. This role is to work with the Cyber Security Manager to protect information systems, networks, and data from potential cybersecurity threats and attacks. Responsibilities- Working with third parties ensure that we are continually monitoring the organisations networks, systems and applications for security breaches, intrusions and other suspicious activity. Work in close conjunction with our third party SOC to ensure that the right security logs are being monitored and that we have full visibility across our environments. Investigate security alerts and incidents that are raised by third parties and work in close cooperation with the IT team to contain and remediate these, along with supporting the Cyber Security Manager through to incident closure. Work with our third parties to ensure that all systems and applications are being managed from a vulnerability management perspective and that penetration testing is being undertaken on all systems and applications. Own the outputs from a vulnerability management and penetration testing to resolution in conjunction with system owners and escalating any areas of non compliance to the Cyber Security Manager. Working with third parties to ensure that secure coding requirements in line with the cyber security framework are being adhered to. Support the Cyber Security Manager as necessary regarding any cyber security incidents that may occur and ensure that lessons are learned and these are fed back into the security framework. Act as the first point of contact for the IT team and business in regards to cyber security incidents. Assist in the development, implementation, and enforcement of information security policies, standards, and guidelines, including ensuring compliance with relevant regulations and industry standards (eg, ISO 27001, GDPR, NIST CSF, etc). Skills required- Familiarity with industry standards and frameworks such as NIST, ISO 27001, and CIS Controls Demonstrable working experience with a primary focus on Information Security Certifications in CISA, SSCP, CompTIA Sec+ or a similar Proven experience as a Security Analyst or similar role, with hands-on experience in monitoring, incident response, and vulnerability management Proficiency in using and configuring security tools such as SIEM, IDS/IPS, firewalls, antivirus software, and vulnerability scanners A good in depth knowledge of the Microsoft Azure stack, understanding the various security components that can be used within Microsoft environments Good understanding of ITIL processes and experience of working with IT teams to ensure that ITIL good practise is followed. If you think this role could be a good match please send your CV for immediate consideration Cyber Security Analyst Insurance City, London/Hybrid (3-4 days in the office) Permanent Circa £55,000-£70,000
- Company Name
- i3 Resourcing
- Job Title
- Cyber Security Manager - Insurance - Hybrid
- Job Description
- Cyber Security Manager - Insurance - Hybrid Cyber Security Manager Cloud, Azure, IAM London Insurance Market City, London/Hybrid (3-4 days per week in the office) Permanent £90,000 - £95,000 per annum + benefits + bonus PREVIOUS INSURANCE/FINANCIAL SERVICES EXPERIENCE IS ESSENTIAL A fantastic opportunity has arisen for an experienced hands on Cyber Security Manager to join a reputable London Market Insurer and oversee and manage the organisation's cyber security responsibilities. Your role will be to protect my client's information assets, systems, networks, and data from potential cyber threats and attacks. The ideal candidate will have a deep understanding of cyber security in the Cloud as they are embarking on a major program to move to Microsoft Azure. Experience in AWS would also be preferable as they have a multi-cloud environment. My client's strategy is focussed on utilising where possible SaaS products and COTS packages which will mean that you have experience in designing and implementing cloud security controls. You will act as the main focal point for all cyber security matters across the organisation including delivering security awareness and training, and providing security response to incidents. Duties and accountabilities Develop and communicate corporate information security policies, standards and guidelines and updating these in line with the evolving threat landscape across the organisation. Create and update the cyber security strategy to ensure that it is aligned to the business objectives and IT strategy respectively. Develop and assess organisational strategies that address information control requirements. Identifies and monitors environmental and market trends and proactively assesses impact on business strategies, benefits and risks. The successful candidate will have/be: Relevant industry certifications such as CISSP, CISM or similar Demonstrable experience in leading a Cyber Security function with a hands-on approach Held an Information Security role in a regulated environment (Insurance or Financial Services desired) Familiarity with cybersecurity frameworks and standards (eg, NIST Cybersecurity Framework, CIS Controls, ISO27001, SOC2, etc) In-depth knowledge of current and emerging cyber threats, vulnerabilities, and attack vectors Experience of deploying identity and access management projects Experience of working in a Azure native environment with some experience in multi-cloud environments Experience in managing third-party vendors for security services such as SOC, Threat Intelligence, Vulnerability Management, etc Cyber Security Manager Cloud, Azure, IAM London Insurance Market City, London/Hybrid (3-4 days per week in the office) Permanent £90,000 - £95,000 per annum + benefits + bonus