IT Security Engineer and Architect ( L1 )

Job Description

Experience 4 years of experience working in a dedicated Information Security (InfoSec) role is essential Qualifications Active CISSP, CISM, CISA, CEH, SANS certifications or equivalents is essential You will work as a Subject Matter Expert (SME) within the Security Engineering and Architecture team by leveraging your knowledge of industry best practices, security design princi

Responsibilities

Design, implement, test and maintain security systems and services to mitigate current and emerging threats while ensuring operational resilience and alignment to recognised frameworks, regulatory requirements and the business and technology strategies

Define and maintain technical security standards and key controls for the Bank s IT infrastructure

Support investigation of security events and incidents, root cause analysis and impact assessments of affected critical systems or data and inform the necessary corrective action plans

Provide specialist support as a Subject Matter Expert in key areas of IT Security and best practices through consultation and advisory roles within project teams promote security by design.

Collaborating with IT colleagues to support change programmes and cultivate a sense of security awareness and accountability.

Create Information Security Reporting and Metrics for new platforms and capabilities

Defining configuration policies and active tuning of DLP, L7 Firewalls, VPN, AV, IDS, W/IPS, SIEM, SSL Inspection, Endpoint Protection, mobile device computing, DB Security and similar security technologies/services.

Assess and identify opportunities to for continuous improvement of security technologies, services and MSS providers to improve detection and reduced false positives.

Define and tailor security work-stream tasks and plans for change initiatives.

Support Ethical Hacking engagements to facilitate testing and a risk-based analyse of results in the context of mitigating factors.

Design and secure application architectures with appropriate segregation patterns and integration with standardised security services

Work with IT Technical teams in ensuring Vulnerability Management reporting and patching activities are performed and verified.

Provide audit management support and SME views on risks, controls and operating practices.

Review, challenge and contribute to technical designs and discussions at the Change Management Committee s to ensure that security requirements and compliance are considered in change requests.

Ensure that you fully understand and comply with the organisation s Risk Management Policies as they relate to your area of responsibility and demonstrate in your day to day work that you put customers at the heart of everything you do.

Ensure that you fully understand and comply with the organisation s Data Governance Policies as they relate to your area of responsibility and demonstrate in your day to day work that you treat data as an important corporate asset which must be protected and managed.

Relationship owner for key security products and solutions managing 3rd party and vendor risks, service levels and metrics.

Maintain the company s compliance standards and ensure timely completion of all mandatory on-line training modules and attestations.

Experience Requirements

• 4 years of experience working in a dedicated Information Security (InfoSec) role is essential
• 3 years of experience implementing and managing AV, perimeter defences, network access controls and cyber countermeasures is essential
• 3 years experience working in financial services is desirable
• 2 years of experience in supporting investigations of security incidents is essential.
• 2 years of experience documenting and reviewing security and IT designs to identify security risks and gaps is essential
• 1 years of experience managing vulnerability scanning and remediation is essential
• 1 years of experience implementing and managing website and e-mail content filtering, data loss prevention is essential
• 1 years of experience managing IPS custom rules and SIEM tuning is essential
• 1 year of experience implementing security quality gates and tooling for development teams and the SDLC process is essential
• 1 year of experience implementing PCIDSS controls is essential

Knowledge Requirements

• Specialist knowledge of threats, vulnerabilities and countermeasures is essential
• Detailed knowledge of log analysis and investigation methodologies is essential
• Basic knowledge of the UK Data Protection Act/GDPR is essential
• Basic knowledge of PCIDSS is essential
• Detailed knowledge of Network Security is essential
• Basic knowledge of Application Security is essential
• Basic knowledge of Enterprise Architecture (TOGAF ) is desired
• Basic knowledge of IT Change Management and Service Delivery (ITIL) is desired

Keyskills :
it securitypci dsssecurity riskcustomer relationspenetration testingrisk managementdata governancenetwork securityproject teamsnetworkinglog analysisservice levelsdata loss preventionethical hackingloss preventionservice deliveryroot cause