London, United Kingdom
North Starr’s highly established yet growing financial services client have an exciting new opportunity for an Information Security Officer/ Manager to spearhead the organisations cyber/ information security in a greenfield role. This would be a superb opportunity for someone who wished to grow a function from the ground-up, and enjoys dealing with technical and strategic challenges.
A successful candidate will be expected to:
- Develop and maintain security related policies and practices which ensure that the client’s IP and other, sensitive data are protected by appropriate measures;
- Establish strong working relationships with Compliance, Legal, Development, and IT teams, and work with these teams to integrate strong information security practices into their existing processes;
- Consult with internal teams to ensure proper cyber security practices are applied to future technology efforts;
- Perform risk and vulnerability assessments for the client’s existing systems, and develop remediation plans to bring them into line with policy and best practices;
- Improve visibility of security issues (SIEM, IDS/IPS, firewalls, end point security, etc);
- Perform periodic penetration testing of our network and systems;
- Liase with 3rd party security consultants for the purposes of arranging external audits and testing of the client’s security systems and practices; and
- Lead the response team for cyber security incidents, and ensure that breaches are fully remediated and newly identified risks are fully mitigated.
- Ensuring all employees must develop awareness about and comply with all applicable policies, procedures, laws and regulations.
An ideal candidate will:
- Five or more years of experience in cyber security roles;
- Experience designing, implementing, and monitoring SIEM systems;
- Strong knowledge of threat detection and prevention systems including firewalls, IDS/IPS and endpoint tools;
- Deep understanding of OS and network protocol topics (Windows, Linux, hypervisors, databases, tcp/ip protocols, routing);
- Familiarity with data encryption, data loss prevention, and data privacy concerns;
- Experience with open source security tools preferred (snort, Surricata, OSSEC, ElasticStack);
- Relevant industry certification preferred (CISSP, CISM); and
- Familiarity with regulatory landscape (MiFID II, GDPR, etc) and its effect on our policies and practices
Please send your CV for an immediate review!