Job Description

My client, a Global Investment Bank, based in London, are looking for a Senior IT Security Engineer/Architect to join their growing team.

About the Senior Security Engineer/Architect role:

This London-based Cyber Security role is within the IT department of a Global Investment Bank. This dedicated Vulnerability Management role is to provide Vulnerability Management services globally. This hands-on role focusses on driving the vulnerability management programme end to end for the bank to reduce the bank\'s legacy vulnerabilities across the tech estate and drive the \xe2\x80\x9cBusiness As usual\xe2\x80\x9d vulnerability management process.

Key Responsibilities:

Manage the Threat & Vulnerability Management process and drive risk-based vulnerability management programme across the bank through:

• Enforce the Threat and Vulnerability Management Standards across the bank globally.
• Review and develop the dynamic Threat Landscape for the bank.
• Engage with Infrastructure and application teams in driving the vulnerability remediation across the Infrastructure; business applications and technology stack.
• Drive the Threat and Vulnerability management forum for engagement across all areas of IT.
• Keep up to date with new threats and vulnerabilities which might affect my client
• Measure, evaluate, prioritise, and track threat and vulnerabilities, support the business on vulnerability remediation efforts.
• Educate stakeholders on the real-world impact of threats and vulnerability exploitation on our environment.
• Develop, document, and report business-level metrics for vulnerabilities and remediation progress.
• Drive the end-to-end threat and vulnerability lifecycle, from discovery to closure.
• Own and operate Threat Management for all technology across the bank.
• Create meaningful vulnerability reporting and dashboards through usage of MS Excel, Power BI or MS ppt.
• Liaising with 3rd parties for vulnerability assessments / penetration tests whilst reviewing the reports and creating remediation reports.
• Ownership of major vulnerabilities, coordinating with other IT teams for emergency patching.
• Working with Infrastructure and Application development teams to make sure all the applications technology stacks and are compliant to the security standards.

Preferred Qualifications and Experience:

• A minimum of 10+ years of experience with a mix of Cybersecurity, Systems, Infrastructure, Network, and Cloud experience.
• Broad technical security skills in multiple technology areas such as applications deployments, endpoints, data, infrastructure, cloud, DNS, PKI, Email, OS (Windows, MAC, *NIX), SDN, encryption, forensics, authentication, firewalls, proxies, identity and access control, BC/DR, remote access, and cryptography.
• Extensive experience in architecting and engineering complex security solutions utilizing and interpreting models to implement company policies, standards globally.
• Familiarity with techniques/methodologies such as \xe2\x80\x9cAttack and Defensive\xe2\x80\x9d methods, Threat Hunting, Threat modeling, Reverse engineering, Vulnerability Management, Data modeling, Evaluation of security products/services, Metrics development, etc.
• Proficiency and experience in automation and scripting using Python, Shell, Ansible, Jenkins, etc.
• Demonstrated experience with utilizing and migrating to one or more cloud technologies such as Microsoft Azure, and AWS. Knowledge of Google Cloud Platform, Alibaba Cloud, and Microsoft Office 365 is a plus.
• Information Security and/or Information Technology industry certification (CISSP, CISM, CISSP-ISSMP, CRISC, GIAC, Azure and AWS equivalent) preferred.
• Ability to synthesize data, conceptualize and get to the root cause of processes that created the risk.
• Experience working in a multi-vendor and outsourced IT environment.
• Experience in Business Analysis.
• Good understanding of COBIT and ITIL processes including change, incident and problem management.
• Experience in Financial Services is a nice to have but not mandatory.

If the above is of interest please apply to this job advertisement or call me on 0207 509 8040 to find out more.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

Robert Walters