IT Security Engineer - Finance

Twenty Recruitment Group
London (South)
£80000.00 - £95000 per annum + Plus Bonus and Benefits
11 Oct 2016
19 Oct 2016
Contract Type
I.T Security Engineer - Finance A Global financial organisation are looking to hire an I.T Architect to work within the Information security team. The Information Security team is responsible for ensuring appropriate information security controls are in place for all group information processing systems, monitoring of controls to ensure a secure operating environment, investigations of control failures to determine root cause and design/implementation of control improvements to prevent issues reoccurring. Responsibilities: Communicate with the business mapping technical security requirements to business language and ability to select and justify appropriate controls based on business process Identify security control gaps; propose improvements to the security processes, toolsets and automation. Development, delivery and management of the company's Information Risk strategy to align with the Corporate risk framework in conjunction with the Group Head of Information Security Provision of guidance and expertise in relation to the interpretation and implementation of company security policies and processes. Proactive monitoring of control environment and investigating any unusual activity and escalation where required. Work with the technical lead to select security products, work on proof of concept phases, project planning, design, and management of implementation. Hands on implementation of security solutions including creation of support packs for level 1-2 operations, and providing expertise/support for level 3 escalations. Develops and maintains good working relations with all business and technical stakeholders across the group. Maintain knowledge of current issues impacting the Group's information security posture Ensuring operational security tasks are carried out (vulnerability management, ad-hoc web/infrastructure scanning, web/email authorisations, security investigations, security monitoring, communication of security patch remediation requirements) Management of forensic investigations of workstation, server and network traffic, IDS events. Analyse large log data sets and identify trends/root causes. Required Skills: Demonstrable Windows administration skills (ability to script) Demonstrable Linux administration skills (ability to script) General high level networking Cisco, Juniper, Fortinet, Checkpoint. Demonstrable understanding of databases and SQL (ability to script). Demonstrable security log management and analysis techniques. Demonstrable understanding of IDS/IPS technologies, ability to construct custom snort signatures and investigate intercepted traffic/logs. Demonstrable understanding of application security (web based/binary apps) and how to protect business services through multiple protection mechanisms (provider based, network based, OS based and application based). Breadth and depth of knowledge of Information Risk techniques and practices. Experience of engaging with business owners and advising on information risk. Ability to produce detailed security standards, processes, specifications and reports as required, to an appropriately high standard. Desired Skills: Relevant security qualifications e.g. CISM, CISMP, CISSP, CEH, ECSA. Degree educated or equivalent in computer science, mathematics or engineering. Experience in Financial Services This job was originally posted as