Job Description

Our client is looking for a Senior Security Analyst to organise and oversee all security operations.

There is significant development work underway to create a fresh, modern, new client reporting and investment platform following the launch of our client’s bank, this is part of an extensive programme of IT developments driven by their continued growth, and the intent to provide new services to their clients.

The ideal candidate will have experience of working as an IT Cyber Security Analyst in the finance sector and will have a desire to grow their career further in this space. Our client is dedicated to supporting further development and individual career enhancement. So, if you’re driven and ambitious to unleash your full potential, this is the role for you.

What you’ll do:

Supporting the security team to ensure that appropriate technologies and processes are in place to defend CIG infrastructure from cyber threats

Key duties include:

• Security review of external facing web apps and systems
• Security review of internal web apps and systems
• Security review of 3rd party applications where sensitive data is to be stored
• Regular review of the CIG security estate
• Document security testing, gaps and enhancements
• Provide support and necessary advice on secure development practices to defend against all currently exploited threats
• Code reviews of developments prior to release to production
• Provide advice and support on network level changes that could have an impact on security (Firewall, file permissions, changes to web servers etc.)
• Support 3rd party security testing and verify the implementation of suggested remediations
• Promote and support security awareness and responsibilities throughout the business
• Provide advice on secure configuration of web, application servers, internet facing systems and desktop protections
• Monitor and prioritise the remediation of security alerts/notifications (CVEs)
• Recommend, support and oversee, introduction of current security technologies and obsoleting of insecure technologies
• Provide security training presentations to staff in order to maximise the level of the human cyber defence
• Develop and support the team in implementing security policies, protocols and procedures 
• Attend meetings with other managers to determine operational needs
• Review and create reports on incidents and breaches

What you’ll need to succeed:

• Demonstrable experience in a cyber security role
• Experience in a development role or Infrastructure Role
• An understanding of the OWASP Top 10 and Mitre Top 25
• Some experience with security testing tools including HTTP intercept proxies
• A track record of identifying security issues and providing remediation advice
• Strong interpersonal and communication skills
• Some ability to understand how a business functions and to balance security needs with organisational goals
• Understanding of Cyber Essentials, NIST and ISO accreditations
• Problem-solving and analytical ability
• A collaborative work style
• Commitment to continuous development and continuing education, to stay on top of IT and cybersecurity trends

Our client’s promise to you

Not only do they offer competitive salaries, our client have lots of other benefits including private health care and life insurance, flexible hours, access to a pension scheme, volunteering opportunities for those who love to give back, training and development opportunities for those looking to drive their career even further and opportunities to take advantage of their own products.