IO Associates have exclusively partnered with an exciting FinTech organisation in the City. Reporting into the Head of Information Security you be his number 2 eventually growing the team to 4/5 by the end of the year.
Role: Information Security Officer / Cyber Security Analyst
Salary: £70,000 - £80,000 + Benefits + Career Opportunities
This is a hands-on role.
·Experience in developing, writing, implementing, auditing and improving information security policies and procedures aligned to relevant industry frameworks/standards to ensure security and compliance accreditations are achieved and maintained.
·Experience creating/maintaining an ISO27001 ISMS or PCI compliance project and operation.
·Experience operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems.
·Experience in security incident response, forensic security investigations, management and remediation of identified and day zero vulnerabilities, alerts, threats and breaches.
·Good knowledge of security technologies and controls such as Networking, Application and 'Next Generation' Firewalls, IDS/IPS, Proxies, security monitoring, FIM, WAF, DLP, Vulnerability Management, malware, antivirus and endpoint protection.
·Knowledge of various technologies and operating systems ie Linux/Unix, Mac OS, Containers, Office 365, etc.
·In-depth knowledge of Cryptographic controls, secure communications, PKI, hash and encryption technologies, ciphers, including IPsec VPN, TLS/SSL and certificates.
·Experience with Public Cloud in particular AWS and AWS security services.
·A deep understanding of how hackers work and ability to keep up with the fast pace of change in the criminal cyber-underworld.
·In depth Knowledge and experience in a security role with strong working knowledge and understanding of information security frameworks in particular IS027001, ISAE3000/SOC2, SOC1, GPDR and PCI DSS, security operations and application security best practices.
·Perform response analytics during and after an incident, determine root cause and proper mitigation of cyber security events.
·To remain up to date with the latest threats and vulnerabilities to ensure operational tools and processes are up to date, introduce process improvements and ensure incident response plans are up to date and effectively tested.
·To ensure that customer information and information systems are protected from unauthorised access / intrusion, use, disclosure, disruption, modification or destruction.
·Perform periodic internal audits against policies and procedures to ensure conformance. Participate and assist in external audit activities.
·Perform periodic audit, review and contribute to the continuous improvement of IT security standards, processes and procedures.
Please get in touch!