Cyber Security Officer

Sopra Banking Software works with more than 1,500 banks, building societies and specialized finance providers across more than 80 countries worldwide. We help them to develop, deliver and operationalise their digital transformation strategies. Using our suite of digital banking products and services enables these organisations to deliver remarkable financial services to their clients.

Our Managed Services function is expanding and looking for candidates who are passionate about information & cyber security. We are seeking a Cloud Cyber Security Officer to help work across teams to provide oversight and implement security practices consistently, and work as part of a team to monitor our stack. This role will report to the Security, Risk and Compliance Lead.

• Proactively monitor for, identify, respond to, and resolve security incidents
• To conduct internal technical and compliance audits to ensure that processes are being followed and that controls are effective.
• Work with the Team leader to continuously improve the security posture of the business.
• Work with Projects & Stakeholders across the business to advocate & implement security practices
• Mentor junior analysts and provide guidance on security best practices to teams across the department.

This is a hands‑on role combining technical work with responsibility for information security for managed services within Sopra Banking Software.

• Respond to and investigate potential security incident alerts contributing to new security monitoring use cases, and ensure all investigative activity is properly documented in ticketing systems and followed up with the relevant support teams.
• Work with the Security Policy & Audit Manager to take ownership of internal auditing within the department to ensure compliance with ISO27001 and Sopra Banking Software security policies and procedures.
• Identify vulnerabilities and security risks of networks, operating systems, applications, databases and new technology initiatives.
• Validate vulnerability findings and provide guidance during remediation efforts.
• Identify and document security risks identified during project initiatives and BAU activities.
• Perform research on latest security/cyber threats, which can drive improvements in active projects and into existing tools and processes.
• Provide IT security operational support to managed services teams.
• Review and improve current operational procedures, write and maintain new supporting procedures and policies and perform regular audits of these.
• Liaise with customers and external auditors to assure them of SBSUK's security controls.
• Review changes brought to CAB to ensure that they do not introduce security weaknesses.
• Generate security reports for customers.
• Liaise with the project teams to deliver security packs and maintain standards.

• Experienced working in and securing cloud environments (AWS preferred).
• Experience as a Cyber Security Officer or similar role within a large organisation.
• Working knowledge of common vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web applications.
• Good working knowledge of networking technologies, principles and concepts.
• Good working knowledge of various technologies and operating systems and hardening configurations, i.e. Windows Server, Linux, Solaris, etc.
• Good knowledge of cloud security best practices, security solutions, and methodologies for conducting security assessments.
• Good knowledge of cyber security threats and techniques used by adversaries to compromise systems, both technical and non-technical techniques.

• Comptia Security + - or equivalent professional certification
• ISC2 CISSP certification
• AWS/Cloud certified
• Any of the following:
• Experience with Rapid 7 InsightVM and InsightIDR
• Experience Securing Enterprise Databases
• Knowledge of UK financial sector regulation and/or bank and building society IT operations.

If you do not have all of the above experience or skills we would still like to hear from you.

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences. All of our positions are open to people with disabilities.