Information Security Specialist

Senior Cyber Security Specialist required for market leading financial services firm. You will be championing Secure by Design across all change and delivery programmes, embarking on threat modelling and giving straight up advice for colleagues on security best practice and regulatory requirements.

• Build Key Relationships: Foster strong connections, help to shift our security culture and advocate for Secure by Design principles throughout our projects.
• Engage in Design Reviews: Perform design reviews, threat modelling, and risk assessments to ensure robust security measures are incorporated from the outset.
• Provide Expert Guidance: Offer expert advice and consultation on our policy & standards, industry regulations, frameworks, and best practices to support our change initiatives and operational teams.
• Capture Security Evidence: Ensure that security requirements and considerations are seamlessly integrated into our change solutions and evident.
• Assess Security Risks & Threat Landscape: Identify and evaluate security risks, making recommendations to continuously improve the firm's security posture in an ever-changing threat landscape.
• Define Security Test Objectives: Set clear objectives, boundaries, and focus areas for security tests to prevent vulnerabilities in our technical ecosystem.
• Remediate Risks: Ensure that any risks or findings from security scans or tests are addressed within risk appetite before changes are promoted to production.
• Support and Mentoring: Assist our team lead and provide mentorship to junior team members, fostering a collaborative and growth-oriented environment.

• Be Cyber Security Savvy: You know your Cyber Security Frameworks inside out and can explain their significance and impact to everyone from tech teams to senior business stakeholders.
• Information Security Guru: You've got a comprehensive understanding across a range of Information Security domains, including Identity & Access Management, Network Security, Cryptography and Public Key Infrastructure, Mobile & API security, and more.
• Analytical Ace: Your strong analytical skills help you interpret how industry trends, regulations, and the threat landscape can affect our business.
• Penetration Testing Pro: You've got experience in scoping penetration tests, conducting risk assessments, and overseeing remediation plans.
• Influential Communicator: You're skilled at influencing, communicating, and collaborating with senior management and stakeholders.
• Cloud Connoisseur: You're well-versed in Cloud Service models like IaaS, PaaS, and SaaS and the security context when deploying solutions into them.
• Proven Track Record: You've got experience in a similar role, bringing valuable insights and expertise to the table.

• Regulated Industry Rockstar: You've got experience working in a regulated industry and the financial services sector.
• Threat Modelling Maestro: You've participated in threat modelling using techniques like STRIDE.
• Microsoft Specialist: You have knowledge and understanding of Microsoft Azure and 365 security products like Defender, Sentinel, Azure Information Protection, and Intune.
• Cyber Community Champion: Holding Information Security certifications such as CISM, CCSP, CRISC, or CompTIA Security+ and being actively involved in the cyber community through participation in working groups, forums, and facilitating knowledge-sharing sessions.