Accessibility Links

Information Security Standards and Design Manager

  • Job reference: ML - 21269
  • Location: City of London
  • Job type: Contract
  • Start date: Not specified
  • Contact: Not specified
  • Sector: Information and Cyber Security
  • Salary: £750 - £850 per day
This vacancy has now expired.

Senior Security Manager (Security Standards and Design)

Leading Asset Manager requires a Senior Information Security manager to Define, build and run a global Security Standards function and contribute to the development and execution of the Global Information Security Programme.

The ideal candidate will have the following experience:

  • Assist with evaluating and implementing security solutions including tools, services and solutions e.g. SIEM, DLP, IDS/IPS, DMZs, IAM/SSO, encryption/PKI, etc.
  • Oversee technical security design across all the companies technology platforms i.e. Internally hosted, IaaS, PaaS, Saas, internal facing, mobile and external facing, and partner business services (if / as required)
  • Assist operational teams in maintaining & enforcing those standards, providing 3rd level support and consultancy
  • Contribute to Security Risk Assessments, with particular focus on vulnerability assessments, including provision of implementation support for risk assessment and data security procedures and products.
  • Assist with the development of secure coding standards and definition of security deliverables as part of the System Development Lifecycle, working with waterfall and Agile/Devops techniques.
  • Champion and oversee design and assurance activities including whitebox and blackbox testing as appropriate, software assurance using static and dynamic code analysis, and pen testing.
  • Document security design standards and procedures as needed.
  • Assist in the maintenance of the security technology roadmap

Skills/Experience

  • Security technology background within an international asset management or similar financial services organisation, covering applications and infrastructure.
  • Awareness of architectural frameworks and experience in applying security architecture principles (e.g. TOGAF, SABSA, etc.) to small or large projects, proven experience analysing successful HLDs and LLDs.
  • Expertise in security technologies - such as SIEM, DLP, IDS/IPS, DMZs, IAM, SSO, PKI, cloud security, network security, application security, etc.
  • Familiarity with industry-standard security and risk frameworks including ISO27000, NIST, COBIT, ISF, SANS, etc. and with common financial services industry practice, to assist with calibrating control strengths
  • Deep familiarity with common financial services technologies e.g. Microsoft, Checkpoint, VMWare, Citrix, Bloomberg etc.
  • Ability to apply security skills to multiple platforms including internally-hosted, IaaS, PaaS, SaaS, and mobile/digital services.
  • Familiarity with common security assessment tools (e.g. BURP, Nessus, Qualys, etc.)
  • Experience using SAST and DAST tools including results interpretation, developer community support etc.
  • Ability to provide formal and informal leadership across the security domain, a demonstrable history of building and leveraging relationships to create enterprise outcomes
  • Able to work in an international matrix organisation with complex and dynamic drivers and constraints
  • Comfortable with a fast paced, global, multi-threaded matrix working environment.

Should you be interested, please do not hesitate to contact Molly Lamb at Molly.Lamb@lafosse.com (02079321644) or aplpy directly to the advert.

Related jobs
Security Project Manager
  • Contract
  • London
  • £500 - £600 per annum
  • Reference JH27713
  • Security Project Manager FTSE100 retailer require a Security Project Manager who has extensive experience managing multiple security work streams. The Security Project Manager will have previous experience managing technical security projects e.g incident response and threat & vulnerability...
Read more
GRC Consultant
  • Contract
  • London
  • £500 - £600 per day
  • Reference 27648OH
  • GRC Consultant A leading retailer requires a Governance, Risk & Compliance (GRC) Consultant to support the business through an Information Security Transformation program. The ideal candidate will have the following experience: Governance, Risk and Compliance experience (GRC)Regulatory and compliance experience...
Read more
RSA Archer Consultant
  • Contract
  • London
  • £500 - £550 per annum
  • Reference JH27677
  • RSA Archer GRC Consultant Large FTSE 100 retailer require a RSA Archer GRC Consultant to assist with a security transformation programme. Extensive experience with RSA Archer as a risk management tool is a necessity. The ideal RSA Archer consultant will have the following experience: Experience using RSA Archer as a...
Read more