IT Security Lead Engineer

The Role:

IT Security Lead Engineer is required on a contract basis by thriving financial services organisation based in the City of London. You will be responsible for both maintaining and improving security controls, frameworks and processes, and supporting the delivery of new technology that improves our security posture and protects our business.

You will be required to support the team in ensuring resilient, dependable security services are delivered across the entire estate and in all regions. You will be working with leaders in IT, Security, Information Security Risk, alongside key suppliers to ensure that the services we provide meet the current and future needs of the business.

Key Responsibilities:

• Working within the existing IT Security operations/engineering functions.
• Manage relationships and the performance of outsourced security providers.
• Ensure BAU security operations services are managed with efficiently in line with any SLA’s.
• Delivery of IT Security services including (but not limited to) – Security Operations, Threat and Vulnerability Management, Privileged Access Management, Identify and Access Management, Data Loss Prevention, Network Security and Penetration Testing.
• Act as lead SME on IT and Cyber Security Improvement Projects.
• Play an active role in IT projects and operational processes (e.g., change management, exception management) to assess from an IT security standpoint IT projects, changes and exceptions.
• Manage IT Security Incidents including forensic investigations.
• Provide direction and guidance acting as an SME on IT security matters, closely supporting our infrastructure and architecture colleagues.
• Oversee and operate security controls (process & tools) to safeguard the security (integrity, confidentiality and availability) of all IT Systems in line with the expectations of a top tier global financial institution. Aligned to frameworks such as ISO27001/NIST.
• Demonstrate that security controls are effective and therefore are compliant with policy defined by InfoSec second line.
• Support and assist in the coordination and delivery IT Governance, Due Diligence and Audit activities.
• Deliver technical security reviews to ensure technologies follow information security standards, regulatory requirements and best practices.
• Support architectural review processes, risk management and the quantification of technology risks.

Key Requirements:

• Significant experience in similar security operations roles.
• Industry recognised technical certifications such as CISSP, TOGAF CCSP, GCIH or other equivalent certifications.
• Deployed, configured and managed infrastructure and the security of Microsoft cloud environments.
• Experienced in a broad range infrastructure and security solutions to protect the business. Including SIEM/SOAR.
• Proven experience of designing top to bottom systems/solutions with focus on all aspects of Security (Network, Infrastructure, Access, Cloud Services, Controls, and SecOps).
• Knowledge and experience of cloud specific security challenges, designs and solutions.
• Demonstrated involvement in major IT/cloud transformation initiatives, with the ability to navigate the complexities and ensure security considerations are integrated throughout.
• Knowledge and experience of security standards, procedures, reviews and automation.

For a full consultation on this exciting new contract opportunity, please get in touch with ARC IT today!