The purpose of this role is to be responsible for IT Security within Merian Global Investors. This includes completion of a multi-year Information Security programme designed to bring our security posture up to industry best practice.
12 Month Fixed Term Contract
This role has ownership of both the IT Security BAU practices as well as the IT Security programme. Specifically this includes:
- Providing subject matter expertise in cyber security technologies and control mechanisms
- Defining the IT security components of our technology architecture
- Undertaking the programme of change to implement the agreed standards including the selection and implementation of infosec technology & services
- Ensuring Cyber Security policies and standards are regularly reviewed and embed across the company
- Day to day management or oversight of core security processes including vulnerability scanning, incident response, data loss prevention.
- Conducting security reviews of third party vendors, external service providers and hosting partners
- Generating management report on status against KRIs
Key Behavioural Skills:
- Act with integrity, due skill, care and diligence
- Ensure customer outcomes are the focus of our business and we are respected by regulator
- Strong team player with a track record of working effectively in a collaborative environment across the organisation
- Share openly and be transparent
- Adopt a responsible approach
- Maintain our entrepreneurial culture
- Strive for continuous improvement
- Excellent oral and written communication skills, including active listening.
- Able to resolve issues without clear or predefined solutions.
- Proven conceptual and analytical skills
- Good personal time management skills.
- Proven project delivery capability.
- Professional certification to CISSP, CISM
- Proven knowledge and operational experience of market leading security products/technologies including intrusion detection/prevention, DLP, SIEM, vulnerability management, DDoS, encryption/data handling and mobile device management
- Understanding and knowledge of infrastructure and technologies including networks, Servers (physical/virtual), voice, databases, storage (NAS/SAN), shared services, web, e-mail, desktops, cloud security
- Working knowledge and understanding of relevant compliance, control frameworks and information security standards such as ISO 27001, ISO 27002, PCI-DSS and NIST
- Hands on approach to IT Security Management
- Strong interpersonal skills
- Ability to work under minimal supervision
- Strong team player with a track record of working effectively in a collaborative environment