SC Ventures (SCV) spearheads the bank's innovation across the Group. Included in SCV's mandate will be to invest in FinTech's and other start-up companies, promote rapid testing and implementation of new business models. SCV will work with businesses and functions across the Group in three key areas of eXellerator, investments, and ventures
This role sits directly with one of the Ventures called Autumn
You will advise and enable technical teams to make security decisions and provide advice and guidance, ensuring the effective use of common tools and patterns. You will also have a proactive responsibility to deliver secure systems and implement proportionate controls to enable business outcomes. The role will encompass all elements of information and cyber security to create a safe, secure and reliable infrastructure that meets industry standards.
Successful employees will be able to:
Demonstrate a deep understanding of security architecture principles and practices within complex environments and be able to apply security concepts at a technical level in an innovative way
Provide experience of implementing 'secure by design' throughout the design lifecycle
Have excellent knowledge of security tools and technologies at all aspects of a solution; including network, server, cloud and end-user-compute
Demonstrate working experience of ISO 27001, NIST, BS EN 31111 CoBIT, SOX and/or other Information Security Management frameworks and guidance including experience of production and evaluation of assurance documentation
Monitor computer networks for security issues.
Report security incidents and remediation plans to the Risk officer.
Present the security design at relevant security, architecture and risk boards, defending the design and ensuring project timelines for release phases
Work in close coordination with other technical leads to develop and deploy security plans.
Investigate security breaches and other cyber security incidents.
Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
Document security breaches and assess the damage they cause.
Work with Dev team to perform tests and uncover network vulnerabilities.
Fix detected vulnerabilities to maintain a high-security standard.
Stay current on IT security trends and news.
Develop company-wide best practices for IT security.
Perform penetration testing.
Help colleagues install security software and understand information security management.
Research security enhancements and make recommendations to management.
Stay up-to-date on information technology trends and security standards
Build excellent working relationships with Autumn team and SCV/SCB stakeholders including ICS officers and Risk.
(Security) Architecture certification is a must.
CISSP/CISM/ CISA or equivalent is a plus.
Masters degree (or equivalent experience).
Deep Knowledge of current security technologies and governance processes.
In-depth working knowledge of IT Risk / security frameworks and best practices, e.g.:
NIST Cyber Security Framework
ISF Standard of Good Practice for Information Security
NIST SP 800 30 framework
ISO 27001/2 framework Nice to have:
Provisioning tools (e.g. Terrarform)
Experience in SCRUM
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages .