A global payments company located in London is seeking a Technical Information Security Specialist to join their team on a permanent basis with Hybrid working. The ideal candidate for this role is someone who is passionate for Information Security and is a natural problem-solver to be able to provide efficient IT solutions across the organisation.
About the Role
The company is seeking an experienced and passionate IT professional that will lead a group of people responsible for strengthening the Regulatory Operations team. This role will be part of a wider operations team and will be involved in ensuring that IT standards are maintained with strong compliance, processes, and proper risk management.
Responsibilities:
Improve the overall Security of the company by recommending and helping to implement new Security controls
Assist in the creation and updating of Security Application Access User Control Reviews in an auditable and timely manner
Reporting, Management Information, remediation and tracking
Support the development, revision and implementation of Information Security governance policies, procedures, standards and controls and ensure that these are fully embedded in the activities of all teams.
Provide strong central oversight to deliver consistency and quality in security compliance within the organisation.
Regular controls of Information Security Risk Management and Key Risk Indicators.
Raise, monitor, action Security Incidents, Alerts, Service & Change Requests via the Jira change platform
Regular contact with Management to convey control weakness findings identified through walkthroughs and scenario testing, assess the risk and impact of deficiencies and make recommendations for remediation.
Assist with the Penetration Testing schedule and Cyber Threat Intelligence platform by tracking and resolving vulnerabilities identified, across multiple teams
Skills and Experience:
Minimum 3 years’ experience required.
Information Security industry standard qualifications such as CISM, CISSP, CISA, CRISC required (additional certifications desirable such as: CCSP, CCAK, PCI DSS, ITIL and/or AWS/Azure Cloud Security certifications)
Extensive Security Governance, Risk & Compliance hands-on experienceExperience of managing internal & external audit activities, reports and remediation
Excellent PCI DSS certification knowledge on controls and processes.
Ensure new business initiatives and PCI compliant and implement changes to ensure compliance is maintained.
Excellent understanding of Network and Cloud security architecture, protocols and principles
Regulatory and banking experience is essential
Extensive Cloud Security, Azure/O365 Security controls
Good knowledge of ISO27001 certification / audit requirements and controls
Excellent AWS technical operational Security and architecture experience
Excellent skill set and knowledge of Cloud Security controls for both O365 \ Azure \ AWS Security Controls, Policies and Alert Management