Senior Security Engineer

1 month ago

London Area, United Kingdom EC1 Partners Full time

Role Purpose

The Cyber Security Engineering IAM & PAM team are looking for an independent, pro-active, and aspiring individual who is committed to making a meaningful contribution, as a PAM/IAM engineer. They will play a supporting role utilising their technical experience to enhance IAM / PAM solutions that best fit our business requirements. The team are a part of the Cyber Security Engineering function who are developing cyber defence capabilities to protect the business from cyber threats which seek to impact the confidentiality, integrity, and availability of the group.


Reports to

Senior Manager, IAM, PAM & Secrets Management


Direct reports

No direct FTE reports.

May manage contingents and vendor/partner resources in their deliveries.


Key relationships & committees

Stakeholders include the wider security team including security architecture, Identity and Access Management, cyber strategy business function, governance, risk and compliance, programme management. Entity level Business Information Security Officers (BISOs). Infrastructure & Cloud operations, engineering, and architecture teams. Internal risk and audit functions. Architecture and corporate approval forums. External partners/vendors, and industry schemes.


Key responsibilities

Contribute to domain strategies and architectures, leads on engineering and the associated artefacts across the areas of identity & access management, privileged access management and secrets management technology.

Be responsible for the controls related to the domain area and ensure they remain effective.

Lead and deliver smaller scale projects or discrete workstreams for larger projects as part of the cyber programme and other initiatives.

Manage and deliver changes to controls as necessary which are not part of project activity.

Develop key indicators, analysis and artefacts to continually evidence and report control effectiveness and risk for the group.

Critical issue support for any operational incident from operations or global security operations centre for related domain technologies.

Accountable for ongoing activities and objectives for the domain area.

Solve complex problems related to the domain area.

Remain current with principles, concepts and emerging technologies related to the role.

Influence vendor roadmaps and functionality in support of objectives.


Leadership responsibilities

This role is an individual contributor and leads no FTE headcount.


Critical work

Delivery of activities against of agreed cyber security strategies. Shapes project delivery with the project management team and the senior manager of the domain area.

Delivery of key artefacts associated with the role, artefacts support evidencing and assurance activities.

Ongoing control operation and effectiveness and evidencing of such.

Reporting, development and management of agreed measures, key performance indicators and key risk indicators.


Impact

As a group level function, the role has impact across all parts of the business as it has responsibility for the relevant security controls seeking to mitigate the risk and impact to the group from cyber-attacks. Impacts include financial, economic, regulatory, customer and brand.

The role is key to addressing regulatory concerns for all our regulated entities related to cyber security and cyber resilience.


Key critical metrics

Delivery of projects and BAU activities within agreed timescales to the required standard.

Issues that are identified are fixed and remain fixed and are not recurring.

Key artefacts for the activities performed exist, are accurate and of required standard.

Agreed measures related to controls owned by the role, for example Key Risk Indicators, are delivered and managed.


Technical / job functional knowledge

Knowledge and experience in the engineering and operation of privileged access management (PAM) and/or identity and access management (IAM) technologies and the integration with relevant platforms. Level of knowledge in the domain technology area would be considered competent.

Knowledge of different operating systems, platforms, and applications where relevant for the domain area and implications for those platforms. Level of knowledge would be considered proficient.

An understanding of information security principles and standard methodologies.

Knowledge in domain area and basic knowledge across non-core domain areas.

Modern engineering practices, automation to drive efficiencies. Infrastructure as Code mentality. Code / scripting for practical tasks and tool integrations.

Structured and methodical problem-solving practices for resolving sophisticated problems.

Policies, standards and security frameworks, NIST, CIS. Strong skills to author formal documentation.

Understanding of security metrics to measure control operation and risk.

The position holder works independently with minimal guidance and is expected to solve problems with sound judgement and in a way that is aligned to good practice and in the long-term interests.

The role holder is likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, OSCP, TOGAF, GIAC or other relevant qualification.


Business and sector expertise

Experience and knowledge of technology in financial services and/or regulated environments and industry compliance schemes (for example SWIFT) preferred.

Will have experience of working in security focused roles. Likely will have greater than 4 years full time in security, in an overall career in technology of around 8 years, focused predominantly in this specialised area. Expected to have direct hands-on experience in some of the domain area technologies.


Leadership and management experience

Experience in advocating for and inspiring change to reach the best outcome according to the needs of the organisation, customers and industry trends.


Personal skills and capabilities

Collaborating across the group to deliver successful balanced outcomes for the group and its partners.

Takes ownership and commits to delivering sustainable outcomes and resolving problems.

Demonstrates a bias for action.

Consistent track record of delivering results without compromising on quality.

Critical thinker, takes in broad perspectives to assess and make decisions.

Willingness and flexibility and to work across different technologies.

Capability to quickly assimilate new concepts and technologies.

Takes ownership of own career development and learning.

Supports colleagues with less experience to help in their professional growth.

Adapts messaging and presentation styles to the requirements of the audience.

Is measured and considered in complicated and fast paced situations.

  • Senior Security Engineer

    7 days ago

    London Area, United Kingdom Iceberg Cyber Security Full time

    Working for a global trading firm isn’t easy, it’s fast-paced and demanding, however, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and...

  • Senior Security Engineer

    4 weeks ago

    London Area, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    1 month ago

    London Area, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    1 month ago

    London Area, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    4 weeks ago

    London Area, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Senior SOC Engineer – London (Hyrbrid) – 55-65K Currently working with an industry-leading technology consulting firm who are seeking a “Senior SOC Engineer” to join their rapidly growing team. As the Lead SOC Engineer, you'll have the opportunity to be at the forefront of cybersecurity innovation, leading a team to protect clients' most...

  • Senior Security Engineer

    4 weeks ago

    London Area, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Senior SOC Engineer – London (Hyrbrid) – 55-65K Currently working with an industry-leading technology consulting firm who are seeking a “Senior SOC Engineer” to join their rapidly growing team. As the Lead SOC Engineer, you'll have the opportunity to be at the forefront of cybersecurity innovation, leading a team to protect clients' most critical...

  • Senior Security Engineer

    4 weeks ago

    London Area, United Kingdom LT Harper - Cyber Security Recruitment Full time

    Senior SOC Engineer – London (Hyrbrid) – 55-65K Currently working with an industry-leading technology consulting firm who are seeking a “Senior SOC Engineer” to join their rapidly growing team. As the Lead SOC Engineer, you'll have the opportunity to be at the forefront of cybersecurity innovation, leading a team to protect clients' most critical...

  • Senior Security Engineer

    1 day ago

    London, United Kingdom Iceberg Cyber Security Full time

    Job Description Working for a global trading firm isn’t easy; it’s fast-paced and demanding. However, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for. You must be curious about...

  • Senior Security Engineer

    2 weeks ago

    London, United Kingdom Iceberg Cyber Security Full time

    Job Description Working for a global trading firm isn’t easy, it’s fast-paced and demanding, however, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about...

  • Senior Security Engineer

    2 weeks ago

    London, United Kingdom Iceberg Cyber Security Full time

    Working for a global trading firm isn’t easy, it’s fast-paced and demanding, however, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and...

  • Senior Security Engineer

    2 weeks ago

    London, United Kingdom Iceberg Cyber Security Full time

    Working for a global trading firm isn’t easy, it’s fast-paced and demanding, however, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and...

  • Senior Security Engineer

    2 weeks ago

    London,, UK, United Kingdom Iceberg Cyber Security Full time

    Working for a global trading firm isn’t easy, it’s fast-paced and demanding, however, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and...

  • Senior Security Engineer

    1 month ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    4 weeks ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    1 month ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer

    1 month ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. For example, do you have a home lab where you test out certain tools and technologies. This is just an example, a home lab isn’t required, however I am trying to demonstrate the type of engineer and personality my...

  • Senior Security Engineer(Hybrid)

    1 day ago

    London, United Kingdom Iceberg Cyber Security Full time

    Working for a global trading firm isn’t easy; However, what comes with this is the opportunity to contribute to highly technical projects and be at the forefront of technology innovation. You must be curious about technology and security. A Senior Security Engineer with the ability to work on a lot of different things. Someone who understands design and...

  • Senior Security Engineer(Hybrid)

    1 month ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. Network Engineers with an interest in security   A Senior Security Engineer with the ability to work on a lot of different things. Someone who understands design and implementation and how and why you are doing...

  • Senior Security Engineer(Hybrid)

    1 month ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. Network Engineers with an interest in security   A Senior Security Engineer with the ability to work on a lot of different things. Someone who understands design and implementation and how and why you are doing...

  • Senior Security Engineer(Hybrid)

    4 weeks ago

    London, United Kingdom Iceberg Cyber Security Full time

    This is an opportunity where curiosity is one of the main traits my client is looking for, you must be curious about technology and security. Network Engineers with an interest in security   A Senior Security Engineer with the ability to work on a lot of different things. Someone who understands design and implementation and how and why you are doing...