Information Security Specialist

  • Location


  • Discipline:

    Risk Management

  • Job type:


  • Salary:


  • Consultant:

    Kirstie Burn

  • Email:


  • Job ref:


  • Published:

    about 2 months ago

I am working with a fantastic challenger bank on an Information Security SME position. Reporting into the Head of Information Security you will join the Security Team to provide security expertise and guidance to the Security Investment Programme which includes a number of projects as part of the business’s cyber strategy.

This is a dynamic role combining security solution design, implementation, assurance and review activities with standards, policy and procedure development.

Strong analytical, information security and application security skills are required along with a technical understanding of the practical application of information security controls within financial services firms.

Key responsibilities include:

  • Act as the subject matter expert for all security matters relating to projects in scope of the programme reporting on a day to day basis to the responsible security project manager
  • Take responsibility and ownership for implementing solutions that meet the needs of the security programme, ensuring industry good practice is followed
  • Provide options and recommendations for ways to achieve the aims of the programme – and once agreed see the recommendations through to delivery
  • Take a pragmatic, risk based approach to delivering initiatives within the programme. Balancing risk reduction, with quick wins and business need.
  • Provide guidance regarding technical security best practice to project and internal teams
  • Develop, agree and socialise policies, procedures and standards for projects within the Security Investment Programme
  • Review, challenge and contribute to technical designs to ensure that security is designed into new solutions as part of the programme
  • Understand, assess and effectively communicate security risks associated with proposed solutions
  • Escalate concerns, risks and issues to the programme project management and accountable executive
  • Contribute to further iterations of the security programme and prioritisation of initiatives
  • Contribute to security policies, standards, and guidelines to ensure that security best practice is applied across the company
  • Contribute to security assurance processes

The Person.

  • Extensive background in the practical application of information security
  • Excellent understanding of information security concepts and practices
  • Experience of running the security elements of procurement activities to ensure the right solutions are procured to meet the objectives of the programme.
  • Prior experience of implementing; Privileged Access Management, End Point Security, Identity & Access Management, Supplier Security Assurance, Cloud Based security offerings and Security policies/procedures/standards
  • Experience of reviewing technical designs and solutions to identify security risks and opportunities for improvement
  • Ability to work independently or with limited resources to deliver results
  • Excellent verbal and written communication skills
  • Strong organization skills
  • Experience of developing, implementing and supporting security controls and best practice within a Financial Services environment
  • Computer Science, IT, Information Security or Cyber related degree – Desirable
  • Industry recognized cloud security qualifications, such as: CCSP – Desirable
  • Industry recognized security qualifications such as: CISSP, SSCP, CISM - Desirable