Your new company

Our client is a leading global financial markets infrastructure and data group. They are dedicated partners with a deep commitment to excellence, delivering value for their customers. They are leaders in data and analytics, risk, collateral and processing solutions, capital formation and trade execution.

Your new role

The purpose of this role is to develop cyber defence capabilities to protect the group from cyber threats which seek to impact the confidentiality, integrity and availability of group assets. The domain area is Network Security.

• Develop and own the strategies, architectures, designs and associated artefacts within the domain area. Technologies have clear roadmaps and lifecycles defined.
• Own the controls related to the domain area and ensure they remain effective through their lifecycle.
• Lead and deliver large, significant high-profile projects as part of the cyber programme and other initiatives which are complex and span the group and require a broad perspective in solving challenges.
• Manage and deliver changes to controls as necessary which are not part of project activity.
• Develop key indicators, analysis and artefacts to continually evidence and report control effectiveness and risk for the group.
• Escalation support for any operational incident from operations or global security operations centre for related domain technologies.
• Manage third parties in their deliveries related to the domain area.
• Solve unique and complex problems related to the domain area.
• Remain current with principles, concepts and emerging technologies related to the role.
• Influence vendor roadmaps and functionality in support of the company's objectives.
• This role is an individual contributor and leads no FTE headcount. The role holder may be asked to deputise for the Senior Manager during any period of absence.
• You would be expected to manage and direct the engagement of contingent workers where flex resourcing is required. Either contractors or partner resources.

What you'll need to succeed

• Enterprise and service provider network, architecture, engineering and operations. Level of knowledge in the domain area would be considered an expert.
• Network security architecture, engineering and operations. Architecture and engineering of layered control capabilities to an expert level.
• A strong understanding of information security principles and best practices.
• Adversary Tools, Techniques and Procedures. A deep understanding of TTP's is required.
• Threat Modelling experience.
• Broad technology knowledge across non-core domain area.
• Modern engineering practices, automation to drive efficiencies. Infrastructure as Code mindset. Code / scripting for practical tasks and tool integrations.
• Structured and methodical troubleshooting practices for resolving the most complex problems.
• Policies, standards and security frameworks, NIST, CIS. Strong skills to author formal documentation.
• Risk and control, management, monitoring and reporting.
• The role holder works independently and with guidance only in the most complex of situations. The role holder is expected to solve problems with sound judgement and in a way that is aligned to good practice and in the long-term interests of the organisation.
• The role holder is likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, OSCP, TOGAF, GIAC or those relevant to the role/domain area.
• A focus on key network security controls
• Distributed denial-of-service (DDoS)
• Web application firewall (WAF)
• Intrusion prevention detection system (IPDS)
• Network access control (NAC)
• Cloud secure web gateway (SWG)
• Experience and knowledge of technology in financial services and/or regulated environments and industry compliance schemes (for example SWIFT) preferred.
• Must have significant experience of working in security focussed roles. Likely will have greater than 5 years full time in security roles as part of an overall career in technology in excess of 10 years focussed predominantly in the domain area for the role. Expected to have direct hands-on experience in some of the domain area technologies.
• Leadership and management experience
• Managing a non-FTE delivers from contingent and/or partner/vendors in delivery.
• Experience in advocating for and influencing change in order to reach best outcome based on the needs of the organisation, stakeholders and from monitoring industry trends.
• Mentoring and guiding those at earlier career stages to grow the competence and experience of the team.

• Collaborating across the group to deliver successful sustainable outcomes for the group and its stakeholders.
• Takes ownership and commits to delivering sustainable outcomes and resolving problems.
• Demonstrates a bias for action.
• Strong track record of delivering results without compromising on quality.
• Critical thinker takes in broad perspectives to assess and make decisions.
• Willingness and flexibility and to work across different technologies.
• Capability to quickly assimilate new concepts and technologies.
• Takes ownership of own career development and learning.
• Delivering feedback in a way useful for an individual and a team for growth.
• Adapts messaging and presentation styles to the needs of a different audiences.
• Is measured and considered in challenging and high-pressure situations. Is clear and when necessary assertive in directing what needs to happen.

What you'll get in return

• This role will give you the opportunity to develop your skills and knowledge and grow your career in one of the biggest financial institutions.
• Competitive salary and bonus.
• A range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.
• Flexible working scheme: 2/3 days of work from home per week.

What you need to do now

If you are interested in this role, feel free to send me your updated CV at Doriane.madec1@hays.com