Tandem Bank
,
London, Greater London
Information Security Engineer
Overview
Job Description
The role The Security Engineer is responsible for monitoring security threats and protecting the Bank. This position focuses on the administration, monitoring and continuous improvement of Tandem's key information security and detection technologies. The Security Engineer is responsible for the deployment and support of security solutions, problem solving and overall advice on all security matters. There are elements of MI which are part of this role, analysing, proposing and leading the improvement of threat monitoring capabilities. The role is expected to lead the way in integrating new security solutions in AWS and establishing rules and baselines for security rules in AWS as part of continual improvement processes. What you will be working on: The successful candidate will be responsible for the following: * Day-to-day operations of the in-place security systems, including, but not limited: to endpoint security, SIEM, vulnerability scanners, web application scanners, web proxies, e-mail filtering, threat and anomaly detection tools; * Perform initial analysis to determine security events and alerts requiring immediate response and escalation; * Investigate, recommend and implement innovative technologies or other methods that will enhance the security of the AWS environment; * Maintain both internal and external vulnerability scanning tools, report on their findings, and plan and assist with the remediation; * Analyse existing structures and tools and create new and enhanced security methods and controls to improve the cyber maturity posture of the organisation; * Perform regular audits and reviews in addition to working with critical, complex security systems; * Investigate security violations and anomalies, collect incident responses, and carry out forensic investigations, where required; * Assist with platform tuning, process automation and configuration management and implement security monitoring to ensure optimal and secure running; * Perform regular analysis of network security needs and contribute to design and integration of required hardware, software; * Liaise effectively with technology and development teams to ensure projects/initiatives are secure on delivery; * Assist with the development of and adherence to the long-term information security roadmap and regular status reporting against it; * Provide security recommendations on design and application development topics; * Review and/or instruct on code review methods; * Any other reasonable management request What we're looking for: The successful candidate will demonstrate the following experience skills and behaviours: * Commercial experience as an Information Security Analyst/Engineer; * Hands on experience of security operations (monitoring, scanning, incident response and remediation); * Advanced knowledge of Information Systems security architecture, security monitoring, incident response, procedures, and best practices; * Experience with intrusion detection/ prevention systems, firewalls, perimeter security, log management, DLP and encryption, vulnerability scan technologies; * Strong understanding of systems and networking infrastructure; * Scripting experience (e.g. Python); * Experience with Cloud provider ecosystems and security concepts; * Experience with secure code review of web and mobile applications; * Knowledge of IT Control requirements (e.g. PCI DSS, ISO 27001); * Security experience in a regulatory environment is desirable; * Any other reasonable management request Qualities we look for: * Highly customer-centric with a passion to deliver a best-in-class customer experience; * High levels of personal and professional integrity; * An entrepreneurial approach with an ability to operate both at a strategic level and to be hands on; * A positive, self-sufficient leader with excellent communication skills, intellect and energy; * Very sound judgment and business instinct with a desire to challenge traditional thinking; * Ability to encourage followership, motivate and develop a diverse group of people towards a challenging goal; * Determined to succeed, high energy with humility and a strong personal drive; * A collaborative working style; * A very strong work ethic and a focus on customer delivery; * Live and breathe the Tandem values in every aspect of delivery You can find our Applicant Privacy Policyhere. Tandem Money is an equal opportunity employer and are committed to meeting our responsibilities under the Equality Act (2010). We respect the diverse experience and talents that every individual brings to our Company and we are determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, or race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable. Please be aware that background checking (including credit and criminal records checks) form part of our recruitme