Security Specialist
Security Specialist
Given the broad nature of responsibilities, the role will have many customers, ranging from external customers through the ongoing challenge of process and technology deployed to protect their assets, to project delivery teams as you get involved in change pipeline to define and challenge information security requirements.
- You must have a good understanding of the secure project development lifecycle and solid working knowledge of enterprise technology,
- You must have a strong risk management background and experience in conducting security risk assessments on projects and developing security controls,
- Specific experience in secure design, build, and control methodologies aligned to relevant security standards, e.g. ISO27001, PCI DSS, NIST+,
- You will act as a security representative within various project streams for inflight and new projects including scoping and supporting security testing activities,
- You will act as a point of contact and subject matter expert for a varied number of stakeholders – therefore your ability to distill complex conversations into information that can be consumed by a non-technical audience from which to make decisions is a core requirement of the role.
- You will work collaboratively alongside senior members of the IT and change team to challenge process and control from an information security and cyber perspective, therefore it is essential that you can communicate your ideas and challenges in a succinct and credible way.
You will be able to operate and interchange at a number of levels in technical challenges through to policy and procedure – prior experience working in an environment that requires different approaches and varied stakeholders is essential.
- Working with various first-line defense teams to ensure alignment of technology controls to relevant information security standards
- The challenge of technical control design across IT and the wider business to be as efficient and effective as possible given the dynamic nature of risk and threat in this area
- Secondment and placement into a varied and demanding program of bank-wide change working with project teams to advise and guide on information security best practices. You will make sure that final outputs comply with external best practices and regulations whilst balancing the specific delivery needs and challenges of the project.
- Be the Metro Bank representative at relevant industry forums.
- Assisting with suspected information security and cyber investigations.
Cyber threat analytics and management reporting duties.