Cyber Security Architect - Access Control
Our client in London is a global investment management firm with deep expertise in trading, technology and operations. As a technology and data-driven firm, they design and build their own cutting-edge systems, from high-performance trading platforms to large scale data analysis and compute farms. With offices in New York, London and Singapore, they emphasise true, global collaboration by aligning technology and operations teams functionally around the world.
We're seeking a subject matter expert in cyber security, with extensive access control knowledge to work collaborative with the internal and external teams, executing a comprehensive security roadmap and mitigating risks in key functions such as network and system security; email security; cloud security; access control & identity management; data security; and vulnerability management.
Due to the size and maturity of this team, this will be a highly autonomous role, with the chance to help build out the team further, and build specialist teams once the roadmap has been fully rolled out. The CISO is looking for someone with specific knowledge of access control, both on-prem and in the cloud, with wider knowledge around cloud security, vulnerability management, network security, etc. being key to working with other teams in the firm.
- Assess the risk of new projects and the impact of adopting new technologies such as opensource software, on-boarding managed services and SaaS solutions, and extending the perimeter of the environment to restricted geographies
- Perform information security assessments of existing security controls, manage risk, and oversee remediation plans
- Assist with the implementation, monitoring and assurance reviews of security controls
- Conduct vulnerability scanning and assessment functions relating to various technologies, systems, appliances, and contexts
- Collaborate with internal technology teams to prioritise mitigation actions based on risks associated with each vulnerability
Technical Experience and Qualifications Required:
- At least 5 years’ hands-on experience within a technical role covering a variety of security technologies, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management etc.
- Knowledge of malware, hacking techniques and security trends
- Experience with SIEM systems as well as network security analysis
- Thorough understanding of the latest security principles, techniques, and protocols
- Experience with Windows and Linux systems security
- Scripting/coding experience with one or more languages – Python experience a plus
- Degree in Engineering, Computer Science, or STEM related field
- Extensive experience of validating the effectiveness of security controls
- Technical understanding of AWS Security and other cloud platforms e.g. Azure, GCP
- Knowledge of Secure Coding Practices
- Security and network-related certifications i.e. CISSP, CCIE, CCSP, OSCP
Apply for this role
All fields marked with * are required.