Senior Manager - Platform Security

United Kingdom, London
Job ID: 1619

Job Description

Leading and managing the strategy, architecture, engineering and control ownership of cyber capabilities and infrastructure defences for one of London's premier financial institutions. Protects the organisation from cyber threats which seek to impact the confidentiality, integrity and availability of the firm’s assets. Domain area is Platform, Storage & Collaboration Security.

The role has impact across all parts of the business as it has responsibility for the relevant security controls which seek to mitigate the risk and impact to the firm from cyber-attacks.


Role Responsibilities

  • Lead and support a team of technical professionals, nurturing and enforcing technical practices in order to deliver technical excellence.
  • Foster and support experimentation and innovation in solving problems.
  • Develop and own the strategies, architectures, designs and associated artefacts for the domain area. Technologies have clear roadmaps and lifecycles defined.
  • Own the controls (and relevant changed) related to the domain area and ensure they remain effective through their lifecycle.
  • Deliver required outcomes for the security programmes and investments. Help define the delivery outcomes and milestones with the programme teams.
  • Develop key indicators, analysis and artefacts to continually evidence and report control effectiveness and risk.
  • Lead escalation support for any operational incident from operations or global security operations centre.
  • Manage third parties in their deliveries related to the domain area; influence vendor roadmaps and functionality in support of core objectives.
  • Finances for the team and any product or services are accurately budgeted for and managed.

Critical Deliverables

  • Delivery of activities against of agreed cyber security strategies. Shapes the programme of delivery with the project management team.
  • Delivery of key artefacts associated with the role, artefacts support evidencing and assurance activities.
  • Ongoing control operation and effectiveness and evidencing of such.
  • Reporting, development and management of agreed measures, key performance indicators and key risk indicators.
  • Management of services delivered to the firm by vendors and partners.
  • Finances for the team and any product or services are accurately budgeted for and managed.

Technical Experience and Qualifications

  • Knowledge and experience in Platform, Storage & Collaboration Security. Operating systems platforms includes Windows, Linux, Unix, Mac. Network attached storage and storage area networks.
  • Knowledge and experience of cloud delivered SaaS and IaaS services such as M365, secure email gateways, Intune and so on. Level would be considered in-depth.
  • Architecture and engineering of layered control capabilities.
  • Adversary Tools, Techniques and Procedures. A deep understanding of TTP’s is required.
  • Threat Modelling experience.
  • Modern engineering practices, automation to drive efficiencies. Infrastructure as Code mindset. Code / scripting for practical tasks and tool integrations.
  • Structured and methodical troubleshooting practices for resolving the most complex problems.
  • Policies, standards and security frameworks, NIST, CIS.
  • Risk and control, management, monitoring and reporting.
  • Experience of project management and service management as it relates to the delivery of services for the domain area.
  • The role holder is likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, OSCP, TOGAF, GIAC or those relevant to the role/domain area.

Apply for this role

All fields marked with * are required.

  I confirm that I have the right to work in this location. *

Back to Job Listings