Senior Manager - Platform Security
Here we have a high-end opportunity leading and managing the strategy, architecture, engineering, and control ownership of cyber capabilities and infrastructure defences for one of London's premier financial institutions.
This team protects the organisation from cyber threats which seek to impact the confidentiality, integrity and availability of the firm’s assets. It’s a role with impact across all parts of the business as it has responsibility for the relevant security controls which seek to mitigate the risk and impact to the firm from cyber-attacks. To be successful in this role you’ll possess a strong cyber security background and will be a gifted leader of people, constantly inspiring and supporting them to develop and deliver more-secure services.
In this position of great responsibility, you’ll lead and support a team of technical professionals to develop and own the strategies, architectures, and related services for cyber security. You’ll foster and support innovative mindsets, encouraging experimentation to solve challenging problems. Will also develop key indicators and analysis to continually report control effectiveness and risk; lead escalation support for any security operations incidents; manage third party deliveries and influence vendor roadmaps; and ensure financial for the team are accurately budgeted and managed.
Technical Experience and Qualifications Required:
• Knowledge and experience in Platform, Storage, and Collaboration Security
• OS knowledge, including Windows, Linux, Unix, and Mac
• Network attached storage and storage area networks
• Experience of cloud delivered SaaS and IaaS services such as M365, secure email gateways, and Intune
• Architecture and engineering of layered control capabilities
• Adversary tools, techniques, and procedures. A deep understanding of TTP’s is required
• Threat Modelling experience
• Modern engineering practices; automation to drive efficiencies - an Infrastructure as Code mindset
• Scripting for practical tasks and tool integrations
• Structured and methodical troubleshooting practices for resolving the most complex problems
• Policies, standards, and security frameworks - NIST, CI,S
• Risk and control management, monitoring and reporting
• Experience of project management and service management as it relates to the delivery of services for the domain area
• The role holder is likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, OSCP, TOGAF, and/or GIAC
Apply for this role
All fields marked with * are required.