Join us as a Security Assessment Analyst
This key role will see you working with the domain lead to define the product backlog and analyse a broad range of security information
As our Security Consultant, you’ll be providing advice and guidance on the best course of action needed to manage and solve security risks
As well as the opportunity to enhance your security knowledge, you’ll also be exposed to a wide range of stakeholders across the wider bank
What you'll do
Using your broad knowledge of security specialisms together with an appreciation of franchise strategies and objectives, you’ll be helping the wider bank to ensure a robust security environment across our centres of excellence and domains.
We’ll look to you to develop appropriate security strategies by understanding the needs and demands of the customer and business, while making sure that organisational system health and security are maintained and, improved where possible.
You’ll also be:
Acting as the interface with security experts when needed
Enabling a culture of continuous improvement, promoting the benefits of security and working closely with teams to reinforce the robustness of the domain
Analysing business requirements, technical solutions or processes to identify security related risks and providing guidance on how they can be managed effectively
Making sure that decisions made are based on robust data, return on investment and value measures that demonstrate thoughtful and intelligent cost management
Building relationships with colleagues across the bank to ensure decisions are commercially focused and create long term value for the organisation
The skills you'll need
You’ll need the ability to perform security assessments of internal and external Information Security Threat environments, including applications, infrastructure and business units. You’ll also need in-depth Information Security experience in order to understand and advise on identification and management of Information Security risks and mitigation in relation to technical infrastructure and applications.
We’ll also expect you to have:
To understand, prioritise and assist with developing and implementing solutions for Functions and Franchises to reduce and close Security gaps between risk appetite and current risk position based on understanding of regional regulatory requirements to support compliance across the region
Knowledge on networking and associated infrastructure components
Knowledge and experience on cloud platforms AWS, Azure and GCP
Knowledge and experience with vulnerability tools such as, Qualys, AWS Security Hub and Gitlab