Control Assurance Technical Assessment Analyst

Information Security London, United Kingdom


Description

The Company

G-Research is a leading quantitative research and technology company. We use scientific techniques, big data and world-class technology to predict future movements in financial markets, and develop the platform to deploy these ideas globally.

The Role

This is a rare opportunity for a motivated, technically-minded person to join the Security Control Assurance team. The team is part of the Security Assessment and Assurance (SAA) department, which has overall responsibility for security risk and assurance.

The Control Assurance team is responsible for providing assurance of security control effectiveness through technical and procedural testing. Members of the team use a variety of tools and techniques including red teaming and social engineering to conduct assessments of security controls. Team members combine technical expertise and imagination to develop innovative methods to assess potential weaknesses in the organization's security posture.

As a Control Assurance Technical Assessment Analyst your responsibilities will include, but not be limited to:

  • Developing and documenting plans and scenarios for various types of control tests
  • Performing manual penetration tests and validation of vulnerability scan results
  • Developing Rules of Engagement, scoping documents and reports
  • Developing automation for testing activities
  • Working closely with other teams to provide information about vulnerabilities identified and act as a source of knowledge to support remediation efforts.

The Individual

Due to the interactive nature of the role, you will be expected to possess strong verbal and written communication skills as well as be able to manage and prioritise a large number of requirements with ease. It is also essential that you are able to understand complex security controls as well as software and system interactions.

To be successful in the role, candidates should have:

  • At least four years of IT experience
  • At least two years of experience with penetration testing against applications and infrastructure
  • Strong knowledge of security best practices, networking, and application security concepts
  • Knowledge of IDS, DLP, and AV evasion techniques
  • Experience providing technical reports of issues identified during assessments and recommended improvements
  • Ability to communicate security risks to both technical and non-technical audiences
  • Ability to work both independently and as part of a team

Required Qualifications and Skills:

  • Experience with Powershell
  • Experience performing development in or security source code reviews of C/C++, C#, VB.NET, Python, or Java
  • Solid understanding of OWASP and other software security best practices
  • Knowledge of threat modelling methodologies.
  • Experience with assessment tools including scanners, debuggers, fuzzers, etc.

Preferred Qualifications and Skills:
  • Knowledge of IT control and assurance frameworks (e.g. ISO, NIST, COBIT, PCI).
  • Experience in software development, security design, testing, operations and/or IT operations.
  • OSCP or similar certification

The Location

Based in the heart of Central London, we are served by 5 stations and 6 tube lines, with the closest station Goodge Street within seconds of the office. With the vibrant West End close by, you are in walking distance of many top London attractions, theatres and shopping districts.

Why should you apply?
  • Market-leading compensation plus annual discretionary bonus
  • Top private healthcare
  • Excellent growth and advancement opportunities
  • Pension Scheme
  • Relaxed environment with a relaxed informal dress code