Security Design Specialist

Information Security London, United Kingdom


Description

Coverage Manager - based at RPC1

 

Job Specification – Senior Security Design Specialist

 

Summary

 

This is a rare opportunity for a motivated, meticulous, and technically-minded person to join the Information Security team of a financial research institution. The role will operate within a dedicated, highly visible team of subject matter experts, providing security consultancy and risk-based design services across G-Research and its suppliers. The role will be responsible for supporting IT security risk management service delivery.

The successful candidate will be mandated with threat modeling and ensuring controls and compliance requirements are assessed against all change initiatives, projects and business-as-usual operations impacting our trading system, products, technology innovations and services.

 

The Company

At G-Research we research investment strategies to predict returns in financial markets across multiple asset classes. We also develop the research and execution platform to deploy these ideas in markets globally.

Our investment strategies, software and IT Systems are used to:

  • Evaluate, forecast and simulate investment ideas
  • Test for and control risk in investment portfolios
  • Maximise investment returns across a range of markets and products


Our software and services are used in markets around the globe and around the clock.

We offer a dynamic, flexible and highly stimulating working environment, where good ideas are prized and rewarded correspondingly

 

The Role

 

  • Complete threat modeling and technical risk assessments on all new projects/ initiatives and existing business process/IT systems.
  • Assess the security of in-house and third party applications, services and infrastructure.
  • Make technical security recommendations to improve the security of new or existing applications, services and infrastructure.
  • Identify key points that will require auditing to ensure future compliance with internal policy/standards or are indicators of compromise.
  • Define security operation templates to ensure that the security of applications, services and infrastructure are managed in line with principals agreed during the initial assessment.
  • Assist developers and systems administrators in designing and evaluating secure solutions.
  • Create and document security standards and procedures.
  • Continue to develop a framework to allow an agile and consistent approach to security assessment and design.

 

Knowledge, Skills and Experience

 

  • Experience operating in time critical, complex, technical environments.
  • A demonstrable passion for information & technical security.
  • At least four years working in an information or technical security environment.
  • Knowledge of a wide array of security technologies.
  • Experience with deployments within complex and secure organisations.
  • Experience in understanding complex software and system interactions.
  • Practical experience implementing/assessing risk against company standards.
  • Experience of threat modeling applications, services and infrastructure.
  • Practical experience reviewing engineering designs and enhancing security solutions against company standards.
  • Experience of delivering secure designs or security architecture of large projects.
  • Highly effective written and verbal communications skills, employing appropriate methods of persuasion when soliciting agreement and demonstrating both empathy and assertiveness when communicating a need or defending a position.
  • Relevant analytical thinking skills, identifying many possible causes for a problem based on prior experience and current research. 

 

Qualifications of interest

 

The Company is looking for degree qualified candidates with at least a 2:1 degree and A-Level equivalent to at least ABB.

  • Relevant degree qualified
  • MSc - Information Security/Risk Management or equivalent
  • Relevant industry qualifications and experience will be considered in lieu of the above, but must be demonstrable