Information Security Specialist - Cashplus Bank London, United Kingdom (Hybrid) Bookmark Share Print 162 0 1

Listing Description

Who we are
Cashplus is a leading UK challenger bank for small businesses. We offer faster, smarter, simpler current accounts for the entrepreneurs, independent businesses and consumers that power the UK economy, yet are too often overlooked by high street banks. Since 2005, we’ve created easier ways for more than 1.6m customers to pay, bank and borrow through our user-friendly digital platform. We understand what our customers need – time and money to run their businesses and live their lives – and our secure, innovative products are designed to help, where others can’t or won’t. A true fintech pioneer, we are a fast-growing and credible UK challenger bank.



Our Values & Behaviours
Cashplus puts the fair treatment of customers at the heart of our business model. Our business goals are:
1. Becoming a bank that customers love
2. Developing brilliant, sustainable products
3. Earning an outstanding reputation
 
Cashplus values are:
·       We innovate with purpose
·       We are upfront
·       We do it right
·       We are all in

The Role Is
The Information Security Specialist is a technical / compliance role is responsible for supporting and improving the Information Security control framework used by Cashplus Bank.

Team Hybrid Working Style
We are very proud to offer one of the most flexible hybrid working arrangements in the industry!
The expectation for this role, will involve a minimum of one day each month - working out of our London Bridge office.

Key Accountabilities Include
Security Control Framework
·       Ensure high levels of information security are maintained across Cashplus Bank and assist other technical teams to understand and meet those high levels based upon PCI-DSS compliance and NIST-CSF
 
Lifecycle Support  
·       Support management of Information Security assets to ensure they are secure and fully supported, including Patch and Vulnerability management to agreed standards
 
Incident Response
·       Configure and respond to monitoring alerts for issues detected by Information security tools, supporting incidents 24x7 (average once per month) as required, escalating when required
·       Support the Post Incident Resolution (PIR) process and provide recommendations to avoid future incidents
 
Documentation
·       Maintain documentation and configuration repositories, including security diagrams, IT asset management systems and agreed documentation
·       Document and share specialist knowledge with other members of the team, including delivering training sessions when required
 
Change Management
·       Support the wider project and change program, design and deliver agreed improvements following governance processes and industry best practices including documentation
·       Ensure all changes are released or made into controlled environments following agreed and repeatable processes, including roll-back to a known working state
 
Reporting
·       Provide agreed reporting and updates to the Chief Information Security Officer and wider team, including accurate status of tickets being worked on
 
Threat and Risk  Management
·       Risk mitigation through best practice and by following company procedures
·       Identify risks and escalate to management, maintain the Information Security risk register and support the wider Enterprise Risk Management framework
·       Use horizon scanning to keep abreast of relevant new technologies, security threats and regulatory changes
 
Personal Development Plan (PDP)
·       Agree a PDP and objectives with your line manager and track progress to agreed timescales

You'll Need to Have

Skills & Experience
Essential:
 
·       Prior experience of working within an Information Security team
·       Experience and familiarity with one or more of the following security tools: Logrythm SIEM, McAfee suite, Firewalls, Officer 365 Compliance tools, CASB
·       Experience and ability to achieve and maintain PCI, or similar security standards (e.g. NIST-CSF, ISO 27001)
·       Experience in Windows Server, security configuration: Windows 2012, 2016; Active Directory; Group Policy, Certificate Services;
·       Office 365 and Windows 10 security configuration
·       Automation through scripting and other tools
·       General security technical skills: networks, storage area networks, backups, firewalls, virtualisation, virtual desktop environments, monitoring, alerting, efficiency and optimisation, documentation, procedural controls, identity and access management, automation, 24x7 support
·       Good verbal, written communication and interpersonal skills
 
 
Desirable:
·       Experience with CentOS/RHE, Kali Linux, Penetration Testing, Red Teaming.
·       Ideally CISSP, MCSE and ITIL qualified
·       Experience working in financial services, payment organisations, Banks or an understanding of working in a regulatory environment where good governance is a requirement and a benefit
·       Membership of relevant professional body
·       Strong understanding of open data sources and supporting the delivery of APIs, e.g. for open banking

In return you'll enjoy
·       Competitive basic salary
·        7.5% of salary in cash allowing you the flexibility to decide your own benefits (or simply take the cash)
·        Share Option Scheme
·        26 days’ holiday increasing each year of service to 33 days
·        Ability to buy and sell a further 5 days holiday each year
·        4 x Life Assurance
·        Pension salary sacrifice
·        Family friendly policies
·        Regular social activities and team events
·        Charity Volunteering Day

Cashplus is an equal opportunity employer. Individuals seeking employment are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765