Information Security Lead (Incident Response)

June 13

Apply Now

Receive Emails with Similar Jobs

Starling Bank

WebsiteLinkedInAll Job Openings

Forget everything you know about banking.

FinTech • Mobile Banking • Finance • Banking • Banking as a Service

1001 - 5000

Description

• Lead a team of subject matter experts and analysts to ensure Information Security is managed and continuously improved in line with Bank policy and procedure. • Supporting the development and progression of the Information Security Analyst team from both a technical and professional perspective. • Support in the enhancement and continuous improvement of the Bank’s Information and Cyber Security systems, processes and procedures, and optimize reporting of identified threats and vulnerabilities. • Act as a point escalation for Incident Response within the Security Operations team. • Act as an Information Security SME for Business Continuity and Crisis Management Planning; this includes supporting cyber business impact analysis and tabletop exercises. • Supporting the development of the Cyber Incident Response capability and ensuring coherence with the broader response capability. • Assist as necessary to investigate security Incidents. • Support and drive the continuous improvement of Response based runbooks. • Support and drive the continuous development of Information Security Use Case creation, and automation playbooks. • Drive the continuous development of a 24/7 OnCall Model. • Working in parallel with SOC and wider security teams to increase defensive and detective controls. • Take responsibility and do the right thing for customers, colleagues and partners.

Requirements

• Previous experience in a similar role leading, developing and motivating a team of subject matter experts and other managers in Information and Cyber Security • Previous experience working in a complex IT organisation encompassing service delivery, application development and IT infrastructure. • An understanding of best practice within Information Security and risk management including standards such as NIST, CIS, and OWASP. • Practical experience utilizing threat analysis models such as MITRE ATT&CK to inform the prioritization and enhancement of detective controls and the Bank’s defensive posture. • Experience in acting as both Commander and SME during incidents and investigations. • Be a Self Starter with the ability to lead, inspire and drive change through an organization. • Have the ability to be pragmatic while balancing the needs of the Bank against security. • An understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats. • An understanding of Application Security threats and countermeasures. • A good practical knowledge of security technologies and wider business solutions including Identity and access management, SIEM, remote working and cloud technologies. • A good understanding of financial services and awareness of broader requirements. • It would be great if you have one or more of the following qualifications, but it’s not essential; • Certified Information Security Manager (CISM), • Certified Information Systems Security Professional (CISSP), or • GIAC Certified Incident Handler (GCIH) • GIAC Certified Forensic Examiner (GCFE)

Benefits

• 25 days holiday (plus take your public holiday allowance whenever works best for you) • An extra day’s holiday for your birthday • Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off • 16 hours paid volunteering time a year • Salary sacrifice, company enhanced pension scheme • Life insurance at 4x your salary & group income protection • Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton • Generous family-friendly policies • Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks • Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing