Information Security Senior Specialist

• Defining, up-keeping, fine-tuning, documenting and enforcing the Group information security program, policies and practices;
• Be responsible for the identification, prioritisation, investigation and reporting of existing and potential infosec issues, anomalies and violations that may result in risk to Group business, including the coordination of the management and monitoring of security information and events, as well as security incident management and response, and security patch management;
• ​Contributing to internal and external risk assessment, vulnerability management and security testing activities, as well as creating and monitoring corresponding remediation plans;
• Recommending and implementing appropriate security controls and ensuring that such controls operate as intended;
• Communicating with internal and external stakeholders with respect to security issues, including the promotion of security awareness within the Group and development of the security awareness program;
• Researching and maintaining up-to-date expertise on current threat landscape, security intelligence, issues, exploits and trends, together with regulatory and statutory security obligations;
• Supporting duties in relation to infosec matters as may be required;
• Automating to help maximise efficiency;
• Acting as a point of reference and sharing knowledge with other members of the team;
• Developing and maintaining documentation related to information security and digital risk;
• Contributing to or running projects and participating in any other duties related to the protection of the information assets of the Group, as delegated by team management;
• Staying adjourned and adhering to the latest AML/CFT policies and procedures.

• Possession of current Information Security qualifications from leading independent IT risk and information security associations is highly desirable for this role. Whilst not essential, any other specialised infosec certifications may be considered as assets.
• Relevant academic qualifications in a field related to technology, governance or IT risk management may also be considered to be helpful in this role.
• 5+ years' prior working experience within demanding mission-critical environments having high exposure to well-established security practices.
• Proven ability to blend a strong understanding of technology together with an effective risk-based approach to security.
• Detail-oriented, proactive, self-motivated, self-driven with a capacity for taking on responsibility and meeting tight deadlines
• Excellent team player, with strong integrity and professional ethics
• Critical thinker, problem solver with strong time management and organizational skills
• Willing to support the Group after standard office hours as may be necessary from time to time and must also be able to communicate clearly and effectively, through firm command of the verbal and written English language.

• ​Welcoming and professional environment;
• Work with a proactive, forward looking Team;
• Professional growth;
• Internal/External Learning and Development opportunities.
• Attractive salary;
• Health, Life and Personal Accident insurance cover; and
• Pension plan.

FIMBank