Overview

Join to apply for the Business Information Security Officer role at Close Brothers.

Join the Close Brothers Security and Resilience Team where you will provide expert guidance, and oversee delivery of security requirements across projects, technology changes, and business operations for one or more organisational business units.

The ideal candidate will have previous experience in supporting decisions related to security-relevant technology design and business processes, identifying potential gaps, assessing the risk implications of deviations, and working collaboratively with stakeholders to address weaknesses with excellent stakeholder management and engagement skills.

Responsibilities

• Provides guidance on the application and operation of elementary physical, procedural and technical security controls.
• Explains the purpose of security controls and performs security risk and business impact analysis for medium complexity information systems.
• Interprets information assurance and security policies and applies these to manage risks.
• Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
• Provides professional advice that informs operational leadership and influences the translation of strategy into operations in their specialist area.
• Carries out risk management activities within a specific function, technical area or project of medium complexity.
• Identifies the communications and relationship needs of stakeholder groups and translates communications/stakeholder engagement strategies into specific activities and deliverables.

We would love to hear from you if you have

• Demonstrable experience of providing information security consultancy to technical and non-technical stakeholders at all levels.
• A broad knowledge of information security disciplines and familiarity with security technologies including, but not limited to, DLP; SIEM; IDS/IPS; EDR; network and application firewalls; and internet security gateways.
• Knowledge of cyber threats, adversary tools, techniques and procedures (TTPs) and associated mitigating controls including phishing and social engineering; ransomware; common web application vulnerabilities (e.g. OWASP Top 10); DoS; malicious software.
• Good understanding and awareness of privacy and data protection legislation including UK Data Protection Act 2018 and GDPR.

It is not essential but it would be great if you have

• Experience and knowledge of information security in a regulated financial services environment.
• Experience and knowledge of public cloud (SaaS, PaaS, IaaS).
• Understanding of factors relevant to the security assurance of third parties.
• Familiarity with industry standard information security frameworks and standards, e.g. ISO 2700-series, NIST CSF, PCI DSS.
• Experience of providing security consultancy in environments adopting agile development methods and practices.

About Us

At Close Brothers we support employees to balance their work life priorities and in this role you will be able to enjoy a mixture of hybrid working.

Close Brothers is a leading UK merchant banking group providing lending, deposit taking and securities trading. We employ approximately 3,000 people, principally in the United Kingdom and Ireland. Close Brothers Group plc is listed on the London Stock Exchange and is a constituent of the FTSE 250.

For more information about Close Brothers, please visit our careers page: https://www.closebrothers.com/careers

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

We are an inclusive organisation and committed to ensuring our recruitment process is as accessible as possible. We will make adjustments for people who have a disability or long-term condition. If you need the job description or application form in an alternative format or would like to discuss the recruitment process, please email recruit.ssc@closebrothers.com.