Cyber Security Engineer

at  Transact

Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for an Cyber Security Engineer to join our cyber security team!
Working alongside the team you will help to design, develop, and mature the company’s cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats.
This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets.

REQUIRED EXPERIENCE:

• Minimum of 2 years’ experience in a Security Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure.
• Previous experience working within a financial services environment and a working understanding of relevant regulations.
• Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.)
• Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools.
• Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment.
• Experience of working effectively with a variety of stakeholders from different technology and business teams.
• Strong verbal and written communication skills.

DESIRABLE EXPERIENCE:

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).
• Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks.
• Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials.
• Experience of general IT Audit processes and conducting risk assessments.
  You will be a proactive self starter with strong communication skills and be comfortable interacting with stakeholders at all levels. You will have a strong technical background with previous experience of implementing security solutions. You will have the ability to tailor your approach and translate requirements to non-technical members of staff.
  We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications.
  The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home.

ABOUT US

Transact is the leading independent investment wrap platform in the UK. Established in 2000, we have over £62 billion of funds under direction (as at June 2024) on behalf of over 7,900 advisers and 234,000 investor clients. Our service includes an online platform, owned and built by us, and dedicated regional adviser support to help bring clients’ assets and investments together in a smarter, more tax efficient way. We offer access to a wide range of tax wrappers (including ISAs, pensions and life insurance investment bonds) and funds which advisers use to build client investment portfolios. Portfolio valuations, purchases and sales are all supported via Transact Online which is available 24/7. Transact’s parent company, IntegraFin Holdings plc, is listed on the London Stock Exchange and is a constituent of the FTSE 250 index.

• Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries.
• Define, design, implement, and maintain security solutions appropriate to the business’ needs.
• Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography.
• Assist with developing and maintaining security policies, processes and incident response management plans and playbooks.
• Prepare and document standard operating procedures and protocols.
• Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc.
• Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc.