Senior Cyber Security Engineer

at  Julian Hodge Bank

Closing date
26 Jan 2025
Salary
Up to £69,000
Contract
Full Time
Hours
35
Location
Cardiff
Do you want to be part of a force for good, helping to make life better for customers & society in the moments that matter? At Hodge, we put people at the heart of our business and that means our customers, colleagues and communities. Hodge is a Welsh financial service provider that focus on commercial lending, and specialist residential mortgage markets.
Under the overall management of the Security Architect, lead the Cyber Security team to ensure that all internal and external applications, infrastructure, and data are managed in line with cyber and information security best practice and that the estate is pro-actively upgraded and maintained.
Lead the Cyber Security engagement and activity across Hodge to ensure that new and amended services are built and taken live with the appropriate level of control. Engage with internal and external stakeholders to drive continual improvement of cyber security and related practices.

ESSENTIAL EXPERIENCE:

• Demonstrable significant experience in Cyber or Information Security Role
• Experience of implementing relevant of tools to implement Cyber controls.
• Knowledge in IT security best practice, solutions and frameworks.
• Ability to demonstrate understanding of vulnerability remediation
• Knowledge and experience of developing for AWS or similar cloud platforms

• Manage implementation and ongoing operation of appropriate cyber security toolset covering user, infrastructure and application activity
• Manage implementation and operation of vulnerability management processes across applications and infrastructure
• Work with outsourced security providers to ensure work being undertaken is of required standard and appropriate reporting is available.
• Develop, maintain and manage the Security Controls Catalogue to ensure consistent reporting of risks and controls, and alignment to best practise.
• Develop, maintain and manage the Security Roadmap to provide visibility and control of ongoing security enhancements.
• Ensure that all evidence of controls and cyber operations is maintained to support external and internal audit assessments.
• Ensure appropriate documentation is maintained to support current and future activity.
• Ensure work includes appropriate quality control mechanisms and automated reporting.
• Lead the security awareness programme for Hodge colleagues ensuring that ongoing learning materials are developed and enhanced as required. Undertake regular testing exercises with colleagues to measure assimilation and awareness.
• Manage Blue and Red team exercises to ensure existing technical controls and process are effective, co-ordinating and remedial work required.
• Ensure that Cyber security activity undertaken supports visibility, transparency and suitable metrics on cyber controls and activity.
• Undertake assurance assessments of third-party suppliers
• Manage and report the benefits, risks and alternatives of relevant frameworks, tools and languages.
• Review work of other cyber team members to ensure quality standards are maintained and knowledge transfer.
• Work with IS Service Delivery and Development teams to assist in the investigation and resolution of live issues and to support BAU activity.
• Work with IS Service Delivery team to ensure Service Transition controls and documentation are provided in line with agreed Service Transition framework.