Senior Cyber Threat Intelligence Analyst required for global name in Financial Services. The Senior Cyber Threat Intelligence Analyst will play a crucial role in protecting the organisation from cyber security threats by delivering a range of highly effective information security technology services.

The Senior Cyber Threat Intelligence Analyst will also be required to act as a part of the incident response team where appropriate , perform technical research into advanced, targeted attacks, malware campaigns, malware and other emerging technologies that could endanger networks and applications.

The Senior Cyber Threat Intelligence Analyst will also produce reports based on intelligence gatherings and feedback to key business stakeholders up to CISO level as well as other stakeholders in IT Operational risk. They will also work closely with trusted, external security service providers.

Technical skills and knowledge requirements for The Senior Cyber Threat Intelligence Analyst include ; Experience in writing intelligence reports , at least ten years of experience in Information security, preferably in the financial services sector. We would also welcome hands-on experience in audit engagement and risk management while previous experience in SOC analysis and investigations is advantageous as is experience with Linux/Unix.

Applications from candidates with Security related certifications such as CISSP, CISA, CISM and CEH are welcomed as is a security related degree or armed forces background.

For more information please contact Neil Morgan at McGregor Boyall.

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Application Security Architect

Our financial services client is looking to recruit an Application Security Architect. The ideal candidate will be from a technical background and will be an expert security developer

Responsibilities:

• The role will focus on shaping and defining standards and best practice for securing a diverse environment of Java, .Net, and C application against security standards
• Authentication: Kerberos, SAML using ADSF2 implementation and standard smartcard PKI technologies
• Authorisation: Web federation based on CA Siteminder and LDAP repositories
• Code Security: Fortify Source Code Analysis (360) on developer’s workstations and build servers
• The expert security developer will work in conjunction with a security project manager in the same team

Required skills:

• Strong technical background and security focused
• Excellent understanding of authentication related mechanisms (Kerberos, PKI)
• Solid practical experience of using Windows Kerberos to secure custom service endpoints in C , Java and C#
• Experienced in C development
• Experience of a wide range of communication technologies used in the financial enterprise, e.g. C Sockets, Java

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Application Security Architect

Our financial services client is looking to recruit an Application Security Architect. The ideal candidate will be from a technical background and will be an expert security developer

Responsibilities:

• The role will focus on shaping and defining standards and best practice for securing a diverse environment of Java, .Net, and C application against security standards
• Authentication: Kerberos, SAML using ADSF2 implementation and standard smartcard PKI technologies
• Authorisation: Web federation based on CA Siteminder and LDAP repositories
• Code Security: Fortify Source Code Analysis (360) on developer’s workstations and build servers
• The expert security developer will work in conjunction with a security project manager in the same team

Required skills:

• Strong technical background and security focused
• Excellent understanding of authentication related mechanisms (Kerberos, PKI)
• Solid practical experience of using Windows Kerberos to secure custom service endpoints in C , Java and C#
• Experienced in C development
• Experience of a wide range of communication technologies used in the financial enterprise, e.g. C Sockets, Java

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Cyber Security Lead required for global name in Financial Services.

The Cyber Security Lead will lead a team of individuals who are responsible for protecting the organisations people and information from cyber-attacks. The team’s focus is to serve as the single point of contact for all Information Security & IT Security related queries, concerns and technologies.

The successful candidate will come with a strong blend of technical ability and effective soft management and mentoring skills, with Cyber Security experience a must. The Cyber Security Lead will be business facing , a strong communicator, a leader, and possess first class stakeholder management skills.

The Cyber Security Lead will come with the following technical skills ; Experience with the latest information security threats & vulnerabilities and appropriate countermeasures, Extensive experience with attack monitoring and Intrusion Detection (IDS/IPS), SIEM, Anti-Virus, WAF, Firewalls, patch management, and encryption, Extensive experience with, and in-depth understanding of security vulnerability tools, techniques, and standards used to conduct penetration testing best practices for Incident handling security investigation processes and techniques.

Experience in IT Security/Information Security field, especially cloud, analytics, secure coding, application security and security monitoring is essential

Applications from candidates with security related degrees and relevant industry qualifications such as CISSP, CISA, CISM , CEH and OSCP are invited to apply.

For a more detailed job spec please contact Neil Morgan at McGregor Boyall.

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Risk Analyst - Information Security Risk Analyst - IT Security Risk Analyst - Audit - Third Party Supplier

An exciting and challenging role for a Risk Analyst (Third Party Security Review) to join our top tier banking client and will form part of the 1^st line of defence (1LOD).

Responsibilities:

• The Security Risk Analyst will support all activities of Global Third Party Security Suppliers including admin and any special initiatives or projects
• The Security Risk Analyst will be involved with Management Information (MI) and reporting which includes the generation of reports or contribution to appropriate reports
• The Security Risk Analyst will propose solutions to improve and enhance process and tools based on latest threats and changes in Group Policy
• Training and coaching to new team members will be provided by the Security Risk Analyst
• The Security Risk Analyst will ensure that all amendments to Policies are monitored and are reported to the relevant audience within the Services Function

Required Skills:

• Ideally from a background in at least one or more of the following: Risk Management / Audit / IT Security
• Excellent communication skills
• Relevant IT Degree and / or experience in operational processes or third-party information security reviews in the Financial Services industry
• Qualifications welcomed: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO270001

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

IT Security Lead required for major name in financial services. The IT Security Lead has the responsibility of assessing, discovering and directing remediation of security vulnerabilities within the business, working closely with all relevant infrastructure and IT security teams to identify the root causes of vulnerability issues. They will deliver long term strategic remediation in line with the overall Cyber-Security Strategy.

The IT Security lead will come with a strong technical background and solid experience in vulnerability detection and various methodologies including SIEM, IDS/IPS, ATP, DLP, EPS, DDoS, Aim etc. Strong Experience in technical IT Security is required and it is essential they come with experience of working within large scale complex IT environments in the financial services industry with a strong preference for a hardcore incident response background.

The IT Security Lead will be a high quality communicator with strong ability to communicate with senior stakeholders across an enterprise organisation and will have previously served as a vulnerability management or remediation specialist

For a more detailed job spec please contact Neil Morgan at McGregor Boyall

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Vulnerability Management Specialist

Our client, a leading name in the Financial Services is looking for a Vulnerability Management Specialist to join their growing team to upgrade the legacy systems within the organisation.

The Vulnerability Management Specialist will come from a strong Windows Server background (Wintel) and will be strong with Qualys and Nessus as vulnerability solutions. The Vulnerability Engineer will be strong in Windows Patching and Patch Management.

The Vulnerability Management Specialist will work with Key Stakeholders across the group on legacy technology projects and will oversee the implementation of upgraded vulnerability management solutions and vulnerability scanning technologies across the business.

Candidates with CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or candidates with an IT Security Degree, or relevant industry experience.

Required Skills:

• Windows Server 2012, 2008r2, 2003
• Wintel
• Windows Patching and Patch Management
• Powershell Scripting
• Qualys
• Nessus
• Ivanti

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Risk Analyst - Information Security Risk Analyst - IT Security Risk Analyst - Audit - Third Party Supplier

An exciting and challenging role for a Risk Analyst (Third Party Security Review) to join our top tier banking client and will form part of the 1^st line of defence (1LOD).

Responsibilities:

• The Security Risk Analyst will support all activities of Global Third Party Security Suppliers including admin and any special initiatives or projects
• The Security Risk Analyst will be involved with Management Information (MI) and reporting which includes the generation of reports or contribution to appropriate reports
• The Security Risk Analyst will propose solutions to improve and enhance process and tools based on latest threats and changes in Group Policy
• Training and coaching to new team members will be provided by the Security Risk Analyst
• The Security Risk Analyst will ensure that all amendments to Policies are monitored and are reported to the relevant audience within the Services Function

Required Skills:

• Ideally from a background in at least one or more of the following: Risk Management / Audit / IT Security
• Excellent communication skills
• Relevant IT Degree and / or experience in operational processes or third-party information security reviews in the Financial Services industry
• Qualifications welcomed: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO270001

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Our global banking client is seeking a highly skilled Technical Architect with strong cloud and cyber security knowledge to take the technical lead on a digital transformation project. The Technical Architect will come with vast experience of solving complex data engineering and architecture challenges and our client is particularly interested in Microsoft Azure, Amazon Web Services and Google Cloud platform experience. This is a mission critical hire for my client as they embark on a new digital era.

The Technical Architect will have the ability to communicate effectively across the organisation and present clear, concise proposals for solutions to multiple stakeholders from a range of business units including Cloud Engineering, Cyber Security and Data Engineering. They will work closely with regional and international teams across Europe, the Americas and APAC regions.

The Technical Architect will define the Cloud strategy and architecture for data platforms and suite of products while designing, developing and building security architecture implementation for public and hybrid cloud based systems within Amazon Web Services (AWS), Microsoft Azure and Google Cloud platforms

The Technical Architect be the senior technical representative for Cloud security (e.g. engaging with senior technical leaders in our Risk, regulatory, security and compliance functions to design and implement secure and operational Cloud and Cloud hybrid based solutions ).

The Technical Architect will come with a proven ability to design and implement secure cloud architectures and designs that incorporates appropriate and sustainable security controls and achieves risk mitigations. Deep knowledge of operating systems: Linux (preferred) or prior experience as an administrator or architect in any of the well-known operating systems is also helpful, A Good understanding of networking: TCP/IP, IP addresses, HTTP, DNS is essential.

My client welcomes a degree in Information Technology, Cybersecurity, Business Management or other related disciplines. Professional certifications such as CISSP, CISM or CISA are desired.

For more information on this role please contact Neil Morgan at McGregor Boyall.

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

Security Engineer - Cloud - AWS - Amazon Web Services - Azure - Google Cloud - Linux - TCP/IP

Our client, a multinational investment bank, is looking for a Security Engineer who will be responsible for the technical implementation of the Cloud data platform.

Key Responsibilities and Skills/Qualifications:

• As Cloud Security Engineer, you will design and implement the cloud security architecture for data products
• You will design and build the architecture within 3 major Cloud environments (AWS, Azure, Google)
• Essential to have experience with either AWS (Amazon Web Services, Azure or Google Cloud)
• You should have strong technical background in software creation and testing, implementing security and authentication mechanisms and reverse engineering
• You will have good knowledge of operating systems: Linux would be preferred
• The Cloud Engineer will have a good understanding of networking (TCP/IP, HTTP, DNS)
• Relevant industry qualifications welcomed such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM - (Certified Information Security Manager) or equivalent industry experience

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.