Imagine being given the remit to secure the data, not pass an audit.
G-Research is a leading quantitative research and technology company. By using the latest scientific techniques, we produce world-beating predictive research and build advanced technology to analyse the world’s data.
Reporting into the Security Business Partner for engineering, this role is within the Security Advisory function. Duties will primarily involve working with different engineering teams on a temporary or semi-permanent basis depending on the business need, embedded with them as required. Your focus will be to provide security consultancy to the engineering function of G-Research as the role of second line of defence.
Key responsibilities includes:
- Providing detailed technical design advice on relevant projects; long-term where required
- Assessing and suggesting technical improvements for the security of in-house and third party applications, services and infrastructure, and processes
- Identifying key points that will require auditing to ensure future compliance with internal policy/standards
- Assisting developers and systems administrators in designing and evaluating secure solutions
- Supporting the first line in making appropriate risk management decisions
- Reviewing mitigating actions when a design cannot meet security requirements and perform an impact assessment
- Undertaking more thorough threat modelling when required
- Escalating to the Security Business Partner and/or Head of Security decisions falling outside of the relevant risk appetite of the board
- Continuing to develop a framework to allow an agile and consistent approach to security assessment and design
In addition the role will continuously engage the first line of defence to embed the three lines of defence approach to security. This will include supporting on the development of standards and processes as well as ensuring that key decision makers feel empowered to make risk management decisions.
Who are we looking for?
You will be a capable and hands-on contributor. You must be both experienced and enthusiastic about your area of expertise and have a track record of excellence. A subset of the following skills & experience is required:
- Experience of threat modelling applications, services and infrastructure
- Practical experience implementing/assessing risk against company standards
- Practical experience reviewing engineering designs and enhancing security solutions against company standards
- Experience of delivering secure designs or security architecture of large projects
- Knowledge and a demonstrable passion for information & technical security and its technologies
- Demonstrable leadership ability, particularly taking a central role within the team
- Desire to focus on team and personnel-related matters as opposed to focusing solely on isolated challenges
- Excellent communication skills and the ability to communicate both upwards and downwards within the team
- Confidence to make quick but justified security decisions
Why should you apply?
- Highly competitive compensation plus annual discretionary bonus
- Informal dress code and work/life balance
- Comprehensive healthcare and life assurance
- Pension with 9% company contribution
- 25 days holiday
- Monthly company events
- Central London office close to 5 stations and 6 tube lines