Our client is one of the world’s largest banking and financial services organisations. Their global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.
ABOUT THE PROJECT
Our Client is one of the largest technology functions. Ensuring IT has the appropriate processes embedded and operating efficiently is critical to its effectiveness and ability to maintain its position as a market leader.
Excellent technical knowledge and security management of Windows Operating System essential
Security Information and Event Management (SIEM) knowledge desirable – Splunk knowledge preferred
VBA and PowerShell scripting
Familiarity with SharePoint, Confluence and JIRA
McAfee product set experience preferred – including ENS, Drive Encryption and Application Control (Solidcore)
Configuration Baseline Management experience desirable but not essential
Formal education in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience
Industry qualifications (CISSP, CISA, CISM).
- The Cybersecurity Global Defence function supports a number of technologies and services across a globally dispersed team. This includes Windows, Cryptography and Encryption technology, Data Loss Prevention, Security Infrastructure and Vulnerability Management.
- The Cybersecurity Global Defence Windows Security Engineer is accountable for, but not limited to, the following:
Technical security standards management – Ensure Windows technical security standards are reviewed and maintained.
- Process and procedure management – Ensure all Windows Cybersecurity processes and procedures are maintained.
- Internal control assurance – Manage the reviewing, gathering of evidence and reporting on effectiveness of Windows controls.
- Risk and audit issue management – Ensure regulatory, risk and audit issue mitigation actions against Windows are actioned within agreed timescales and periodic reporting of such is maintained.
- Provide consultancy to projects to ensure compliance with our Client security standards.
- Evaluate security solutions proposed by project teams.
- Evaluate software packaging requests in line with security standards.
- Evaluate GPO change requests in line with security standards.
- Supporting compliance reporting across the Windows domain.
- Supporting the establishment of our Client as a valued contributor to information sharing efforts across the industry that helps to drive a positive image of the bank with their peers and regulators in the markets they serve.
- Supporting a “self-critical” culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light in an effective manner and addressed.
- Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly.
- Supporting engagement of Global Businesses and Functions everywhere they do business, that drives a global up-lift in cybersecurity awareness, helping to “tell the story” of Cybersecurity efforts.
- Supporting engagement within the Lines of Defence Risk Management framework adopted by our Client to ensure complete transparency and effective working relationships across all lines of defence.
- Train, develop and mentor less experienced analysts.
- Branding and Communications – increasing exposure across the function including presentations for the Heads of Functions
SKILLS & EXPERIENCE THEY REQUIRE
- Excellent technical knowledge and security management of Windows Operating System essential
- 3-5 years of experience in a cybersecurity role or similar
- Security Information and Event Management (SIEM) knowledge desirable – Splunk knowledge preferred
- VBA and PowerShell scripting
- Familiarity with SharePoint, Confluence and JIRA
- McAfee product set experience preferred – including ENS, Drive Encryption and Application Control (Solidcore)
- Configuration Baseline Management experience desirable but not essential
- Extensive experience within an enterprise scale organisation, preferably in the finance or similarly regulated sector.
- Industry recognised cyber security related certifications such as CEH, EnCE, CRISC, SANS GSEC, GCIH, GCIA, GIAC, GCFA, GNFA and/or CISSP.
- Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.
- Resourceful problem solver.
- Business Analysis skills.
- Highest ethical standards and values.
- Good understanding and knowledge of common industry cyber security frameworks.
- Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
- Ability to speak, read and write in English, in addition to your local language.
- Resilient and tenacious with a propensity to persevere
- Results focused with an ability to work autonomously
- Stakeholder management skills with the ability to interact at all levels
- Excellent verbal and presentation skills
- Experience of being a part and contributor to small teams, across different global regions and a desire to build on this experience is essential.
WHAT THEY OFFER
- Stable job in professional team,
- Interesting path of career in an international organization,
- Consistent scope of responsibilities,
- Private health care, employees’ benefits.
Note: Prepare your CV in English (PDF), fill in the form and apply!
Please include in your CV the following clause necessary for the recruitment process:
“I agree to the processing of personal data that I have made available voluntarily in the recruitment process by the Administrator of personal data, i.e. Dotcommunity Spółka z ograniczoną odpowiedzialnością [Ltd.] based in Cracow, 15 Żabiniec Street, 31-215 Cracow, registered in Poland, the Cracow’s District Court – Śródmieście, XI Commercial Division of the National Court Register under number 0000468484, VAT number: 9452174499, (“Dotcommunity”) in order to carry out the recruitment process for the Windows Security Engineer position on the basis of Art.6 item 1a of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)”
Dotcommunity jest zarejestrowana w Rejestrze agencji zatrudnienia (KRAZ) pod numerem 9904.