AddressData Security Engineer - Data Resilience
Lloyds Banking Group
London - hybrid working two days per week in the office & rest from home.
Salary & Benefits: £78,849 to £96,371 per annum, plus annual personal bonus, 15% employer pension contribution, private medical insurance, 30 days holiday plus bank holidays.
About the Role
As the Data ResilienceSecurity Engineer, you'll focus on Data Security; assuring the group safeguards data and associated assets from vulnerabilities and threats that could lead to a compromise of the integrity and availability leading to customer harm.
The role reports into the Data Resilience Technical Lead and requires ambitious individuals with a proactive, can-do attitude and solution-oriented approach to deliver at pace.
Key Responsibilities:
The primary security contact for Data Resilience queries.
Provide input and direction on security assessments to identify gaps that could lead to IBS Impact Tolerance thresholds being breached.
Develop security initiatives and guidance for Operational Resilience, Chief Security Office and change frameworks.
Oversee the development of security controls and collaborate with platform teams and Chief Security Office to remediate security gaps.
Perform horizon scanning and provide input to group policies and procedures.
Support and grow team members in security domains of Data Resilience.
Present Data Resilience security gaps to peers and senior collaborators
What we're looking for;
We'd welcome applicants from diverse cultural and technological backgrounds, however financial services exposure will be important for this position. We'll need to see evidence of the following in your CV;
Prior experience working at mid to senior level within a relevant role.
Experience of security scanning and testing, including Qualys, Ethical Hacking, SAST & DAST
Experience of vulnerability management (CVSS)
Hands on experience of modern security architecture along with diagnostic and monitoring tooling.
Proficient in Cryptographic key management and encryption deployments.
Knowledge of ISO 27001/27002, NIST and/or CIS
Experience of working with SIEM tooling (Splunk) or similar
Knowledge of Endpoint Detection and Response tooling (SentinelOne)
Knowledge of zero trust security for applications
Good experience in Identity and Access Management
Knowledge of Operating Systems (Windows, Linux, zOS, CentOS, Unix, Ubuntu and Solaris)
Familiar with analytic platforms and databases such as MSSQL, Kafka, S3, etc
Experience of ransomware attack techniques and mitigation strategies.
Exposure to security concepts (MITRE, Kill-Chain)
Experience of incident response (triage, classification, investigation, and escalation)
Financial Services experience and exposure to some but not all; payments, cards, pensions, insurance, markets, trade & settlement, logon customer journeys.
Solid verbal and written communication skills to discuss and describe the target architecture with stakeholders.
Its great if you have:
Public cloud (AWS, GCP, Azure) experience
Knowledge of Extract, Transform & Load (ETL), Disaster Recovery or back-up and restore domains.
Prior experience working of supporting or remediating resilience issues on assets such as batch, messaging queues, third party data connections, data recovery & backup, data vaulting, data integrity.
Technical knowledge of FCA, PRA, EBA guidelines on operational resilience.
CISSP/CSSP/CISM or equivalent experience.
Experience in Financial Services is a nice to have but not mandatory.
About working for us.
We want our people to feel that they belong and can be their best, regardless of background, identity or culture.
We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative.
We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know.
Ready for a career where you can have a positive impact as you learn, grow and thrive? Apply today and find out more
