Job Specifications
The Role
The IT Security Engineering Manager is a global role within ION's central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security risks to the business. This role reports to the Global Head of IT Security, who reports to the Group Chief Information Security Officer (CISO).
As a member of the ION Security team, the successful candidate will be responsible for managing the cybersecurity engineering team. This team are responsible for management, maintenance, support, tuning and improvement of technical security controls to protect ION's information technology (IT) systems and networks across the group and will help ION evolve its technical security posture to keep up with the ever-changing security landscape and emerging threats. This role may require shift work in the support of a 24x7 globally coordinated operation. The IT Security Engineering Manager's other responsibilities include oversight and management of the MSSP and security vendor relationships, creating governance initiatives for all security tooling in the form of product steering committees, product/vendor roadmaps, annual product reviews and formally tracking feature adoption and any other duties assigned by Head of IT Security.
We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are a must, and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate with an extensive cybersecurity background, at least 10+ years working in a security role, with focus on security engineering.
Key Responsibilities
This role may require work out of hours
Personnel Management
The primary responsibilities of this role are to:
Ensure team members have clear objectives/development plans
Align Teams' objectives to OKRs
Be the escalation point for security Tooling issues and critical security breaches
Responsible for team development, upskilling & mentoring
Responsible for vendor/MSSP relationships for the group-wide organization
Protect And Defend
Manage Security tooling to ensure coverage/availability/efficacy of tooling
Provide oversight, guidance and leadership of the IT Security Engineering Team
Drive improvements and feature enhancement to ensure ROI
Operate And Maintain
Configure, tune, maintain and operate key security controls, technologies, and other risk mitigations
Own the management reporting and provided monthly Executive level reporting
Drive process/procedure changes accordingly
Ensure quality of ticketing & runbook maintenance
Cultivate and maintain strong vendor relationships
Have an attitude of continuous improvement
Be accountable/responsible for security tool health throughout the estate
Manage the governance initiative for security tooling
Engage with vendors to introduce formal QBRs, tool reviews, feature enhancements and adoption
Create and own the overarching security tooling strategy
Regular tool reviews
Documented process for a formalized approach to security tool selection
Participate in CAB, Tool review or Architecture Review Boards (ARBs)
As a member of the ION IT Security Team, it is expected that the person in this role will:
Execute ongoing, operational business-as-usual (BAU) tasks to meet management-defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
Configure, customize, tune, manage, troubleshoot, and maintain effective and efficient operation of security technologies, such as SIEM, endpoint security, secure web gateway, CASB, DLP, email security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms
Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation
Review systems, configurations, and processes to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results
Respond to information security-related inquiries and requests
Required Skills, Experience And Qualifications
Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include:
Security+,
About the Company
We're visionary innovators who are delivering mission-critical trading and workflow automation software to financial institutions, corporations, central banks, and governments. By combining our passion for automation with a strategic view on the industries we serve, we design solutions that improve decision-making, simplify complex processes, and empower people. Simply put, we help our customers do more, faster and better than before. We believe our investments in research and development are shaping the future of automation...
Know more