IT Security Engineering Manager

The RoleThe IT Security Engineering Manager is a global role within ION\’s central services division and will support the Group Security strategy and operational excellence through the identification, mitigation and remediation of information security risks to the business. This role reports to the Global Head of IT Security, who reports to the Group Chief Information Security Officer (CISO).

As a member of the ION Security team, the successful candidate will be responsible for managing the cybersecurity engineering team. This team are responsible for management, maintenance, support, tuning and improvement of technical security controls to protect ION\’s information technology (IT) systems and networks across the group and will help ION evolve its technical security posture to keep up with the ever‐changing security landscape and emerging threats. This role may require shift work in the support of a 24×7 globally coordinated operation. The IT Security Engineering Manager\’s other responsibilities include oversight and management of the MSSP and security vendor relationships, creating governance initiatives for all security tooling in the form of product steering committees, product/vendor roadmaps, annual product reviews and formally tracking feature adoption and any other duties assigned by Head of IT Security.

We are looking for a diligent, dedicated, creative and motivated individual. Excellent communication skills are a must, and the role holder will be expected to cultivate working relationships with other teams and colleagues of varying technical ability. The role would suit a technically strong candidate with an extensive cybersecurity background, at least 10+ years working in a security role, with focus on security engineering.

Key Responsibilities

This role may require work out of hours.

The primary responsibilities of this role are to:

Personnel Management

Ensure team members have clear objectives/development plans

Align Teams\’ objectives to OKRs

Be the escalation point for security Tooling issues and critical security breaches

Responsible for team development, upskilling & mentoring

Responsible for vendor/MSSP relationships for the group-wide organization

Protect and defend

Manage Security tooling to ensure coverage/availability/efficacy of tooling

Provide oversight, guidance and leadership of the IT Security Engineering Team

Drive improvements and feature enhancement to ensure ROI

Operate and maintain

Configure, tune, maintain and operate key security controls, technologies, and other risk mitigations

Own the management reporting and provided monthly Executive level reporting

Drive process/procedure changes accordingly

Ensure quality of ticketing & runbook maintenance

Cultivate and maintain strong vendor relationships

Have an attitude of continuous improvement

Be accountable/responsible for security tool health throughout the estate

Manage the governance initiative for security tooling

Engage with vendors to introduce formal QBRs, tool reviews, feature enhancements and adoption

Create and own the overarching security tooling strategy

Regular tool reviews

Documented process for a formalized approach to security tool selection

Participate in CAB, Tool review or Architecture Review Boards (ARBs)

As a member of the ION IT Security Team, it is expected that the person in this role will:

Execute ongoing, operational business‐as‐usual (BAU) tasks to meet management‐defined KPIs and SLAs, and deliver security projects in line with management‐defined priorities and deadlines

Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.

Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents

Identify, review, prioritize, plan, coordinate, and follow‐up on the remediation of vulnerabilities

Configure, customize, tune, manage, troubleshoot, and maintain effective and efficient operation of security technologies, such as SIEM, endpoint security, secure web gateway, CASB, DLP, email security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across various platforms

Define, document, and follow approved processes for all the responsibilities included in this job description. Create and maintain documentation for systems, including design and operation

Review systems, configurations, and processes to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best‐practice security recommendations to IT and other teams within ION, based on review results

Respond to information security‐related inquiries and requests

Required Skills, Experience and Qualifications

Degree/diploma/certifications in a technology‐related field and/or relevant working experience; highly desired certifications include:

Security+

CCSP

CEH

GCIH

GMON

CASP

CISSP

10+ years\’ experience in information security with at least 3-5 years in a Security Engineering role

Fundamental understanding of programming/scripting

The following general characteristics are required:

A team player with the ability to work independently and unsupervised

Ability to own delegated tasks and see them through to completion

Ability to manage time and prioritize work to maximize productivity

Excellent communication skills (both written and verbal)

Exceptional attention to detail and quality

Excellent problem‐solving techniques and trouble analysis skills

The candidate should have a good knowledge of:

Endpoint security concepts, controls, and best practices for workstations (e.g., Windows and Mac) and server (e.g., Windows and Linux) operating systems

SIEM technology to monitor, analyze, and respond to security events. To develop and implement security policies, managing SIEM systems, and investigating incidents.

General IT networking concepts, protocols, standards and network security concepts, controls, and best practices

Cryptography fundamentals and data security controls and best practices

Forensic investigation techniques

Security standards/best practices and frameworks

About usWe\’re a diverse group of visionary innovators who provide trading and workflow automation software, high‐value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we\’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.

• Over 2,000 of the world\’s leading corporations, including 50% of the Fortune 500 and 30% of the world\’s central banks, trust ION solutions to manage their cash, in‐house banking, commodity supply chain, trading and risk.

• Over 800 of the world\’s leading banks and broker‐dealers use our electronic trading platforms to operate the world\’s financial market infrastructure.

ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe. Our ever‐expanding global footprint, cutting‐edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.

ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.

ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.

#J-18808-Ljbffr