Quantitative Risk Modeler

Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Security Engineer to join our cyber security team! Working alongside the team you will help to design, develop, and mature the company’s cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets.

Responsibilities include:

• Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries.
• Define, design, implement, and maintain security solutions appropriate to the business’ needs.
• Support the definition, execution and continuous improvement of key cybersecurity processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography.
• Assist with developing and maintaining security policies, processes and incident response management plans and playbooks.
• Prepare and document standard operating procedures and protocols.
• Provide expertise on security requirements into core technology processes like asset management, change management, third‑party management, technology development & acquisition, configuration management, etc.
• Contribute as a team member in projects and change initiatives aimed at increasing enterprise security capabilities e.g., identity and access management, log aggregation, etc.

Required experience:

• Minimum of 2 years’ experience in a Security Engineer/Analyst role focusing on designing and implementing security solutions and managing security infrastructure.
• Previous experience working within a financial services environment and a working understanding of relevant regulations.
• Experience and in‑depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti‑malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.).
• Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools.
• Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment.
• Experience of working effectively with a variety of stakeholders from different technology and business teams.
• Strong verbal and written communication skills.
• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM).
• Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks.
• Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials.
• Experience of general IT Audit processes and conducting risk assessments.

You will be a proactive self-starter with strong communication skills and be comfortable interacting with stakeholders at all levels. You will have a strong technical background with previous experience of implementing security solutions. You will have the ability to tailor your approach and translate requirements to non‑technical members of staff.

We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. We provide a diverse and inclusive workplace and ensure that all of our staff respect and understand individual differences. We are an equal opportunities employer and positively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, religion or belief, sex or sexual orientation.