Jobs
>
London

    Cyber Security Lead - London, United Kingdom - E1 EDF Trading Ltd

    E1 EDF Trading Ltd
    E1 EDF Trading Ltd London, United Kingdom

    1 week ago

    Default job background
    Full time
    Description

    Description

    :

    IT Security is a global function residing within the IT department operating from London and Houston. The IT Security Team Lead will be based in London. The purpose of the IT Security function is to manage cyber risks and issues for EDF Trading globally.

    Position purpose

    The IT Security Team Lead provides line management to the IT security team in London (4 direct reports), collaborates with the Global Head of IT Security (Houston) to drive the implementation of the global security roadmap and manage day to day security operations for the Europe and Asia region. While the role requires a technical background to provide continuity with others in the team and to be an SME to internal stakeholders for IT Security matters, the role has an emphasis on cyber risk management and governance.

    Main responsibilities

    Security programme [40%] : Implement and/ or manage the implementation of solutions to counter cybersecurity risks in accordance with the global security roadmap including:

  • Collaborating with the to maintain the roadmap.
  • Program-managing the portfolio of security initiatives with support from project managers.
  • Researching, designing and testing solutions to counter cybersecurity risks.
  • Implementing and maintaining solutions owned by IT Security.
  • Designing and implementing processes.
  • Project planning, managing dependencies and coordinating resources.

    • Governance, risk and compliance [20%] : Manage the regional cyber risk exposure and drive compliance with established policies, standards and procedures including:

  • Working closely with the to continually develop, improve and maintain a globally consistent approach to the adoption of IT Security controls.
  • Performing cyber risk assessments and contributing to the global risk register.
  • Managing and tracking of risk treatment actions.
  • Performing gap analysis and/ or assessing compliance with established controls.
  • Undertaking due diligence on prospective and existing third-party service providers.
  • Measuring and reporting performance via Key Performance Indicators (KPIs).

    • Security incident response [20%] : Develop and maintain a highly effective cyber incident response capability including:

  • Being the regional cyber incident handler and central point of contact.
  • Continually improving our global incident response process and technical playbooks.
  • Responding to alerts from internal monitoring tools and our MDR service.
  • Leading incident response exercises supported by external consultancies where needed.

    • Team lead [20%] : Lead the London security team and be the central point of contact for IT and business stakeholders in the Europe region for cyber security including:

  • Working with the to establish clear, achievable team goals and objectives, ensuring team members understand their individual contributions to the big picture.
  • Facilitating open communication, conveying information from senior management to the team and vice versa. Listening and acting on team members' concerns, feedback and ideas.
  • Inspiring, motivating and coaching team members as needed to achieve their best performance. Continue to foster a positive team culture.
  • Helping to prioritize, track completion and resolve issues to ensure tasks are completed to agreed timelines and standards. Lead regular stand-up/ team meetings.
  • Conducting individual performance management reviews for team members.
  • Supporting the training and development needs of team members.

    • Experience required

    The successful candidate can demonstrate they have:

  • Previous team lead experience for a team of a similar size (e.g., 2+ direct reports).
  • Planned and managed a reasonable number of projects/ initiatives, coordinating the resources of own team and other teams. Can demonstrate good stakeholder management.
  • Extensive incident planning and response experience, managing incidents, developing processes, playbooks and leading tabletop exercises.
  • First-hand experience with analysing cyber threat intelligence and leveraging the content to produce actionable defence initiatives.
  • Significant experience (several years) in performing cyber risk assessments. For example, they have performed broad assessments/ gap analysis against a variety of security frameworks and can risk-assess a solution/ architecture presented to them and provide clear recommendations.
  • Good working knowledge and can advise on securing Microsoft Windows, Active Directory and Azure AD. Experience in the following fundamentals is an advantage:Managing Active Directory users, computers, and group policy security settingsConfiguration of Windows Clients and ServersConfiguration of Microsoft Azure, Office 365 and Defender servicesUsing PowerShell to administer or audit objects and automate tasks.Implementing technology hardening configurations.
  • Hands-on experience with deploying, configuring, and managing endpoint security solutions including EPP's, EDR, host firewalls and device control.

    • Technical requirements

  • Offensive Security Certified Professional (OSCP) or equivalent certification or training (e.g. TryHackMe or Hackthebox) is desirable because of the mindset it instils.
  • If these cannot be demonstrated, we are looking for someone who understands at a detailed level how attacks work and thus how to mitigate them with precision.
  • Is familiar with the Mitre ATT&CK knowledge base and how to leverage it for cyber defence.
  • Strong working knowledge and ideally practical experience in leveraging Microsoft capabilities to mitigate risks affecting Microsoft Windows clients, servers, and cloud services.
  • Is familiar with industry frameworks including ISO 27001 and CIS Critical Controls.
  • Is proficient at using Excel to analyse, manipulate or present data quickly.
  • Strong project planning and execution using Kanban or Waterfall methodologies.

    • Person specification

  • Has a 'security mindset' – asks the right questions to identify security flaws/ issues.
  • Is tenacious, if told something can't be done, they will proactively research, talk to others and find solutions to security challenges.
  • Demonstrable interest and curiosity in cyber security.
  • Highly self-motivated, proactive and approaches challenges with a positive can-do attitude.
  • When presented with an objective, can research, plan, organise and deliver to deadlines with minimal supervision.
  • Attention to detail and strong focus on accuracy of information.
  • Excellent communication skills, being able to adapt their communication style and vocabulary depending on the audience (e.g. technical SME's vs senior managers). Being able to proof communications created by others.

    • Hours of work:

    40 hours a week, core hours of 8.30am – 5.30pm. Hybrid working policy.

  • Understanding Recruitment

    Security Lead

    1 week ago

    Understanding Recruitment London, United Kingdom

    **Security Lead** · We are seeking a Security Engineering Lead for a VC backed AI startup working toward the aim of making general AI safer through scalable alignment research. · The team is working to reach a fundamental understanding of the internal mechanisms of current deep l ...

  • UK Health Security Agency

    Security Lead

    1 week ago

    UK Health Security Agency London, United Kingdom

    UKHSA Security is adapting to support current and future requirements. This is a great opportunity for experienced security professionals to join a high-profile government security organisation at a critical time. You will play a key role in helping to shape our capability and be ...

  • Priory Healthcare

    Security Lead

    1 week ago

    Priory Healthcare London, United Kingdom

    Avesbury House is a low secure rehabilitation and recovery facility split into five independent living units, for males aged 18 years and older. We provide 24-hour specialist care and support for those with enduring mental health needs. · Our aim is to support residents to make t ...

  • Opus Recruitment Solutions Ltd

    Application Security Lead

    3 days ago

    Opus Recruitment Solutions Ltd London, United Kingdom

    Role - Application Security Lead · Location -London (Fully Remote) · Salary - £95,000 - £120,000 + Benefits · Are you an Application Security Lead looking for new challenge? · If so this could be your next step · I'm currently looking for an Application Security Lead to join a cu ...

  • Pinkerton

    Product Security Lead

    3 days ago

    Pinkerton London, United Kingdom

    We are as invested in your career as you are. · As you navigate through these uncertain times, know that Pinkerton has been a stable, thriving corporation for over 170 years. As recognized leaders around the globe in the corporate risk management industry, you can rest assured th ...

  • JPMorgan Chase Bank, N.A.

    Product Security Lead

    1 week ago

    JPMorgan Chase Bank, N.A. London, United Kingdom

    JPMorgan Chase & Co. has expanded its consumer business and we have launched a new digital retail bank in the UK. We are offering consumers a completely new banking experience. Under the Chase brand, the bank provides products and features tailored to meet the needs of customers ...

  • Doherty Associates

    Cyber Security Lead

    2 days ago

    Doherty Associates London, United Kingdom

    **About Doherty Associates** · **Doherty Associates (DA) have delivered IT solutions for over 32 years to world-renowned, international clients. Our customers operate mainly in the professional and financial services sector, including leading private equity and venture capital fi ...

  • Bidvest Noonan

    Lead Security Officer

    1 week ago

    Bidvest Noonan London, United Kingdom

    **About The Role**: · **Lead Security Officer** · **London** · **£14.15 per hour** · **60 hours a week, 12hrs Monday - Friday** · **Working BH days as part of the role as Supervisor OOH** · The role of a Lead Security Officer is very dynamic and is an essential factor in the oper ...

  • GerrardWhite

    Security Engineering Lead

    2 days ago

    GerrardWhite London, United Kingdom

    **Security Engineer Lead - Global Insurance Organisation - MS/Azure Env - City/Hybrid - Perm** · Join a leading global insurance organisation as a Security Engineering Lead during a time of extensive transformation which includes the development and deployment of a new Azure Infr ...

  • FPSG Connect

    Lead Security Consultant

    6 days ago

    FPSG Connect London, United Kingdom

    **Security Consultant Lead/Manager** · Location: London - Hybrid/Remote (anticipated in the office 3 or 4 times a month) · **Salary**: Dependent on experience · **Job Type**: Permanent · **Security Consultant Lead/Manager** · An exciting and diverse career opportunity to progress ...

  • Starling Bank

    Information Security Lead

    1 day ago

    Starling Bank London, United Kingdom

    Starling is the UK's first and leading digital bank on a mission to fix banking Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. · We are about giving customers a new way to spend, save and manage their money while taking be ...

  • Office for National Statistics

    Cyber Security Lead

    3 days ago

    Office for National Statistics London, United Kingdom

    **Location**: Newport, Titchfield (Fareham), London, Darlington, Edinburgh or Manchester · **Salary**: £53,400 - £65,400 - Plus a skills allowance of up to £7,500 · **Working Patterns**: Flexible working, Full-time, Job share, Part-time, Compressed Hours · **Closing Date**: 11:55 ...

  • Tokio Marine HCC

    Application Security Lead

    1 day ago

    Tokio Marine HCC London, United Kingdom

    Job Title: Application Security Lead · Reporting to: BISO · Position Type: Permanent, Mon-Fri, 9-5 · Hybrid Working: 3 days a week onsite · **Why **Tokio Marine HCC?** · Part of our evolution involves growing our team, and bringing in a range of views, perspectives and background ...

  • Office of Rail and Road

    Cyber Security Lead

    1 week ago

    Office of Rail and Road London, United Kingdom

    **This role can be based in any of our office locations**: London, Birmingham, Bristol, Manchester, York and Glasgow. · The Cyber Security Lead is a new role and will be responsible for leading the work on ORR's Information Security Management plan. This will allow us to protect ...

  • Atos

    Lead Security Consultant

    3 days ago

    Atos London, United Kingdom

    **Publication Date**: · Jan 24, 2023 · **Ref. No**: · 466210 · **Location**: · London, GB, WC1V 6EA · The future is our choice · At Atos, as the global leader in secure and decarbonized digital, our purpose is to help design the future of the information space. Together we bring ...

  • Hurak

    Lead Security Trainer

    19 hours ago

    Hurak London, United Kingdom

    **About Hurak Learning**: Hurak Learning is a leading training organisation dedicated to providing high-quality compliance training courses to adult learners nationwide. Our extensive range of courses covers various sectors, including health and safety, security, first aid, food ...

  • EDF Limited

    Physical Security Lead

    1 week ago

    EDF Limited London, United Kingdom

    **Sizewell C. The power of good for Britain.**: · Location:London/Sizewell C · Employment type: Permanent full-time · Employment basis: The role is expected to be a full · - time position however we are open to discussing a more flexible or part · - time approach where possible. ...

  • Google

    Security and Compliance Lead

    2 days ago

    Google London, United Kingdom

    **Minimum qualifications**: · - Bachelor's degree in Cybersecurity, Computer Science, Risk Management, Auditing, a related field, or equivalent practical experience. · - Experience with UK public sector security and compliance. Experience in Cybersecurity, Engineering Program Man ...

  • Starling Bank

    Information Security Lead

    1 day ago

    Starling Bank London, United Kingdom

    Starling is the UK's first and leading digital bank on a mission to fix banking Our vision is fast technology, fair service, and honest values. All at the tap of a phone, all the time. · We are about giving customers a new way to spend, save and manage their money while taking be ...

  • Hurak

    Lead Security Trainer

    19 hours ago

    Hurak London, United Kingdom

    **About Hurak Learning**: Hurak Learning is a leading training organisation dedicated to providing high-quality compliance training courses to adult learners nationwide. Our extensive range of courses covers various sectors, including health and safety, security, first aid, food ...