Job Description
Sopra Steria
Sopra Steria, a European Tech leader recognised for its consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.View company page
Sopra Banking Softwareworks with more than 1,500 banks, building societies and specialized finance providers across more than 80 countries worldwide. We help them to develop, deliver and operationalise their digital transformation strategies. Using our suite of digital banking products and services enables these organisations to deliver remarkable financial services to their clients.
Job Description
Our SaaS & Cloud Services function, which is responsible for the operation & managed service of our solutions are expanding, and looking for candidates who are passionate about information & cyber security.
We are seeking a Cyber Security Officer to help work across teams to implement security practices consistently, and work as part of a team to monitor our stack. This role will report to the Cybersecurity Manager.
The role requires an individual to:
- Proactively monitor for, identify, respond to, and resolve security incidents
- To conduct internal technical and compliance audits to ensure that processes are being followed and that controls are effective.
- Work with the Cybersecurity Manager to continuously improve the security posture of the business.
- Work with Projects & Stakeholders across the business to advocate & implement security practices
- Mentor junior analysts and provide guidance on security best practices to teams across the department.
This is a hands-on role combining technical work with responsibility for information security for managed services within Sopra Banking Software.
Key Responsibilities:
- Respond to and investigate potential security incident alerts contributing to new security monitoring use cases, and ensure all investigative activity is properly documented in ticketing systems and followed up with the relevant support teams.
- Work with the Security Policy & Audit Manager to take ownership of internal auditing within the department to ensure compliance with ISO27001 and Sopra Banking Software security policies and procedures.
- Work with the Cybersecurity Manager to implement required controls as required as part of the IT Security roadmap and initiatives.
- Identify vulnerabilities and security risks of networks, operating systems, applications, databases and new technology initiatives.
- Validate vulnerability findings and provide guidance during remediation efforts.
- Identify and document security risks identified during project initiatives and BAU activities.
- Perform research on latest security/cyber threats, which can drive improvements in active projects and into existing tools and processes.
- Provide IT security operational support to managed services teams.
- Review and improve current operational procedures, write and maintain new supporting procedures and policies and perform regular audits of these.
- Liaise with customers and external auditors to assure them of SBSUK’s security controls.
- Review changes brought to CAB to ensure that they do not introduce security weaknesses.
- Generate security reports for customers.
Liaise with the project teams to deliver security packs and maintain standards.
Qualifications
- Experience as a Cyber Security Officer or similar role within a large organisation.
- Experience with internal auditing for ISO 27001 compliance.
- Working knowledge of common vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web applications.
- Good understanding of networking technologies, principles and concepts.
- Good understanding of various technologies and operating systems and hardening configurations, i.e. Windows Server, Linux, Solaris, etc.
- Good knowledge of security best practices, security solutions, and methodologies for conducting security assessments.
- Good knowledge of cyber security threats and techniques used by adversaries to compromise systems, both technical and non-technical techniques.
Preferred Requirements
- Comptia Security + - or equivalent professional certification
- ISC2 CISSP certification
- AWS certified
- Any of the following:
- Experience with Dell SecureWorks
- Experience with Qualys
- Experience with Rapid 7 InsightVM and InsightIDR
- Experience Securing Oracle Databases
- Experienced working in and securing cloud environments (AWS preferred).
- Knowledge of UK financial sector regulation and/or bank and building society IT operations.
If you do not have all of the above experience or skills we would still like to hear from you.
Additional Information
Sopra Banking Software are a certified Great Place to Work!
We offer flexible – hybrid working model of 2 days in office and 3 days working from home. All employees are supported to work from home with DSE assessments and IT equipment where required to be fully productive when remote working.
By joining the Sopra Banking Software team you will enjoy a market competitive salary and our excellent rewards and benefits schemes including 25 days holiday with an option to buy up to 5 more, a 6% employer pension contribution, a buy one get one free employee share scheme, private medical insurance, critical illness cover, a health cash plan, and we offer flexible working arrangements to all employees, plus many more excellent benefits.
We take pride in rewarding our colleagues through Summer parties, treat days in the offices, and a social budget for each department.
Salary range for this role is up to £60,000 p/a depending on skills and experience.
At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.
All of our positions are open to people with disabilities.
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr