Information Security GRC Program Senior Manager directing security governance, risk, and compliance functions at Kemper. Leading a team to ensure audits, exams, and control frameworks are maintained effectively.
About the role
- Senior Security Engineer at Kroo Bank designing security measures for applications and services. Collaborating with teams to ensure compliance, mitigate vulnerabilities, and enhance cybersecurity protocols.
Responsibilities
- Designing and implementing security measures for mobile applications, services, and websites.
- Continuously analysing our security systems for potential improvements.
- Proactively identifying, assessing, and remediating security vulnerabilities.
- Automating security processes and procedures to enhance efficiency and effectiveness.
- Identifying, defining, and documenting system security requirements.
- Developing and maintaining best practices and security standards for the organisation.
- Collaborating with development teams to ensure secure design of web and mobile front-ends.
- Assisting teams in diagnosing and addressing gaps in infrastructure security.
- Working closely with stakeholders to align security measures with our cybersecurity strategy.
- Supporting teams in meeting compliance requirements for internal audits and external regulators.
Requirements
- 3+ years of experience in system, network or application security.
- Skills and experience in multiple domains, such as application security, network security or security operations.
- Programming experience and the ability to proactively seek out efficient and repetitive solutions to security challenges.
- Threat modelling and risk assessments.
- Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS…).
- Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2).
- Working knowledge of cryptography including encryption, signing and digital certificates.
- Principles of securing mobile applications and web services.
- Docker or kubernetes and infrastructure as code.
- Event driven streaming technologies.
- Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs.
- Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform).
- Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes.
- Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP).
- Security certification such as CISSP, CCP, SANS, GAIC, Ethical Hacker.
- Experience in working in regulated company, preferably with a FinTech/ banking background and experience in DevOps.
- Excellent oral, written communication and presentation skills.
Benefits
- Generous holiday time: 25 days annual leave, 8 bank holidays, 1 Kroo bank holiday (June 24th), and 1 day off during the week of your birthday.
- Personal days: We know that life can be unpredictable, so we offer 3 personal days to use as needed.
- Employer-sponsored volunteer program: We're passionate about giving back to our community, and we support our employees in doing the same with up to 4 hours per month of employer-sponsored volunteer time.
- Mental health support: We care about the mental health of our team members and offer access to Spill, our mental health support partner.
- Workplace pension: We want you to feel secure about your future, so we offer a workplace pension with a 5% employee contribution and a 3% employer top-up.
- Learning and development: After 1 year of service, you'll have access to £500 from the Kroo Learning Fund to invest in your career development.
- Top-notch equipment: We provide top-of-the-line equipment necessary for smooth hybrid work, including a MacBook laptop. Additionally, we also offer support in establishing your home office by contributing towards your setup if required.
- Modern office: When you're in the office, you'll enjoy access to our modern, bustling workspace in Farringdon, Central London.
- Cycle to Work scheme: We encourage sustainable transportation with our Cycle to Work scheme.
- Electric Car scheme: We're committed to reducing our carbon footprint, and our Electric Car scheme makes it easy for our employees to do the same.
- Enhanced parental leave: We know that family comes first, and we offer an enhanced parental leave policy to support our employees in starting and growing their families.
- You get full healthcare for you and your nuclear family via Vitality.
- Hybrid Working: At Kroo Bank, we have a hybrid policy that gives both individuals and teams a lot of freedom when it comes to using the office space to boost productivity.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Associate Director ICT Security overseeing the cybersecurity strategy and team leadership at PFH Technology in Dublin. Ensuring compliance and security in Ireland’s healthcare infrastructure.
VG
Senior Consultant focused on ISMS, BCM, and cybersecurity compliance at VICCON GmbH. Leading projects and collaborating with clients to enhance their information security and resilience.
GSS Officer at Itad supporting safety, security, and travel policies. Overseeing risk management and collaborating with project teams for operational support.
Install and manage fall protection systems at height, ensuring compliance with safety standards. Leadership required in overseeing teams and project delivery at construction sites.
Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.