allpay Limited are one of the fastest growing Fintech companies in the UK and are experts in the payment and financial services arena. We have also successfully diversified into a number of other sectors.
In this role, you’ll be instrumental in maintaining a pre-emptive and pro-active security alert status within the IT department, both to keep systems and services secure from threats, and to ensure systems and services comply with regulatory requirements and controls through log analysis, scanning, assessments and investigation.
Primary areas of accountability:
As Cyber Security Specialist, some of your key duties will include:
- Identifying and addressing a full range of issues from structure and policy, through to assisting in specific areas such as data privacy, data leakage prevention/monitoring, information rights management, third party security and cryptography- Network
- Forensics, Windows Forensics, Mobile Device Forensics, Threat Hunting, Threat Intelligence (Consumption & Production),
- Malware Analysis (Static & Dynamic) inclusive of reverse engineering in addition to general client-facing/soft-skill abilities.-
- Supporting stakeholders with both onsite and remote Assurance activities including audits.- Providing expert advice across a range of Cybersecurity risk domains including technical security controls.
Key skills required:
The ideal Cyber Security Specialist will have a proven track record of working in infrastructure or application security. A broad range of Information Security expertise is of interest. This role is looking for practical experience (hands-on) in one or more of the following areas:
- SIEM configuration (particularly AlienVault). Incident and alarm response procedures, engagement with operations teams to manage incidents.
- Infrastructure vulnerability scanning (particularly OpenVAS), management of process to remediate identified vulnerabilities.
- Experience with Cloud based services, technologies and providers (eg SaaS, IaaS, PaaS, Azure etc.)
- Application Security involving Secure Software Deployment Methodologies following OWASP Top 10, Microsoft STRIDE etc.
- Application security – code scanning (SonarQube). Enough of a software development background to be able to engage with developers about identified vulnerabilities.
- Awareness of GDPR, Compliance, ISO27001, Awareness Training, Governance, Security Strategies and Risk Management.
- The ability to address multiple assignments simultaneously, with strong ability to prioritise tasks, and respond to dynamic priorities.
- A proven track record of working in infrastructure or application security.
For this role, you will have a bachelor's degree in a technical engineering or IT related field or equivalent and extensive proven related experience. Information security certifications (eg CISSP, CEH, Security+, GSEC) would also be desired for this role.
We are a company committed to Equal Opportunities.
All roles at allpay Limited are subject to successful background checks including a DBS and Credit Check.