Cyber Security Engineer – Hodge
At Hodge, we put people at the heart of our business and that means our customers, colleagues and communities. Hodge is a Welsh financial service provider that focuses on real estate finance and specialist residential mortgage markets.
Overview
The Cyber Security Engineer is part of the Cyber Security team, ensuring that operational controls in relation to Hodge systems, infrastructure and data are managed in line with cyber and information security best practice and that the estate is pro‑actively upgraded and maintained.
Key Responsibilities
Cyber Security Operations:
* Assist in the implementation of appropriate cyber security toolset covering user, infrastructure, and application activity.
* Undertake all required activities to ensure that operational cyber controls are working effectively and managed pro‑actively.
* Operate vulnerability management process across applications and infrastructure to ensure risk is managed effectively and ongoing process improvement.
* Work with outsourced security providers to ensure work being undertaken is of the required standard and appropriate reporting is available.
* Contribute to the ongoing development of the Security Controls Catalogue to ensure consistent reporting of risks and controls, and alignment to best practice.
* Ensure appropriate documentation is maintained to support current and future activity.
* Ensure work includes appropriate quality control mechanisms and automated reporting.
* Contribute to the ongoing cyber awareness and education programme for Hodge colleagues.
* Work to ensure cyber security activity undertaken supports visibility, transparency and suitable metrics on cyber controls and activity.
* Contribute to assurance assessments of third‑party suppliers.
* Understand the wider economic environment in which Hodge operates.
* Demonstrate a good understanding of relevant frameworks, tools and languages.
* Review work of other team members to ensure quality standards are maintained and knowledge transfer.
* Work with IS Service Delivery and Development teams to assist in the investigation and resolution of live issues and to support BAU activity.
* Work with IS Service Delivery team to ensure Service Transition controls and documentation are provided in line with agreed Service Transition framework.
Project and Change Support:
* Work with Service Delivery and Technology Project colleagues on implementation and planning of cyber related tools and projects.
* Work with business and IT stakeholders to ensure security provision and tools align with short and longer‑term goals.
* Work with software and delivery teams to provide cyber security and controls guidance across development and infrastructure projects.
* Engage with software teams to assist in the evaluation of security considerations and controls that are part of software development and delivery.
* Work with external suppliers to utilise external expertise where required across delivery and live operation.
* Understand core architectural patterns, frameworks and infrastructure used by Hodge.
* Develop and implement threat modelling and risk analysis framework.
* Ensure that defined security standards are applied to all work undertaken (e.g. password policy, authentication standards).
* Work with 3rd‑party suppliers to manage penetration test planning, execution and evaluation of results.
* Engage with and contribute to relevant cyber and tech community forums.
* Advise and coach other team members to aid their technical and team development.
* Pro‑actively investigate technology landscape and best practice to identify improvements.
* Maintain a knowledge of current cyber technologies and best practice to identify improvements.
* Engage with external parties to share and improve knowledge.
* Progress training and certification in relevant technologies and disciplines.
Qualifications
* Experience of working to recognised cyber security and risk framework.
* Previous experience in Cyber or Information Security role.
* Knowledge of range of tools to implement Cyber controls.
* Knowledge in IT security best practice, solutions and frameworks.
* Ability to demonstrate understanding of vulnerability remediation.
Additional Information
All Financial Services employees will be required to complete background checks, including criminal record, identity, sanctions, adverse finance, fraud prevention and reference checks.
Hodge is an equal opportunities employer and embraces diversity.
Apply today to become part of Hodge’s mission to make life better for customers and society in the moments that matter.
#J-18808-Ljbffr