Home Page > Current Jobs > Hedge Funds > Information Security Analyst - Hedge Fund - London

Information Security Analyst - Hedge Fund - London

Position Type:	Full Time
Telephone:	02031510855
Contact Email:	kim.kang@mkm-partnership.com
Location:	London

Background

The company is a well established financial research and support company located in the central London area. Information Technology is a core strength and the technical challenges and breadth of technology exposure will be attractive to candidates wishing to be part of a dynamic team that will present them with a stimulating environment. The company wishes to find an outstanding individual who can contribute to the improvement of the information security management system. There are a broad range of technologies and systems in use, and the team supports an advanced, high-pressure environment.

The Role

The company is seeking an experienced Information Security Analyst to join the Information Security Team. The team is fairly small but has project work covering a broad scope, requiring elegant solutions to challenging problems. Although all team members are expected to be knowledgeable in all aspects of information security, each one has a particular area of expertise. The company generates Intellectual Property on behalf of its clients, and this role will allow the information security to be assessed, improved and better monitored. The focus will be on ways to enhance protection for the Intellectual Property of the Company and its clients in pragmatic and effective ways while considering the impact of any changes on those working with and generating new Intellectual Property.
The role will mainly centre on security related projects, working with the existing Head of Information Security. The role will cover the following main areas:

Creating and maintaining information flow diagrams from security prospective.
Identity and Access Management (Users and Rights management - non web)
Access Control Management
Conduct internal information security audits (systems and business).
Regular systems and business change control management from security prospective - (Impact assessment, documentation and diagram update for all changes)
Working with the systems team to design and implement point solutions (Perimeter Security, DLP, NAC, End-point security, IDS/IPS, Identity and Access Management, Privileged Account Management)
Participation in Incident management and forensics.
Service provider security review.
Stay abreast of security trends and new technologies to satisfy specific security requirements.
Continuing professional development to ensure currency of knowledge

The role will involve working closely with the systems team that looks after the global infrastructure on 24x7 bases, so it is important for the successful candidate to have the flexibility to respond to any security related incidents reported by systems team at any time.
Skills and Experience

Ability and experience of analysing and mapping data flow.
Experience of researching, identifying and designing security solutions for specific security requirements, such as DLP, End-point security, Identity & Access Management, Perimeter security.
Experience of Access Control Management and Identity & Access Management.
Experience of change management including security assessment, documentation & Visio diagram update.
Experience of conducting internal information security audits.
Working knowledge of incident management and forensics.
Network, operating system and application security knowledge
General Windows, Linux, SQL and Cisco administration.
ITIL
Experience of security products, such as Symantec, CyberArk, Websense, RSA, Mcafee, Tripwire, Bluecoat, Trend, Sophos, Finjan etc
C Sharp, Bash, Perl

It will be important for the successful candidate to have a demonstrated expertise with security technologies and how they fit into the environment of a Company sensitive to the protection of Intellectual Property. Evidence of strong problem solving skills is important as is a solid understanding of networking, the software development process and database security.
Since this is a specialist role suitable previous roles will probably include work within companies who need very careful protection of their Intellectual Property and core systems, such as pharmaceutical firms, specialist security consultancies, banks and possibly online commerce sites, although the web footprint is very small. A strong technical background and all round infrastructure skills are equally as important as the specific knowledge set. We are NOT looking for a specialist in web application security as this is not something we do.
Good communication skills will be important – in order to assist with educating, learning from others and convincing.

Qualifications

The company has high academic hiring standards and prefers degree qualified candidates with a 2:1 degree or better. Salary and compensation package will depend on experience and the skills the candidate has to offer but will be in line with expectations at a top-flight financial institution. Training provision for keeping up to date with security developments, and attendance at conferences, will be generous as we realise this is important.

Suitable qualifications to evidence the necessary skill levels have been achieved will include:
-       Good degree from a decent Uni, such as
o   BSc in Computer Science – Information Security from Royal Holloway
o   BSc (Hons) Information Security and Forensic from Anglia Ruskin
o   BSc in Computer Science from university such as Royal Holloway, UCL.
-       CISA
-       CISSP
-       Membership of professional bodies, such as ISSA, ISACA, IISP
-       MCSE
-       MCDBA
-       CCS