Information Security Officer

Maintain Operational Systems, Networks and Security:

• Facilitate annual PCI audits.
• Linux Operating systems are security patched in a timely manner. If patching will affect customers, arrange with operations support, and follow the correct change control process.
• Maintain Elastic SIEM.
• Respond to and investigate SIEM alerts.
• Respond to operational system alerts and/or operational queries across the entire technology stack (Production and QA system issues, infrastructure issues, Databaseissues, Network issues, Security and Firewall issues and any 3rd party or customer integration issues) as they occur.
• Manage / Deploy system tooling that may be beneficial to the business.
• Research, POC and deploy new open source or when applicable closed source tooling that is beneficial to the business systems or processes. This can be in supporting Applications, Monitoring, Logging, SIEM, AI/machine Learning, Fraud Detection, Operational Support applications, Authentication systems, BI / Data Analytics, networks, Security or compliance.
• Create ad hoc Python scripts / Applications to perform various repetitive tasks.
• Ensure that AWS environments and services are architectured and configured in a secure and redundant manner including all security services from AWS.
• Maintain AWS services including but not limited to: VPC, EC2, ECS, ECS Fargate, ECR, Guard Duty, Cloudwatch, Cloudtrail, Security groups, VPC Routing, Site to Site VPNs, Application Load balancers / network load balancers, Web application firewalls,etc.
• Architect, support and maintain connectivity between 3rd parties, Banking partners, integrators and on prem datacentres.
• Ensure best practice security measures are implemented.
• Ensure best practices regarding system isolation and scope reduction.
• Provide support to field engineers on HSMs and key management.
• Maintain internal HSMs and key management procedures.
• Provide support to the product and SLDC teams – this includes consulting on design, finding compliant solutions for customer issues, and filling out cyber risk assessments for customers or tenders.

Regulatory Compliance:

• Maintain/Improve (PC14) PCI.
• Stretch: ISO 27001.
• GDPR.

Policies:

• Ensure Security, Infrastructure & Procedures (with supporting team) are comprehensive and kept up to date.Security Tooling:
• Ensure SSO, Intrusion detection, SIEM, Antivirus, Patch Management and PGP are implanted as per the polices.
• Stimulation / adoption of user-driven security culture (give security a brand within the org and educate).

Automation:

• To increase efficiency and reduce errors for both security and infrastructure management.

Cost Efficiency:

• To reduce costs (optimize) without sacrificing performance and security.

Perform Security Activities & Reporting:

• Ensure that weekly vulnerability scans results are tracked, and vulnerabilities are remediated within set severity timeframes weekly.
• Review all daily and weekly BAU PCI Items for signoff monthly.
• Ensure weekly Internal and External Scans were completed.
• Perform data analysis reporting monthly.
• Maintain a strong security posture within the card holder environment.
• Work with 3rd party to ensure PCI Certification Audit is completed and passed on time.
• Review Security Commitment to third parties.

Qualification & Experience:

• Bachelor’s degree in Computer Science or related field.
• 3 years’ relevant experience.
• Experience within the payment / banking sector.
• Experience working with PCI Audits / Security in DevOps, Linux, Mysql, Cloud (AWS).
• Network experience (particularly cloud based / virtual).

Skills & Knowledge Required:

• PCI Audits / Security / Processes.
• Linux, Mysql, and Cloud (AWS).
• Experience with automation tools like CloudFormation, Ansible, Puppet, Chef, etc.
• CI/CD tooling eg. Bitbucket pipelines, Jenkins, etc.
• Scripting languages: Bash, Python, etc.
• Cloud knowledge, specifically AWS.
• Containerisation: Docker, Kubernetes, AWS ECS, etc.
• Logging Frameworks: ELK stack, cloudwatch, etc.
• Cloud-based virtual networking eg VPC, subnets, ALB, NLB, WAF, Peering, Transit Gateways, VPN gateways, etc.
• SIEM experience – Elastic, Splunk, etc.
• Monitoring and Alerting Framework: Zabbix, Nagios, etc.

Personal Attributes:

• Ability to learn new technologies at pace.
• Problem solving.
• Ability to work within a high stress & flux environment.
• Ability to foster & cultivate relationships with internal & external stakeholders.
• Ability to work autonomously as well as part of a team.
• Assertiveness – communicating feelings and beliefs; being non-offensive.
• Detail & deadline oriented.
• Analytical & critical thinking.