About the Role:
The Security Engineer plays a crucial role in the development, implementation, maintenance, and improvement of security controls at LMAX. This position focuses on security and information system technologies, demanding individuals with a curious mindset and the ability to identify vulnerabilities at both technical and process levels. Security Engineers must stay up-to-date with the latest tools, security methods, and frameworks.
We foster independent problem-solving, empowering you to detect and communicate security issues across the organization. Embracing a proactive approach, you're encouraged to spark constructive discussions and propose solutions to any challenges encountered. Furthermore, recognizing the significance of every task, you understand the necessity of harmonizing security endeavors with business goals.
Main Duties & Responsibilities:
Core:
• Map attack paths and implement controls to manage associated risks.
• Create and maintain processes and procedures to demonstrate the effectiveness of security controls to auditors and regulators.
• Assist with maintaining the successful runining of Security Operations, focusing on preventative and detective controls
• Contribute to the assurance of security to the business, specifically In relation to Identity and Access Management, and Asset Management
• Assist in the creation, maintenance, and delivery of cyber security education for colleagues.
Mainstream:
• Manage and maintain the security infrastructure.
• Review and fulfill security requests from the business for various services.
• Proactively investigate host, network, and log-based security events and respond to suspected compromises.
• Assess and grant role-based access in accordance with business requirements and risk assessments.
• Stay updated on recent security and technology changes to ensure optimal protection for the business.
Once more advanced in the role:
• Manage and maintain the security infrastructure.
• Collaborate with the business to incorporate security into applications and company culture.
• Research and evaluate technologies to mitigate cyber security threats.
• Lead major security incidents and investigations.
• Perform penetration testing and ethical hacking activities.
• Penetration test and enhance internal FIAT and cryptocurrency custodian processes and procedures.
• Monitor and investigate activities on the dark web.
• Maintain high visibility into the LMAX estate for security events, while minimizing false positives.
Success Looks Like:
• Ensure compliance with security best practices in network operations, system management, and processes.
• Support the successful completion of internal and third-party led audit efforts.
• Increased signal-to-noise security events ratio
• A measurable decrease in the number of user-facing security incidents.
• Demonstrate rapid response capabilities during attacks and provide clear reporting to management.
• Receive positive feedback from technology teams and other business stakeholders.