Senior Security Engineer

Overview Reporting to the Head of Information Security Transformation, the Senior Security Engineer (SSE) will help drive the Security Architecture and Engineering team and the business in current information security challenges across security technology control assessment, design, configuration, integration, documentation and support
  Key Accountabilities and main responsibilities

• Client-first attitude
• Create and maintain global standards, ensuring a consistent security approach;
• Design and implement solutions to ensure that they deliver business objectives securely;
• Uplift, drive and deliver security capabilities within the group;
• Act as a technical point of escalation related to security controls and concepts;
• Deliver security solution designs and implementation direction in a fast-paced environment solutions;
• Evaluate, architect, implement, and support security tools and services for Link Group rapidly emerging Cloud based hosting model and help execute the global Information Security strategy / Centre of Excellence
• Lead technical change for cybersecurity best practice adoption within projects
• Develop security solutions architecture aligned to organisational strategy and industry best practice
• Provide guidance to key stakeholders on best practice architecture practices. 
• Maintaining awareness of security trends and the global threat landscape
• Advance security computing knowledge & understanding (including cloud security) across the wider organisation
• Continue to develop subject matter expertise in designated area of specialisation.  This includes performing research and keeping abreast of trends and best practice techniques and controls
• Provide leadership and mentorship to junior team members including knowledge transfer
• Demonstrate ‘by example’ professional and ethical behaviour by ensuring compliance with external legislation, internal operating policies, and procedures relevant to the position
• Policy and configuration review, approval and implementation of changes to DLP, WAF, DAM, endpoint, and other security products

Operational Management 

• Provide solutions to a variety of technical problems of varied scope and complexity;
• You must have strong experience as a Security Analyst/Engineer or Technical Lead role;
• Experience and experience designing/supporting Cloud-first environments;
• You have strong technical, management and deployment skills focused around information security and cloud deployments;
• You have strong skills in Zscaler, CASB, OKTA, Office 365 and Active Directory, Azure AD, Citrix Azure (Cloud) and other Microsoft technologies;
• You have a working knowledge of Agile and Product Centric principles, product management, scheduling and a strong customer focus;

Governance & Risk

• Responsible for ensuring Link Group are compliance and adhere to legal and regulatory requirements when it comes to, Privacy, Operational, Data Protection and Information Security risks;
• Support Link Group assurance programs that deliver effective risk management and compliance practice;
• Ensure all server infrastructure and application designs comply with Link Group security policies and;
• Ensure audit and compliance are reviewed and complied with and take accountability for any associated corrective actions.

Experience & Personal Attributes
 

• Strong understanding of Application Security concepts and best practices including agile methodologies and coding languages
• Experience in leading DevSecOps transformation
• Computer Science Degree (or equivalent) – Major in Information/Cyber Security preferred
• Finance and/or technology industry experience
• Post graduate qualification
• Minimum 7+ years experience in security operations, security engineer or similar technical role.
• Experience with successful and unsuccessful project implementations
• Knowledge of integration concepts, patterns and technologies
• Extensive experience across infrastructure domains (network, compute and storage)
• Experience across Cloud and infrastructure components (server, storage, network, data, and applications) to deliver end to end Cloud Infrastructure architectures and designs. Azure experience preferred.
• Experience performing threat modelling and value assessment techniques to assess controls and provide architectural decisions
• Experience working with Cloud Security, Cyber security (Malware, penetration testing, forensics, incident response), endpoint Security, Security Incident and Event management, Data Protection, network Security, Identity & Access Management
• Ability to identify critical & high priority issues and resolve and/or escalate where required
• Assist project teams with technical decisions and implementation. 
• Experience in architecting, designing, and building Security Architecture Frameworks
• 7+ years experience in a hands-on implementation capacity on major projects
• 10+ years of experience implementing medium to large-scale distributed applications
• Strong skills in MS-Project, Word, Excel, Visio, and PowerPoint
• Strong communication, consulting, and negotiation skills

Essential Qualifications

• Tertiary degree in Computer Science / Information Technology with a preference for Information/Cyber Security 
• Highly desirable: CISM, SSCP, CCSP, CRISC
• Experience using Okta, Zcaler and SalePoint 

MUFG Pension & Market Services is a global, digitally enabled business that empowers a brighter future by connecting millions of people with their assets – safely, securely and responsibly. 

Through our two businesses MUFG Retirement Solutions and MUFG Corporate Markets, we partner with a diversified portfolio of global clients to provide robust, efficient and scalable services, purpose-built solutions and modern technology platforms that deliver world class outcomes and experiences. 

A member of MUFG, a global financial group, we help manage regulatory complexity, improve data management and connect people with their assets, through exceptional user experience that leverages the expertise of our people combined with scalable technology, digital connectivity and data insights.