HOT JOBS

Financial Worker

Security Analyst

The Security Analyst plays a vital role in supporting the smooth and safe operation of the Company by supporting and providing cover for the Security Manager in the day to day technical relationship with both the Bank of England and with SWIFT as well as:

 

  • Ensuring that Company and Participants are aware of applicable security threats and that appropriate controls are in place to prevent, detect or mitigate them
  • Ensuring that Company has a ‘world class’ approach and readiness in respect of ‘cyber’ and is proactively driving the cyber agenda within the Company and its key stakeholders
  • Ensuring that the Security Policy reflects best practice, is embedded in the Company Operating Model and is being conducted and complied with correctly
  • Understanding, risk assessing and aligning the information risk management approaches of System Participants in their delivery of the System
  • Understanding, risk assessing and aligning the information risk management approaches of key suppliers in their delivery
  • Building effective working relationships with counterparts at the Bank of England, SWIFT and across System Operators
  • Supporting the maintenance and development of the Company Manual and associated Reference Manuals
  • Ensuring that security and information security risk lessons are identified as part of the operational incident management process and addressed within the Operating Model
  • Supporting the information needs of key committees, working groups or meetings as agreed

 

Scope

 

Security requirements and considerations flowing from:

  • Bank of England Priorities and Observations
  • The Company’s Manual
  • The CPMI-IOSCO Principles for Financial Market Infrastructures
  • The company Risk Framework and Risk Appetite Statement
  • The technical solutions and security strategies employed by suppliers and participants

 

 

Main Activities and Responsibilities

1 Governance

1.1 Support the planning, conduct and actions arising from the Security Committee

  • Analysis to inform the agenda of the Security Committee in line with its terms of reference
  • Map the agenda of the Security Committee with the strategy of the company
  • Analysis to provide the Security Committee with the information and data that it needs
  • Analysis of Security threats and issues that impact the safety of the Company
  • Allocated action delivery

 

1.2 Support the relevant conduct and actions arising from Risk Committee

  • Support the alignment of the Security and Risk work programs
  • Provide the Security Committee with the information and data that it needs to fulfil its mandate

 

1.3 Support Technical and Operations Committee (TOC)

  • Support the alignment of the Security and Technical and Operations work programs
  • Support the provision of the information and data that TOC needs
  • Ensure that the Technical and Operations Committee has the latest view of Security threats and issues that impact the correct operation of the Company or Participant Systems

 

1.4 Support supper liaison meets

  • Develop effective working relationships with the security relationships with key suppliers
  • Ensure that Security threats and issues are raised and addressed in a timely fashion

2 Compliance

  • Develop the policies, processes, procedures and practices that needs to fulfil the Security requirements and implications of the CPMI - IOSCO Principles for FMIs
  • Develop the working Security requirements and implications of the CPMI - IOSCO Principles for FMIs
  • Ensure that the Manual, Operations Reference Manual and Technical Reference Manual align to best practice and are sufficiently ‘cyber aware’
  • Support the Risk team in assessing the security aspects of Participant attestations

3 Policy

  • Maintain the Security Policy and carry out such testing as is required to make sure that it is being followed
  • Produce detailed mapping of the Security Policy
  • Support the development of initiatives to maintain staff awareness of the Security Policy

4 Service Assurance

  • RTGS

(a)     Support the delivery of the annual assurance assessment of the systems and services undertaken by the Bank of England

  • SWIFT

(a)     Support the delivery of the annual assurance assessment of the systems and services undertaken by SWIFT

  • UKPA

(a)     Support the delivery of the annual assurance assessment of the systems and services undertaken by UKPA

  • BPSL

(a)     Support the delivery of the annual assurance assessment of the systems and services undertaken by BPSL

5 Architecture

  • Maintain up-to-date documentation that describes the Security Architecture
  • Maintain up-to-date documentation that describes the Security Architecture of those parts of the SWIFT FIN messaging system required by the Company rules
  • Maintain up-to-date documentation that describes the Security Architecture

6 Intelligence and Information Sharing

  • Support the sharing of threat intelligences and information sharing mechanisms and channels
  • Create, maintain and apply a relevant taxonomy for classifying and assessing security threats
  • Establish and maintain an effective information sharing mechanism with suppliers and participants

7 Incident Management

  • Provide support and guidance to the business continuity process
  • Review and assess all incidents from a Security perspective
  • Ensure that any threat intelligence is efficiently and effectively escalated using appropriate processes
  • Ensure effective cross scheme alignment relating to security threats or incidents

8 Development Activities

  • Provide security support and guidance on key change activities on the basis of agreed terms of reference
  • Provide technical support and content for contingency architectures and options

 

 

Job Specific Competencies:

A thorough working knowledge of SWIFT Messaging Standards and infrastructure

A technical understanding of information security methods and approaches

Experience of technical information security systems assessment and assurance

 

 

Browse more: London jobs

Added By: Ainsley Morgan On: 26/02/2015

INTERESTED?

CVs to recruitment@ainsleymorgan.co.uk or register & upload your CV today

 

| Next