Refinitiv
Principal Security Engineer page is loaded Principal Security Engineer Apply locations London, United Kingdom time type Full time posted on Posted Yesterday job requisition id R ABOUT US:

LSEG (London Stock Exchange Group) is more than a diversified global financial markets infrastructure and data business. We are dedicated, open-access partners with a dedication to excellence in delivering the services our customers expect from us. With extensive experience, deep knowledge and worldwide presence across financial markets, we enable businesses and economies around the world to fund innovation, manage risk and create jobs. It's how we've contributed to supporting the financial stability and growth of communities and economies globally for more than 300 years. Through a comprehensive suite of trusted financial market infrastructure services - and our open-access model - we provide the flexibility, stability and trust that enable our customers to pursue their ambitions with confidence and clarity.

LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across EMEA, North America, Latin America and Asia Pacific. We employ 25,000 people globally, more than half located in Asia Pacific. LSEG's ticker symbol is LSEG.

Role Purpose

• The Cyber Security Engineering team are looking for a proactive and independent individual who is committed to using their experience and tenacity to make significant contributions to the security infrastructure team.
• We are looking to expand the team which will focus on developing cyber defence capabilities to protect us from cyber threats Impacting the confidentiality, integrity, and availability of assets.
• The team performs a combination of third line security engineering, security product ownership and security oversight across various business initiatives aligned to the core platform security principles.
• Individuals who are technically capable and hands-on yet can build relationships and communicate effectively, collaborate with the wider technology teams should consider this opportunity.

Key relationships & committees

When performing our work, it helps to make sure we work with and engage the right people early on. These collaborators can include the wider security team including security architecture, cyber strategy business function, governance, risk and compliance, global security operations centre. Programme management. Entity level Business Information Security Officers (BISOs). Infrastructure & Cloud operations, engineering, and architectures teams. Internal risk and audit functions. Architecture and corporate approval forums. External partners/vendors, regulators, and industry schemes.

Key Responsibilities

• The successful candidate will help design, innovation, operation, and maintenance of endpoint solutions in our environment.
• This position will work with Account Managers, Project Managers, and clients to deliver solutions, acting as the authority on the industry leading endpoint malware security products. They will strive to develop lasting relationships across the organization and seek to further these relationships through quality product delivery.
• The ideal candidate must be self-motivated with a proven track record of accomplishment in relevant endpoint technologies. Being comfortable in a dynamic atmosphere of a technical organization with a rapidly growing customer base.
• You must possess strong presentation skills. You must be organized and analytical, able to eliminate delivery obstacles through creative and adaptive approaches.
• Develop and be responsible for the strategies, architectures, designs, and associated artefacts within the cyber arena. Technologies have clear roadmaps and lifecycles defined.
• Design and implementation of cost of service for endpoint protection tools to enable the deployment, configuration, ongoing lifecycle management across the LSEG estate.
• Integrating and/or consolidating the groups anti-malware technologies. Creating & improving processes to increase efficiency for all aspects of toolset lifecycle management, automating where possible.
• Seize control over end point security measures, guiding their efficiency throughout their entire lifecycle.
• Lead and drive major, impactful high-profile projects within the cyber program and other initiatives. These projects are multifaceted, spanning across LSEG and demand a wide-ranging perspective to address intricate challenges.
• Lead and deliver changes to vital controls, which are not part of project activity.
• Develop key indicators, analysis, and artefacts to continually evidence and report control efficiency and risk.
• Third line support for any operational incident from operations or Global Security Operations Centre for related domain technologies.

Critical Work Outcomes

• Delivery of activities against agreed cyber security strategies and shapes project delivery with the project management team.
• Delivery of key artefacts associated with the role, artefacts support evidencing and assurance activities.
• Ongoing control operation and effectiveness and evidencing of such.
• Reporting, development and management of agreed measures, key performance indicators and key risk indicators.

Impact

• As a group level function, the role has impact across all parts of the business as it has responsibility for the relevant group security controls which seek to mitigate the risk and impact to the group from cyber-attacks. Impacts include financial, economic, regulatory, customer and brand.
• The role is key to addressing regulatory concerns for all our regulated entities related to cyber security and cyber resilience.

Technical / Job Functional Knowledge

• An individual with knowledge of malware, adversary threats and the relevant malware controls. How and where different types of malware protection controls are required and the architecture, engineering, and operations of those.
• Knowledge of different operating systems and platforms where malware protections are required and implications for those platforms.
• A deep understanding of Tactics Techniques and Procedures is required.
• Threat Modelling experience.
• Broad technology knowledge across non-core domain area.
• Policies, standards, and security frameworks, NIST, CIS. Solid skills to author formal documentation.
• Risk and control, management, monitoring, and reporting. Experience in advocating for and influencing change in order to reach the best outcome based on the needs of the organization, partners and from monitoring industry trends.
• The role holder works independently and with guidance only in the most complex of situations and is expected to resolve problems with sound judgement and in a way that is aligned to good practice and in the long-term interests of the organization.
• They are likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, OSCP, TOGAF, GIAC or those relevant to the role.
• Leading non-FTE deliveries from contingent and/or partner/vendors.
• Mentoring and guiding those at earlier career stages to grow the competence and experience of the team.
• Collaborating across the group to deliver successful sustainable outcomes for the group and its stakeholders.
• Delivering feedback in a constructive and inclusive approach.

Business and Sector Expertise

• Experience and knowledge of technology in financial services and/or regulated environments and industry compliance schemes (for example SWIFT) preferred.
• Must have significant experience of working in security focussed roles. Likely will have greater than 5 years full time in security roles in an overall career in technology and more than 10 years focussed predominantly in the relevant area. Expected to have direct hands-on experience in some of the domain area technologies.

Diversity & Inclusion

People are at the heart of what we do and drive the success of our business. Our colleagues thrive personally and professionally through our shared values of Integrity, Partnership, Innovation and Excellence are at the core of our culture. We embrace diversity and actively seek to attract people with unique backgrounds and perspectives. We are always looking at ways to become more agile, so we meet the needs of our teams and customers. We believe that an inclusive collaborative workplace is pivotal to our success and supports the potential and growth of all colleagues at LSEG

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business . click apply for full job details