Senior Analyst - Information Security

Ruffer LLP
London, United Kingdom
15 Nov 2022
15 Dec 2022
Job Function
Industry Sector
Finance - General
Employment Type
Full Time
Are you an Information Security Specialist working within Financial Services, ideally Wealth or Asset Management? Do you have a passion for Technology and Information Security? Do you have a solid understanding of the Three Lines of defence model?

We are currently recruiting for a Technology Analyst - Information Security, in the information security team of 4. You will be responsible for limiting the occurrence and business impact of adverse events, while contributing to business success through management of Information Security operational risks.

This is a 'hands on' security position in which the primary objective is to help implement and oversee the appropriate security controls to deter, prevent, detect, respond to, and recover from, security threats and incidents.

The Technology Analyst will be required to collaborate, and enact technical actions, with the infrastructure team, the software development teams, other internal departments and 3rd party suppliers.

Key responsibilities will include:
  • Providing 2nd line of defence Information Security oversight (advisory, review, and challenge)
  • Participating in risk management analysis and assist with the creation of documentation needed to complete audits and assessments
  • Reviewing the design of technical solutions provided by the development and engineering teams and other internal project teams to validate adherence to security best practices and compliance with internal policies
  • Assisting in documenting, maintaining and organising policies, procedures and operational material to ensure adequate knowledge of the security and integrity of company data and information systems and technology.

The role requires close engagement with key stakeholders and implementation of key security initiatives.To be considered for this position you will need to have the following skill set:
  • Strong information security and technology background - cloud based as well as on-premises environments.
  • Hands-on experience delivering Information Security projects such as access control (IAM) and role-based access (RBAC).
  • Improvements to the risk management and control frameworks, policy reviews, staff awareness or incident response
  • Desirable experience with Privileged Access Management (PAM) tools
  • Experience of security operations and operational resilience
  • Hands on experience in managing backlog in agile/scrum methodology
  • Expertise in preparing high quality documentation
  • Demonstrated ability to build strong business partnerships - able to challenge and support
  • Confidence when presenting to Team Members, peers, and Technology Leadership Team levels
  • Security specialist qualifications preferable but not expected (eg CISA, CRISC, CCSK or CISSP)

About Us:

Ruffer has £26 billion under management and just over 360 members of staff. It manages investments on a discretionary basis for individuals, trusts, charities, companies and pensions as well as collective investment schemes. The majority of staff are based in London, with small client facing offices in Edinburgh and Paris.

Ruffer uses predominantly third-party vendor systems, supplemented with customised internally developed applications. Infrastructure and most of security services are provided by external suppliers and overseen internally.