IT Security Operations Specialist
CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.
Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.
CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.
Our ambition to make a positive difference starts with our people. Our values – Protect, Improve, Grow – underpin everything that we do at CLS and define and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking.
Job purpose - major duties and responsibilities of the job
- Liaise with our outsourcing partner and provide security assurance for BAU activities such as regular tech spec and health check reviews
- Chair weekly meetings with our outsourcing partner to review and approve deviations from our tech specs and security standards
- Provide oversight of security posture vendor, Kyndryl and active assessment of their Vulnerability management system.
- Operate and maintain CLS Security controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, EPP, EDR, Network Protection, etc.
- Review and help refine CLS Security procedures to ensure compliance with cyber resilience requirements
- Conduct IT Security risk assessments for all high impact projects, defining security mitigating controls that impact the technology architectures of CLS, service providers, and business partners
- Assigned ownership of IT Security Monitoring and Response related FRB and Internal Audit finding(s) and effective /timely resolution with IT Security
- Maintain relationships with third-party IT security vendors and strategic partners
- Be responsible when assigned ownership of CLS Security related Regulatory and Internal Audit finding(s), and provide effective / timely resolution
- Design and integrate consistent security solutions across CLS on-premise and cloud environments for domains like Vulnerability Management, Endpoint Security, Data Security, Network Security, Identity and Access management etc.
- Facilitate monitoring and enforcement of configurations, as well as manage and monitor security on systems deployed in the cloud in a similar fashion as is done on-premises at CLS
- Oversee design principles and controls relating to third party solution providers
- A minimum of 5 years of information security experience with at least 2 years in cloud security
- Expert knowledge of one or more of the following: VMS Qualys, SIEM.
- As part of the CLS Security team, develop and implement CLS security strategy in consultation with the CLS IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall CLS Strategy
- Internal collaboration and integration with CLS Sec Ops and Sec Architecture.
- Provide technical security advice and support for information technology projects
- Research new security related products and services to ensure that CLS is equipped with appropriate industry best of breed tools and solutions
- Strong documentation and report writing skills (to both technical and business audiences)
- Excellent time management and organizational skills combined with technical CLS Security acumen
- Financial and/or Banking industry experience preferred
- Work as a team member and individual contributor being able to work independently and confidently without direct supervision
- Through example and behavior, strive to provide peer leadership to other team members with the goal of being excellent service providers and enablers to other constituencies (both internal and external)
- Strong communication (verbal and written) skills to engage with technical and non-technical audiences
- Ability to clarify technical detail and confidently communicate business risks to senior management
Knowledge, skills and abilities - competencies required for successful job performance
- Possess a strong service-oriented mind set to consistently deliver balanced security solutions that include people, process and technology
- Possess strong technical, analytical and problem-solving skills
- Self-motivated to exceed management expectations and objectives
- Ability to effectively communicate complex technical issues to both business and technical staff at all levels
- Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups
- Able to effectively cope with change and comfortably handle risk and ambiguity, not upset when things are up in the air
- Tenacious resolve and positive attitude in challenging situations
Qualifications / certifications
- S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent) or Security Certifications such as CISSP, SANS GIAC GSEC, GCED, GCIA, GCIH, GREM; or Cisco CCNA, CCNP; or equivalent
- Industry recognized cloud security qualifications (e.g. CCSK, CCSP, AWS Security Fundamentals, AWS Certified Security)
Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook
Our commitment to employees
At CLS, we celebrate diversity and consider this to be one of our strongest assets. We are committed to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including:
- Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
- 2 paid volunteer days so that you can actively support causes within your community that are important to you.
- Generous parental leave policies to ensure you can enjoy valuable time with your family.
- Parental transition coaching programmes and support services.
- Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
- Affinity Groups (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I.
- Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
- Active support of flexible working for all employees where possible.
- Monthly ‘Heads Down Days’ with no meetings across the whole company.
- Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
- Private medical insurance and dental coverage.
- Social events that give you opportunities to meet new people and broaden your network across the organisation.
- Annual flu vaccinations.
- Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
- Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
- All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
- Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.
Something looks off?