Risk Warning: Trading financial products on margin carries a high degree of risk and is not suitable for all investors. Losses can exceed the initial investment. Please ensure you fully understand the risks and take appropriate care to manage your risk.

Cyber Security Engineer

Full-time | London, United Kingdom
About Tickmill
Tickmill is a global group of companies, offering trading services with a prime focus on Futures, Options and CFDs on Forex, Stock Indices, Commodities and Bonds. Regulated in the United Kingdom by the FCA, in Cyprus by CySEC, in the Seychelles by the FSA, in Labuan by the Labuan FSA and the FSCA in South Africa, we provide first-class products and services, catering to the needs of the most sophisticated retail and institutional clients around the world.

We take pride in being one of the fastest-growing brokers in the world processing monthly more than 9 million client trades, while our monthly average trading volume is over $140 billion.

Our multilingual staff consist of highly qualified experts from all Continents. We value the talent and input of our team members and keep their motivation at the heart of our strategy. This includes highly competitive motivation packages, work-related travelling, and regular team events around the world.

Job Overview
We are looking to hire a Cyber Security Engineer with an analytical mind and a detailed understanding of cybersecurity methodologies.

The candidate is expected to be a self-starter with prior experience in building a modern vulnerability management programs and will primarily be responsible for the development of a new Vulnerability Management capability by setting best practice, as well as determining process and controls.

Alongside, the candidate will also support in executing the Cyber Security Roadmap liaising with the technology partners and service providers on security activities.
Responsibilities:
  1. Defining Vulnerability Management Operating Model in-line with Tickmill Vulnerability Management Standard
  2. Document and maintain Operational processes and procedures to conform with Enterprise Security Control Standards.
  3. Understand Technology Landscape in Tickmill and assist management with identifying right Vulnerability Management toolsets that provide right benefits to the business.
  4. Take ownership of the Vulnerability Management scanning environment including application security testing and generate timely vulnerability scans.
  5. Assess, analyze, and articulate actual business risk coordinating with Tickmill teams to help them understand their vulnerabilities and assist them to develop remediation and mitigation strategies.
  6. Validate proper mitigation controls are in place until remediation activities are complete.
  7. Act as single point of contact for status updates regarding vulnerabilities across multiple platforms and multiple business entities.
  8. Responsible for producing Vulnerability Management Metrics and Trend Reporting
  9. Continuously evaluate how we secure systems, identify potential threats / alerting gaps, and implement alerts and tooling necessary that will help us increase threat detection coverage.
  10. Work with others across the organization, react to alerts, hunt for threats, respond to incidents, and create and implement technical solutions that improve our ability to identify, stop, and eliminate potential threats.
  11. Performs network and endpoint forensics to establish attack scope and root cause analysis.
  12. Ensures communication and escalation of security activities to leadership.
  13. Develop and improve attack remediation strategies, incident handling processes, standard operating procedures, playbooks, and automations.
Requirements:
  1. 6-8 years minimum previous Financial Services experience
  2. Proficiency of Operating System fundamentals, OS Security (Windows & Linux) and Networking Principles, Protocols and Practices.
  3. Ability to identify attacks and malware (Trojans, Ransomware, etc.) analysing event data generated from proxy, endpoints, IDS, MPS, network devices etc.
  4. Prior experience in building modern vulnerability management programs.
  5. Experience working with cloud platforms and infrastructures (AWS/Azure/GCP).
  6. Understanding of infrastructure and cloud vulnerability scanning and configuration.
  7. Containerized and Orchestration understanding of Vulnerability Management.
  8. Familiar with OWASP Top 10.
  9. Extensive experience in performing secure code automated/manual reviews.
  10. Familiarity or experience with CI/CD pipelines and Agile methodologies.
  11. Familiarity with Vulnerability and SSDLC tools and DevSecOps practices.
  12. Ability to automate repeatable tasks.
  13. Reporting & Documentation.
  14. Well organized & punctual.
Benefits:
  1. A Unique opportunity for a career and self-development in a global and fast-growing company.
  2. Modern and professional work environment.
  3. Attractive Compensation package based on qualifications and experience.
  4. Regular Team Events.
  5. Health insurance including cover for family.
  6. Participate in the “Employee Training & Development program”.
  7. Discount for Gym membership.
  8. Cycle to work scheme and other additional benefits.
Interested in this position? Forward your CV to careers@tickmill.eu
*Due to the great number of applications we receive for each of our open vacancies, we are unable to respond on an individual basis.