Security Specialist - Assessment and Integration | London, UK

Marex is a diversified global financial services platform, providing essential liquidity, market access and infrastructure services to clients in the energy, commodities and financial markets.

The Group provides comprehensive breadth and depth of coverage across four core services: Market Making, Clearing, Hedging and Investment Solutions, and Agency and Execution. It has a leading franchise in many major metals, energy, and agricultural products, executing around 50 million trades and clearing 205 million contracts in 2022. The Group provides access to the world's major commodity markets, covering a broad range of clients that include some of the largest commodity producers, consumers and traders, banks, hedge funds, and asset managers.

Marex was established in 2005 but through its subsidiaries can trace its roots in the commodity markets back almost 100 years. Headquartered in London with 36 offices worldwide, the Group has over 1,800 employees across Europe, Asia, and America.

Marex has unique access across markets with significant share globally both on and off exchange. The depth of knowledge amongst its teams and divisions provides its customers with a clear advantage, and its technology-led service provides access to all major exchanges, order-flow management via screen, voice, and DMA, plus award-winning data, insights, and analytics.

The Technology Department delivers differentiation, scalability, and security for the business. Reporting to the COO, Technology provides digital tools, software services, and infrastructure globally to all business groups. Software development and support teams work in agile 'streams' aligned to specific business areas. Our other teams work enterprise-wide to provide critical services including our global service desk, network and system infrastructure, IT operations, security, enterprise architecture, and design.

The Information Security team reports to the CTO and is responsible for protecting Marex data and assets, as well as providing security advice. The team is relatively small; therefore, its members have a chance to experience various areas of security.

Marex is seeking an experienced and proactive Security Specialist to join our Security team, focused on supporting all cybersecurity activities related to information security and acquisitions. This critical role will be instrumental in safeguarding Marex's cybersecurity posture throughout the entire acquisition lifecycle, from initial due diligence stage to seamless integration.

As a Security Specialist, you will collaborate closely with various technology and business partners to ensure Marex's cybersecurity goals are achieved during acquisition transactions. You will be responsible for identifying, assessing, and mitigating security risks, protecting sensitive data, and maintaining compliance with relevant regulations. This role demands an experienced security professional with the ability to manage multiple priorities effectively and leverage deep technical knowledge to develop bespoke security solutions that align with Marex's policies and standards.

Responsibilities:

1. Due Diligence:
   • Support with conducting comprehensive security assessments of target companies, including infrastructure, applications, data, and policies.
   • Identify and evaluate potential security risks and vulnerabilities associated with the target's IT environment.
   • Analyse and report on the target's security posture, providing detailed findings and recommendations.
   • Collaborate with legal, compliance, and IT teams to assess regulatory and contractual security requirements.
2. Integration Planning:
   • Support in developing and implementing security integration plans that are aligned with Marex security policies and standards.
   • Work with multiple IT stakeholders to ensure secure data migration and system integration.
   • Create and maintain security documentation related to acquisition activities.
3. Post Integration:
   • Conduct post integration security audits to ensure that the integration was completed securely.
   • Monitor and plan remediation activities for any residual security risks.
   • Ensure that all security documentation is up to date.
4. Security Governance:
   • Ensure compliance with relevant security standards & regulations, i.e. SOX, MAS, NFA etc.
   • Assist with development and delivery of security awareness training materials to existing and upcoming Marex employees.
   • Assist with all activities related to data classification and data loss prevention - implementations, operations, documentation and user awareness.
   • Support IAM team with onboarding critical applications inherited through acquisition transactions.
   • Developing and documenting cyber security standards and procedures.
5. Security Operations:
   • Perform vulnerability assessment scans and collaborate with other teams on remediation approach for acquisition transactions.
   • Monitor security toolset and controls to identify potential incidents, network intrusions, and malware events, ensuring confidentiality, integrity, and availability of Marex's critical systems.
   • Collaborate with technology teams for incident handling, patching disciplines, and system hardening frameworks for acquisition transactions.
   • Collaborate with the Information Technology team on deployment, operation, and continual improvements of security solutions.
   • Keep up to date with security news and trends.
   • Threat Intelligence and Hunting.
   • Respond to and investigate security incidents and exceptions.
   • Provide relevant KPI and KRI metrics.

Skills and Experience:

• Demonstrable experience in the field of Information Security.
• Comprehensive knowledge and expertise across multiple technologies and protocols, such as Entra, TLS, IDS, SIEM, DLP, WAF, DMARC, AV/EDR, XDR, CNAPP.
• Knowledge of security processes (like vulnerability management or penetration testing), standards (like CIS), and frameworks (like NIST).
• Good understanding of Windows, Linux, and Cloud solutions.
• Excellent communication skills, with the ability to effectively engage with stakeholders.

Competencies:

• A collaborative team player, approachable, self-efficient and influences a positive work environment.
• Demonstrates curiosity.
• Resilient in a challenging, fast-paced environment.
• Excels at building relationships, networking and influencing others.
• Strategic collaborator with insight and agility, able to anticipate future challenges, ensuring operational effectiveness.

If you're forging a career in this area and are looking for your next step, get in touch!

Marex is fully committed to being an inclusive employer and providing an inclusive and accessible recruitment process for all. We will provide reasonable adjustments to remove any disadvantage to you being considered for this role. We value the differences that a diverse workforce brings to the company. We welcome applications from candidates returning to the workforce. Also, Marex is committed to avoiding circumstances in which the appearance or possibility of conflicts of interest may exist within the hiring process.

If you would like to receive any information in a different way or would like us to do anything differently to help you, please include it in your application.