AVP - IT Security Specialist

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from CLS Group

About CLS:

CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.

Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.

CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.

Our ambition to make a positive difference starts with our people. Our values – Protect, Improve, Grow – underpin everything that we do at CLS and define and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking.

Job information:

• Functional title - IT Security Specialist
• Department - Technology

What you will be doing:

The AVP IT Security Specialist role is responsible for the delivery of security related activities and enhancements of security solutions to improve the security posture of the CLS estate.

This individual will interact with the IT Security Architecture Team, IT Security Operations Team, Project Management Teams, global IT Teams, and outsourcing partners to deliver solutions that enhance the overall security program for CLS.

• As part of the CLS Information Security BISO team, develop and implement CLS security strategy in consultation with CLS and vendor IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall CLS Strategy.
• Provide technical security governance, advice and support for information technology projects and day-to-day activities.
• Liaise with our outsourcing partner and provide security assurance for BAU activities such as security operations, incident management and vulnerability management.
• Chair weekly meetings with our outsourcing partner to review and approve security control tuning.
• Chair daily security management review meetings with our outsourcing partner, to provide situational awareness and a level of due diligence.
• Review and help refine CLS security operation procedures to ensure compliance with cyber resilience requirements.
• Assist with the remediation of security related Regulatory and Internal Audit finding(s).
• Improving current reporting and metrics in relation to security posture, vulnerability and risk management.
• Performing regular security document review and enhancements.
• Support red and purple team penetration activities and remediation of findings.
• Work as a team member and individual contributor being able to work independently and confidently without direct supervision.
• Strong communication (verbal and written) skills to engage with technical and non-technical audiences.
• Ability to clarify technical detail and confidently communicate business risks to senior management.
• Execute the overall CLS Security vision and mission, as well as with CLS’s strategic direction as it pertains to cyber resilience.

What we’re looking for:

• A minimum of 3 years of information security experience.
• Intermediate knowledge of one or more of the following: firewalls, TCP/IP, network IDS/IPS, host-based IDS/IPS, endpoint and network-based DLP, web proxies, email protection, endpoint protection software, SIEM.
• Broad knowledge of IT and Security processes, methodologies and frameworks.
• Ability to collaborate effectively with others to drive forward key security objectives.
• Strong documentation and report writing skills (to both technical and business audiences).
• Excellent time management and organizational skills combined with technical CLS Security acumen.
• Financial and/or Banking industry experience preferred.
• S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent) or Security Certifications such as CISSP, CISM, SANS GIAC GSEC, GCED, GCIA, GCIH, GREM; or Cisco CCNA, CCNP; or equivalent.
• Industry recognized cloud security qualifications (e.g. CCSK, CCSP, AWS Security Fundamentals, AWS Certified Security).
• Knowledge of frameworks and regulations, such as: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST 800-53/800-61/CSF, FFIEC handbook, GDPR, DORA, Reg HH etc.

Our commitment to employees:

We are a small company with a big mandate, so every person is essential to our success. We are also committed to employing and retaining the most talented and dedicated people.

What makes us interesting goes beyond our competitive salaries and great benefits. Our work environment is designed around quality outcomes, not output. The FX market would cease to function without our services, and we take pride in being responsible for keeping it running smoothly.

We are different from other financial institutions in that we have a flatter and more transparent structure with accessible leadership. You will be seen, heard and empowered to develop your career.

We are a purpose-driven organization, with an inclusive culture that focuses on doing what is right. The well-being of our people is as important to us as the resilience of our systems. In addition to encouraging our people to ‘locate for their day,’ we run a range of initiatives that support employees’ sense of belonging and physical, emotional and mental well-being.

Our extensive benefits for employees typically include:

• Vacation/annual leave: 25 days in UK/Asia + 3 life days, 23 in US + 3 life days.
• Private medical and dental cover and life insurance.
• Generous pension contributions in the UK and Asia; matching 401(k) in the US.
• ‘Locate for your day’ hybrid working – 2 days a week in office.
• Access to Discover – our learning platform with 1000+ courses from LinkedIn Learning.
• Paid parental leave / Coaching and support services.
• ‘Heads down days’ with no meetings on the last Friday of every month.
• Diversity Council / Affinity groups (Women’s Forum, Black Employee Network, Pride Network, Parents & Caregivers Network, Sustainability Network).
• Social events.

Awards:

• The Sunday Times Best Places to Work 2023 & 2024 / Big Company / The Sunday Times Awards.
• Third place in Britain’s Healthiest Workplace 2022 / Medium Company / Vitality Awards.

• Mid-Senior level

• Full-time

• Information Technology
• Industries: Banking, Investment Banking, and Financial Services