Platform Security Analyst

Role Description●      Key enabler of secure and compliant platform security across common technologies shared across business products;●      Expert in attack paths across the technology stack, including tactics, techniques and procedures (TTPs) used by adversaries to exploit vulnerabilities;●      Trusted advisor throughout the platform, infrastructure and/or development lifecycle, incorporating knowledge of emerging threats, business goals and system design to improve platform security posture;●      Responsible for aligning the Markets security strategy, security design and controls engineering to infrastructure/platform roadmap;●      Responsible for providing transparency to leadership on platform/infrastructure control performance and associated risk.
Key TasksWithin the Platform Security Function Team as part of ION Markets, you will deal with the following activities:●      Monitor and identify security events and emerging threats associated with the platform and any dependencies;●      Act as the interface between CSIRT and Infrastructure/Platform teams as part of security incident activities;●      Deliver threat modelling and hunting to identify vulnerabilities in platform/infrastructure design and provide control recommendations to mitigate those risks;●      Engage in architecture and design reviews to ensure platform alignment with Security strategy and industry best practices;●      Stay up to date with industry trends, best practices and regulatory standards that may impact product implementations;●      Support the engineering of control solutions where existing offerings are not available;●      security expertise during incident and problem management.

Required Skills, Qualifications, and Experience  Knowledge of: ●      Working within the technical financial services industry, or other highly regulated industries●      Information security management, governance, and compliance principles, practices, laws, rules and regulations, e.g. NIST, ISO, NIS, DORA and GDPR;●      Information technology systems and processes, network infrastructure, data architecture, data processes and protocols;●      Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration, e.g. CIS, CSF; Skills in:●      Security Tooling: Proficiency in common security tools, such as SIEMs, vulnerability scanners, firewalls and EDR products;●      Scripting: Proficiency in scripting languages like Python or PowerShell;●      Security Incident Management: Ability to assist with the detection, response, and recovery of escalated security incidents and manage backlog/lessons learned actions;●      Risk Assessment: Proficiency in conducting security risk assessments and providing thorough post-event analyses;●      Security Expertise: Providing security expertise during incident and problem management;●      Communication: Strong communication skills to explain complex security issues to both technical and non-technical audiences. Ability to:●      Effectively communicate technical issues to diverse audiences, both in writing and verbally;●      Handle sensitive and confidential matters, situations, and data;●      Understand and follow broad and complex instructions;●      Comprehend technical language and to confer, analyse and write in an objective, lucid manner;●      Work independently and prioritize multiple tasks and adapt to needed changes;●      Remain calm under high pressure/difficult situations. Preferred Certifications:●        GCIH;●      CSEC;●      CSSLP;●      CISSP.

About Us:We’re a diverse group of visionary innovators who provide trading and workflow automation software, high-value analytics, and strategic consulting to corporations, central banks, financial institutions, and governments. Founded in 1999, we’ve achieved tremendous growth by bringing together some of the best and most successful financial technology companies in the world.·       Over 2,000 of the world’s leading corporations, including 50% of the Fortune 500 and 30% of the world’s central banks, trust ION solutions to manage their cash, in-house banking, commodity supply chain, trading and risk.·       Over 800 of the world’s leading banks and broker-dealers use our electronic trading platforms to operate the world’s financial market infrastructure.ION is a rapidly expanding and dynamic group with 13,000 employees and offices in more than 40 cities around the globe.Our ever-expanding global footprint, cutting edge products, and over 40,000 customers worldwide provide an unparalleled career experience for those who share our vision.ION is committed to maintaining a supportive and inclusive environment for people with diverse backgrounds and experiences. We respect the varied identities, abilities, cultures, and traditions of the individuals who comprise our organization and recognize the value that different backgrounds and points of view bring to our business.ION adheres to an equal employment opportunity policy that prohibits discriminatory practices or harassment against applicants or employees based on any legally impermissible factor.
Important notes:According to the Italian Law (L.68/99) please note that candidates from the disability list will be given priority. Due to the high volume of applications, only those candidates that meet the required criteria for selection will be contacted. Please do not apply if you don’t currently have the legal right to work in Italy, or if that right is just about to expire, or if that right has restrictions imposed which would prevent you from undertaking a full-time employment contract.