Head of Information Security
London, England, United Kingdom
BMLL
BMLL Technologies is the leading, independent provider of Level 3 Historical Data and Analytics for the world’s most sophisticated Capital Markets…About BMLL
We are the leading, independent provider of harmonised, Level 3 historical data and analytics to the world’s most sophisticated capital market participants. BMLL offers banks, brokers, asset managers, hedge funds and global exchange groups immediate and flexible access to the most granular Level 3, T+1 order book data and advanced analytics, enabling them to accelerate research, optimise trading strategies and generate alpha at unparalleled speed and scale.
For more information, please visit our website, www.bmlltech.com or visit our Twitter, @bmlltech or LinkedIn, @BMLL.
Background
The BMLL Lab offers our clients an environment in which they can analyse historical market data together with their own data. The security and availability of that platform is of paramount importance to BMLL and our customers. We are therefore creating a new role of Head of Information Security to manage all security risks and help us achieve ISO 27001 certification.
Our systems are entirely cloud-based, in AWS, and we aim to employ modern DevOps and DevSecOps practices to enable rapid product development whilst maintaining security.
Responsibilities
- Develop and maintain a technology risk strategy, framework and register
- Establish an Information Security Management System certified to ISO 27001 & ISO 27017, and drive delivery of the associated improvement plans
- Establish a Business Continuity Management System compliant with ISO 22301, including incident management, and drive delivery of the associated improvement plans
- Oversight of all processes used within the technology team (development, change management)
- Respond to client and prospect resilience enquiries and questionnaires
- Understand the landscape of regulation & compliance for our clients
Role
This role reports to the CTO. You will:
- be able to explain our approach to InfoSec to clients, investors and the Board;
- have a good knowledge of the infosec landscape: partners, tools, threats;
- provides an vision for InfoSec, so that it can function as a partner to business;
- provide direction to the DevOps team on cloud security;
- gather threat intelligence & manage our security posture.
Requirements
Relevant Skills
- Experience as an information security manager
- FinTech / financial services / banking
- Cloud exposure
- ISO 27001
- Information security strategy
- Good communication skills
Nice to Have
- CISSP or equivalent qualification
- ISO 22301
- Familiarity with FCA/PRA operational resilience requirements
Benefits
- Competitive salary
- 25 days holiday plus bank holidays
- Share Options after completion of probationary period
- Pension Scheme
- Combination of remote and London based office working
- A Wellbeing Physical Activity budget
- Continuous learning through training and challenging projects
- Collaborative culture
- Life insurance
- Weekly team lunches
- Free fruit, snacks and drinks provided throughout the day (when office based)
- Fridge fully stocked with beer and wine (when office based)
- Regular Team Socials
- Cycle to Work Scheme
We are an inclusive employer and welcome applicants from all backgrounds. We pride ourselves on our commitment to Equality and Diversity and are committed to removing barriers throughout our hiring process - if you have any special requirements or require reasonable adjustments to help you access career opportunities at BMLL, please do let us know careers@bmlltech.com
Tags: Analytics AWS Banking CISSP Cloud Compliance DevOps DevSecOps FinTech ISO 22301 ISO 27001 Security strategy Strategy Threat intelligence
Perks/benefits: Career development Competitive pay Equity Flex hours Lunch / meals
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs