Cyber Security Incident Response Team (CSIRT) Lead
London
Monzo
Join over 9 million people with a Monzo bank account. Free current accounts, joint accounts and business banking for all! We make money work for everyoneAt Monzo we’re aiming to build the best bank in the world. We are always keen to hear from capable, creative people who want to help us accomplish that goal. We want our bank to be safe and secure for our customers, so security is very important to us.
Security at Monzo
We are looking for a proactive, technically-minded and organised CSIRT Lead to join our Information Security team in the bank’s 1st line of defence which has the ownership, responsibility and accountability for directly assessing, controlling and managing risk.
The team is part of Monzo’s Security team which has a wide range of responsibilities, from infrastructure security to application and information security.
You will be working directly with the engineers who are building our platform (rather than in a stand-alone compliance team.
As a bank, we are solving diverse, novel problems to ensure that our customers and data are secure, you will have the opportunity to make a direct impact on that.
One of the guiding principles of security at Monzo is that security at the expense of user experience is a last resort. We aim to move mountains in the background such that we can build world-class features without compromising on security.
You will be the CSIRT Lead for Monzo. You will be responsible for all aspects of information security incident response, including:
- Owning, defining and building the end to end information security incident response capability at Monzo.
- Understanding the technical environment at Monzo, the current systems and processes and working through the way information security incidents are currently handled.
- Understanding and articulating (in a way you define) the current level of maturity of information security incident response at Monzo.
- Outlining the short and long term strategy for information security incident response at Monzo including technology, people and processes required to support your strategy.
- Owning and operating any technology required to support incident processes at Monzo.
- Making sure that Monzo meets its regulatory requirements regarding information security incident response.
- Being the central point of contact for all information security incident response activities at Monzo.
- Bringing innovative and cutting edge insights to Monzo on the latest ways to manage and deal with information security incidents.
- Defining and implementing methods to continually measure the level of maturity of information security incident response across Monzo.
- Work with risk and compliance and across the business to ensure that sufficient controls are in place to mitigate known security risks in this area.
- Reporting incident status and updates to the relevant governance committees (e.g. Security Council)
- Work with risk and compliance to deliver management information (KRIs) for monthly security risk reporting to the Board and as required.
You should apply if:
- You have a strong background in information security incident response in a commercial environment, preferably a tech company.
- You are comfortable working autonomously and can build an incident response function from the ground up
- You have previously developed and delivered innovative incident response solutions throughout a commercial environment;
- You have experience of dealing with stakeholders at all levels of the organisation;
- You are an excellent communicator, both verbally and in writing;
Logistics
- This can be based in our new London office or remote.
Equal Opportunity Statement
At Monzo, embracing diversity in all of its forms and fostering an inclusive environment for all people to do the best work of their lives with us. This is integral to our mission of making money work for everyone.
We're an equal opportunity employer. All applicants will be considered for employment without attention to ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity status or disability status.
Tags: Compliance CSIRT Governance Incident response Strategy
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs