Information Security Engineer
Bristol, England, United Kingdom - Remote
Applications have closed
NMI
NMI's payment infrastructure enables payments from a single, easy-to-use payment gateway to deliver exceptional payment processing for innovative businesses & their merchants.As part of our growing operational security function we are looking for a passionate Information Security Engineer eager to get hands on with today's security issues to join our team in Bristol, UK.
With 2+ years experience in an Information Security role preferably with exposure to PCI-DSS compliance and operating in a FinTech environment, you will be responsible for implementing information security best practices and procedures to ensure our systems are secure and that we continue to deliver Level 1 PCI-DSS compliance and above.
Passionate about Information Security, you will be comfortable working in a fast paced dynamic environment proactively responding to emerging threats swiftly and appropriately. You should have experience of working as part of a wider Information Security Team and liaising with IT teams.
What will I be doing?
You will be joining a small team, split between the UK and the US and be responsible for maintaining security systems, tuning security tools and ensuring compliance with relevant policies and procedures across a number of environments. You will monitor our Vulnerability Management platform and external vulnerability sources, help run our SIEM, Endpoint Security solution. You will help NMI identify and evaluate threats, vulnerabilities and risks that affect our payment processing and enterprise environments. You will also be working with our Compliance team to support the company's compliance programmes helping to audit settings and provide evidence of compliance.
You will work closely with Infrastructure and Development teams to ensure that risk is minimised and managed effectively across our payment platform and enterprise environments. The role will be hands-on and varied with tasks ranging from Vulnerability management, SIEM management, Log Reviews,, IPS, Anti-Virus, Software reviews and others. No two days will be the same.
You will be expected to communicate effectively at all levels of the business adapting your approach based on the technical understanding of the target audience. You will understand compliance requirements and be able to deliver evidence as well as address compliance issues in a timely fashion. You will be a point of contact within the company on security queries from internal and external sources.
Requirements
Essential
- A positive “can do” attitude
- 2+ years in an Information Security role
- Enthusiastic and passionate about Information Security
- Exposure to Windows, Linux, VMware and Network Security
- Exposure to SIEM, security logging and event management
- Solid background in vulnerability management, system hardening and patching
- Exposure to EDR
- Good understanding of security principles
- Experience of a risk based approach to security
- Track record of acting with integrity and confidentiality, in accordance with professional codes of ethics and the law.
- Passionate about learning new skills and self-development.
- Excellent written and verbal communication skills
- Ability to work on your own initiative with excellent analytical and problem solving skills
- Thorough and meticulous attention to detail
- Flexible approach to dealing with changing business needs
- Willing and able to travel (USA in particular)
Desirable:
- Information Security Certification (CISSP, CISMP, CEH etc).
- Previous experience in Cloud technologies
- Direct experience of PCI-DSS Level 1 audits
- Basic understanding of encryption including PKI
- Previous experience of Incident Response procedures
- Previous experience of SecOps and automation
- Experience assessing third parties for risk
- Experience in threat hunting
- Previous experience managing a vulnerability program
Benefits
As well as being a part of something exciting everyday, you will also receive the following benefits:
- Annual salary of £45,000 - £60,000 based on your experience and skills
- Annual bonus scheme
- 25 days holiday each year (+ bank holidays + 1 day after each year of service with up to a max. of 30 days)
- Workplace pension scheme
- Private medical insurance (upon successful completion of your probationary period)
- 7 hours per day, 35 hours per week
- A flexible hybrid working arrangement
- Great work-life balance with our Flexi-time policy
- Family Friendly policies (Enhanced Maternity and Paternity Pay and Shared Parental Leave).
- A chance to develop with an allocated company training budget
- Bike2Work Scheme
- Lifeworks, an Employee Assistance Programme which offers wellbeing, family and financial support services, such as assessments, resources and even 1:1 counselling sessions. It also offers interesting perks such as discounts on gyms, restaurants, high street retailers and cinema tickets.
- A strong commitment to employee wellbeing including mental health first aiders and weekly yoga sessions.
- Employee referral scheme with generous financial reward
- Bonusly colleague reward scheme
We’re looking for creative and passionate people who share our vision of making payments easy. If that sounds like you and you meet the requirements above, then please click on 'Apply for this job'!
We are an Equal Opportunities employer and will provide reasonable support throughout the recruitment process to applicants who have a disability. Please let us know in advance so that any support, aids or adaptations can be put in place to assist you.
Please be aware that all offers of employment are made subject to receipt of satisfactory background and financial checks.
Tags: Audits Automation CEH CISSP Cloud Compliance EDR Encryption Endpoint security FinTech Incident response IPS Linux Network security PKI SecOps SIEM VMware Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development Flex hours Health care Insurance Medical leave Parental leave Salary bonus Travel Yoga
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs