Skip to main content

This job has expired

IT Security Engineer (Financial Services)

Employer
Lloyds Banking Group
Location
London
Salary
£57,861 - £75,710
Closing date
11 Feb 2022

View more

Job Details

IT Security Engineer (Financial Services)

Lloyds Banking Group


London based (please only apply if able to work in the London location, some home working available)

Salary & Benefits: £57,861 to £79,497 (depending on experience) base salary, plus annual personal bonus, 15% employer pension contribution (when you put in 6%), 4% flexible cash pot, private medical insurance, 30 days holiday plus bank holidays.

We also offer flexible working hours, agile working practices and regular home working. We aim to ensure you have a good work-life balance and positive mental health.

Who are Lloyds Banking Group?

Lloyds Banking Group is the UK's leading digital franchise, with over 13 million active online customers across our three main brands - including Lloyds Bank, Halifax and Bank of Scotland - as well as the biggest mobile bank in the country. We're building the bank of the future, and we need your help.

Where does this role Sit?

An exciting opportunity has arisen within Digital Platform where a new lab is being mobilized to provide an Identity and Authentication Platform as a service. The Platform will need to meet the Strong Customer Authentication regulatory commitments, enable innovation to help lead into the bank of the future and trailblaze within the Industry. The Platform will support and grow a wide range of authenticators to serve the Bank's digital channels.

What will I be responsible for?

We are looking for API Security Specialists to join our growing team to influence and shape our Identity & Authentication Platform with a "secure-by-design" strategy.

As a IT Security Engineer, within product development team you'll work closely with both other software engineers and the wider engineering community including architects, security, data, SRE, DevOps and a range of shared teams to deliver business value by delivering reliable, scalable and working software to production.

Key to this role is the ability to work autonomously, holistically and critically assess situations and solutions. The pace and scale of change taking place requires a passion for new thinking, new ideas, and continuous improvement, as well as a flexible approach when interacting with wider teams.

Within cross functional product engineering team, you will be representing Cyber Security, will be responsible for helping the engagements at different security forums, and help assess the risks to ensure the businesses can operate safely.

Here's how you will make a difference!

  • Be responsible for driving the Platform secure-by-design model through delivery and into operations.

  • Present the Auth Platform security at local governance forums and working groups whilst collaborating across Engineering and Architectural teams to influence design decisions and propose secure solutions.

  • Act as a security evangelist, nurture the skills of junior engineers and other engineers in the team whilst developing your own.

  • Having a firm appreciation of Cyber Security elements gained through an appropriate level of experience is expected.

  • Review architectural designs, produce threat & risk assessments and Security designs for the platform that you would be engaged on

  • Scope penetration tests and bring their outputs to resolution

Technical Skills and Experience:

  • A technical background gained within Cyber Security

  • of data protection, security frameworks and security standards such as GDPR, Identity and Access management, PCI DSS, Basic CVE understanding (MITRE), OAUTH 2 and OIDC, NIST Cyber Security Framework.

  • A CISSP or CISM certification (or working towards it).

  • Experience with designing APIs, messaging technologies (Kafka, MQ) and Microservices.

  • Experience with a variety of automated security scanning tools for CI/CD pipelines - DevSecOps tooling and automation frameworks (SAST, DAST).

  • Good knowledge of OWASP covering application security

  • Threat modelling i.e Stride

  • Basic knowledge of application and infrastructure penetration testing.

  • Basic understanding of network security.

  • Basic knowledge of Cryptographic protocols and controls i.e. Key Management.

  • Basic understanding of Unix Security.

What will you get in return?

On top of our team ethos we're genuine about both equal opportunity and our colleagues representing the communities we serve - developing and advancing the best in our people through personal development, training, qualifications and upskilling on the job.

The sheer scale and size of Lloyds brings great career development opportunities and we are set to continue to grow our Engineering functions across the group for many years to come.

Together we'll make it possible… 

Company

We’re creating an organisation that attracts, retains and develops the best talent in the industry, and one that openly embraces diversity too. But more than that – we want to be a great place to work. We invest in our people, offering the best training and coaching, and by encouraging them to contribute to our leading corporate and social responsibility practices. We offer flexible working hours and days, under our Work Options scheme. This means that you can have a challenging and rewarding career, and still have an ideal work/life balance.

Flexible working is at the heart of our strategy. We’re re-imagining where, when, and how our people work, with new approaches designed to meet the ever-changing needs of customers and colleagues. These include increasing our use of remote-working tools and technology, as well as placing less reliance on a 9-to-5 mindset. For many of our office-based colleagues, we work in hybrid ways which involves spending at least two days per week or 40% of their time at one of our office sites.

View our Top Employer profile

Company info
Website

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert