Information Security Engineer
Security
Information Security Engineer
GAIN Capital
Kraków
Type of work
Undetermined
Experience
Senior
Employment Type
Permanent
Operating mode
Office
Tech stack
Cybersecurity
Information Security Frameworks
Vulnerability Assessment
SIEM systems
Job description
GAIN Capital provides retail traders and institutions with exceptional liquidity, service, and technology to trade OTC and exchange-traded markets. Our businesses include global CFD and FX brands FOREX.com and City Index; and our futures group, which provides access to the world's major commodity and derivatives trading on over 30 global exchanges. We are expanding, and we're recruiting for 100 new roles in our brand new technology hub in Poland.
We are looking to hire a driven and ambitious Information Security Specialist who has a proven track record of implementing and running cybersecurity tools and projects.
We are looking to hire a driven and ambitious Information Security Specialist who has a proven track record of implementing and running cybersecurity tools and projects.
This role will help execute our information security strategy. You will analyze and recommend security enhancements, take ownership of tools, and coordinate responses to cybersecurity events.
Responsibilities:
- taking ownership of the cybersecurity strategy and incident response
- architecting, implementing and running security tools and processes
- driving the deployment and operationalization of cybersecurity initiatives
- being responsible for the definition and monthly reporting of security performance metrics
- using industry-standard analysis criteria to test the security level of the firm
- designing and implementing the penetration test and vulnerability management process
Requirements
- strong knowledge of PCI DSS, ISO 27001, SSAE18 or other internationally recognized information security framework
- working knowledge of vulnerability assessment tools, covering at least one of Tenable, Qualys or Rapid7
- strong skills in securing Office 365, including MDM and DLP
- strong skills in security incident response management
- experience designing secure networks, systems and application architectures
- experience planning, researching and developing security policies, standards and procedures
- strong experience with hands-on security engineering, including hardening of operating systems, Active Directory, endpoint protection, IPS and data loss prevention.
- experience of implementing and monitoring SIEM systems and managing associated incident response processes
Nice to have:
- CREST, CISSP or CCRI qualifications
We offer:
- competitive compensation package including an annual performance bonus opportunity
- competitive benefits package, including health care, gym pass, life insurance, and lunch vouchers
- superior co-working and personal development experience
- spacious and modern office space in the heart of old Kraków
- kitchen full of coffee, tea, snacks, and fresh fruits
Recruitment process:
- HR screening
- 1st Technical Interview (on-line)
- 2nd Technical Interview (on-side + VC)