Job Details

Job ID
Job Title
Principal Security Incident Response Specialist
Position Type
Business Brand
PF Group IT Strategy
Bradford / London
Competitive + Bonus
About Us

About Us

PFG is a leading specialist bank for the millions of people in the UK who are not well served by mainstream lenders. As a business, our purpose is to help put people on a path to a better everyday life with our clear and responsible approach to lending; an approach built on over 141 years of experience.

PFG is a unified group made up of three brands: Vanquis (cards and loans), Moneybarn (vehicle finance) and Sunflower (loans). While they all offer different products and services, they each share the common purpose and customer-centric values at the heart of our group. We understand our customers are real people with real and varied life experiences, so everything we do from our products to our customer experience is designed with this in mind.

About the Role

About the Role

Reporting to Group Security Operations Manager, this role requires a high level of interaction with all business areas, including Finance, Credit, Marketing and Operations. This position also requires inter-IT cooperation.
You will support the IT Security Operations team to achieve the highest standards in providing IT Security Assurance within the Bank. You will also lead the Security Incident Response Team (SIRT) and be responsible for all security incidents and the continual growth and maturity of the SIRT.

Key Responsibilities

  • Own the Security Incident Management processes and procedures to support business policies and operations.
  • Manage Security Incidents to a resolution and retrospectively implement improvements.
  • Ensure efficient and effective, proactive, and reactive security monitoring and defence across the Groups information assets and ensure monitoring improvements are prioritised and delivered.
  • To ensure regular KPIs are reported on and presented to senior management and identify areas for improvement and make recommendations accordingly.
  • Ensure that security incident response processes and procedures are efficient, effective and are tested regularly in line with policy.
  • Define, develop, and maintain operational checks to ensure the confidentiality, integrity and availability of the Groups information assets is maintained and in-line with compliance and regulation.
  • Ensure that all Audit and Data Protection requirements are met and adhered to by the Business and Security department, as well as assist in maintaining compliance against industry standards and regulations e.g. DPA, PCI-DSS.
  • Ensure the Group meets the requirements of PCI and other Security standards with respect to Security Incident Management.
  • Proactively engage with stake holders and system owners in the management, ownership, and treatment of information security risks within the Group.
Skills and Experience

Skills & Experience :

  • Proven experience leading security teams including the development and maturity of services both internally and externally.
  • Extensive experience working in an IT Security Incident Response Leadership role, preferably in a Financial Organisation.
  • Experience managing and co-ordinating security incidents, working closely with other security teams, IT incident management, Crisis Management, BCM, Data Protection etc.
  • Experience maintaining a current view of the cyber threats and being able to advise the business on the threat landscape and attacks which may be relevant.
  • Hands on experience of security monitoring tool configuration and maintenance.
  • Deep technical knowledge of incident response and investigation processes.
  • A strong technical background in a SOC, Digital Forensics or Malware Analysis.

The Benefits
The satisfaction of working for a successful and ethical business who are here to help people is a big benefit of joining us, but it is not the only one. We will invest in your development, giving you the support and training to become better and better at your job. We take the work/life balance seriously, with plenty of flexible working options. Working in a bright and refreshingly relaxed environment, you will find your opinions are valued and listened to.

On top of all this, we will give you a package including:
  • Competitive base salary and rewards
  • Discretionary bonus scheme
  • 25 days annual leave entitlement (increasing with length of service)
  • Pension Scheme
  • Extensive opportunities for personal and career development
  • Flexible and dynamic working policies

Inclusion & Diversity Statement
We know that by having a better, more inclusive culture and a diverse group of colleagues, we can support our customers and each other in the best way possible. We also believe this goes a long way to helping us live our purpose and defines why we are here in the first place: to help put people on a path to a better everyday life.
We are an equal opportunities employer and we want people to join us no matter how they identify, their sexual orientation, marital or civil partner status, race, colour, nationality, ethnic or national origin, religion or belief, disability or age
We want to attract and retain the best people. So, we make sure that, if people need it, they are given all the extra support and reasonable adjustments to take part in any part of our application or interview process. We have also got lots of colleagues who choose to work flexibly, so please feel free to talk to us about how you prefer to work at any time.
We think that if you can Be Yourself in the workplace, you will do your best work and enjoy being part of the team and as a business we get to benefit from that and to celebrate all the wonderful things that diversity brings.