PFG is a leading specialist bank for the millions of people in the UK who are not well served by mainstream lenders. As a business, our purpose is to help put people on a path to a better everyday life with our clear and responsible approach to lending; an approach built on over 141 years of experience.
PFG is a unified group made up of three brands: Vanquis (cards and loans), Moneybarn (vehicle finance) and Sunflower (loans). While they all offer different products and services, they each share the common purpose and customer-centric values at the heart of our group. We understand our customers are real people with real and varied life experiences, so everything we do from our products to our customer experience is designed with this in mind.
About the Role
As the Security Incident Response Specialist you will review current IT Security Operations processes to ensure they are applicable and fit-for-purpose, and where needed you will liaise with other departments to improve knowledge and understanding. Ensure how-to flow diagrams are produced for any process or procedure that is carried out by the Security Operations team.
This is an exciting time to join a new team who are building from the ground up. Within Security Operations, we have dedicated teams working on their chosen specialism, allowing them to hone their skills.
- Maintain the Security Incident Management processes and procedures to support business policies and operations.
- Support, investigate and manage Security Incidents to a resolution and retrospectively implement improvements.
- Ensure efficient and effective, proactive, and reactive security monitoring and defence across the Groups information assets.
- To ensure regular KPIs are reported on and identify areas for improvement and make recommendations accordingly.
- To provide security incident response and ensure processes and procedures are efficient, effective and are tested regularly in line with policy.
- To develop and maintain operational checks to ensure the confidentiality, integrity and availability of the Groups information assets is maintained and in-line with compliance and regulation.
- To ensure that all Audit and Data Protection requirements are met and adhered to by the Business and Security department, as well as assist in maintaining compliance against industry standards and regulations e.g. DPA, PCI-DSS.
- To ensure the Group meets the requirements of PCI and other Security standards with respect to Security Incident Management.
- To proactively engage with stake holders and system owners in the management, ownership, and treatment of information security risks within the Group.
- To work with third party security partners to mature and improve services provided to the Group
Skills & Experience:
- Experience working in an IT Security Operations role, preferably in a Financial Organisation, with knowledge in the following areas:
o Vulnerability Management
o Microsoft Windows Server family of products.
o Linux Operating Systems
o VMWare VSphere and associated technologies.
o Operational experience of PCI DSS
o Thorough understanding of TCP/IP
o Knowledge of Microsoft desktop applications essential.
o Identity and access management systems
- Experience managing and co-ordinate security incidents, working closely with other security teams, IT incident management, Crisis Management, BCM, Data Protection etc.
- Experience maintaining a current view of the cyber threats and being able to advise the business on the threat landscape and attacks which may be relevant.
- Hands on experience of security monitoring tool configuration and maintenance.
- Security incident response capability maturity assessment.
- Deep technical knowledge of incident response and investigation processes.
- A strong technical background in a SOC, Digital Forensics or Malware Analysis.
- Excellent client facing skills.
The satisfaction of working for a successful and ethical business who are here to help people is a big benefit of joining us, but it is not the only one. We will invest in your development, giving you the support and training to become better and better at your job. We take the work/life balance seriously, with plenty of flexible working options. Working in a bright and refreshingly relaxed environment, you will find your opinions are valued and listened to.
On top of all this, we will give you a package including:
- Competitive base salary and rewards
- Discretionary bonus scheme
- 25 days annual leave entitlement (increasing with length of service)
- Pension Scheme
- Extensive opportunities for personal and career development
- Flexible and dynamic working policiesâ€‹â€‹â€‹â€‹â€‹â€‹
Inclusion & Diversity Statement
We know that by having a better, more inclusive culture and a diverse group of colleagues, we can support our customers and each other in the best way possible. We also believe this goes a long way to helping us live our purpose and defines why we are here in the first place: to help put people on a path to a better everyday life.
We are an equal opportunities employer, and we want people to join us no matter how they identify, their sexual orientation, marital or civil partner status, race, colour, nationality, ethnic or national origin, religion or belief, disability or age
We want to attract and retain the best people. So, we make sure that, if people need it, they are given all the extra support and reasonable adjustments to take part in any part of our application or interview process. We have also got lots of colleagues who choose to work flexibly, so please feel free to talk to us about how you prefer to work at any time.
We think that if you can Be Yourself in the workplace, you will do your best work and enjoy being part of the team and as a business we get to benefit from that and to celebrate all the wonderful things that diversity brings.