Job Specifications
Who we are
Hello, we’re Zempler Bank, formerly Cashplus Bank. We’re here to make money simpler. We know that banking isn’t at the top of most people’s to do lists, that’s why making it less of a chore is at the top of ours. We don’t do banking the traditional way – the wrong way. We do banking that works for the people that need it, when they need it. We’re for the crafters, the grafters, and the self starters
We are a “Top 100 Best Companies” employer & Top 25 Financial Services businesses to work for in the UK. Our mission statement, which underpins everything we do, is to provide the UK’s underserved businesses with easy to access and simple to use banking services that helps them succeed.
Ready to make a real impact in Information Security?
At Zempler Bank, we’re not just safeguarding systems! We’re protecting trust. We’re looking for an Information Security Engineer who’s passionate about building robust security frameworks and ensuring compliance that keeps our customers and colleagues safe.
This is your chance to join a forward-thinking team where your expertise will help shape the future of secure banking. We value diversity, collaboration, and fresh ideas because we know the best solutions come from different perspectives. If you’re curious, proactive, and driven by doing things the right way, we’d love to hear from you.
Hybrid Working
We are very proud to offer one of the most flexible hybrid working arrangements in the industry!
The expectation for this role, will involve a minimum of one day each month - working out of our London Bridge office.
Key Accountabilities Include
Security Control Framework
Ensure high levels of information security are maintained across Zempler Bank and assist other technical teams to understand and meet those high levels based upon PCI-DSS compliance and NIST�CSF
Lifecycle Support
Support management of Information Security assets to ensure they are secure and fully supported, including Patch and Vulnerability management to agreed standards
Incident Response
Configure and respond to monitoring alerts for issues detected by Information security tools, supporting incidents 24x7 (average once per month) as required, escalating when required
Support the Post Incident Resolution (PIR) process and provide recommendations to avoid future incidents
Documentation
Maintain documentation and configuration repositories, including security diagrams, IT asset management systems and agreed
documentation
Document and share knowledge with other members of the team, including delivering training sessions when required
Change Management
Support the wider project and change programme, design and deliver agreed improvements following governance processes and industry best practices including documentation
Ensure all changes are released or made into controlled environments following agreed and repeatable processes, including roll-back to a known working state
Reporting
Provide agreed reporting and updates to the Chief Information Security Officer and wider team, including accurate status of tickets being worked on
Threat and Risk Management
Risk mitigation through best practice and by following company procedures
Identify risks and escalate to management, maintain the Information Security risk register and support the wider Enterprise Risk
Management framework
Use horizon scanning to keep abreast of relevant new technologies, security threats and regulatory changes
Qualifications, skills and experience
Essential:
Prior experience of working within an Information Security team
Experience and familiarity with one or more of the following security tools: Logrythm SIEM, McAfee suite, Firewalls, Officer
365 Compliance tools, CASB
Experience and ability to achieve and maintain PCI, or similar security standards (e.g. NIST-CSF, ISO 27001)
Experience in Windows Server, security configuration: Windows 2012, 2016; Active Directory; Group Policy, Certificate Services;
Office 365 and Windows 10 security configuration
Automation through scripting and other tools
General security technical skills: networks, storage area networks, backups, firewalls, virtualisation, virtual desktop environments,
monitoring, alerting, efficiency and optimisation, documentation, procedural controls, identity and access management, automation,
24x7 support
Good verbal, written communication and interpersonal skills
Desirable:
Experience with CentOS/RHE, Kali Linux, Penetration Testing, Red Teaming.
Ideally CISSP, MCSE and ITIL qualified
Experience working in financial services, payment organisations, Banks or an understanding of working in a regulatory environment where good governance is a requirement and a benefit
Membership of relevant professional body
Strong understanding of open data sources and supporting the delivery of APIs, e.g. for open banking
In Return You’ll Enjoy
· Competitive basic salary
· Additional benefit allowance representing 7.5% of your annual salary allowing you
About the Company
Hello, we're Zempler Bank, formerly Cashplus Bank.
We're here to make money simpler.
We know that banking isn't at the top of most people's to do lists, that's why making it less of a chore is at the top of ours.
We don't do banking the traditional way - the wrong way. We do banking that works for the people that need it, when they need it.
We're for the crafters, the grafters, and the self starters. The bank for sole traders and those just starting up. And small businesses with growth on their minds and less time tha...
Know more