<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=378468&amp;fmt=gif">

Our experts partner with compliance teams around the world to provide customizable, user-friendly software solutions designed to simplify every-day compliance processes while ensuring you meet the strictest regulatory standards.

Our system offers a host of benefits and reassurances for compliance leaders, compliance teams and technology specialists.

Automated conflict of interest detection and mitigation helps your compliance teams work better, faster and more effectively. The rigor of our reporting, surveillance, certification and security systems provides complete peace of mind for Chief Compliance Officers and board members.

Helping you to detect and prevent market abuses that could jeopardize your reputation and regulatory compliance. Actively manage insider lists and investigate employee trading in the context of current market activity and events.

Clear deals faster. Centralize deal data. Reduce your risk. Compliance Control Room lets you organize, manage, and monitor your firm's most important information flows from a single platform.

Whether for work or pleasure, it’s a mobile world. And a mobile workforce calls for mobile solutions. Introducing STAR Mobile. With STAR Mobile, employees pre-clear activity and report transactions on-the-go. Supervisors review escalated requests anywhere there’s a cell connection.

Helping you to actively manage employee trading in the context of market activity and events to guard against insider trading.

Create unlimited projects to easily manage and monitor dynamic lists of employees who have access to insider information.

Compliance Control Room's enterprise-level single platform centralizes all your firm's deal-related activity—letting you manage control room activities more efficiently and effectively.

Increase employee participation. Increase data accuracy. Increase responsiveness. STAR Mobile is a native app that makes compliance simple, easy, and convenient.

Your dream job is just a click away

View All Jobs View LinkedIn

Information Security Engineer

Location: York, England

Hours: Full Time

The Information Security Engineer plays an integral role in the Information Security and Data Protection team. This team is responsible for implementing StarCompliance’s Governance, Risk and Compliance strategy. Knowledge of and compliance with standard security and privacy frameworks is paramount to this role along with solid communication, organisational and people management skills. 

The Information Security Engineer shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies. They will be responsible for designing, implementing and/or integrating IA and security systems and system components, including those for networking, computing, and enclave environments to include those with multiple enclaves, and with differing data protection/classification requirements. They will contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.

 

Responsibilities 
  • Promote a culture of security initiatives and activities to support and improve Information Security Awareness across the organization.
  • Partners with all areas of the company to communicate the importance of strong programs, works to develop solutions to achieve company’s objectives, and incorporates security into how we do business.
  • Translate risk in technical and non-technical terminology so that it can be interpreted by employees at all levels, including business stakeholders
  • Implement security vulnerability testing tools to provide continuous monitoring and patch verification.
  • Assist with day-to-day security operations in administering, monitoring, escalating, containing, and remediating security events/issues/incidents from Information Security Systems.
  • Partner with Infrastructure team to identify, plan and remediate threats and vulnerabilities.
  • Assist with Security Incidents Management: planning, detection & analysis, containment, eradication, recovery and post incident activities.
  • Support and help develop ongoing Secure Code Analysis best practices within the Software Development Lifecycle.
  • Report on and develop Security Metrics.
  • Assist in the creation and enforcement of Information Security Policies and Standards.
  • Assist with the responses to client and prospect security questionnaires and requirements.
  • Assist with third-party and vendor assessments such as penetration tests, security risk assessments and internal/external security audits.
  • Remain up-to-date with new data and privacy legislation as well as emerging security technologies and understand/translate their risk relevance to the StarCompliance environment.
  • Participate in the development and monitoring of business continuity and disaster recovery planning.
  • Travels to client locations around the world on an as-needed basis to deliver presentations and assist in pre- and post- sales activities.

Mandatory Skills, Knowledge or Experience
  • Positive, professional demeanour and well experienced working within a client orientated setting (internal or external), leading conference calls and in-person meetings where required.
  • A general understanding of today’s threat landscape and information security architectures, as well as applicable laws, regulations, and compliance frameworks (ISO 27001, SSAE18, NIST, GDPR, PCI- DSS, etc.)
  • Knowledge of incident response and the creation, execution, and reporting of such activities.
  • Knowledge of Malware identification, containment, and eradication.
  • Knowledge of access control systems, PKI, multi-factor authentication, and entitlements management.
  • Knowledge of information security systems such as Endpoint Protection, Firewalls, SIEM technologies, VPN’s, Data Loss Prevention systems and Intrusion Detection/Prevention systems.
  • Knowledge of Network and Application protocols, including but not limited to IP, TCP, UDP, FTP, HTTP, HTTPS, DNS, DHCP, routing, etc.
  • Knowledge of the Software Development Lifecycle.
  • Proficiency in the use of Microsoft Office, Visio, and Project.
  • Excellent communication skills and demonstrates the ability to embrace and drive change.
  • Excellent attention to detail, analytical and organised.
  • Exceptional time management skills toward managing team priorities effectively. 
  • Bachelor's degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university is required.

Integrity and Ethics 
All StarCompliance employees are expected to commit to a high standard of personal integrity and carry out their responsibilities in an ethical manner.
Apply for this position

Join The Team

Working at StarCompliance means working in a fun, fast-moving environment where creativity is rewarded and hard work is valued.
Our employees receive competitive compensation and a comprehensive benefits package, as well as gaining experience in a competitive, constantly expanding industry.

View All Jobs View LinkedIn