Euromoney Institutional Investor PLC is listed on the London Stock Exchange and is a member of the FTSE 250 share index. It is an international business-to-business media group focused primarily on the asset management, banking and commodities sectors under brands including Euromoney, Institutional Investor and Metal Bulletin. It is a leading provider of economic and investment research and data under brands including BCA Research, Ned Davis Research. The group also runs an extensive portfolio of events for the financial and commodities markets. Its main offices are in London, New York, Montreal, Hong Kong and Sofia.
Euromoney is a dynamic organisation with a newly independent status, following a share buy back from DMGT plc, and ambitious growth plans.
ABOUT THE FUNCTION
The Group’s Central Technology function works with and complements the business focused (outward) Divisional technology teams. It is principally responsible for delivering core shared services (inward) across the Group. Due to its group wide coverage it is able to leverage economies of scale and provide subject matter expertise in a range of core disciplines.
The Service Delivery team provides core shared infrastructure and security services across the divisions. It delivers reliable, secure and cost effective core services (e-mail, file+print, end user computing, back-office applications, infrastructure and networks). The DevOps team support and maintain the centrally hosted divisional websites, providing 24x 5 coverage. The Information Security team develops, implements and maintains security controls to mitigate the ever-increasing risk of cyber threats.
The Central Platforms team support and maintain the Group’s suite of centrally developed platforms (publishing and subscription management), used extensively across the divisions. The platforms are developed in line with business demand. The team is also responsible for maintaining and iterating development best practice and quality standards, sharing and promoting their adoption across the divisions.
The Project Management Office is responsible for overseeing the portfolio of central technology projects, providing expert guidance and support to the project management team and stakeholders to deliver projects to time, budget and quality.
The Central Technology function also oversees risk, audit, compliance and disaster recovery processes across the Group, working closely with the Risk function and divisional teams.
This is a core role as an analyst and consultancy professional in the IT Security Team.
The Information Security Analyst will work with the IT Security Manager to identify IT security risks and recommend remediation activities to reduce risk to an acceptable level.
Overall the Information Security Analyst must have:
· A breadth of experience across a wide range of infrastructure technologies implementing enterprise scale technical solutions in a multi-tier, multi-platform environment
· A good knowledge and understanding of Windows Server and associated Windows enterprise technologies in a networked, enterprise environment
· Experience of configuring and supporting firewall and intrusion prevention/detection technologies
· Current knowledge of security industry threats and trends and vendor landscape
· Stays current with thinking and technology through continuing education, self-study, participation in industry events, and attendance at conferences as appropriate for level of responsibility
· Demonstrable analytical capabilities
· Some experience in cyber incident management including
· Perform advanced diagnosis and remediation planning on security incidents
· Operate, maintain and troubleshoot the SIEM environment
· Understanding of Privileges and Rights in Windows AD primarily and other directory services
· The role sits under the Central Technology.
· Work with the business as well as IT professionals in communicating flaws in security across systems, applications and infrastructure.
· Recommend changes which will reduce the likelihood and impact of a serious incident occurring
· Be enthusiastic about the security industry, coupling good analytical skills and excellent interpersonal capabilities to present a “can do” attitude
The key areas include:
· Malware protection
· Virtual technologies
· System hardening
· Web application firewalls
· Log management & SIEM
· Vulnerability management
One or more of the following: GIAC certification/SANS training, CISSP, CISM, CISA, CRISC
· Manage and distill complexity
· Strong communicator and listener
· Analytical (with attention to detail)
· Results driven
· Honesty and integrity
· Team player
· Positive attitude
· Central Technology management team
· Divisional (business) stakeholders
· Vendors /suppliers
· Central Technology Finance Manager
· Project team, Project Board (as necessary)
RESOURCES INCLUDING TEAM MANAGEMENT