Janus Henderson Investors IT Security Engineer in London, United Kingdom
We are a leading independent global asset manager, dedicated to delivering the best outcomes for our clients through a highly diversified range of actively-managed products. We are truly global, supporting our individual and institutional investors across a range of products, encompassing equities, fixed income, multi-asset and alternatives. Our high-energy and collaborative culture at Janus Henderson helps our client achieve their goals and ensures that our people love the place they work.
The Global Technology department plays a crucial role in supporting the success of the business. We are responsible for developing and implementing state-of-the-art software and hardware maintenance to support our fund management, trading, distribution and operational areas with secure, stable and resilient technology platforms.
Overview of the role
The primary function of this role will focus on the supporting the Data Loss Prevention (DLP) technologies and processes. Ensuring that all alerts and events are correctly followed up and investigated as well as liaise with other IT teams and departments (Compliance, Data Privacy, Risk) to ensure incident playbooks are accurately followed.
In addition, as part of this role you will be responsible for developing, monitoring, evaluating and maintaining systems and procedures to protect the confidentiality, integrity and availability of information systems. This position evaluates existing data security procedures and identifies new areas of risk as well as reviewing new security applications. This is a technical position that requires knowledge of security industry standards, incident response handling, provide technical security recommendations and/or solutions around systems and networks, and have a solid grasp of overall IT architecture.
Duties and responsibilities
• Perform security incident investigations including chain of custody, containment measures, root cause analysis, and identification of preventive measures
• Assist with the implementation, and administration of information security policies, standards, and procedures, adhering to industry best practices
• Plan, coordinate, and implement security measures to regulate access to computer data files and prevent unauthorized modification, destruction, or disclosure of information
• Perform risk assessments and execute system tests to ensure proper functioning of data processing activities and security measures
• Verifies security controls in new and existing computer systems conform to security policies and guidelines.
• Identify potential security risks, and document remediation options or mitigating controls.
• Assist in integrating regulatory compliance requirements (e.g., SOX, GLBA) into the organizational security roadmap
• Participate in the Information Security on-call rotation
• Carry out additional duties as assigned
Technical skills and qualifications
• Bachelor’s Degree in Computer Science and/or related field preferred.
• Security related certifications preferred (Security+, CEH, CISSP, OSCP, etc.).
• Extensive experience in information security.
• Experience in supporting data loss prevention technologies and processes.
• Experience in cyber incident response handling procedures and forensic investigation tools.
• Proficient in the security of Windows and UNIX (security access rights, configuration best practices, and potential vulnerabilities).
• Intermediate knowledge of the OSI model and security that is associated with each layer.
• Intermediate knowledge of wide area network security as it pertains to networking protocols and connectivity to/from outside resources (switches, routers, firewalls, VPNs, encryption, and authentication methods).
• Experience with modern scripting languages.
In addition to putting clients first, acting like an owner, and succeeding as a team, the competencies for this role include:
• Excellent verbal and written communication skills with Business Partners & Vendors.
• Knowledge in incident response and intrusion detection systems, and security scanner tools.
• Ability to manage multiple projects and tasks.
• Analytical ability to capture and summarize information, find solutions to various tactical and strategic problems and prioritize work
Ongoing competence in the role to be assessed, in line with applicable regulatory requirements, by:
• Annual performance appraisal
• Completion of all assigned compliance training
At a minimum the role will require you to:
• Place the interest of Janus Henderson’s Clients first, act in accordance with TCF (Treating Customers Fairly) principles
• Understand and follow laws and regulations applicable for your role, seeking the help of your supervising manager or Compliance if additional guidance is required
• Understand and abide by all Janus Henderson policies applicable to your role, and seek support/guidance of the policy owner guidance when required
• You are ultimately accountable for your actions and responsible for seeking further information on any or all of the above as necessary.
Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee’s job functions (as determined by Janus Henderson at its sole discretion).
All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants’ past political contributions or activity may impact applicants’ eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.