Senior Security Specialist

Full Job Description

ABOUT US:

LSEG (London Stock Exchange Group) is more than a diversified global financial markets infrastructure and data business. We are dedicated, open-access partners with a dedication to excellence in delivering the services our customers expect from us. With extensive experience, deep knowledge and worldwide presence across financial markets, we enable businesses and economies around the world to fund innovation, manage risk and create jobs. It's how we've contributed to supporting the financial stability and growth of communities and economies globally for more than 300 years. Through a comprehensive suite of trusted financial market infrastructure services - and our open-access model - we provide the flexibility, stability and trust that enable our customers to pursue their ambitions with confidence and clarity.

LSEG is headquartered in the United Kingdom, with significant operations in 70 countries across EMEA, North America, Latin America and Asia Pacific. We employ 25,000 people globally, more than half located in Asia Pacific. LSEG's ticker symbol is LSEG.

OUR PEOPLE:

People are at the heart of what we do and drive the success of our business. Our culture of connecting, creating opportunity and delivering excellence shape how we think, how we do things and how we help our people fulfil their potential. We embrace diversity and actively seek to attract individuals with unique backgrounds and perspectives. We break down barriers and encourage teamwork, enabling innovation and rapid development of solutions that make a difference. Our workplace generates an enriching and rewarding experience for our people and customers alike. Our vision is to build an inclusive culture in which everyone feels encouraged to fulfil their potential.

We know that real personal growth cannot be achieved by simply climbing a career ladder - which is why we encourage and enable a wealth of avenues and interesting opportunities for everyone to broaden and deepen their skills and expertise. As a global organisation spanning 70 countries and one rooted in a culture of growth, opportunity, diversity and innovation, LSEG is a place where everyone can grow, develop and fulfil your potential with meaningful careers.

Job Profile
Plan and execute security testing operations across the enterprise. The successful candidate will work closely with Business partners, BISOs, GSOC, and other entities to ensure we effectively test Group's established security program and identify potential gaps around our people, process, and technology.

Responsibilities
• Plan, lead and execute security testing engagements where you assume the role of a threat actor during tests, attack simulations, training and exercises
• Employ simulated adversary threat-based approaches to expose and exploit vulnerabilities and weaknesses to improve the security of both our products and technology landscape
• Replicate tactics, techniques and procedures used by modern attackers, common network exploitation and penetration techniques as well as common software exploitation techniques
• Develop attack plans to meet the specified objectives and coordinate with other Red Team Operators and 3rd Party vendors to achieve these goals
• Provide constructive feedback to the defenders and product teams on their successes and failures
• Develop, modify and extend tools/exploits that assist with execution of security assessments, including custom tools and automation.
• Establish credibility as a trusted advisor to stakeholders including customers, executives, peers, and employees
• Stay current with advanced attacks and apply them during red team activities
• Help defensive teams and product teams understand how to detect and/or stop cyber-attacks via purple teaming exercises, CTF demonstrations, etc.
• Become part of a team of security enthusiasts that perform ground breaking research and promote an environment of innovation and knowledge-sharing
• This is an individual contributor role, but may need to oversee those at an earlier career stage and 3rd party v Reports are produced security testing engagements.
• Effectively report analysis and findings in the most accessible way (written reports, Jira, tickets, presentations etc).
• Maintain and develop security testing processes and related artefacts.

Experience
• Bachelor's Degree in Information Systems / Technology, Computer Science / Engineering or equivalent field of study or a minimum of 5 years of cyber security experience
• Proven experience in Red Teaming and Penetration Testing
• Minimum 3 years of deep, hands-on, technical security experience with at least one of: multiple security technologies such as Firewalls, IDS/IPS, Web Proxies and DLP among others, Web Applications and Services, Cryptography, Social Engineering and Open Source Intelligence Gathering (OSINT), Mobile platforms, Software Security, malware reverse engineering
• Deep technical understanding of enterprise operating system environments, Active Directory and networking
• Strong understanding of security vulnerabilities and common software engineering flaws
• Familiarity with popular scripting languages and ability to automate simple tasks.
• Familiarity with CND-based analytical models (Kill Chain, ATT&CK, etc.)
• One or more of the following security certifications OSCP, OSCE, OSEE, OSWE, CREST, GXPEN preferred
• Experience working with Financial Services and Critical Infrastructure
• Strong verbal & written communication skills & presentation skills
• Ability to work in a fast-paced environment.
• Problem solver and barrier breaker

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone's race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it's used for, and how it's obtained, your rights and how to contact us as a data subject .

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.