About MSM Group
Are you looking for a company that inspires passion, courage and imagination?
Through our four leading brands, MoneySuperMarket.com, TravelSupermarket.com, MoneySavingExpert.com, and MSM Go, we are committed to providing our customers with the quality services and products they need to save money.
We provide a place for consumers and providers to come together. We ensure all our services, websites, and mobile apps are easy to use and transparent; we put our customers first.
Find out more about us by clicking here!
Why Join the Technology Team?
The Technology team plays a crucial part in shaping the future of personal finance and changing the way in which people save money and purchase financial products. Moneysupermarket Group is a fast paced and innovative business that is evolving constantly. We operate in a highly regulated environment and as such ensuring that the systems and products are secure is critical to our continued success.
Over the past three years Moneysupermarket Group has invested £60M building out a best in class, cloud based, flexible technology platform. The platform brings products from over 800 financial providers to more than 24 million unique monthly visitors. Last year we provided customer with 52 ways to save money and as a result we saved UK households £1.8 billion. We are constantly improving our people, processes and technologies and were committed to building a leading and forward thinking security function.
What will I be doing?
Reporting to the Head of Security you will be responsible for security on moneysupermarket, moneysavingexpert, travelsupermarket, MSM GO and Ontrees. Reacting to security threats and investigating new ways to further the overall security posture.
Your responsibilities will include
- Working with the Infrastructure and Development teams to deploy, operate and manage security tools such as: Intrusion prevention systems, Web Application Firewalls, Vulnerability assessment and penetration tools, Identity and Access Management tools, Security event management and vulnerability management
- Own, Operate & maintain the security toolset.
- Analyse security events/incidents/logging, collaborate to identify root cause and determine appropriate steps for incident response.
- Escalate security incidents and problems as required and monitor progress to resolution.
- Collaborate with IT teams to define and establish secure configuration standards for core infrastructure.
- Perform and/or oversee the performance of security testing and audits that identify security vulnerabilities.
- Manage and maintain security to ISO 27001 standards.
- Drive mitigation plans with resolver teams, owning and ensuring successful resolution of immediate incidents and underlying root cause problems.
- Promote awareness of security issues.
What skills and experience do I need?
- A passion for all things related to cyber security
- 3 years plus in a similar environment
- Expertise in Internet & network protocols
- Expertise in web application security
- Expertise in Vulnerability assessments
- Expertise in WAF, DDoS protection, DLP, Intrusion detection
Nice to have:
- ISO27001, PCI experience
- Network / systems engineering background.
- Experience with CIS benchmarks or similar standards.
Background checks are part of the hiring process