Nuveen Investments Senior IT Cyber Security Analyst in London, United Kingdom
Nuveen is the investment management arm of TIAA. It is one of the largest global asset managers with specialist knowledge across a wide array of asset classes, including fixed income, listed equities and alternatives.Â Nuveen is driven not only by the independent investment processes across the firm, but also the insights, risk management, analytics and other tools and resources a truly world-class platform provides. As a global asset manager, our mission is to work in partnership with our clients to create outcome-focused solutions to help them secure their financial future.Â For more information about the firm please visit our website at www.nuveen.com
KEY RESPONSIBILITIES AND DUTIES:
Sr Info Security Gov & Risk Specialist
The Senior Information Security Governance & Risk Specialist identifies and manages potential information security risks to the environment by conducting control assessments, vendor due diligence and creating remediation action plans to mitigate cybersecurity risks. Under limited supervision, this job identifies potential future risks by assessing network traffic, following information security and risk industry trends, and consistently monitoring different environments to minimize possible risk exposure for the organization.
Key Responsibilities and Duties
Completes cybersecurity risk assessments and maturity assessments to identify inherent risk and implemented security controls.
Works with technology and risk partners to create remediation action plans to mitigate cybersecurity risks and govern action plans through until completion.
Drives the remediation of control gaps based on priorities set by the organization.
Creates reports and documents regarding potential risks in different environments based on research findings and industry trends.
Improves cyber engagement across the organization by providing cyber security inputs to appropriately secure technologies and strategic initiatives.
Conducts control assessments to determine how prepared the current network resources are to protect from potential risks.
Tests Information Assurance safeguards and employs Computer Network Defense tools and approved practices to protect networks.
Coaches and reviews the work of lower level professionals.
3 Years Required; 5 Years Preferred
University (Degree), Preferred
- Physical Requirements: Sedentary Work
- University (Degree)
Job Title: Senior IT Cyber Security AnalystÂ Â Â Â
Reporting to: IT Security Manager, Europe and Asia PacificÂ Â Â Â Â Â
Department: Information Technology (IT)Â Â
Location: LondonÂ Â Â Â Â Â Â Â
Nuveen is the investment management arm of TIAA. It is one of the largest global asset managers with specialist knowledge across a wide array of asset classes, including fixed income, equities and alternatives. Â Nuveen is driven not only by the independent investment processes across the firm, but also the insights, risk management, analytics and other tools and resources a truly world-class platform provides. As a global asset manager, our mission is to work in partnership with our clients to create outcome-focused solutions to help them secure their financial future.Â For more information about the firm please visit our website at www.Nuveen.com
Overview of the Role
You will be working as part of a dynamic Security Team with responsibilities covering Europe and Asia Pacific business regions. You will be responsible for protecting business information and assets and will be directly involved in responding to the ever changing threats of the cyber security landscape.
The role is central to the day-to-day operation of security systems and will be required to coordinate with several teams. You will be responsible for detecting, analysing and responding to real-time threats and risks to Nuveenâs technology and information assets.
The position will involve critical thinking and require someone who is looking to take ownership ofÂ information systems and work streams. You will have opportunity to work with new technologies and be involved in building new security solutions.
Key responsibilities will include:
Administrate, operate and monitor security applications and systems including: SIEM alerts, web and email content filtering, and data leakage prevention
Maintain and produce metrics on the status of technical information security controls across NRE and identifying trends, anomalies and/or threats and risks to the business
Triage and Analysis
Conduct preliminary incident triage and analysis to as part of incident response management
Determine and classify the severity of alerts and assess potential impacts as per escalate process
Coordinate investigations with the Security Operations Centre to identify indications of compromise
Work with IT Operations and Business Applications Teams
Act as first point of contact for all security incident and anomalies ensuring the IT Security Manager is informed
Follow security operations processes and procedures
Ensure Security Incidents are tracked and recorded within the IT Service Management platform by creating service tickets
Complete Incident Report ensuring all details are recorded including post-incident review
Technical Skills & Qualifications Required
Knowledge and operational experience in: firewalls, intrusion detection and prevention systems, SIEM, web and email content filtering.
Knowledge and operational experience with Active Directory. Access and identity Management solutions an advantage.
Knowledge of networking and the ability utilise that knowledge in security investigations.
Operational experience of data leakage prevention, and responding to data loss events.
Operational experience of maintaining vulnerability scanning scheduling, policy configuration and reporting.
Knowledge and experience of working with, or as part of, a Security Operations Centre
Awareness and understanding of vulnerability management.
Awareness and understanding of threat management.
Awareness and understanding of security frameworks such as ISO27001, NIST, and CIS
Understanding of Enterprise Risk Management principle
The ability to analyse log files.
Microsoft Office for report writing with specific reference to management information metrics, charts and presentations.
FCA registration required: No.
TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.Â
If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:Â
Phone: (800) 842-2755
For residents of California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) to access the TIAA CA Applicant Privacy Notice.
For residents of the EU / UK, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) to access the EU / UK Pre-employment Notice.
For all other residents, click here (http://www.tiaa.org/public/tiaa-nuveen-privacy) to access the Applicant Privacy Notice.
TIAA started out over 100 years ago to help ensure teachers could retire with dignity. Today, many people who work at not-for-profits rely on our wide range of financial products and services to support and strengthen their financial well-being.