Position Overview The Senior Infrastructure Security Engineer will play a critical role in designing, implementing, and maintaining the technical and operational security framework and policies within the FBL Platform environment. They will conduct technical security risk assessments, develop and secure platform solutions, monitor for security breaches, respond to incidents, and educate staff on technical security best practices. They will conduct security assessments across the global FLB platform and identify / prioritize remediation actions, they will also work closely with product and operations teams to ensure technical security is maintained by driving a secure by design mentality. They will design and maintain operational security vulnerability controls including system patching, enhance platform monitoring, and foster a security-first culture across the global platform.

Job Description What You’ll Do

Manage issues and risks related to infrastructure operational security, data management, and disaster recovery

Assess and auditing of our real-time operational security measures and suggest improvements

Responsible for implementing new security protocols, responding promptly to all security incidents, and nurturing a culture of security awareness within the global platform team

Responsible for the reporting of platform vulnerability and OS patching and ensuring metric compliance

Working with Information Security, product, engineering, legal, and all IT teams to provide technical security guidance, advocate for secure practices, and ensure a consistent technical security approach across the global organization

Automation and Infrastructure as Code: Automating security processes, using tools like Terraform and Ansible, and managing security configurations through code

Secure Platform Design and Implementation: Building and maintaining secure internal platforms, implementing DevSecOps practices, and ensuring security is integrated throughout the platform development lifecycle

Other job duties that may be assigned

Technical lead for capacity, support, and availability management of the FDB global IT platform, storage, and business continuity services

Brief and advise senior IT management on technology support and availability needs, produce solution documents and reports to support this

Mentor peers and help build the IT/OT technical solutions within the organization on a global perspective, ensuring secure by design methodology

Perform cross-functional, multidisciplinary technical support to include evaluation and delivery of project work packages, design requirements, and associated procedures related to enterprise-level IT/OT systems

Operational lead into roadmaps and strategies for IT/OT architecture and security initiatives

Design systems characterized by medium/high levels of risk, impact, and business or technical complexity

Consult with system administrators, vendors, and other department personnel to provide guidance and technical direction for proposed enterprise technical solutions ensuring alignment with overall business strategy and vision statements

Responsible for the delivery of the FDB cyber security governance and policies on all IT/OT infrastructure systems

Impact and Decision-Making

The Senior Infrastructure Engineer will work within the broader Digital Technologies organization to help drive IT/OT alignment regarding the provision of the infrastructure platform and services

This role is expected to have a broader reach outside traditional IT silos to build relationships within all IT service user towers

Interact up to senior-level stakeholders globally regarding technical requirements and delivery and any associated infrastructure needs both BAU and project wise

Will be required to interact with company vendors to ensure solutions are secure and always meet the business technical requirements

Technical Input in to external and internal audits about IT designs and services

The Senior infrastructure engineer will require the ability to make, advise and drive decisions based on information gathered and assessed, in consultation with IT and business leadership

Represent IT governance as part of wider governance framework where needed, for example, technical or commercial reviews

Knowledge and Skills

Degree or higher in Computer Science or Information Technology or relevant technical certifications

8 yrs+ experience in an IT 3rd/ 4th line position with proven track record in an IT operational security, or 5+ years’ experience of working in a biomedical IT service environment

Any combination of education and experience, which would provide an equivalent background to deliver against role expectations

Understanding of IT security concepts (Data Protection, DLP, IRM, Identity and Access Management, Cryptography) both on-prem and in the cloud Strong, understanding of security principles and best practices

Experience with cloud platforms (AWS, Azure, GCP)

Proficiency in infrastructure as code (Terraform, Ansible)

Knowledge of security tools (SIEM, SAST, DAST, vulnerability management)

Experience with CI/CD pipelines

Scripting and programming skills (Python, Go, etc.)

Familiarity with containerization (Docker) and orchestration (Kubernetes)

Proficient in OS patching and vulnerability management principles and best practice

Familiarity with Data Protection, Data Scanning, and Data Catalogue products and technologies

Adept at communicating with technical and non-technical stakeholders at all levels, and across organizations, using architecture communication techniques

Experience working with regulatory requirements (e.g., GDPR, FINMA, MAS,SIO27000) Understanding of security regarding open-source technologies