Gazprom Marketing & Trading (GM&T) is a subsidiary of the Gazprom group - the world’s largest gas producer and one of the world's largest energy companies. Headquartered in London, GM&T operates to provide Gazprom group with a global marketing reach, round the clock operational coverage and excellent customer service. Established in 1999, GM&T has grown from a single office in London into a truly global organisation, with around 1000 employees worldwide. With offices in Europe, Asia and the USA, GM&T trades energy commodities including gas, power, oil, LPG, helium, emissions, LNG and FX and also operates a retail business, trading as Gazprom Energy.
Our culture is defined by our people. Through living our values every day we continue to create a culture that enables us all to succeed. We work as one team with our customers, our parent company and each other in order to understand each other’s needs. With an unstoppable passion for excellence, growth and learning, we’re committed to creating an environment that fosters the development of knowledge, skills and experience, so that our people can thrive and prosper in their careers with us. We believe that we have the best team in the industry which makes us a trusted partner across international capital and energy markets. Our diverse employee base, with a wealth of expertise, knowledge and experience makes GM&T a truly exciting place to work. We encourage new ideas and initiatives as innovative thinking is central to how we do business. Most importantly, we are a growing and developing business where inspired individuals can make a difference and help shape our future.
To protect GM&T value and growth through defining, implementing, and driving adoption of effective security guiderails and controls
Duties & Responsibilities
- Contribute to the development and maintenance of security strategy/management system and security policy.
- Develop and maintain security standards and procedures, define security reference architectures.
- Ensure digital technologies are adopted and being used in a secure and compliant way. Expand GM&T’s security management system (i.e. security policy, standards, procedures, reference architecture, building blocks, built-in guiderails, tools and automated controls) to address new business risks introduced by the use of new technologies. Drive the adoption of these security measures to protect and maximize the business value of digital initiatives.
- Engage with various organizational stakeholders to drive security awareness and ensure IT-related risks are adequately addressed and controlled within GM&T’s risk tolerance limits.
- Embed security guiderails and automate security controls in various areas of the enterprise.
- Work with project and operational teams and vendors to provide security guidance.
Skills & Competencies
- Outstanding verbal and written communication, presentation, and stakeholder management skills.
- Excellent information/cyber security skills.
- Experience writing security policies, standards/playbooks, operating procedures/runbooks, reference architectures.
- Experience implementing security controls aligned with the ISO27K family of standards and other security frameworks.
- Experience embedding security guiderails and controls in various areas, e.g. DevSecOps, public cloud security, operational security.
- Experience with Azure or other cloud platforms.
- Knowledge of identity, federation and authentication technologies
- Knowledge of PKI certificate technologies
- Evolved knowledge of networking infrastructures such next gen firewalls, Cisco ASA, ExpressRoute, IPSec and SSL VPNs
- Experience in privileged access management
Optional, good to have:
- Certifications: TOGAF, security, cloud
- Energy trading experience
- Experience in defining and implementing security guiderails for digital initiatives.
- Team management experience.
- Experience in managing business stakeholder relationships