The primary responsibility of the Head of Infrastructure Security is to drive improvement and manage the delivery of Threat & Infrastructure protection, Application Security and Information Protection across Legal & General. 

Principal accountabilities:

• Collaborate with the necessary Group IT Security teams, leadership and other business divisions to assess key infrastructure security risks, plan controls and strategic initiatives accordingly, to help ensure Legal & General risk appetite is met.
• Oversee the day-to-day infrastructure security processes managed by the Information Security Manager and third party providers in the areas of:
• Vulnerability management and network security (firewall management, web filtering, NAC, network intrusion detection, email security, endpoint and server protection etc.)
• Information protection (Data Loss Prevention management and key management)
• Application security (pre and post development control implementation and testing
• and provide guidance in the event of escalations, to help ensure risks are managed effectively.
• In collaboration with the IAM Manager, re-design IAM processes across Group and business divisions to support the implementation of the new Cyber Target Operating Model (TOM) which requires increased centralisation of the IAM function, to help increase effectiveness across the Group.
• Be the primary interface between Legal and General and the infrastructure security service providers and ensure they meet contractually defined Service Level Agreements; by monitoring process adherence and identifying continuous improvement activities needed to achieve operational performance and risk management objectives.
• Support the SOC Manager in the investigation, resolution and reporting of critical incidents to help ensure these are managed in a timely and effective manner to help minimise impact to Legal and General data and operations.
• Define and collect metrics / KPIs for the measurement of infrastructure security and periodically report to leadership on events and incidents to help ensure performance is in line with Legal & General’s risk appetite.
• Manage, motivate and develop employees at all levels, in a manner that is consistent with the Company’s policies and procedures the including Partnership Agreement, to maximise the performance of the area.

Education & Qualifications: 

• Bachelor’s degree (preferred but not essential) or equivalent experience in computer science, IT engineering, or related field
• A master’s degree or equivalent in Information / Cyber Security would be an advantage
• Information Security and /or Information Technology industry certification (CISSP-ISSAP, CISM, ISO 27001 Lead Auditor, GIAC or equivalent) strongly preferred
• Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member

Knowledge:

• In-depth understanding of information security policy, security frameworks and industry best practices
• Strong understanding of various cyber technologies across Infrastructure protection, Application Security, Information Protection, and Identity and Access management domains
• Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively
• Strong analytical skills

Experience:

• Prior work experience in information security is essential
• Prior work experience in infrastructure security is essential
• Relevant experience in implementing and operating large-scale security infrastructure and operations
• Experience with regulatory requirements such as PCI standards, GDPR, and Pensions Regulator Guidance on cyber security principles etc.
• Prior experience in leading large teams with focus on driving continued operational process improvement

Leadership:

• Ability to lead cyber incident management activities, including identification, containment, remediation and restoration activities
• Strong interpersonal and communication skills; able to deal effectively with diverse skill sets and personalities, works effectively as a team player

Whatever your role, we reward ability, performance and attitude with a package that looks after all the things that are important to you. Our employees have a wide range of benefits including a generous pension scheme, life assurance, 30 days' holiday, private medical insurance, performance related bonuses, discounts at both a huge range of high street stores and our own great products, as well as a 12% car allowance scheme, your hard work will be rewarded when you join us.

For further information please contact Ari Zastawna, Resourcing Business Parnter on ari.zastawna@landg.com