Technical Security Assurance Analyst

We’re sorry. We’re no longer accepting applications for this role.

Search and apply for similar opportunities or register your interest to receive alerts of the latest suitable jobs as they become available. 

VN-14721

Permanent

Hove

Up to £55k (Depending on experience)

31 March 2020

The primary responsibility of the Technical Security Assurance Analyst is to deliver assurance activities across all cyber security services delivered by Group IT Security.

  • Coordinate with third party providers in order to deliver technical security control assessments for Legal and General in the areas of penetration testing, vulnerability scanning, application security testing and firewall assurance. This involves:
    • Scoping of these tests
    • Coordinating the timely execution of the testing schedule
    • Reviewing, prioritising and coordinating remediation of findings and issues
  • Conduct IT security control testing and evidence review (e.g. in the area of identity and assess management ) and provide associated improvement recommendations to help ensure controls outlined in Legal and General’s policies and standards are designed and operating effectively.
  • Engage and coordinate with Group IT and business divisions to facilitate planning and execution of the security testing activities in order to meet testing schedule and internal audit requirement.
  • Track progress and support control owners to implement remediation actions required to close internal and external audit findings in a timely and effective manner.
  • Support IT and business transformation projects by performing security assessments and ensuring that controls and security requirements are being implemented through the transformation lifecycle.
  • Track and prepare reporting on risk metrics for the assurance programme, to help ensure that senior stakeholders within Group IT and business divisions are aware of key vulnerabilities and risks within the organisation.

Qualifications:

Education:

  • Bachelor’s degree (preferred but not essential) or equivalent experience in computer science, IT engineering, or related field
  • A master’s degree or equivalent in Information / Cyber Security or Audit would be an advantage

Certification:

  • Certificateless Registry for Electronic Share Transfer (CREST) certification is preferred but is not essential
  • Information Security and/or Information Technology industry certification (CISA, CISSP, CISM or equivalent) strongly preferred
  • Member of Institute of Information Security Professionals (M.IISP) or have the qualification, skills and experience to become a member

Knowledge:

  • Strong understanding of assurance methodologies and testing protocol
  • Strong understanding of cyber controls and cyber risks to identify and evaluate control effectiveness and identify any potential gaps between cyber risks and existing cyber control
  • Strong understanding of various cyber technologies such as endpoint protection, DLP, insider threat protection, mobile device protection etc.
  • Organised with a proven ability to prioritise workload, meet deadlines, and utilise time effectively
  • Have an eye for detail
  • Strong analytical skills

Experience:

  • Prior experience working in information security is essential
  • Prior work experience in delivery, managing and quality assuring information security assurance activity
  • Experience in managing complex stakeholder relationships
  • Experience in financial service industry is preferred but is not essential

Whatever your role, we reward ability, performance and attitude with a package that looks after all the things that are important to you. Our employees have a wide range of benefits including a generous pension scheme, life assurance, 25 days’ holiday, private medical insurance, discretionary performance related bonuses, paid overtime, a variety of share schemes, discounts at both a huge range of high street stores and our own great products, your hard work will be rewarded when you join us.

 

About L&G

We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that’s thanks to the talented and dedicated people who work with us. For us, ‘social responsibility’ is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you’ll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.

About the business area

From HR and Digital teams through to Group Finance, Risk and Corporate Comms – our Group function support our businesses across the UK and abroad. Delivering essential services and activities that have a real impact on our business and our customers lives, we enable our people to do what they do best, contributing to delivering a great customer service, profitability and strategic growth.

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender identity or age.

About L&G

We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that’s thanks to the talented and dedicated people who work with us. For us, ‘social responsibility’ is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you’ll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.

About the business area

From HR and Digital teams through to Group Finance, Risk and Corporate Comms – our Group function support our businesses across the UK and abroad. Delivering essential services and activities that have a real impact on our business and our customers lives, we enable our people to do what they do best, contributing to delivering a great customer service, profitability and strategic growth.

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation, gender identity or age.