Information Security Consultant
- Role Type
- Closing Date
- Company Info
Working here is about being there for our customers; we’re available should the worst happen and we work together to enable social and financial equality across the UK. But it’s also about you –how you develop and what you can achieve. We’ll help your talent thrive in an environment where you’ll be supported to work flexibly and autonomously, sharing in our success and rewarded for a great performance with a generous benefits package.
- Department Info
From HR and Digital teams through to Group Finance, Risk and Corporate Comms – our Group function support our businesses across the UK and abroad. Delivering essential services and activities that have a real impact on our business and our customers lives, we enable our people to do what they do best, contributing to delivering a great customer service, profitability and strategic growth.
We are an equal opportunities employer and welcome applications from all suitably qualified candidates.
- Job Duties
The Information Security Consultant will support the increasing demand within the skillset across Group Finance. With an ability to review existing applications and engage on new services being offered, this role is critical to advising on how we embed security in to our business operations.
This role will play a crucial part in realising our Security Improvement programme across a number of our business areas and will require effective communication with a wide range of colleagues both technical and non-technical.
- Ensure projects consider security in the design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Work with the Group wide Security Improvement Programme to ensure Group Finance services align with current Security requirements
- Review the design of in-flight or existing services to conduct risk assessments, identify and articulate security gaps against L&G Security Policies and Standards. For gaps identify the related risks and potential options for management – articulate options to system or business owners
- Be a source of expert Information Security advice, both to projects and in an ad-hoc manner working closely with key stakeholders and business leaders to ensure security issues are understood and reviewing existing systems and services to prioritise security improvement activities
- Represent the Group Finance Security team to senior business stakeholders. Identify areas where the Security team, and wider IT team, can add additional benefit and support business ambitions
- Represent the Group Finance IT team in interactions with the wider L&G Group and Security Improvement project, such as sitting on Steering Groups or Customer Engagement Workshops. Ensure Group Finance interests are input and requests for input are passed to the correct teams
- Actively work to improve the Group Finance IT Security Maturity and Capability. Suggest enhancements to processes, update or establish procedures
- Skills Required
- Appropriate security qualifications and memberships (e.g. CISSP, etc.) are desirable, but not essential or demonstrable equivalent experience
- Information Security broadly, knowledge of Access Control security, transportation security, secure architecture principles, cryptography and operational controls (such as back-ups, resilient design, anti-virus) are essential
- Knowledge of Threat modelling, control frameworks and Risk assessment techniques such as ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework is essential
- Knowledge of Cloud Security practices is desirable
- Security Design in projects, setting requirements and reviewing architecture
- Risk assessment and control selection
- Critical review of products and vendors from a security perspective
- Strong experience of communicating to senior stakeholders
- Dealing with ad-hoc user queries, where the role holder may not be an SME. Providing guidance in line with Security principles as well as seeking support from colleagues
Whatever your role, Legal & General rewards ability, performance and attitude with a package that looks after things that matter to you.
Our employees have a wide range of benefits including:
- A generous pension scheme
- Life assurance
- 27 holiday days
- Private medical insurance
- Performance related bonuses
- A variety of share schemes
- Discounts on high street and our own great products
Your hard work will be rewarded when you join us.
Our view is that this role is suitable for agile working. This means we would consider a more flexible working arrangement, where your hours and work location are managed according to business, customer and personal needs’ For this role, you would be based in Hove, but you could work in other Legal and General offices or at home, as necessary, provided this meets business needs. Details of agile working will be discussed during the interview process.
For further information please contact Anastasia Jurcenko on Anastasia.Jurcenko@landg.com.