IT Risk, Audit & Compliance Manager

We’re sorry. We’re no longer accepting applications for this role.

Search and apply for similar opportunities or register your interest to receive alerts of the latest suitable jobs as they become available. 

VN-17424

Permanent

Hove

Competitive

25 August 2020

The IT Risk, Audit & Compliance Manager role has been created to give a central view of Security risk and governance over the controls deployed in Group Finance and to provide assurance on reduction and mitigation of information technology security risk in order to maintain risk at a tolerable level in accordance with the Group’s risk appetite.

The IT Risk, Audit & Compliance Manager role has been created to give a central view of Security risk and governance over the controls deployed in Group Finance and to provide assurance on reduction and mitigation of information technology security risk in order to maintain risk at a tolerable level in accordance with the Group’s risk appetite.

This role will be responsible for pulling together the Security risk across the Group Finance estate in order to understand where hot spots are, where we are within our Risk appetite and where we need to put more focus. The role holder will also provide oversight of IT audits and remedial activities, and maintain oversight of the Security Control Framework.

  • Collate and Measure Security Risk across Group Finance (inputs include projects, system risk assessment, Penetration Testing) and produce MI on the Risk posture to drive Information Security decisions and priorities. Manage Risk acceptance process to ensure Risk is known, understood and accepted at the appropriate level and remediation activities tracked
  • Security Controls Oversight – Work with Group IT and Group Finance teams to ensure the IT Controls Framework is understood and deployed. Assist in reviewing controls as they’re deployed to ensure effectiveness. Produce MI over controls to demonstrate coverage of controls.
  • Own the Security oversight for Group Finance suppliers. Work with Group IT Due Diligence process and track outstanding findings. Establish regular meetings and MI from suppliers to measure performance and identify any Risk
  • Act as point of contact for IT audits within Group Finance, facing off to internal and external audit teams. Assist Group Finance IT in understanding audit requirements, review draft reports and actions to ensure consistency as well as track and oversee remediation activity
  • Manage and run internal GFIT security
  • Awareness and education sessions to compliment Group organised campaigns. In addition act as co-ordination point and facilitate Group CISO security awareness campaigns

• Appropriate security qualifications and memberships (e.g. CISA, CISSP, etc.) are desirable, but not essential or demonstrable equivalent experience

• Information Security broadly, knowledge of Access Control security, Vulnerability Management and Control assessments are desirable

• International recognised and formal standards for IT control, Security Risk Management and Security Management Systems, including ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework

• Familiarity with IT audit approaches

• Risk assessment and Risk management

• IT audit (conducting or engaging with)

• Information security compliance to regulatory and industry frameworks

• Supplier Security assessment and assurance

• Critical review of Security controls to determine effectiveness

• Practical, common sense delivery of successful, collaborative security solutions

Whatever your role, Legal & General rewards ability, performance and attitude with a package that looks after things that matter to you.

 

Our employees have a wide range of benefits including:

  • A generous pension scheme
  • Life assurance
  • 27 holiday days
  • Private medical insurance
  • Performance related bonuses
  • A variety of share schemes
  • Discounts on high street and our own great products

Your hard work will be rewarded when you join us.

Our view is that this role is suitable for agile working. This means we would consider a more flexible working arrangement, where your hours and work location are managed according to business, customer and personal needs’ For this role, you would be based in Hove, but you could work in other Legal and General offices or at home, as necessary, provided this meets business needs. Details of agile working will be discussed during the interview process.

 

 

 

 

 

 

For further information please contact Anastasia Jurcenko on Anastasia.Jurcenko@landg.com.

No agencies.

 

 

 

About L&G

We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that’s thanks to the talented and dedicated people who work with us. For us, ‘social responsibility’ is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you’ll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.

About the business area

From HR and Digital teams through to Group Finance, Risk and Corporate Comms – our Group function support our businesses across the UK and abroad. Delivering essential services and activities that have a real impact on our business and our customers lives, we enable our people to do what they do best, contributing to delivering a great customer service, profitability and strategic growth.

We are an equal opportunities employer and welcome applications from all suitably qualified candidates.

About L&G

We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that’s thanks to the talented and dedicated people who work with us. For us, ‘social responsibility’ is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you’ll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.

About the business area

From HR and Digital teams through to Group Finance, Risk and Corporate Comms – our Group function support our businesses across the UK and abroad. Delivering essential services and activities that have a real impact on our business and our customers lives, we enable our people to do what they do best, contributing to delivering a great customer service, profitability and strategic growth.

We are an equal opportunities employer and welcome applications from all suitably qualified candidates.