Find your next role at Legal & General
Security Analyst
We’re sorry. We’re no longer accepting applications for this role.
Search and apply for similar opportunities or register your interest to receive alerts of the latest suitable jobs as they become available.
VN-6790
Permanent
Hove
Upto £40000 + benefits
30 November 2017
We are recruiting for a Security Analyst to implement and operate regular security assurance activities to allow effective governance and security oversight of key suppliers.
Operational Effectiveness
Implement and operate regular security assurance activities to allow effective governance and security oversight of key suppliers.
Apply good practice for process and reporting to deliver on the above activities.
Develop and enhance security oversight capabilities and services for use internally.
Reporting
Support IT operations team in the areas of:
Security audits, intrusion and penetration tests
Security control effectiveness
Security infrastructure testing and oversight
3rd party supplied security management information (MI)
Service Support
Support teams when they perform RFPs, undertake 3rd party agreements, and when they undertake security audits, intrusion and penetration tests.
Provide support and technical guidance on the adoption of new testing tools and assist team with meeting obligations around regular security testing.
Provide technical security advice and support with policy exceptions from different business divisions in relation to projects or systems already in place.
Security Governance
Support teams when they work on policy and standards including when they oversee compliance against them and provide guidance on their operational enforcement.
Partner with the due diligence team to measure adherence to third party security oversight principles and practice.
Qualifications
Appropriate security qualification for the role would include Security+, SSCP, GIAC Cyber Defence certifications, CEH or CISSP. In order to demonstrate the knowledge required to perform the role it is anticipated that the role holder will be educated to degree level in a relevant technical area and/or hold relevant work experience
Knowledge
Knowledge is required of:
IT Security, including good understanding of associated technologies and architectures
IT security principles, guidance and technical standards
Fully abreast of trends and changing technologies as they relate to information security threats and control
Good knowledge of some of the following is desirable:
Cloud architecture
Database security
Application security
Identity and Access Management
Encryption at rest and in transit
DLP
Endpoint and servers security (Antivirus/Antimalware, APT)
Perimeter and network security (Firewall, IDS/IPS, WAF, Proxy, Antispam, etc...)
Security Operations
Patch and vulnerability management
Incident Management
Experience
The role requires experience in:
Security operations or similar technical/IT environment
Installing and using security software, ideally assessment and configuration tools (i.e. automated vulnerability scanners, security auditing tools, network vulnerability tools, firewall rule evaluation etc.)
Understanding, interpreting and explaining output from security tools
Coordinating and working with on shore and offshore staff
Creation of reports and presenting data in easily understandable formats
Desirable:
Working with outsourced providers and 3rd parties
PCI DSS knowledge
Exposure to ISO27001 and implementing or contributing to the creation of an ISMS
Systems design and development from business requirements analysis
Development of security standards and policies
Security risk management and reporting
Personal Attributes
Customer orientation
Able to liaise across all teams within the company including Infrastructure, Business systems owners and with suppliers
Superior analytical, evaluative and problem-solving abilities
Ability to work in a challenging environment
Exceptional service orientation, customer focus
Strong communication skills and presentation abilities
Listens to others and talks honestly
Adaptable
Ability to present ideas in business friendly and user friendly language
Whatever your role, we reward ability, performance and attitude with a package that looks after all the things that are important to you. Our employees have a wide range of benefits including a generous pension scheme, life assurance, 22 days’ (with potential to rise to 26 days) holiday, discretionary performance related bonuses, paid overtime, a variety of share schemes, discounts at both a huge range of high street stores and our own great products, your hard work will be rewarded when you join us.
Our view is that this role is suitable for agile working. This means we would consider a more flexible working arrangement, where your hours and work location are managed according to business, customer and personal needs. For this role, you would be based in Hove, but you could work in other Legal & General offices or at home, as necessary, provided this meets business needs. Details of agile working will be discussed during the interview process.
For further information about the role, please contact Lynn Morriss, UK Resourcing Lead, at lynn.morriss@landg.com
About L&G
We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that’s thanks to the talented and dedicated people who work with us. For us, ‘social responsibility’ is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you’ll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.
About the business area
From Administration to Purchasing and Legal, as well as Group Real Estate, Taxation, IT and much more besides – Shared Services support our businesses across the UK and abroad. We enable our business units to do what they do best while we deliver core services and processes that have a real impact on our company-wide efficiency, profitability and strategic growth.