This role has a primary responsibility for delivering Security Assurance Assessments but will also be required to support the wider Security & Assurance Team to deliver other business enabling Security Services across the UK Operating Companies in an effective, timely, consistent and professional manner.
What you will be doing
1. Responsible for the timely security assessment of all Transversal Projects and, where necessary, the definition, inclusion and overseeing the delivery of robust Security Requirements by the projects.
2. Responsible for the timely Security assessment, raising, submitting and tracking to closure of all Risk Acceptance Forms (RAFs) arising from business as usual and projects.
3. Responsible for ensuring that all identified Security risks are logged and appropriately tracked in the Group Risk Management tool.
4. Actively Support the delivery of governance and robust oversight of the security services and monitoring and where necessary, escalating issues promptly through appropriate channels to senior management.
5. Support the objective that all Security and Assurance consultancy provided to the business and projects is timely and meets the requirements of the Group Security Policy, Standards and Minimum Technical Security Baselines (MTSBs).
6. Support the monitoring of the externally facing asset management and brand protection service and the appropriate triaging, escalation and treatment of issues.
7. Support the monitoring of the Data Loss Prevention (DLP) services and the appropriate triaging, escalation and management of rules and alerts.
8. Contribute to cross functional collaboration and innovation to raise the capability, efficiency and performance of the Security & Assurance Team and wider UK Security Team.
Who are we looking for?
Qualifications
Degree level qualification or equivalent work experience Relevant professional qualifications e.g. CISSP, CISM, CRISC, MIISP desirable but not essential
Skills & Knowledge
Sound experience in Security domains, architectures, logging & monitoring tools, reporting metrics and risk management.
Understanding of the workings of UK General Insurance.
Very effective communication, interpersonal skills and behaviours.
Strong knowledge of one or more sets of business processes, applications or key technologies (e.g. Networks, desktop and mid-range infrastructure, communication technologies) in use within the Company Good understanding of systems life cycles and project management.
Ability to assimilate information quickly, clearly identify key issues and present information concisely.
Ability to develop and maintain a network of contacts across the business.
Ability to be Self Sufficient yet remain a team player.
Experience:
Previous business and / or IT security and assurance experience in a large commercial organisation. Good and demonstrable experience in an Information Security or Assurance role.
What we can offer you
Bonus Scheme linked to yours and the company’s performance
Pension scheme with employer contributions as well as your own
35 hour working week
25 days holiday increasing with service plus bank holidays
Interest free season ticket loan scheme
Share Plan Scheme Flexible benefits scheme
Discount on all Insurance products, including insurance, breakdown cover & healthcare