Senior Security Assurance Analyst - Bristol

IT/Information/Cyber Security
Ref: 3 Date Posted: Monday 16 Jul 2018
LinkedIn ShareShare
More

This role has a primary responsibility for delivering Security Assurance Assessments but will also be required to support the wider Security & Assurance Team to deliver other business enabling Security Services across the UK Operating Companies in an effective, timely, consistent and professional manner.

 

What you will be doing

 

1. Responsible for the timely security assessment of all Transversal Projects and, where necessary, the definition, inclusion and overseeing the delivery of robust Security Requirements by the projects.

2. Responsible for the timely Security assessment, raising, submitting and tracking to closure of all Risk Acceptance Forms (RAFs) arising from business as usual and projects.

3. Responsible for ensuring that all identified Security risks are logged and appropriately tracked in the Group Risk Management tool.

4. Actively Support the delivery of governance and robust oversight of the security services and monitoring and where necessary, escalating issues promptly through appropriate channels to senior management.

5. Support the objective that all Security and Assurance consultancy provided to the business and projects is timely and meets the requirements of the Group Security Policy, Standards and Minimum Technical Security Baselines (MTSBs).

6. Support the monitoring of the externally facing asset management and brand protection service and the appropriate triaging, escalation and treatment of issues.

7. Support the monitoring of the Data Loss Prevention (DLP) services and the appropriate triaging, escalation and management of rules and alerts.

8. Contribute to cross functional collaboration and innovation to raise the capability, efficiency and performance of the Security & Assurance Team and wider UK Security Team.

 

Who are we looking for?

 

Qualifications

Degree level qualification or equivalent work experience Relevant professional qualifications e.g. CISSP, CISM, CRISC, MIISP desirable but not essential

Skills & Knowledge

Sound experience in Security domains, architectures, logging & monitoring tools, reporting metrics and risk management.

Understanding of the workings of UK General Insurance.

Very effective communication, interpersonal skills and behaviours.

Strong knowledge of one or more sets of business processes, applications or key technologies (e.g. Networks, desktop and mid-range infrastructure, communication technologies) in use within the Company Good understanding of systems life cycles and project management.

Ability to assimilate information quickly, clearly identify key issues and present information concisely.

Ability to develop and maintain a network of contacts across the business.

Ability to be Self Sufficient yet remain a team player.

Experience:

Previous business and / or IT security and assurance experience in a large commercial organisation. Good and demonstrable experience in an Information Security or Assurance role.

 

What we can offer you

 

Bonus Scheme linked to yours and the company’s performance

Pension scheme with employer contributions as well as your own

35 hour working week

25 days holiday increasing with service plus bank holidays

Interest free season ticket loan scheme

Share Plan Scheme Flexible benefits scheme

Discount on all Insurance products, including insurance, breakdown cover & healthcare