Information Security Consultant at LegalAndGeneral

Hove, England, United Kingdom -

Full Time

Start Date

Immediate

Expiry Date

04 Feb, 26

Salary

0.0

Posted On

06 Nov, 25

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Security Design, Risk Assessment, Control Selection, Access Control Security, Transportation Security, Secure Architecture Principles, Cryptography, Operational Controls, Threat Modelling, Control Frameworks, ISO2700x, COBIT, COSO, ITIL, NIST Cyber Security Framework

Industry

Financial Services

Description

Company Description Legal & General (L&G) is a leading UK financial services group and major global investor. We’ve been safeguarding people’s financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders. We are one of the world’s largest asset managers and provide powerful asset origination capabilities. Together, these underpin our retirement and protection solutions: we are an international player in pension risk transfer, in UK and US life insurance, and in UK workplace pensions and retirement income. Our Group Functions provide the services that all areas of the business need. This requires a talented and diverse team behind the scenes, who enable everyone at L&G to do what they do best. Joining us means helping to improve the lives of our customers and contributing to the success of the business every day. Job Description We have an amazing opportunity for an Information Security Consultant to join us in Hove! You’ll play a key role in supporting the increasing demand for Information Security skills across our Group Functions, advising on how we embed security into our business operations. You’ll also help to realise our Security Improvement programme across a number of our business areas, collaborating with a variety of colleagues from both technical and non-technical backgrounds. What you’ll be doing: Ensuring that projects consider security in the design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Working with the Group wide Security Improvement Programme to ensure Group Functions services align with current Security requirements Reviewing the design of in-flight or existing services to conduct risk assessments, identifying and articulating security gaps against L&G Security Policies and Standards. For gaps, identifying the related risks and potential options for management – articulating options to system or business owners Being a source of expert Information Security advice, both to projects (i.e. consulting with Architects or Developers) and in an ad-hoc manner (responding to user queries) working closely with key stakeholders and business leaders to ensure security issues are understood and reviewing existing systems and services to prioritise security improvement activities Representing the Group Functions Security team to senior business stakeholders. Identifying areas where the Security team, and wider IT team, can add additional benefit and support business ambitions Representing the Group Functions IT team in interactions with the wider L&G Group and Security Improvement project, such as sitting on Steering Groups or Customer Engagement Workshops and ensuring Group Functions interests are input and requests for input are passed to the correct teams Actively working to improve the Group Functions IT Security Maturity and Capability. Suggesting enhancements to processes, updating or establishing procedures where required Qualifications Who we’re looking for: You’ll be well versed in the Security Design of projects, such as setting requirements, reviewing architecture Experience with risk assessment and control selection is also key Knowledge of Access Control security, transportation security, secure architecture principles, cryptography and operational controls (such as back-ups, resilient design, anti-virus) are essential Knowledge of Threat modelling, control frameworks and Risk assessment techniques (such as ISO2700x, COBIT, COSO, ITIL and NIST Cyber Security Framework) would be great Perhaps you are working in consulting and you’re looking to move in-house? Whatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer: The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes Generous pension contribution Life assurance Healthcare Plan (permanent employees only) At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday Competitive family leave Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only) There are the many discounts we offer – both for our own products and at a range of high street stores and online In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart Additional Information At L&G, we believe it's possible to generate positive returns today while helping to build a better future for all. If you join us, you’ll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel. We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time, term-time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can. It doesn’t matter if you don’t meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose.

Responsibilities

The Information Security Consultant will support the demand for Information Security skills across Group Functions and advise on embedding security into business operations. They will also collaborate on the Security Improvement programme and conduct risk assessments to identify security gaps.