OUR PURPOSE IS TO MAKE IT EASY FOR PEOPLE TO SAVE AND INVEST FOR A BETTER FUTURE. WE ARE LOOKING FOR GREAT PEOPLE TO JOIN US, SO PLEASE COME AND INVEST IN YOUR FUTURE AT HL.

We know that sometimes people can be put off applying for a job if they don’t tick every box. If you’re excited about working for us and have most of the skills or experience we’re looking for, please go ahead and apply. We’d love to hear from you!

ABOUT THE ROLE

An exciting opportunity has arisen to join our InfoSec team as a Security GRC Analyst, to assist in the delivery of security compliance assurance to frameworks such as PCI-DSS and NIST Cyber Security Framework. You will be managing security governance processes including Third Party Security Risk Management, and delivering controls assurance.

WHAT YOU’LL BE DOING

• Assisting in meeting compliance requirements within HL, such as PCI-DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST CSF.
• Assist with the technical security aspects of third-party security risk by conducting security due diligence and risk assessments for vendors, suppliers, partners, and contractors.
• Develop and mature processes and procedures for third party security risk management, including due diligence and third-party incident management.
• Work closely with stakeholders to provide advice in relation to third party information security risks, recommending risk mitigation strategies and/or advising on risk exceptions based on the business’ risk appetite.
• Driving policy & standard governance processes including creating new policies and standards where required.
• Managing framework alignments, identifying gaps and engaging stakeholders to remediate.
• Managing Security process documentation including review scheduling.Maintaining the program of remediation for audit and assessment findings, including updating of task status, reporting of progress and escalation of issues and identifying opportunities for improvement.