Information Security Risk Lead - Group Technology Risk, Brighton and Hove
Client: LegalAndGeneral
Location: Brighton and Hove, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: 8be5d3f02469
Job Views: 5
Posted: 16.02.2025
Expiry Date: 02.04.2025
Job Description:
We’re looking for an Information Security Risk Lead to join us in either London, Hove or Cardiff!
You’ll play a key role in overseeing technology and Information Security risk across our Group CTO and Group CISO teams to ensure relevant risks are being identified, well understood, and managed within agreed risk appetite. In addition to this, you’ll also act as an SME to assess the adequacy of plans that are in place to address any identified gaps, ensuring that the appropriate Executive and Board focus is achieved.
What you'll be doing:
1. Engaging with the Group CISO 1LoD Information Security teams to provide oversight, challenge, support and advice in relation to Cyber (Information Security) risk.
2. Undertaking assurance of 1st line management actions to manage Information Security risk, working closely with Group CISO, and divisional Technology Risk Partners and Group Internal Audit.
3. Supporting the development of policy and governance for the oversight and reporting of Information Security risk.
4. Providing Information Security opinions on the management of Cyber (Information Security) Risk.
5. Providing input and leadership into the Group Technology & Data Risk Centre of Excellence.
6. Staying abreast of changes and challenges related to emerging technologies.
7. Ensuring that the principles of Conduct Risk are always embedded into day-to-day operations.
8. Ensuring that the appropriate process, systems, and controls are in place.
Who we're looking for:
1. Strong knowledge of Information/Cyber Security and IT.
2. A broad knowledge of range of recognised information security standards and technical frameworks (e.g., ISO 27001, NIST CSF, SOC-2 attestation, PCI DSS, CoBIT).
3. A practical understanding of general security practices such as encryption, IAM, security information and event management etc.
4. A good understanding of IT Information risks, including confidentiality, integrity, availability, authenticity.
5. Experience of working in a regulated environment, including the 3 lines of defence risk management model.
6. Strong interpersonal skills with the ability to collaborate with a variety of colleagues across different seniority levels.
Benefits:
1. The opportunity to participate in our annual, performance-related bonus plan and valuable share schemes.
2. Generous pension contribution.
3. Life assurance.
4. Private medical insurance (permanent employees only).
5. At least 25 days holiday, plus public holidays, 26 days after 2 years’ service.
6. Competitive family leave.
7. Participate in our electric car scheme.
8. Discounts for our own products and at a range of high street stores and online.
9. Redesigned workspaces that promote connection and collaboration.
Additional Information
Legal & General is a leading financial services group and major global investor, named Britain’s Most Admired Company in 2023. We aim to build a better society for the long term by investing our customers’ money in things that make life better for everyone.
If you join us, you’ll be part of a welcoming culture, with opportunities to collaborate with people of diverse backgrounds, views and experiences.
We strive to be open, mindful and inclusive, so are always willing to discuss flexible working arrangements and reasonable accommodations for candidates with specific needs.
If you’re open to find out more, we'd love to hear from you.
#J-18808-Ljbffr