It’s an exciting time to join the Security team at a large Insurance client, with significant investment planned in all UK&I businesses to transform, deliver new digital services to our customers, and streamline our business processes. With a consultive approach and a variety of exciting change projects on the horizon, we support the business as Subject Matter Experts whilst driving the outcome of secure solutions through assessing risk and building pragmatic solutions to mitigate those risks.
Working in the Security team, the Senior IT Security Officer will be reporting into the Head of Security Strategy and Transformation and will gain fantastic exposure across the business as well as IT. At our insurance client we’re adopting a Hybrid way of working, empowering our people to balance their time between home and any UK office in a way that works best for them, their team, and our customers.
What you’ll be doing:
- Liaise with UK COO, Health, and Insurance project teams to manage the security portions of strategic projects, working within the project teams to achieve goals on time and on budget.
- Deliver assigned UK Security projects, enhancing our controls and closing new risks, on time and on budget.
- Provide consultancy within the UK Security team on the security aspects of business goals and plans outside CTO.
- Build secure solutions which can be measured, for example on Coverage, Quantity, and Quality metrics, and can be moved into a supportable and maintainable Business as Usual state.
- Assist the rest of UK Security producing risk assessments of Group and 3rd party tools and platforms, as required.
- Provide technical consultancy on 3rd party risk for specific solutions.
- Act as subject matter expert to the business and to other members of the Security team as required.
- Proactively investigate new threats to the business and propose solutions to address them.
Qualifications – External
- Proven experience working in an Information Security role previously implementing information security controls across a range of technologies, e.g., Security Architect, or Security Project Lead
- A strong Customer focus to ensure internal stakeholder needs are met
- Experience of cloud technologies.
- Information Security risk management processes and best practice
- Disciplined and organised mind-set with a good attention to detail
- Excellent communication and interpersonal skills, including the ability to negotiate and resolve conflict
- Excellent time management skills, including the ability to manage a demanding and variable workload with tight deadlines.
- Good reasoning skills and the ability to clearly identify key issues.
- CISSP, CISM or other equivalent foundational security qualifications or experience
- CEH, OSCP, GIAC or other penetration testing security qualifications or experience
- SABSA, SANS or other technical architecture qualifications
- SAFE, Scrum, or other Agile methodology experience
- Data Protection, Risk, Legal or HR qualifications or experience
As a precondition of employment for this role, you must be eligible and authorized to work in the United Kingdom.