This role can be based in either Wythall or Edinburgh
As part of a small and well-respected team within our leading financial services organisation, the Information Security Assurance Consultant will have exposure to a wide range of information and cyber security controls and frameworks both within our own business and at our key outsourced service providers. Additionally, you will take the lead on a number of key areas and will have the chance to really make a difference. If you already have a good grounding in information security and/or assurance, this is an ideal opportunity for you to further develop your skills in a supportive and well rewarded environment.
- Contributing to and maintaining the Information Security framework, meeting Phoenix Group Policy and regulatory requirements
- Managing and monitoring performance of security controls, engaging with internal and external stakeholders including strategic outsourced partners
- Providing Information Security advice, support and assistance to the business to ensure compliance with Policies and Standards
- Participate in governance and oversight forums and management committees
- Complete due diligence of new suppliers and technology solutions
- Oversee IT vulnerability scanning and patching processes to ensure they are operated effectively
- Production of clear management information and reporting for committees and stakeholders.
The Role specifics:
This is a broad information security role and would suit someone who enjoys variety on this subject matter. The bullet points below will highlight the breadth of accountabilities. We are therefore looking for someone who has proven transferable experience in at least three of the five key areas below:
- Planning and executing IS assurance reviews on the performance and effectiveness of information security controls within Phoenix and key outsourced service providers
- Managing our Data Leakage Protection (DLP) processes including review, tracking of issues, escalation and reporting
- Overseeing our penetration test processes; including scoping, selection of suppliers and issue remediation.
- Conducting due diligence of new suppliers ensuring information security controls have been properly risk assessed and providing advice to the onboarding team regarding supplier suitability
- Overseeing the IT vulnerability scanning and patching processes to ensure they are operated effectively, identified issues are appropriate considered and remediation applied in appropriate timescales
We are also looking for:
- Broad knowledge of information security risks with a good understanding of the full spectrum of Information Security controls
- The ability to pick up new skills and tasks quickly and effectively
- Well-rounded technical IT knowledge as it relates to information security risks
- The ability to work flexibly and supportively within a small team
- The ability to communicate with and challenge counterparts in outsourcers and other external suppliers
- The ability to describe, communicate and promote information security solutions in a manner that the wider business community can understand
- Good planning and organising skills, with strong knowledge of Microsoft Excel and PowerPoint.
- The ability to plan and manage external dependencies
- The ability to define challenging objectives and achieve them
- Candidates will ideally have appropriate security qualifications such as CISSP, CISM or CISA, but it's not essential
Join the Phoenix Group, and you join a unique organisation. It's not just the 10 million policyholders we serve, or the £240 billion of assets we look after. Or that we've been listed as one of the UK's Top Employers for seven years running. It's the fact we manage predominantly closed life funds in our Heritage business. This means we can focus our innovative thinking and energy into improving outcomes for our existing customers and their customer experience. But that's not all.
We also have an Open business which manufactures and underwrites new products and policies to support people saving for their future in areas such as workplace pensions and SIPPs. We also market corporate pension trustee services and manufacture products to be sold under other brands. Did you know Phoenix Life manufactures SunLife's market leading Guaranteed Over 50's plan? Having acquired Standard Life Assurance Limited in 2018, Phoenix is now the largest consolidator of heritage life insurance funds in Europe with a vision to be Europe's Leading Life Consolidator.
To apply online simply visit our website by clicking the APPLY button.
N.B. When on the Phoenix Careers site, first time visitors will be asked to register before applying.
Closing date: Midnight, Monday 23 rd September 2019.