Cyber Security Risk & Controls Manager
Share
Job Location:
Monthly Salary:
Posted on:
14 hours ago
Vacancies:
1 Vacancy
Job Summary
As a Cyber Security Risk and Controls Manager youll be the subject matter expert for cyber security risk and controls across L&G. This is a key role in the Technical Risk Functional Areas providing expertise on cyber security related risk matters staying abreast of emerging threats vulnerabilities and risks within the Technical Risk Functional Areas.
The purpose of the role is to ensure that cyber security controls are designed and operated across L&G in a consistent and effective manner. Youll provide proactive challenge risk and control insight supporting cyber security controls testing assurance activities and enabling Business Technology Risk Partners with subject matter knowledge on cyber security risks to support the effective management in their business division.
What youll be doing:
- Providing expert guidance on cyber security risk identification analysis and mitigation to ensure alignment with L&G risk frameworks and evolving threat intelligence
- Leading the implementation and continuous improvement of cyber security controls across L&G systems applications and third parties to ensure controls remain effective proportionate and mitigate our key risks
- Ensuring compliance to cyber security policies and standards and regulatory requirements to ensure L&G and its third parties meets internal and external requirements
- Managing overseeing and providing cyber security subject-matter expertise to controls testing assurance reviews and preparation for internal or external audits to ensure controls are appropriately evidenced tested and remediated adequately where required
- Providing subject matter expertise input into the response and analysis of cyber security or controls failures to ensure lessons are learned and systemic risks are addressed
- Maintaining up-to-date knowledge of cyber and information security and managing the pool of subject-matter experts to ensure risk and control activities are performed effectively in line with current threats best practices and regulatory requirements
- Providing SME support on IT and change initiatives with respect to delivering improvements to customer support and experience
- Managing the team in line with company policies and the Partnership Agreement to consistently achieve business objectives
Qualifications :
Who were looking for:
- Strong familiarity with technology and security frameworks such as NIST Cyber Security Framework (CSF) COBIT ISO27001/2 and COSO
- Good understanding of regulatory requirements relevant to financial services (e.g. FCA/PRA regulations UK GDPR DORA)
- Experience designing and/or assuring information technology controls implementation controls automation risk frameworks and audit responses
- Exposure to briefing to a wide range of audiences (including technical and non-technical at all levels of an organisation) would be a huge plus
- Management experience in information technology risk governance or assurance within a complex regulated environment
- Technology risk and governance related qualifications such as CRISC CGEIT or CISA would be great
Whatever your role we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:
- The opportunity to participate in our annual performance -related bonus plan and valuable share schemes
- Generous pension contribution
- Life assurance
- Healthcare Plan (permanent employees only)
- At least 25 days holiday plus public holidays 26 days after 2 years service. Theres also the option to buy and sell holiday
- Competitive family leave
- Participate in our electric car scheme which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
- There are the many discounts we offer both for our own products and at a range of high street stores and online
- In 2023 some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart
Additional Information :
At L&G we believe its possible to generate positive returns today while helping to build a better future for all.
If you join us youll be part of a welcoming inclusive culture with opportunities to collaborate with people of diverse backgrounds views and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.
We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time term-time and job shares. Although some roles have limited flexibility due to customer demand we accommodate requests when we can.
It doesnt matter if you dont meet every single criterion in this advert. Instead think about what you excel at and what else you can bring in terms of strengths potential and connection to our purpose.
Remote Work :
No
Employment Type :
Full-time
Key Skills
- Arm
- Risk Management
- Financial Services
- Cybersecurity
- COSO
- PCI
- Root cause Analysis
- COBIT
- NIST Standards
- SOX
- Information Security
- RMF
About Company
Legal & General (L&G) is a leading UK financial services group and major global investor.We’ve been safeguarding people’s financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders.We are one of th ... View more
