Cyber Security Risk

As a Cyber Security Security Risk and Controls Analyst you will support the execution and continuous improvement of risk and control activities within the first-line Global Cyber Security Risk and Controls Function. The role works closely with control owners product teams and risk partners to help ensure that risks are effectively identified assessed managed and reported across areas such as third-party risks specific to technology cyber security and information technology risk.The Cyber Security Risk and Controls Analyst provides hands-on support in the maintenance and assurance of controls issue tracking evidence gathering and risk reporting. It drives control effectiveness policy compliance and effective risk management across L&G globally.What youll be doing:Maintaining and monitoring key cyber security controls to ensure control performance is effective and appropriately evidenced for compliance audit and assurance purposesSupporting the identification management and closure of cyber security issues audit actions and remediation plans to ensure timely resolution and control improvementsContributing to cyber security risk and control self-assessments (RCSAs) supplier assessments or thematic reviews to ensure accurate identification of control weaknesses exposures and required enhancementsAssisting in the application of cyber security policies standards and regulatory requirements across global technology teams to ensure appropriate alignment awareness and compliance across teamsUndertaking cyber security controls testing assurance reviews and preparation for internal or external audits to ensure that evidence is complete timely and meets defined control objectivesWorking closely with technology teams Business Technology Risk Partners and subject matter experts to ensure a shared understanding of effective cyber security risk management processes and supporting the embedding of strong risk cultureMaintaining and sharing up-to-date knowledge of specialist cyber security domain to ensure risk and control activities reflect current threats best practices and regulatory requirementsProviding SME support on IT and change initiatives with respect to delivering improvements to customer support and experienceQualifications : Who were looking for:Familiarity with security frameworks such as NIST Cyber Security Framework (CSF) COBIT ISO27001/2 and COSOUnderstanding of regulatory requirements relevant to financial services (e.g. FCA/PRA regulations UK GDPR DORA)Ability to interact with cyber security stakeholders product owners and technical operational rolesExperience in cyber security risk governance or assurance within a complex regulated environmentExperience testing and assuring cyber security controls implementation controls automation risk frameworks and audit responses across cyber securityCyber security related qualifications such as CISM or CISSP would also be a plusWhatever your role we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:The opportunity to participate in our annual performance -related bonus plan and valuable share schemesGenerous pension contributionLife assuranceHealthcare Plan (permanent employees only)At least 25 days holiday plus public holidays 26 days after 2 years service. Theres also the option to buy and sell holidayCompetitive family leaveParticipate in our electric car scheme which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)There are the many discounts we offer both for our own products and at a range of high street stores and onlineIn 2023 some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heartAdditional Information :   At L&G we believe its possible to generate positive returns today while helping to build a better future for all. If you join us youll be part of a welcoming inclusive culture with opportunities to collaborate with people of diverse backgrounds views and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time term-time and job shares. Although some roles have limited flexibility due to customer demand we accommodate requests when we can. It doesnt matter if you dont meet every single criterion in this advert. Instead think about what you excel at and what else you can bring in terms of strengths potential and connection to our purpose. Remote Work : NoEmployment Type : Full-time Key Skills ISO 27001,Microsoft Access,Risk Management,Financial Services,PCI,Risk Analysis,Analysis Skills,COBIT,NIST Standards,SOX,Information Security,Data Analysis Skills Experience: years Vacancy: 1