Nist Cyber Assurance Analyst

**About us**

OSB Group is a leading specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of fundingis provided by sophisticated securitisation platforms. OSB's unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia.

Our philosophy:
**What you will be doing**

The key purpose of this role is to support the Information Security programme and framework. You will focus on core areas such as risk management, third-party security due-diligence reviews, ensuring compliance with legal, regulatory and relevant securitystandards such as ISO 27001, PCI DSS and the UK data protection act / GDPR.

You will also support the security awareness and training activities as defined by an annual schedule of targeted training and testing across the Group.

Your responsibilities will include:

- Support the Vulnerability Management reporting and IT remediation planning
- Support a pre-defined schedule of work to conduct third party risk management reviews through security questionnaires and on-site security reviews
- Assist with implementation, monitoring and assurance reviews of IT security controls
- Maintain information security frameworks, policies, standards and guidelines
- Implement process improvements and efficiencies as defined by the agreed service improvement plans
- Assist with the definition and enforcement of configuration standards and policies for security technologies

**In return for your commitment**:
Please use this link to see the fantastic benefits available at OSB:
**Could you be the one?**

We are looking for talented individuals who have the experience and knowledge set out below:

- Previous work experience in an Information Security role within financial services with the following experience:

- Performing security assessments for IT systems and processes
- Conducting 3rd party risk assessments
- Creating a security awareness training programme
- Use of vulnerability management tools and remediation planning
- Strong knowledge of IT Security technologies, principles and practices
- Strong knowledge of the NIST framework
- Qualifications in or working towards any SANS GIAC Security certifications (Administration, Software, or GSE Expert), ISC2 CISSP, or any security systems vendor administration-level certifications

**What to do next**

Interviews are a two way street, we aim for them to be relevant and conversational to get the best out of you
- OSB Group are dedicated to diversity in the workplace and committed to treating all our employees and job applicants equally. We embrace equal opportunities and are opposed to discrimination on any grounds._
- As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop and advance senior women in our sector. _
- We don't stop there though, we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Our leadership and Executive Committee are right behind us, to the extent that our Diversity Champions sit at Board leveland on a monthly basis receive updates on our progress. _
- #INDLP #LI-HYBRID _