Information Security Specialist
Lloyd's
United Kingdom - London
4d ago

About Us

  • Secure information management will drive business value for Lloyd's of London and its customers by delivering effective and efficient services that embrace innovation for competitive advantage;
  • whilst we seek to standardise global solutions and integrate platforms that enhanced protection afford to the highest value assets.

    As the Lloyd's corporation relies more on Digital ways of working, the information security boundaries blur and the threat landscape expands.

    This specialist role within the Chief Information Security Office has an integral part to play in contributing to Lloyd's Strategy and Future of Lloyd's and will contribute to : Lloyd's becoming a brand that is globally admired and recognised and respected for its reputation as the world's specialist centre for (re)insurance.

    Lloyd's will be known around the world for its integrity and will be a place where talented, diverse and socially responsible employees feel proud to work.

    This role will practice and promote the principles of inclusiveness and respect the value of diversity.

    The Role

    The Information Security Specialist provides oversight and assurance across the Information Security Framework, to help Lloyd's risk owners to improve their security controls and governance.

    Ensuring proper governance, risk management and compliance management of all information security processes that support business operations.

    What Will You Do?

    The role will be expected to deliver on the following :

  • Support the Information Security Management System including maintenance of the current NIST controls framework and strategic expansion across the corporation.
  • Support the management of information security governance for the corporation, ensuring adherence to group policies and standards.
  • In collaboration with the CISO, ensure key information security risks and issues are identified, addressed and resolved in a timely manner.
  • Work closely with the Group Technology team; assist the CISO in providing oversight and challenge to the Information Security team.
  • In collaboration with the Second Line of Defence. ensure that risk management principles are upheld to drive down information risk.
  • Assist with updating the Third-Party Risk management framework including policy, procedures, due diligence questionnaires and the monitoring of third parties' adherence to information security and data privacy obligations.
  • Classification : Confidential

  • Assist with the client management aspects of the Information Security team, including client and potential client questionnaires;
  • help design a more effective process including a self-service process and a library of standard responses.

  • Develop relevant dashboards / metrics, analyse data, identify trends and help drive improvements to the control environment.
  • Assist the CISO in Governance, Risk and Compliance (GRC) and general information security issues as required, including interaction with the Information Security team, Technology teams and business leaders.
  • Assist in the formulation of and monitoring the application of system security policies, embedding information security best practice in business operations, assessing / auditing third party security, managing breaches of security and ensuring that the department complies with relevant legislation and standards
  • Skills & Knowledge

  • The job-holder will be required to have a high level of skills, relating to the Information Security including;
  • Expert knowledge in threat and vulnerability management
  • Knowledge of the current and emerging threat landscapes
  • Ability to design and test solutions which maintain the confidentiality, availability, integrity and compliance of Lloyds data;
  • or data entrusted to the corporation.

  • Investigative, architectural and analytical experience
  • Team-working & influencing skills to ensure that security is effectively implemented
  • Good understanding of Cyber Security and aspects of Information Security
  • Ability to take the lead, operate under own initiative and deliver quality solutions
  • Identify & progress security initiatives, optimise & propose improvements to the control set (process, people and technology)
  • A focus on delivery will be key along with great attention to detail and the ability to prioritise tasks according to business priorities
  • Ability to manage own performance, complete tasks reliably and act effectively addressing business issues
  • The ability to work well within a team but also as an individual as required
  • Excellent documentation and presentation skills are a must
  • Ability to take ownership for incidents and maintain integrity when dealing with incidents.
  • Experience

  • Should have a minimum of 5 years' experience in an information security function, with at least 3 year focused in Information Security Governance, Risk and Compliance.
  • More specifically security risk assessments, threat modelling, cyber security incident management, education and awareness.

  • Experience of working with experienced technical subject matter experts, often with different motivations
  • Working experience dealing with significant incident and reducing the threat landscape.
  • Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form