Security Analyst

Legal & General
40000.00 GBP Annual
28 Sep 2017
17 Oct 2017
Contract Type
Full Time

Apply now Email a friend Back to search

  • Company Info
  • We take pride in being there for our customers. We help them deal with whatever life has in store and support them in achieving financial security; and that's thanks to the talented and dedicated people who work with us. For us, 'social responsibility' is not just a buzzword. It defines us and runs through everything we do for our customers and as an employer. And working with us, you'll get a competitive reward package and have the flexibility and autonomy to deliver your personal, business and career goals.
  • Department Info
  • From Administration to Purchasing and Legal, as well as Group Real Estate, Taxation, IT and much more besides - Shared Services support our businesses across the UK and abroad. We enable our business units to do what they do best while we deliver core services and processes that have a real impact on our company-wide efficiency, profitability and strategic growth.

  • Job Duties
  • Operational Effectiveness

    Implement and operate regular security assurance activities to allow effective governance and security oversight of key suppliers.

    Apply good practice for process and reporting to deliver on the above activities.

    Develop and enhance security oversight capabilities and services for use internally.


    Support IT operations team in the areas of:

    Security audits, intrusion and penetration tests

    Security control effectiveness

    Security infrastructure testing and oversight

    3rd party supplied security management information (MI)

    Service Support

    Support teams when they perform RFPs, undertake 3rd party agreements, and when they undertake security audits, intrusion and penetration tests.

    Provide support and technical guidance on the adoption of new testing tools and assist team with meeting obligations around regular security testing.

    Provide technical security advice and support with policy exceptions from different business divisions in relation to projects or systems already in place.

    Security Governance

    Support teams when they work on policy and standards including when they oversee compliance against them and provide guidance on their operational enforcement.

    Partner with the due diligence team to measure adherence to third party security oversight principles and practice.
  • Skills Required
  • Qualifications

    Appropriate security qualification for the role would include Security+, SSCP, GIAC Cyber Defence certifications, CEH or CISSP. In order to demonstrate the knowledge required to perform the role it is anticipated that the role holder will be educated to degree level in a relevant technical area and/or hold relevant work experience


    Knowledge is required of:

    IT Security, including good understanding of associated technologies and architectures

    IT security principles, guidance and technical standards

    Fully abreast of trends and changing technologies as they relate to information security threats and control

    Good knowledge of some of the following is desirable:

    Cloud architecture

    Database security

    Application security

    Identity and Access Management

    Encryption at rest and in transit


    Endpoint and servers security (Antivirus/Antimalware, APT)

    Perimeter and network security (Firewall, IDS/IPS, WAF, Proxy, Antispam, etc...)

    Security Operations

    Patch and vulnerability management

    Incident Management


    The role requires experience in:

    Security operations or similar technical/IT environment

    Installing and using security software, ideally assessment and configuration tools (i.e. automated vulnerability scanners, security auditing tools, network vulnerability tools, firewall rule evaluation etc.)

    Understanding, interpreting and explaining output from security tools

    Coordinating and working with on shore and offshore staff

    Creation of reports and presenting data in easily understandable formats


    Working with outsourced providers and 3rd parties

    PCI DSS knowledge

    Exposure to ISO27001 and implementing or contributing to the creation of an ISMS

    Systems design and development from business requirements analysis

    Development of security standards and policies

    Security risk management and reporting

    Personal Attributes

    Customer orientation

    Able to liaise across all teams within the company including Infrastructure, Business systems owners and with suppliers

    Superior analytical, evaluative and problem-solving abilities

    Ability to work in a challenging environment

    Exceptional service orientation, customer focus

    Strong communication skills and presentation abilities

    Listens to others and talks honestly


    Ability to present ideas in business friendly and user friendly language
  • Benefits
  • Whatever your role, we reward ability, performance and attitude with a package that looks after all the things that are important to you. Our employees have a wide range of benefits including a generous pension scheme, life assurance, 22 days' (with potential to rise to 26 days) holiday, discretionary performance related bonuses, paid overtime, a variety of share schemes, discounts at both a huge range of high street stores and our own great products, your hard work will be rewarded when you join us.

    Our view is that this role is suitable for agile working. This means we would consider a more flexible working arrangement, where your hours and work location are managed according to business, customer and personal needs. For this role, you would be based in Hove, but you could work in other Legal & General offices or at home, as necessary, provided this meets business needs. Details of agile working will be discussed during the interview process.

    For further information about the role, please contact Lynn Morriss, UK Resourcing Lead, at