IT Cyber Controls Tester

Bank of Scotland
Posted

This vacancy is no longer advertised

At Lloyds Banking Group we are committed to putting our customers first and a big part of that commitment is ensuring all our customers are protected from the ever increasing risk of cybercrime. As the threat landscape continues to evolve we want to ensure all our 30m customers can conduct their business in a safe and secure environment. We are continuing to invest in our Cyber Security & Risk teams and programmes and as a result an opportunity has arisen for you to join the IT Business Unit Control Function of Lloyds Banking Group.

This is a role that matters as you will be testing and evaluating vital IT cyber information security controls to determine which controls are designed and implemented correctly, operating as intended and producing the desired outcome with respect to meeting security requirements and addressing inherent risks. You will report findings and recommendations and results to IT business areas and senior management, ensuring appropriate mitigating and resolution actions are agreed and implemented. Responsibility for quality testing, execution and analysis of results will sit with you.

You'll also partner with the IT Business to present ideas to remediate weaknesses and support development of action plans and will always be driving continuous improvement. We will need you to ensure that Technology Security Standards and principles are implemented and adhered to and expect you to monitor industry developments and ongoing evolving instruction/policy/guidance on IT security concerns.

To carry out this role you will need to be an experienced IT security risk professional with knowledge of control frameworks and control testing with a security or audit related qualification such as CISSP, CISA, and CRISC combined with a willingness and capability to provide constructive challenges to the IT business to ensure risks are addressed correctly.

As you would expect an excellent working knowledge of cyber security controls, tools and activities is essential, ideally combined with an aptitude for translating sometimes complex technical jargon into plain business language. Previous hands on experience in a security related role would be a real asset (e.g. role within a Security Operation Centre, performing red teaming or pen testing, etc.)

In return we offer an excellent benefits package, a flexible working environment and a dedication to your development through career opportunities within one of the largest financial institutions in the UK or via our new Cyber Academy as part of our Cyber Awareness, Education & Training programme. This is for current/new colleagues offering a clear development path which will link to a recognised accreditation through the IISP (Institute of Information Security Professionals).

If you have the skills and dedication we require we would love to hear from you…

See more jobs like these