UK Chief Information Security Office (CISO) are seeking a Third-Party IDPS Security Specialist to be a part of their team. We are flexible with location and the role can be based at one of our offices convenient to your location.
The role forms part of the UK CISO Third Party Assurance Team; working within the wider CISO business unit. This opportunity could be ideal for you if you are looking for a challenging but rewarding role, where you are valued and empowered; we rely on our Third-Party Security Specialists to assure that our cybersecurity controls and policies are properly implemented and maintained by third parties. Your main responsibility will be the service management of the Intrusion Detection and Protection (IDPS) services within Aviva, hosted and supported by our 3rd party partners.
You will provide IDPS consultancy to our CISO Security Teams, third party vendors and business partners, whilst measuring, managing and investigating security services protecting Aviva’s business from malicious activity. In addition, you will record, maintain and manage risks, communicate with the business, CISO technical teams and 3rd party providers, quickly consuming details through data, reporting and evidence packs.
Responsibilities in the role:
- Provide a view and challenge on supplier information security activities
- Work with third parties to ensure toolsets are meeting their potential and support the management of issues
- Analysis of management information and delivery of onward reporting
- Build improvements to security and associated reporting
- Attend architecture service and design assurance, technical working groups and formal supplier governance meetings to cover matters relating to cyber security management for third party suppliers
- Provide your input with third party security schedule reviews
- Ensure documents and risks are kept up to date and aligned
- Review technical security standards, policies, and controls
- Understand the current security services provided by 3rd party vendors and ensure services received meet Aviva’s Security control requirements
- Review supplier reporting and data, relating to service performance
- Attend service reviews, ensuring service levels are met by vendors, document actions and agreements
- Prioritise deliveries with suppliers to meet Aviva’s security requirements
- Review and understand Aviva’s commercial agreements with vendors and drive value and service from the service providers
- An array of technical experience and acumen; able to communicate with technical staff and understand complex IT and cybersecurity issues at a high level
Skills and experience we’re looking for:
- Familiarity with cybersecurity technologies, developments, and issues
- IDS/IPS experience
- Able to quickly learn and adapt to new technologies, processes, and practices
- Risk assessment and management skills
- High level of initiative – able to self-direct and operate independently, proactively, with confidence – after suitable acclimatisation
- Ability to operate within formal governance frameworks
- Strong analytical skills
- Good written communication skills
- Security qualification desirable – CISM or CISSP or C-RISK or equivalent
- Experience of working within large complex organisations
- Good understanding of IT strategy and IT change activity
What will you get for this role?
- Salary up to £55,000 dependent on location, skills, experience, and qualifications
- A generous defined contribution pension scheme
- Annual performance related bonus and pay review
- A holiday allowance of 29 days plus bank holidays and the option to buy/sell up to 5 additional days
- Up to 40% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and Family (some exclusions apply)
- Excellent range of flexible benefits to include a matching share save scheme
Working at Aviva
At Aviva, we’re people with a purpose. To be with you today, for a better tomorrow.
We bring this to life by ensuring risk handling is at the heart of the way we all work. We love people who do the right thing for our customers, and our colleagues. We want people who speak up, who take ownership, and who make good decisions.
The way we do this is important too. We always ‘Care More’. It’s our thing. We’re all about our people – that’s you – so we can be pretty flexible. If you want to work from home some of the time or change your hours so you can pick up your kids or care for someone in your family, we’re very open to that. In fact, we don’t advertise roles as either part or full time, because we know each person has different needs, just as each business area has different needs. So, it’s up to you to discuss working hours during your interview.
We care deeply about being inclusive and that means we encourage applications from people with a diverse group of backgrounds and experiences. We want our employees to bring their whole self to work and that starts with you.
We interview every disabled applicant* that meets the minimum criteria for the job. Once you’ve applied, please send us a separate email stating that you have a disclosed disability, and we’ll make sure we interview you.
We’d love it if you could submit your application online. If you require an alternative method of applying, please give Lacey Lane Mckoy a call on 0207 255 0884 or send an email to [email protected]
*As defined in The Equality Act 2010*. By ‘minimum criteria’ we mean you should provide us with evidence which demonstrates that you generally meet the level of competence required and have the qualifications, skills or experience defined as essential to perform the role.
To apply for this job please visit www.cybersecurityjobsite.com.