Information Security Assurance Specialist
UK Visa Sponsorship Analytics
Above analytics are generated algorithmically based on job titles and may not always be the same as the company's job classification. You can also check detailed occupation eligibility, and salary criteria on our UK Visa Eligible Occupations & Salary Thresholds page.
Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with Slaughter and May. For the most up-to-date job details, please visit the official website by clicking "Apply Now."
ROLE OVERVIEW //
Reporting to the Information Security Manager, the Information Security Assurance Specialist will play a pivotal role in strengthening the firm’s information security posture. It will identify where security assurance testing of the firm’s systems and processes is required, commission the required tests from relevant suppliers, and manage their findings through to resolution. It will also provide security assurance in relation to the IT project and change management lifecycles by identifying security requirements, reviewing project design documentation, and working with technical stakeholders to mitigate information security risks associated with technical change requests. The successful candidate will be proactive and motivated individual with the ability to quickly grasp technical concepts and effectively communicate information security risks to a range of stakeholders. A strong background in information security within professional or financial services is essential.
KEY RESPONSIBILITIES //
The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work outside our normal working hours of 9:30am to 5:30pm.
- Plan, scope, commission and oversee a wide range of technical assurance testing, including:
- Penetration tests of IT project deliverables as they approach release to production.
- The baseline annual penetration test of the firm’s core systems and IT infrastructure.
- Other offensive security testing, such as physical penetration tests and social engineering exercises (e.g. vishing), to provide assurance in relation to non-technical security controls.
- Validate the findings arising from such tests with relevant subject matter experts, prioritise them based on risk, and manage them through to resolution (e.g. mitigation or risk acceptance).
- Work with the Technology department’s IT Architecture function to review design documentation for new (or significant changed) IT solutions, embedding security requirements from the outset.
- Identify and assess the information security risks associated with technical change requests and represent information security perspectives at Technical Change Advisory Board (T-CAB). Information Security Assurance Officer 2
- Help drive continuous improvement and consistency in relation to security assurance, e.g. by:
CANDIDATE PROFILE //
Candidates for this position must have:
- Strong experience in an information security or technical cyber security role, ideally within a regulated environment or an organisation aligned to ISO 27001.
- Strong knowledge of ISO 27001 and Cyber Essentials Plus standards.
- A self-motivated, results-driven mindset with a strong sense of ownership and accountability.
- Excellent organisational skills, with the ability to prioritise effectively in a fast-paced environment.
- Intellectual curiosity and a commitment to continuous improvement, including researching new ideas and validating them through testing.
- Proven ability to collaborate effectively, build strong professional relationships, and communicate confidently with senior leadership.