End User Services - Security Compliance Lead (S&R Consultant)

Social network you want to login/join with:

Client:

Nationwide Building Society

Location:

Swindon, United Kingdom

Job Category:

Other

EU work permit required: Yes

1

23.05.2025

07.07.2025

In the role of Security Compliance Lead, you will safeguard Nationwide’s endpoint technology and oversee vulnerability patching compliance for our Release & Protect function. You will lead daily meetings with cross-community teams, monitor metrics, and develop plans to maintain operational compliance.

You will be responsible for regulatory compliance and fostering a culture of security awareness alongside the delivery and maintenance of strict SLAs and KPIs. A key part of the role will be managing relationships with both Senior Managers and Team members.

End User Services (EUS) is responsible for the delivery and support of all the Society's end user technology. This includes laptops, physical and virtual desktops, mobile phones & tablets, audio & video conferencing technologies, operating systems, and software.

We empower our colleagues to provide a brilliant experience by ensuring their endpoint is fit-for-purpose, to seamlessly perform their duties and keep Nationwide’s data safe, enabling them to focus on customer outcomes from start to finish.

Working in EUS as a Security Compliance Lead, you’ll be a senior member of a small team responsible for security compliance oversight of our end user devices.

We are happy to consider flexible working approaches to help you perform at your best.

At Nationwide, we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK-wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, learn, and feel connected.

For this job, you'll spend at least two days per week, or if part-time, you'll spend 40% of your working time, based at our Swindon office. If your application is successful, your hiring manager will provide further details. You can also learn more about our hybrid working approach here.

What you'll be doing

Working in our Release & Protect team, you will promote a robust security culture across our teams and organization.

A typical day includes evaluating, prioritizing, and reporting on vulnerabilities impacting our endpoint devices. This involves coordinating appropriate treatments to ensure security compliance is achieved and maintained. You may also support investigation and resolution of Threat Incident Management responses.

The security landscape is constantly evolving. You will identify and deliver continuous improvements to our processes and measures, advising change delivery teams to maintain hardened controls.

You will monitor and leverage continuous improvement for new and existing threats and regulatory changes. This includes overseeing the development of security policies and associated processes, helping to govern our security controls while keeping the end user experience in mind.

You will facilitate action plans for audits conducted by internal and external auditors, oversee risk assessments, and remediate non-conformities.

About you

• A good working knowledge of Cyber Security and Information Assurance, with understanding of governance, compliance, and risk from different perspectives, including Security and Operational risk.
• IT Security expertise in endpoint security, supported by relevant certifications such as ISO 27001 and Security+ (Plus) or equivalent.
• An advocate for security best practices with a curious mindset, possessing industry knowledge of Security threat vectors and ability to describe these as risks (impact/likelihood).
• Excellent communication skills, capable of interpreting and presenting complex information in plain language. Self-motivated, able to translate risks & issues into action plans and roadmaps, and manage stakeholder expectations at all levels.
• Experience leading small, multidisciplinary teams to meet organizational goals.

Our customer-first behaviors put customers and members at the heart of our work, including:

• Feel what customers feel - Empathize with customers using feedback and insights to understand their needs, ensuring decisions start and finish with the customer in mind.
• Say it straight - Be honest and direct, sharing diverse perspectives to reach the best conclusions using clear language.
• Push for better - Challenge the status quo, take responsibility for continuous improvement and personal development.
• Get it done - Prioritize impactful actions, be decisive, and deliver excellent customer outcomes.

You can strengthen your application by demonstrating how these behaviors resonate with you.

The extras you'll get

Employee benefits include:

• A personal pension with a 7% employee contribution topped up by 16%
• Up to 2 days paid volunteering annually
• Life assurance worth 8x your salary
• Additional benefits via salary sacrifice schemes
• Wellhub – health and wellness options
• Access to annual performance bonuses
• Training and development opportunities