Job Search and Career Advice Platform

Enable job alerts via email!

Information Security Lead

LegalAndGeneral

Greater London

On-site

GBP 70,000 - 90,000

Full time

Today
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Job summary

A leading financial services company is seeking an Information Security Lead in Greater London. This role involves bridging organizational security with agile product teams focused on AWS, implementing security principles and compliance frameworks. Candidates should have extensive AWS security experience, relevant certifications, and an understanding of DevSecOps practices. The position emphasizes proactive threat intelligence and fostering a strong security culture within teams. Competitive benefits include performance bonuses and flexible working options.

Benefits

Annual performance-related bonus plan
Generous pension contribution
Life assurance
Healthcare Plan
At least 25 days holiday
Discounts on products and services

Qualifications

  • Proven experience implementing AWS security and controls.
  • Experience in a DevSecOps environment including policy-as-code.
  • Relevant industry certification required.

Responsibilities

  • Bridge security standards with product development teams.
  • Adapting tailored security frameworks for DevSecOps.
  • Provide expert guidance on risk assessment and mitigation.

Skills

Knowledge of AWS Security principles
Experience implementing AWS platform security
DevSecOps environment experience
Up-to-date knowledge of security trends

Education

CISSP CCSP MS Certified Security Engineer

Tools

Microsoft Defender
AWS compliance tools
GitHub
Terraform
Veracode
Job description

Were looking for an Information Security Lead to join us - youll play a key role to bridge the gapbetween L&Gs wider security organisation and the dynamic fast-moving demands of product and service teams spanning various major engineering domains (e.g. Microsoft Azure AWS). This role is specifically against the AWS domain to support our product team build and operate a robust and secure AWS Cloud Platform for consumption by the wider business.

What youll be doing :

  • Transposing security advice standards and guidelines from the wider L&G security organisation into initiatives compatible with fast-moving highly automated product development teams within your domain of responsibility
  • Adapting a tailored information security framework so relevant controls can be easily incorporated into the DevSecOps lifecycle for product teams in your domain simplifying the process of compliance for those teams
  • Acting as a conduit for security knowledge threat intelligence and enquiries between the information security team and product teams in your domain ensuring those teams receive timely and consistent advice
  • Ensuring compliance with wider organisational security requirements in your domain creating a single integrated approach that is compatible with DevSecOps practices across your product team
  • Compiling and presenting security-related reports on your domain for the wider organisation working with DevSecOps Engineers to automate as needed ensuring the department is transparent about its security performance and timely in delivering that information
  • Providing in conjunction with Security Architects expert guidance on risk assessment and mitigation in your domain enabling product teams to make the right choices to protect L&Gs data
  • Supporting the Information Security Manager in promoting a strong security culture across product teams in your domain empowering and supporting DevOps Engineers to maximise the security elements of their role

Qualifications :

Who were looking for :

  • Knowledge of AWS Security principles including best practice and architecture patterns for secure Cloud Ops
  • Proven experience implementing AWS platform security and controls in a fast-moving product-based environment
  • Experience with implementing and managing AWS Compliance using native tools like Microsoft Defender and AWS as well as third party CSPM tools like Wiz / Orca Security
  • Experience in a DevSecOps environment including policy-as-code and security testing automation using CI / CD tools including GitHub Terraform and Veracode
  • Relevant security-related qualification e.g. CISSP CCSP MS Certified Security Engineer or other relevant industry certification
  • Up-to-date knowledge of security trends tools and frameworks applicable to a DevSecOps environment

    • Up-to-date knowledge of security trends tools and frameworks applicable to a DevSecOps environment

    Whatever your role we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer :

  • The opportunity to participate in our annual performance -related bonus plan and valuable share schemes
  • Generous pension contribution
  • Life assurance
  • Healthcare Plan (permanent employees only)
  • At least 25 days holiday plus public holidays 26 days after 2 years service. Theres also the option to buy and sell holiday
  • Competitive family leave
  • Participate in our electric car scheme which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
  • There are the many discounts we offer both for our own products and at a range of high street stores and online
  • In 2023 some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart

    • Additional Information :

    At L&G we believe its possible to generate positive returns today while helping to build a better future for all.

    If you join us youll be part of a welcoming inclusive culture with opportunities to collaborate with people of diverse backgrounds views and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.

    We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time term-time and job shares.Although some roles have limited flexibility due to customer demand we accommodate requests when we can.

    It doesnt matter if you dont meet every single criterion in this advert. Instead think about what you excel at and what else you can bring in terms of strengths potential and connection to our purpose.

    Remote Work : No

    Employment Type : Full-time

    Key Skills

    International Development,EMC,JavaScript,Import & Export,Airlines,Asp.Net MVC

    Experience : years

    Vacancy : 1

    Get your free, confidential resume review.
    or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
    TrustpilotImage showing a rating of 4.5 out of 5 stars on Trustpilot for JobLeads, indicating a high level of customer satisfaction.
    Rated “Excellent” based on 19,347 reviews
    Top cities
    Top companies
    Popular jobs