Senior Information Security Analyst (Third-Party Due Diligence)

Permanent

Location: Edinburgh (We believe in the power of in-person collaboration, and our hybrid model requires colleagues to be in the office a minimum of 40% of their time)

Salary: A competitive salary from £35,120 - £52,680, depending on the experience you can bring

Closing date: 21st February 2025

We’re a company of around 2,500 innovators and thinkers who put our energy into helping customers. You can see this in our culture where we ask everyone to be brave, raise their game, deliver first time, help others, and act in everyone’s best interests.

We help people live their best lives. We help them with the big stuff, for the moments that matter: Pensions, Savings, Investments. At Aegon, we strive in creating a diverse organisation that plays a meaningful role in driving greater equity, inclusion and belonging.

We are currently hiring for Senior Information Security Analyst (Third-Party Due Diligence) to join our team in Edinburgh. In this role, you will undertake a wide range of activities that cover analysing and assessing the adequacy of information security controls, initiating improvements, provision of advice, supporting business enquiries, collating and analysing results for business returns and reporting. Key tasks will include:

• Assisting the Third-Party Information Security Manager to maintain the Third-Party information security assurance framework.
• Undertaking security reviews for the Aegon UK supplier population under the guidance of the Third-Party Security Assurance Managers.
• Assisting with the review of responses to more complex client security onboarding and annual due diligence security reviews.
• Responding to business requests relating to Information Security.
• Supporting with security risk assessments.
• Assisting with development of Information Security procedures and processes.
• Maintaining currency with work undertaken by the overall InfoSec Team to understand how changes to systems, servers and applications may affect security.
• Support the undertaking of compliance assessments, audits, reviews and workshops.
• Assisting with assessing information security policy exceptions.
• Developing and maintaining documentation.
• Providing consultancy, advice, guidance and training to all areas within Aegon UK.
• Information Security, which may include information security management, third party assurance, application security, project consultancy and assurance, network security, security incident management and user awareness.

We’d love to hear from you if you have:

• 3rd Party Due Diligence experience and knowledge, specifically relating to ISO27001 & ISO27002.
• Knowledge of Information Security policy, principles and techniques, information security standards.
• Knowledge of legislation and regulations relevant to Information Security (Data Protection Act, Computer Misuse Act, SOX, FSA regulations)
• An up to date and current knowledge of Information Security; current business and industry issues and initiatives.
• Experience of risk assessment in a business environment, understanding and determining business impact, determining risk from vulnerability, recommending appropriate and cost-effective controls.
• Desirable - A relevant degree or qualification. Will be encouraged to pursue a recognised Information Security Qualification.

What’s in it for you?

• A non-contributory pension between 8%-12%
• A discretionary bonus, depending on personal and company performance
• 34 days leave per year (including bank holidays, pro-rated for part-time)

We also offer private medical cover, life assurance, critical illness cover, enhanced parental leave and a variety of lifestyle benefits to help our employees live their best lives, including retail discount vouchers, cycle2work scheme, subsidised restaurant and online GP appointments.

Sound good? You know what to do… click the "Apply" button and see where it can take you.

The legal bits

We’ll need you to confirm you have the right to work in the UK. If we offer you a job and you accept, there are some checks we need to complete before you can start with us. This will include a credit and criminal record check, as well as providing satisfactory references.

Equal Opportunity Employer:

We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their age, disability, race, religion/belief, gender, sexual orientation or gender identity.