Vitality, Information Security Consultant, Bournemouth, Competitive + Bonus + Benefits
Vitality is an award winning, dynamic and vibrant financial services provider, with a ground-breaking vision for the future, where individuals are enabled to succeed and are rewarded and recognised for their contribution to our business.
We're a positively different, fast-growing insurance and financial services provider that rewards its 1,000,000+ members for healthy habits. We aim to be the best Private Medical insurer in the UK, offering the best service in the industry. This means we need the best people, ready to live our vibrant brand and make a difference to the business every day.
As our Information Security Consultant, you'll get the benefits our members enjoy, including
- Our award winning private Vitality Health insurance + wellness incentive programme
- Vitality Partners and Rewards - Apple Watch, Ocado, Garmin, Champneys Spa days, half price gym memberships, Disney Store discounts to name a few!
- Personal health fund + Life Assurance
- Stakeholder Pension Plan with employer contribution
- 25 Days annual leave + Bank holidays + option to buy and sell 5 more.
- Flexible benefits package
- Internal incentives, competitions and awards - a chance to win football and sports tickets or even be in with a chance to have a holiday of a lifetime
- A genuine opportunity to grow and establish a long-term career
As our Information Security Consultant you willbe responsible for ensuring that information assets are adequately protected and that appropriate controls and mitigating actions are in place to manage identified information security risks.
Responsibilities as our Information Security Consultant include:
- Provide expert professional advice across Vitality on Information Security best practice
- Be the SME on key Information Security initiatives/projects, including TPAM, RBAC, MSS
- Undertake compliance audits based on ISO27001 requirements
- Risk assessments; identify and assess information security risks and define appropriate mitigating controls; manage, co-ordinate and track risk reduction activities
- Mature the configuration of technical Security tools within Vitality
- Manage external compliance and certification efforts as required
- Contribute to the overall continuous improvement of Vitality's Information Security posture
- Facilitate penetration tests where required; define scope, liaise with supplier, manage remediation of identified risks
- Engage in project and development activities to ensure Information Security risks are identified and are being addressed through the project process/SDLC. Input security requirements and ensure they are met.
- Undertake security assessments on third party suppliers including site visits as required
- Be a key contact for, and lead on the management of information security incidents/cyber incidents
- Leadership and mentoring of less experienced team members
To become our Information Security Consultant, you will have the below skills and experience:
- Professional security qualifications and certifications such as MSc, CISSP, CISM, CISA or equivalent
- Demonstrable experience working in Information Security
- Supplier Security assessment and management
- Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audience; production of policy/standards/project documentation
- Experience of working with projects throughout the SDLC; Agile methodology
- Appropriate level of technical knowledge (configuration of security tools; SIEM,
- Experience of designing, implementing and management of information security initiatives eg SIEM, RBAC, DLP, FIM
- Sound understanding of security frameworks (eg ISO27001/2, PCI DSS, NIST), Data Protection and regulatory compliance (eg FCA, ICO, PRA, GDPR)
- Experience within the insurance, healthcare and/or financial services industries
- Ability to conduct internal audits and write associated audit reports
Working for Vitality as our Information Security Consultant you'll experience an exciting mix of creativity and innovation, within a framework of challenging objectives and a passion for delivering the best.
Our people are chosen for their skills, knowledge, enthusiasm and attitude but above all, their belief that anything can be achieved.
Closing Date: Monday 2nd December 2019
If you feel you have the skills and experience to become our Information Security Consultant thenplease click apply' today.