Information Security Specialist – Policy and Governance Edinburgh, Scotland
Job description
General information
Serving our customers, communities, and planet a little better every day.
Information Security Specialist – Policy and Governance
Location: Edinburgh / Glasgow Offices.
Excellent Salary & Benefits
What you’ll bring
We’re embracing an agile way of working; this Information Security Specialist role in Policy and Governance in our Cyber Risk team will join us on an exciting journey. Join us and bring your talent, expertise, and skills to join our existing colleagues and make a difference to our customers, communities, and planet.
Job Purpose:
You will support delivery of updated policies, risk indicators and governance processes to bank colleagues and work with Information Security Managers to provide oversight and challenge to Risk and Control owners.
You will be able to:
- Demonstrate an application of Information Security and Risk knowledge and expertise in support of both oversight of the Bank’s Information Security and Cyber Risks, and the continual development of our policies and governance framework. For this to be achievable a blend of technical and softer skills are required:
- Strong stakeholder management, ability to engage to a diverse audience from differing backgrounds and sectors.
- Understanding of Security frameworks and ability to identify vulnerabilities / areas requiring control enhancement.
- Strong communication skills (verbal and written)
- Strong analytical skills.
- Pragmatic and balanced outlook relative to risk and impact with the ability to apply sound judgement.
- Strong organisational skills, with the ability to coordinate and effectively self-manage your own portfolio of work to ensure high quality and timely delivery.
- Practical experience of Information Security frameworks and oversight within a highly regulated environment.
- An understanding of operational or business risk.
The Role
You will support delivery of updated policies, risk indicators and governance processes to bank colleagues and work with Information Security Managers to provide oversight and challenge to Risk and Control owners.
You will provide subject matter expertise to internal stakeholders:
- Share knowledge and mentoring to colleagues.
- Attending internal committees, workshops, acting as delegate for Information Security Managers when required.
- Preparing, updating, and delivering content to bank colleagues
- Reporting on key risk indicators and control effectiveness
- Supporting risk identification and assessment
- Supporting challenge and oversight of Information and Cyber Security controls.
- Maintaining accurate records and documentation, supporting coordination of material from multiple sources to create a single view for senior management.
- Actively contribute to the ongoing development and promotion of the Information Security Oversight Team through constructive challenge, providing solutions, innovation and continual improvement.
- Support and active collaboration / contribution in team objectives. #LI-KP1
How to apply
Our colleagues are working hybrid, taking time to meet with colleagues in our offices for moments that matter, such as team catch ups, planning meetings and more. If you’re interested in finding out more about what a career at Tesco Bank looks like, click apply to find out more!
Why Tesco Bank?
It’s important to us that we make sure you’re supported by your team and colleague networks every day, celebrating when it matters and helping you to be the best version of yourself. The people make Tesco Bank, and we take pride in what we achieve together.
All that hard work? Come and see it turned into something real, usable, and important to customers’ and colleagues’ everyday lives. At Tesco Bank, our products make things a little better for everyone.
