Technology and Security Risk – Control Consultant
Technology and Security Risk – Control Consultant
- Location(s): UK Wide
- Salary: Paying up to £65,000
- Contract Type: Permanent
- Ref: R00AOR01315
- Closing Date: 05 June 2022
- We're happy to consider flexible working approaches for this role
As a Consultant in the Controls Testing Team you will be a member of a team of skilled control testers, testing the design adequacy and operational effectiveness of technology and information security controls across the Society.
You will be responsible for ensuring the testing plan is delivered to the highest standards and to challenging timelines, as well as advising on continuous risk and control improvements and remediation.
To support this, our Control Testing Team is expanding and looking for ambitious, energetic and experienced controls testers with backgrounds in information security management and technology, ideally in the Financial Services sector.
As part of the first line of defence Chief Controls Office, the Controls Testing Team is critical to ensuring that the design adequacy and operational effectiveness of controls is regularly assessed, ensuring they are robust enough to deliver services safely and reliably to our Members, as well as meeting regulatory requirements.
What you’ll be doing
You’ll have a good operational understanding of applying control frameworks, testing methodologies and remediation planning, supported by planning and co-ordination skills to:
- Test controls against standards that drive continuous improvement in risk and control management practices and contribute to consistency across the first line risk functions
- Proactively contribute to the successful and timely delivery of annual cyclical controls testing programmes for technology and information security.
- Report on the design adequacy and operational effectiveness of controls and working with the business to remediate issues and strengthen the control environment
- Exploit new technologies to derive and innovate efficiencies for controls testing
- Provide constructive challenge and advice to ensure the right outcomes for our members.
As a minimum requirement you’ll have:
- A degree or relevant qualifications and some experience of relevant operational experience
- Certified in, or be on your way to completing any of CISA, CISM, CISSP and/or relevant Cloud, Cyber certifications
- A good working knowledge of ISO 27001/27002 standards and applicable security regulations (PCI-DSS etc.) plus ITIL and COBIT frameworks is ideal – as well as Cloud and Cyber risk and control frameworks
- Experience of applied testing of technology and information security management controls across large diverse technology environments. To include MS Windows and Windows Server, UNIX, LINUX, Mainframes (UNISYS and Fujitsu) as well as database management systems and networks.
- Experience in risk management, risk identification, controls assessment and management
- Strong audit, controls, risk or regulatory compliance background with an in-depth understanding of testing or audit methodology and risk & control analysis
- Excellent relationship and stakeholder management skills
- Strong logical reasoning and communication skills and the ability to relate to and influence employees at all levels.
It's not essential but it would be ideal if you had:
- Experience in undertaking third-party controls auditing or testing
- Ability to utilise a breadth of knowledge from across the wider technology, data and digital professions, strengthening the effective delivery of service
The extras you’ll get
There are all sorts of employee benefits available at Nationwide, including:
- A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
- Up to 2 days of paid volunteering a year
- Life assurance worth 8x your salary
- A great selection of additional benefits through our salary sacrifice scheme
- Access to an annual performance related bonus
- Access to training to help you develop and progress your career
- 25 days holiday
Why work at Nationwide
We’re a building society founded by ordinary people, our members, who came together to help each other get the most from their money, buy homes and save for their futures. For over 130 years, we’ve supported each other and our communities, and we’ve done the right thing for wider society too.
If you come to work here at Nationwide, you’ll be part of that. Part of something a bit different. And something really quite special.
What’s more, we have a strong ethic of care for each other and our members. We recognise that our employees feel most appreciated when their thoughts and values are respected and considered. We’re committed to creating a culture that recognises and truly values our individual differences and identities. So, if you’d like to be a part of an inclusive workplace where you can be yourself, where your talents are nurtured, and you feel empowered to contribute, then please apply and help us in building society, nationwide.
What to do next
If this role is for you, please click the ‘Apply Now’ button. You’ll need to attach your up to date CV and answer a few quick questions for us.
We respond to everyone, so we will be in contact shortly after the closing date to let you know the outcome of your application.