Search by job title or keyword
Information Security Specialist
Here at The Very Group, we’re on an exciting journey to transform our technology estate and build even better experiences for our customers. We’re doing that by modernising our existing systems and platforms, utilising a wider variety of modern, cloud-based technologies.
We support diversity, both in terms of people, technical skills and knowledge and would welcome a chat about flexible working options for this role!
We are looking for an Information Security Specialist who will be responsible for management of all areas of Information Security policy and procedure at The Very Group. With particular focus on Vulnerability management, Penetration testing and the assurance of the identity access management processes.
- Lead, and take management responsibility for cyber threat assessment activities.
- Manage the delivery of vulnerability assessments, penetration tests and red/purple team exercises within The Very Group
- Lead and develop the Threat Evaluation Committee and drive continuous improvement within patch and vulnerability management.
- Act as the primary escalation point for emerging threat related events, incidents and alerts.
- Be accountable for fixes and decisions relating to vulnerability assessment services.
- Responsible for producing security assurance metrics related to threat and vulnerability assessments and provide key stakeholders with performance data as required by the Head of Information Security and manager.
- Support teams within IT Security in the production and maintenance of Security Procedures, Guidelines, Work Instructions, Working Practices and other operational documentation.
- Provide information to other teams within IT Security as required to support development of threat intelligence, security strategy and all service improvement activities.
- Responsible for ensuring threat and vulnerability assessment services are frequently reviewed and where required service improvement plans are implemented.
- Assist in the establishment and maintenance of IT Security standards and policies.
- Key contributor in various facets of Security incident response including notification, escalation response and post incident review.
- Provide general advice and guidance on IT Security related matters as and when required.
- Assist and support Threat Hunting and Digital Forensics as directed by the Security Operations Lead.
- Provide advice, guidance and support to Heads of technology.
- Leading, managing and developing IAM/ PUAM functions
- Ensuring the business is compliant with all issues relating to IAM/ PUAM including legal and regulatory changes affecting UK financial services and engaging in professional development to maintain professional skills and knowledge essential to the position.
- Build relationships across TVG to support essential security policy adherence.
- An excellent broad understanding of the Information Security industry and specifically, a solid understanding of UK regulations and compliance.
- Experience of contributing and improving the Information Security agenda within a corporate organisation
- Information Security and /or Information Technology industry qualification strongly preferred (such as CISSP or CISM) or equivalent time served
- Solid understanding of security vulnerability assessment tooling, report analysis and remediation plans.
- Good understanding of networking concepts and enterprise IT systems including OS (Windows, Mac, *nix)
- Deep knowledge of Windows Active Directory and Linux identity management
- Experience with Identity management and privilege user access management in an enterprise environment
- Experience in the implementation and day to day running of IAM/ PUAM tooling
- Experience of cloud based IAM especially with AWS and Office 365
- An understanding of incident response procedures and standards and the managing of information security and privacy incidents.
- Good interpersonal skills
What we can offer you:
A competitive salary and bonus are just the start. Matched pension, generous holiday allowance, maternity policy and wellbeing initiatives play a huge part in how we care for our people. We even offer flexible benefits so that everyone can shape their rewards and compensation package around their lifestyle. To view full details on the rewards click here!
- Generous and competitive starting salary
- Regular salary reviews and career progression
- 30 days holiday + bank holidays + option to buy or sell 5 days
- Additional flexible benefits allowance of £1,000 (can take a part as salary uplift)
- Generous scalable bonus (based on individual performance vs company)
- Matched pension up 6%
- Flexible / Hybrid working (2-3 days remote / 2-3 days on-site)
- Self-development time
- Brand discount - up to 25%
- Free on-site gym
- Discounted coffee houses and food outlets
We're the UK's largest integrated online retailer and financial services provider.
We have a passion for reinvention - to constantly improve how our 4.5 million customers pay and shop for the things they love. We’ve adapted to changes in our customer’s shopping habits for more than 100 years, taking us from bricks, to clicks, to mobile. Find out more about us here.
Diversity matters at The Very Group. We're striving to create an environment where ALL colleagues feel a sense of belonging and can thrive by being themselves at work; driving collaboration and innovation that will in turn achieve great things for our customers.
We are committed to equality of opportunity and welcome applications from people, regardless of age, gender, ethnicity, disability, sexuality, social background, religion and/or belief. And we promote flexible working opportunities where operational needs allow.How to apply
If you're interested to find out more please contact Sean Allen or Jordan Barlow in the talent acquisition team at The Very Group or apply online.
If you are an internal candidate looking to refer someone in, please follow the referrals process and guidelines
Please note that the talent acquisition team are handling this vacancy directly, and if successful in securing this position, you may be required to undertake a credit, CIFAS and CRB check.
We're an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.