About us
IQUW is a speciality (re)insurer at Lloyd’s (Syndicate 1856) underwriting a diverse range of Property, Commercial and Speciality (re)insurance products from Cargo and Marine to Political Violence, Terror and War. We combine data, intelligent automation and human expertise to make smart decisions, fast.
ERS is the UK's largest specialist motor insurer with an A+ rating. We recognise that for some, motor insurance is more than just a must-have; it's a way of taking care of what stands at the heart of their passion or livelihood. For those people, standard insurance isn't enough. That's why we work exclusively with motor insurance brokers to help get under the skin of the most difficult insurance risks, helping build products to meet their customer’s needs.
The role
As a member of the Security Assurance team, the Security Assurance Analyst will be responsible for helping to embed a culture of Information Security within the day-to-day operations of the department and the wider organisation, ensuring the confidentiality, integrity and availability of the services provided to the enterprise.
The Security Assurance Analyst will contribute to Regulatory Compliance activities, Vendor/Delegated Authority Cyber Security Assessments, IT Audit/Assurance, Security Awareness and Training activities and the management and reporting of IT Risks.
This role requires collaboration with key stakeholders across the business, including Procurement, Delegated Authority, Compliance, Risk, Operations, and the wider Technology Services team.
This role is offered as a 12-Month Fixed Term Contract. We currently operate a hybrid working model. This entails 3 days per week collaborating with colleagues in the office, and 2 days working from home.
Key responsibilities
- Work as part of a dedicated Information Security team, contributing to security-related initiatives.
- Conduct third party cyber security maturity assessments, providing feedback to key stakeholders.
- Track and maintain all third-party cyber security assurance findings.
- Facilitate Cyber sessions with third parties, to help support with discussions on cyber security posture.
- Conduct compliance reviews on new software requests.
- Provide guidance and assist business stakeholders with Informational Security messaging across the enterprise.
- Work closely with colleagues to support the Information Security Audit programs and IT Risk Register, in line with corporate governance requirements.
- Support the development of information security related metrics and reporting to all levels.
- Participate in the development of the Security Awareness Training program for colleagues.
Qualifications, skills and experience
- A demonstratable background in Information Security / Security Assurance.
- Experience of conducting cyber maturity assessments and managing findings.
- Experience of conducting IT Audit / Recertifications, such as access control reviews, is desirable.
- Ability to produce management information that can be used for reporting, to an agreed schedule or upon request.
- Ability to manage multiple tasks / competing priorities and flexibility to adjust to changing requirements, schedules and priorities.
- Self-driven and resourceful to achieve goals independently, as well as working well in groups.
- Highly competent in the use of Microsoft Office packages such as PowerPoint, Excel (VLOOKUP’s and macros), Word and Visio.
- Relevant qualifications such as CompTIA Security+ / CISMP / CC is desirable.
- Some knowledge of ISO27001 is desirable.
- Some knowledge of GDPR is desirable.
- The following behavioural competencies are also desired:
- Analysis and Decision Making
- Innovation and Problem Solving
- Relationships
- Performance Focus
- Communication and Influence
- Resilience and Adaptability
Benefits
- Competitive Benchmarked Salary
- 25 days holiday
- Discretionary bonus scheme
- Employee assistance programme
- Annual holiday buy (up to 3 extra days)
- Salary sacrifice benefits
- Annual benefits reviews
- The option for professional qualifications and study support
Additional Information
- A full job description can be seen here.
