From a friendly and inviting environment to a flexible benefit package designed around you – when it comes to belonging, there really is no place like Principality. We keep it flexible wherever possible; we do our bit in the communities we serve and support you in doing the same, and we promise to get better together.
we have an award-winning flexible/hybrid working policy, we’re a 2022 winner of UK Best Large Workplaces for Women, we have a refurbished hi-tech office in the centre of Cardiff designed around colleague feedback, we ranked number 6 for wellbeing in 2022, we have an extensive financial and well-being benefits package ‘’Belong’’ designed to put our people first, we have consistent colleague engagement scores of over 85% and a caring community of supportive Networks. Our Information Security team are hiring an Information Security Risk & Consulting Lead. Reporting directly to the Information Security Manager, the role will be to provide specialist information security risk management advisory and oversight.
The Information Security R isk & Consulting Lead will engage with internal and external stakeholders to ensure information, application, cyber security, threats, and risks are identified and treated through the implementation of an appropriate controls, which align to business and regulatory requirements, which supports operational and change initiatives.
Providing first line oversight and challenge of application and secure development change requests.
Reviewing and updating information security policies, standards, procedures, governance requirements and risk assessments.
Reviewing high level and key design decisions, architectural and infrastructure security solutions, in relation to but not limited to, AI, mobile and system Applications.
Providing scoping, and scheduling of Penetration testing, via internal SME’s and External trusted providers.
Preparing security risk/impact assessments, reports, measurement indicators (MI), presentations and high-level summaries for key stakeholders.
Ability to write reports and implement policy, procedure and guidelines, in alignment with Regulatory and good practise requirements.
Conduct and write reports in relation Cyber risk assessments, which follow frameworks such as CSF.
The ability to work independently and as part of the Information Security team.
We are passionate about creating an inclusive workplace where diversity is celebrated and where colleagues feel a sense of belonging’’ Daniel Priest, Inclusion Manager.