Job Description We have an amazing opportunity for an Information Security Consultant to join us in Hove! You’ll play a key role in supporting the increasing demand for Information Security skills across our Group Functions, advising on how we embed security into our business operations. You’ll also help to realise our Security Improvement programme across a number of our business areas, collaborating with a variety of colleagues from both technical and non-technical backgrounds. What you’ll be doing: Ensuring that projects consider security in the design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Working with the Group wide Security Improvement Programme to ensure Group Functions services align with current Security requirements Reviewing the design of in-flight or existing services to conduct risk assessments, identifying and articulating security gaps against L&G Security Policies and Standards. For gaps, identifying the related risks and potential options for management – articulating options to system or business owners Being a source of expert Information Security advice, both to projects (i.e. consulting with Architects or Developers) and in an ad-hoc manner (responding to user queries) working closely with key stakeholders and business leaders to ensure security issues are understood and reviewing existing systems and services to prioritise security improvement activities Representing the Group Functions Security team to senior business stakeholders. Identifying areas where the Security team, and wider IT team, can add additional benefit and support business ambitions Representing the Group Functions IT team in interactions with the wider L&G Group and Security Improvement project, such as sitting on Steering Groups or Customer Engagement Workshops and ensuring Group Functions interests are input and requests for input are passed to the correct teams Actively working to improve the Group Functions IT Security Maturity and Capability. Suggesting enhancements to processes, updating or establishing procedures where required