OverviewJoin to apply for the

Senior Information Security Analyst

role at

TieTalent .

Our purpose is to make it easy for people to save and invest for a better future. We are looking for great people to join us, so please come and invest in YOUR future at HL.

We know that sometimes people can be put off applying for a job if you don''t tick every box. If you''re excited about working for us and have most of the skills or experience we''re looking for, please go ahead and apply. We''d love to hear from you!

About the RoleAs Hargreaves Lansdown (HL) continues its digital journey, we are enhancing our Cloud Assurance capabilities within our Information Security Team. We are seeking a highly skilled Senior Security Analyst with a proven track record in delivering and maintaining Cloud assurance, preferably within a financially regulated enterprise environment or similar.

The Senior Security Analyst is a specialist lead SME role with the primary focus on AWS Cloud Security Assurance, as well as Governance, Risk and supporting Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. You will be working with a highly skilled and committed Security, Digital IT and Cloud teams. You will play a significant role in our Cloud journey, working with our AWS and Azure Cloud platforms and security toolsets. We offer a commitment to your career development through training, mentoring and internal opportunities.

What You''ll Be Doing

You will be the SME and lead for the technical aspects of Cloud security assurance risk and controls.

You will oversee and conduct, as necessary, Cloud Compliance assessments for AWS and Azure risk assessments, enforce cloud security policies and standards. Leading the AWS SRC workstream.

Assisting the Information Security Team in ensuring HL''s Information Security Management System remains effective in protecting HL critical information assets within risk appetite.

Lead assurance activities against Information Security Compliance frameworks, including but not limited to: PCI, NIST, SWIFT, GDPR

Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices.

Lead engagement of Cloud Audits and remediation activities.

Leading in the identification and reporting of remediation and mitigation activities related to cloud security findings across multiple cloud platforms (AWS and Azure).

Identifying gaps in cloud security posture and prioritise remediation efforts.

Building relationships across multiple business functions, locations, and technical stakeholders to accomplish goals. You will help deliver the strategy by emphasising the importance of AWS Well Architected Framework, Shared responsibility model and good cloud governance.

Delivering a best-in-class service within a high performing Security team

Leading by example to create a culture of continuous service improvements

About You

Experience in a regulated environment, preferably Financial Services.

Previous experience in Information/Cyber Security, with demonstrable experience of Cloud Security tooling, to reduce risks and maintain strong controls in a DevSecOps cloud context

Highly organised with the ability to prioritise workload

Excellent verbal and written communication skills

A willingness to learn as well as to knowledge share.

Effective interpersonal skills to engage and collaborate with multiple internal and external Stakeholders at all levels.

Practical work-based experience across the areas of security policy, culture, audit, and risk management.

Strong knowledge of common cloud technologies, enterprise, and network architecture.

Qualifications

AWS Certified Cloud Practitioner

Certified to advanced security standards, for example CCSK, CCSP, CISSP, CRISC

Hands-on Experience

Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017/27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF

Atlassian, IAAC Terraform, Merge Requests

GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal/Purview, Microsoft Information Protection (AIP), Azure Security Centre

Strong experience with DevOps practices, continuous integration/continuous deployment (CI/CD) pipelines, and related tools

Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context.

Interview processThe interview process for this role will be in two stages. The first stage will incorporate competency-based questions including an assessment of your technical knowledge and transferable skills. For successful candidates, the second stage will be a presentation followed by questions, face-to-face in our Bristol office.

Working ScheduleThis role is based in our Bristol head office, BS1 5HL. This is a permanent full-time role, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern of working in the office and at home.

Benefits

Discretionary annual bonus* and annual pay review

25 days* holiday plus bank holidays and 1-day additional Christmas closure

Option to purchase an additional 5 days holiday**

Flexible working options available, including hybrid working

Enhanced parental leave

Pension scheme up to 11% employer contribution

Sharesave scheme - have a real stake in HL''s future

Income Protection and Life insurance (4 x salary core level of cover)

Private medical insurance*

Health care cash plans - including optical, dental, and outpatient care

Help@hand - confidential support including mental health counselling and remote GP

Wellhub - unlimited access to fitness providers and wellness coach sessions

Variety of travel to work schemes with bike storage and shower facilities

Inhouse barista and deli serving subsidised coffee and sandwiches

Two paid volunteering days per year

dependant on role level

only available to select during our annual benefits window, in November each year

Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.

This role may also be available on a flexible working or part time basis - please ask the Recruitment and Onboarding team for more information.

Please note, we are unable to provide employment sponsorship to candidates.

#J-18808-Ljbffr