Cyber Control Testing Manager
Lloyds banking group
At Lloyds Banking Group, we're motivated by a clear purpose - to Help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. And as the UK's largest retail and commercial bank, we have a footprint that touches nearly every community and household in the UK.
Our brands, our services and our business span every aspect of banking and finance, including some of the biggest names on the UK's high streets. That gives us a big responsibility to support the UK economy, and we have a clear strategy to put customers first - and achieve our vision of becoming the best bank for customers.
COO business risk
We love to do things differently in COO Business Risk. We encourage our employees to challenge the status quo and to come up with new and innovative ideas.
Our vision is to be the Leading 1st Line Risk Function in Financial Services in the UK. We work collaboratively with the business areas we support (Group Transformation, Group CIO, Group Sourcing & Chief Security Office) to identify, report and mitigate risks - our key priority is to transform the bank in a safe and compliant way.
We're committed to achieving this vision through a clear focus on the provision of expert risk advice & guidance, through creating and delivering an optimised control environment, through investing in developing our people and through the adoption of technology solutions to improve our effectiveness.
Sound like your kind of place?
We're looking for a Cyber Control Testing Manager to join our Business Risk and Governance leadership team, who will contribute towards the delivery of high quality and value adding control testing and assessment activities related to cyber processes, including but not limited to, Network Security, Incident Management, Vulnerability Scanning, Cryptography, Cloud Computing, Identity and Access Management.
You could help make it possible...
You'll play a key role in enhancing the quality and effectiveness of cyber controls through carrying out cyber control testing activities within LBG.
What would you be getting involved with?
You'll report to the Reporting to the Cyber Control Testing Senior Manager and will:
- Conduct cyber controls testing activities in areas such as Cryptography, Network Security, Access Management and Cloud Computing
- Evaluate and assess the effectiveness of cyber controls in remediating associated risks in an accurate, complete and transparent way
- Be responsible for the testing progress for the assigned controls and update senior audiences about the progress and results
- Assist in scoping, planning and scheduling of Cyber Control Testing activities
- Understand and evaluate relevant cyber risks and controls designed to mitigate these risks to a level acceptable by IT management
- You'll bring passion for our values of putting customers first, keeping it simple, and making a difference together
- You'll love to fix problems and challenge the status quo with innovative ideas
- You're a highly motivated self-starter
- You'll have the ability to build strong collaborative relationships
Ideally you'll be based in London, we do have an agile approach to working and could accommodate you working from one of our other hubs, in Edinburgh, Manchester and Halifax.
And the skills/background you'd possess?
- Relevant experience in an IT organisation of a financial institution or audit/consulting firm
- Demonstrable experience in applying different control testing methodologies (e.g. CAAT, sampling)
- Solid understanding of the information technology risk and controls inherent in various technologies (e.g. Cloud, Mainframe) and related security standard methodologies
- Specialised in testing of at least one cyber process including but not limited to Network Security, Incident Management, Cloud Computing, Cryptography, Vulnerability Assessment, Identity & Access Management
A good understanding of various Information Technology Assurance Frameworks (COBIT, ISO27001, ITIL, NIST etc.) and of current and emerging technology trends would be very useful. Similarly if you're qualified in CISA and have any additional qualifications (e.g. CISSP/CISM and CRISC) these would be beneficial.
What do you get in return?
In addition to the salary quoted the position also offers:
- Car / Car allowance
- Discretionary Performance Share Award
- Generous pension contribution
- A flex benefits cash pot you can adjust to suit your lifestyle (4% on top of your basic salary)
- Private health cover
- Access to share schemes
- 30 days holiday plus bank holidays
In return for your expertise, you'll enjoy our dedication to your ongoing personal and professional development. Here, you'll grow as a person and develop your career. As a valued member of our team, we'll support to grow and advance you through excellent training and progression opportunities. Our customers' experience and success starts with yours.
We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.