Job Introduction
***Remote/home working with occasional visits to our London or Kent office***
Our people are everything to us. The way they deliver exceptional experiences every day for our customers, for their colleagues. The way they own what they do. Come and do the best work of your life alongside lovely colleagues. Come to Saga!
And right now, we are looking for an Information Security Assurance Analyst to join the Technology unit at Saga. You will be working within the Information Security team alongside other information security analysts. You will be managing the cyber security control assurance framework and generation of associated reporting.
Reporting into the Information Security Manager, you will be assessing the implementation of cyber security controls across all business units by monitoring their effectiveness against defined performance KPIs on a regular basis. You will also be working with a variety of stakeholders including internal colleagues and third parties.
And in return, you can look forward to all the responsibility and involvement of an integral role, providing you with a rewarding and fast-paced career with an excellent benefits package.
If this is of interest to you then we would be keen to hear from you!
Main Responsibilities
As an Information Security Assurance Analyst your responsibilities will be:
- Owning the generation and delivery of business unit-specific Information Security MI on a regular cadence and covering a diverse technology landscape to inform risk management activities.
- Working with key stakeholders to create treatment plans where necessary and supporting the implementation of cyber security control improvements to drive risk reduction and to meet business risk appetite.
- Reporting and communicating complex cyber security risk information and industry trends to drive risk mitigation and control improvements.
- Supporting the development, implementation and testing of robust incident response processes and procedures.
- Supporting the development and delivery of the third-party supply chain risk management and assurance framework.
- Helping to support the implementation, monitoring, and oversight of DLP solutions, such as Microsoft Purview.
- Identifying opportunities constantly to improve cyber risk management controls, policies and processes, and collaborating with other Technology teams and the wider business to support their implementation.
- Supporting the maintenance of information security frameworks, policies and processes.
- Supporting the delivery of the Cyber Strategic plan.
- Providing cyber consultancy to the business as required and supporting Information Security shared services.
- Monitor compliance requirements and support business certification / alignment by providing specialist advice, gap analysis and sign off services.
- Following our Governance and Business Code of Conduct and always acting with integrity and due diligence
- Continually looking for innovative ways to improve the cyber security function and improve customer / colleague experience.
- Keeping industry knowledge up to date through internal / external events, networking, and certifications
- Having knowledge of the external cyber threat environment and sharing best practice with colleagues.
The Ideal Candidate
- Extensive experience conducting audits and gap analysis.
- Proven experience of creating reports and communicating complex information in a logical way.
- Understanding of one or more of ISO27001, FCA, GDPR, IMO and PCI compliance requirements is beneficial.
- Experience of creating and documenting policies, processes and reports.
- Experience working within Information Security or related GRC roles.
- Cyber security, risk management or audit certifications is highly desirable.
- Knowledge of Cyber threats to support Cyber strategy and approach.
- Ability to work systematically with an analytical mindset.
- Ability to work independently and manage multiple priorities.
- Excellent communication and presentation skills.
- Excellent stakeholder management skills.
- Risk management and prioritisation skills.
Our Saga Values:
- Precision Pace - Always owning and making things happen.
- Empathy – Always aware of others.
- Curiosity – Always asking why.
- Collaboration – Always one team, the Saga team!
About The Company
Over the past 70 years we have become the UK's specialist provider of products and services to people aged over 50 in the UK. The Saga brand has become one of the most recognised and trusted brands amongst UK consumers in this demographic, recognised for its high quality products and exceptional standards of service. These include cruises and holidays, insurance, personal finance and the Saga Magazine.
At Saga we are committed to treating all employees fairly and to offering equal opportunities in all aspects of employment and advancement. We value diversity not just because it is the right thing to do, but because diverse teams perform better.
Fair consideration is given to applications from all applicants, including those with disabilities and those over who are over 50 as we are champions of age inclusivity. We are an official Disability Confident employer and ensure that our recruitment process is inclusive and accessible and we will make reasonable adjustments as required. For more information on our DEI policies please visit our Saga Careers page.
Saga does not accept agency CVs unless specifically engaged on the role by the Talent Acquisition Team. Please do not forward CVs to our recruiters, employees or any other company location. Saga will not be responsible for any fees related to CVs received in this unsolicited manner.
#LI-Remote”
Package Description
The standard benefits when you join Saga include:
Remote working available where possible
25 days annual leave plus bank holidays, with the choice to buy a further 5 days annual leave per year
Workplace Pension
AXA Be Supported
A range of reductions and offers from leading retailers, travel groups and entertainment companies