Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support the Information Security manager in managing technology and cyber security risks.
- Company: Hastings Direct is a leading digital insurance provider in the UK, focused on innovation and growth.
- Benefits: Enjoy flexible working, competitive bonuses, private medical insurance, and 27 days annual leave.
- Why this job: Join a dynamic team committed to high standards and a supportive culture that values your input.
- Qualifications: A degree in IT or security, plus knowledge of cyber security frameworks is preferred.
- Other info: We celebrate diversity and welcome applications from all backgrounds.
The predicted salary is between 36000 - 60000 Β£ per year.
Welcome to Hastings Direct. We're a digital insurance provider with a clear strategy to become the best and biggest player in the UK market. As a company, we've made huge investments in our technology, pricing, data and analytics capabilities over the past few years, along with nurturing our 4Cs culture and substantial investment in our people.
Role Overview: You will be supporting the Information Security manager in assuring Hastings' compliance with its regulatory and legal obligations, by working with the business to help to identify and manage our technology, information and cyber security risks. You'll also be supporting our Operational Resilience activities, undertaking due diligence on our third-party technology suppliers, and assisting with incidents and investigations. The role covers organisational security, people security, physical (site) security and technical security controls.
Skills Knowledge & Experience
- Cyber Security Knowledge: You'll have a sound understanding of cyber and information security, including frameworks like NIST and ISO IEC 27002:202. It will be great if you also know about PCI-DSS V4.0 as well.
- Clear Communication: You'll be able to discuss these with technical and non-technical stakeholders in a way which is accessible and understood.
- Threat landscape: You'll understand the current threat landscape in respect of Cyber, Privacy and Security risks, and how that applies to a company like Hastings.
- Analytical thinking: You'll be able to break down complex problems and be always looking for innovative, pragmatic solutions.
- Risk management: You'll have a good understanding of how to assess and manage technology risk. Even better if you have a solid understanding of Enterprise-Wide Risk frameworks.
Qualifications
- A security certification such as CISM, CISMP, CISSP or equivalent would be desirable.
- A relevant IT or security-based degree or equivalent practical experience.
Reward
- Salary: Attractive salary based on experience + car allowance (pay reviews also completed each year).
- Flexible Working: We champion a flexible and hybrid working approach so please speak to your recruiter to discuss in more detail, including days in the office and at home.
- Competitive Bonus Scheme: All colleagues are eligible for our annual 4Cs performance bonus, which is usually paid in March. The scheme is based on Hastings' performance against our business goals and your own personal performance.
- Physical Wellbeing: As a Band 4 colleague, Hastings pay for you to receive private medical Insurance (also known as PMI).
- Financial Wellbeing: We provide you with 4x your salary with our life assurance cover and income protection at no extra cost, pension contribution match up to 10%, and an award-winning package which includes discounts and cashback at everyday retailers.
- Mental Wellbeing programme: We have a range of support to help you keep yourself well, including the thrive mental health app and our colleague assistance programme available 24/7.
- Thereβs more! 27 days annual leave + bank holidays, with the option to buy or sell one of your contracted weeks, access to our health care cash back plans, dental plans, discounted health assessments, Cycle to work and tech schemes, discounted and free onsite facilities, social events throughout the year and much more.
Hastings Group is an equal opportunities employer which means we treat people fairly. We welcome applications from all suitably skilled persons regardless of their gender, age, race, disability, ethnic background, religion/belief, sexual orientation, gender reassignment or marital/family status.
Please also note that we have a thorough referencing process, which includes credit and criminal record checks.
Contact Detail:
Vxplore Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Technology Risk Executive
β¨Tip Number 1
Familiarise yourself with the NIST and ISO IEC 27002:202 frameworks, as well as PCI-DSS V4.0. Being able to discuss these frameworks confidently will show your understanding of the compliance landscape that Hastings Direct operates in.
β¨Tip Number 2
Stay updated on the current threat landscape related to Cyber, Privacy, and Security risks. This knowledge will help you engage in meaningful conversations with stakeholders and demonstrate your proactive approach to risk management.
β¨Tip Number 3
Practice clear communication skills by explaining complex security concepts to non-technical friends or family. This will prepare you for the role's requirement to communicate effectively with diverse stakeholders.
β¨Tip Number 4
Consider obtaining a relevant security certification like CISM, CISMP, or CISSP if you haven't already. This not only enhances your qualifications but also shows your commitment to professional development in the field of technology risk.
We think you need these skills to ace Technology Risk Executive
Some tips for your application π«‘
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Technology Risk Executive position. Familiarise yourself with key terms like cyber security frameworks (NIST, ISO IEC 27002) and risk management principles.
Tailor Your CV: Customise your CV to highlight relevant experience and skills that align with the job description. Emphasise your knowledge in cyber security, analytical thinking, and risk management, as these are crucial for the role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for the role and the company. Mention specific experiences that demonstrate your ability to communicate complex security concepts to both technical and non-technical stakeholders.
Showcase Relevant Certifications: If you have any security certifications such as CISM, CISMP, or CISSP, be sure to mention them prominently in your application. This will strengthen your candidacy and show your commitment to the field.
How to prepare for a job interview at Vxplore
β¨Showcase Your Cyber Security Knowledge
Make sure to brush up on your understanding of cyber and information security frameworks like NIST and ISO IEC 27002:202. Be prepared to discuss how these frameworks apply to the role and how they can help Hastings Direct manage its technology risks.
β¨Communicate Clearly
Practice explaining complex technical concepts in simple terms. Youβll need to communicate effectively with both technical and non-technical stakeholders, so think about how you can make your points accessible and relatable.
β¨Understand the Current Threat Landscape
Familiarise yourself with the latest trends and threats in cyber security, privacy, and security risks. Be ready to discuss how these issues could impact Hastings Direct and what proactive measures can be taken to mitigate them.
β¨Demonstrate Analytical Thinking
Prepare to showcase your problem-solving skills by discussing past experiences where youβve broken down complex problems and found innovative solutions. This will highlight your ability to think critically and pragmatically in a risk management context.
