Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Information Security Lead
Job Board
Companies
Legal & General
Information Security Lead

Information Security Lead

London Full-Time 43200 - 72000 £ / year (est.) No home office possible
Go Premium
L

At a Glance

  • Tasks: Lead cloud security initiatives and ensure compliance for Azure operations.
  • Company: Join Legal & General, a top UK financial services group with a global impact.
  • Benefits: Enjoy flexible working, generous holidays, and an electric car scheme.
  • Why this job: Be at the forefront of technology, shaping secure cloud operations and driving innovation.
  • Qualifications: Strong Azure security knowledge and relevant certifications required.
  • Other info: We value diverse backgrounds and offer a supportive, inclusive culture.

The predicted salary is between 43200 - 72000 £ per year.

Job Description

We\’re looking for an Information Security Lead to join us – you\’ll play a key role to bridge the gap between L&G’s wider security organisation and the dynamic, fast-moving demands of product and service teams spanning various major engineering domains (e.g. Microsoft Azure, AWS). This role is specifically against the AWS domain to support our product team build and operate a robust and secure AWS Cloud Platform for consumption by the wider business.What you’ll be doing:

  • Transposing security advice, standards, and guidelines from the wider L&G security organisation into initiatives compatible with fast-moving, highly automated product development teams within your domain of responsibility
  • Adapting a tailored information security framework so relevant controls can be easily incorporated into the DevSecOps lifecycle for product teams in your domain, simplifying the process of compliance for those teams
  • Acting as a conduit for security knowledge, threat intelligence and enquiries between the information security team and product teams in your domain, ensuring those teams receive timely and consistent advice
  • Ensuring compliance with wider organisational security requirements in your domain, creating a single integrated approach that is compatible with DevSecOps practices across your product team
  • Compiling and presenting security-related reports on your domain for the wider organisation, working with DevSecOps Engineers to automate as needed, ensuring the department is transparent about its security performance and timely in delivering that information
  • Providing, in conjunction with Security Architects, expert guidance on risk assessment and mitigation in your domain, enabling product teams to make the right choices to protect L&G’s data
  • Supporting the Information Security Manager in promoting a strong security culture across product teams in your domain, empowering and supporting DevOps Engineers to maximise the security elements of their role

    • QualificationsWho we’re looking for:

  • Knowledge of AWS Security principles including best practice and architecture patterns for secure Cloud Ops
  • Proven experience implementing AWS platform security and controls in a fast-moving product-based environment
  • Experience with implementing and managing AWS Compliance using native tools like Microsoft Defender and AWS, as well as third party CSPM tools like Wiz/Orca Security
  • Experience in a DevSecOps environment including policy-as-code and security testing automation using CI/CD tools including GitHub, Terraform and Veracode
  • Relevant security-related qualification, e.g. CISSP, CCSP, MS Certified Security Engineer, or other relevant industry certification
  • Up-to-date knowledge of security trends, tools and frameworks applicable to a DevSecOps environment

    • Up-to-date knowledge of security trends, tools and frameworks applicable to a DevSecOps environmentWhatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:

  • The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
  • Generous pension contribution
  • Life assurance
  • Healthcare Plan (permanent employees only)
  • At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
  • Competitive family leave
  • Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
  • There are the many discounts we offer – both for our own products and at a range of high street stores and online
  • In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart

    • Additional Information At L&G, we believe it\’s possible to generate positive returns today while helping to build a better future for all. If you join us, you’ll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time, term-time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can. It doesn’t matter if you don’t meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose. Share this article

    Information Security Lead employer: Legal & General

    Legal & General is an exceptional employer, offering a dynamic work environment where innovation meets security in the financial services sector. With a strong commitment to employee wellbeing, generous benefits including a competitive pension scheme, and a culture that promotes inclusivity and professional growth, you will have the opportunity to thrive while making a meaningful impact on customers' lives. Join us in our modern offices designed for collaboration, and enjoy flexible working options that prioritise your work-life balance.
    L

    Contact Detail:

    Legal & General Recruiting Team

    View Legal & General Profile

    StudySmarter Expert Advice 🤫

    We think this is how you could land Information Security Lead

    ✨Tip Number 1

    Familiarise yourself with Azure security principles and cloud architecture patterns. This knowledge will not only help you understand the role better but also allow you to engage in meaningful conversations during interviews.

    ✨Tip Number 2

    Network with professionals in the cybersecurity field, especially those who have experience with DevSecOps. Attend relevant meetups or webinars to gain insights and make connections that could lead to referrals.

    ✨Tip Number 3

    Showcase your understanding of cybersecurity frameworks like NIST and ISO27001 by discussing them in your conversations. This demonstrates your expertise and commitment to best practices in security.

    ✨Tip Number 4

    Prepare to discuss your experience with security testing automation and CI/CD tools. Being able to articulate how you've implemented these in past roles will set you apart as a strong candidate for the Information Security Lead position.

    We think you need these skills to ace Information Security Lead

    Strong knowledge of Azure security principles
    Cloud architecture patterns
    Familiarity with cybersecurity frameworks (NIST, ISO27001, MS-CSB)
    Ability to influence technical teams on security best practices
    Relevant security certifications (CISSP, CCSP, MS Certified Security Engineer)
    Experience in a DevSecOps environment
    Policy-as-code implementation
    Security testing automation using CI/CD tools (GitHub, Terraform, Veracode)
    Implementing and managing Azure Compliance
    Using Microsoft Defender and Azure Policy
    Experience with third-party CSPM tools (Wiz, Orca Security)
    Risk assessment and mitigation strategy development
    Data-driven security performance reporting
    Mentoring and promoting a proactive security culture

    Some tips for your application 🫡

    Understand the Role: Before applying, make sure you fully understand the responsibilities and qualifications for the Information Security Lead position. Tailor your application to highlight your relevant experience in cloud security and DevSecOps.

    Highlight Relevant Experience: In your CV and cover letter, emphasise your strong knowledge of Azure security principles and any relevant certifications you hold. Provide specific examples of how you've implemented security frameworks or led compliance efforts in previous roles.

    Showcase Your Leadership Skills: Since this role involves leading teams and influencing product leadership, be sure to include examples of your leadership experience. Discuss how you've mentored others or driven a proactive security culture in past positions.

    Tailor Your Cover Letter: Craft a compelling cover letter that connects your skills and experiences directly to the job description. Mention your familiarity with cybersecurity frameworks and your ability to guide technical teams on security best practices.

    How to prepare for a job interview at Legal & General

    ✨Showcase Your Cloud Security Knowledge

    Make sure to highlight your understanding of Azure security principles and cloud architecture patterns. Be prepared to discuss specific examples of how you've applied these principles in previous roles.

    ✨Familiarise Yourself with Cybersecurity Frameworks

    Brush up on relevant cybersecurity frameworks such as NIST, ISO27001, or MS-CSB. Being able to articulate how these frameworks can be implemented in a practical context will demonstrate your expertise.

    ✨Demonstrate Your DevSecOps Experience

    Be ready to discuss your experience in a DevSecOps environment, particularly with policy-as-code and security testing automation. Mention any tools you've used, like GitHub, Terraform, or Veracode, to show your hands-on experience.

    ✨Emphasise Your Leadership Skills

    As an Information Security Lead, you'll need to influence and guide technical teams. Prepare examples of how you've mentored others or driven a proactive security culture in past positions to showcase your leadership abilities.

    Information Security Lead
    Legal & General
    Location: London
    Go Premium

    Land your dream job quicker with Premium

    You’re marked as a top applicant with our partner companies
    Individual CV and cover letter feedback including tailoring to specific job roles
    Be among the first applications for new jobs with our AI application
    1:1 support and career advice from our career coaches
    Go Premium

    Money-back if you don't land a job in 6-months

    L
    Similar positions in other companies
    UK’s top job board for Gen Z
    discover-jobs-cta
    Discover now
    >