Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support cyber security risk management and improve controls in a dynamic financial services environment.
- Company: Join Legal & General, a leading UK financial services group with a global impact.
- Benefits: Enjoy competitive pay, generous holidays, healthcare, and flexible working options.
- Why this job: Make a real difference in cyber security while developing your skills in a supportive culture.
- Qualifications: Familiarity with security frameworks and experience in cyber security risk or governance.
- Other info: Be part of an inclusive team that values diverse perspectives and career growth.
The predicted salary is between 36000 - 60000 £ per year.
Legal & General (L&G) is a leading UK financial services group and major global investor. We have been safeguarding people's financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders. We are one of the world's largest asset managers and provide powerful asset origination capabilities. Together, these underpin our retirement and protection solutions: we are an international player in pension risk transfer, in UK and US life insurance, and in UK workplace pensions and retirement income.
Our Group Functions provide the services that all areas of the business need. This requires a talented and diverse team behind the scenes, who enable everyone at L&G to do what they do best. Joining us means helping to improve the lives of our customers and contributing to the success of the business every day.
As a Cyber Security Risk and Controls Analyst you will support the execution and continuous improvement of risk and control activities within the first-line Global Cyber Security Risk and Controls Function. The role works closely with control owners, product teams, and risk partners to help ensure that risks are effectively identified, assessed, managed, and reported across areas such as third-party risks specific to technology, cyber security and information technology risk.
The Cyber Security Risk and Controls Analyst provides hands-on support in the maintenance and assurance of controls, issue tracking, evidence gathering, and risk reporting. It drives control effectiveness, policy compliance and effective risk management across L&G globally.
What you'll be doing:
- Maintaining and monitoring key cyber security controls to ensure control performance is effective and appropriately evidenced for compliance, audit and assurance purposes.
- Supporting the identification, management and closure of cyber security issues, audit actions and remediation plans to ensure timely resolution and control improvements.
- Contributing to cyber security risk and control self-assessments (RCSAs), supplier assessments or thematic reviews to ensure accurate identification of control weaknesses, exposures and required enhancements.
- Assisting in the application of cyber security policies, standards and regulatory requirements across global technology teams to ensure appropriate alignment, awareness and compliance across teams.
- Undertaking cyber security controls testing, assurance reviews and preparation for internal or external audits to ensure that evidence is complete, timely and meets defined control objectives.
- Working closely with technology teams, Business Technology Risk Partners and subject matter experts to ensure a shared understanding of effective cyber security risk management processes and supporting the embedding of strong risk culture.
- Maintaining and sharing up-to-date knowledge of specialist cyber security domain to ensure risk and control activities reflect current threats, best practices and regulatory requirements.
- Providing SME support on IT and change initiatives with respect to delivering improvements to customer support and experience.
Qualifications
Who we're looking for:
- Familiarity with security frameworks such as NIST Cyber Security Framework (CSF), COBIT, ISO27001/2 and COSO.
- Understanding of regulatory requirements relevant to financial services (e.g. FCA/PRA regulations, UK GDPR, DORA).
- Ability to interact with cyber security stakeholders, product owners and technical operational roles.
- Experience in cyber security risk, governance or assurance within a complex, regulated environment.
- Experience testing and assuring cyber security controls implementation, controls automation, risk frameworks, and audit responses across cyber security.
- Cyber security related qualifications such as CISM or CISSP would also be a plus.
Whatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:
- The opportunity to participate in our annual, performance-related bonus plan and valuable share schemes.
- Generous pension contribution.
- Life assurance.
- Healthcare Plan (permanent employees only).
- At least 25 days holiday, plus public holidays, 26 days after 2 years' service. There's also the option to buy and sell holiday.
- Competitive family leave.
- Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only).
- There are the many discounts we offer – both for our own products and at a range of high street stores and online.
- In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart.
Additional Information
At L&G, we believe it's possible to generate positive returns today while helping to build a better future for all. If you join us, you'll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.
We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time, term-time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can.
It doesn't matter if you don't meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose.
Cyber Security Risk & Controls Analyst in Slough employer: Legal & General
Contact Detail:
Legal & General Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Risk & Controls Analyst in Slough
✨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field, especially those at Legal & General. A friendly chat can open doors and give you insights that a job description just can't.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of security frameworks like NIST and ISO27001. Show us you know your stuff and can talk the talk when it comes to cyber security risk management.
✨Tip Number 3
Don’t just apply; engage with our company culture! Follow Legal & General on social media, comment on their posts, and show genuine interest in what they do. It’s all about making connections!
✨Tip Number 4
When you apply through our website, make sure to tailor your application to highlight your experience with cyber security controls and risk management. We want to see how you can contribute to our mission!
We think you need these skills to ace Cyber Security Risk & Controls Analyst in Slough
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber Security Risk & Controls Analyst role. Highlight relevant experience and skills that match the job description, especially around risk management and cyber security frameworks.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a great fit for L&G. Don’t forget to mention any specific projects or achievements that relate to the role.
Showcase Your Knowledge: Demonstrate your understanding of key cyber security concepts and frameworks like NIST and ISO27001 in your application. This shows us that you’re not just familiar with the terms, but you can apply them in real-world scenarios.
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s straightforward and ensures your application goes directly to our hiring team. Plus, you’ll find all the details you need about the role there!
How to prepare for a job interview at Legal & General
✨Know Your Cyber Security Frameworks
Familiarise yourself with key security frameworks like NIST, COBIT, and ISO27001. Be ready to discuss how these frameworks apply to the role and demonstrate your understanding of their importance in managing cyber security risks.
✨Showcase Your Regulatory Knowledge
Brush up on relevant regulatory requirements such as FCA/PRA regulations and UK GDPR. During the interview, highlight your experience in navigating these regulations and how they impact cyber security practices within financial services.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think of examples from your past experiences where you identified and managed cyber security risks effectively, and be ready to explain your thought process.
✨Demonstrate Your Collaborative Spirit
This role involves working closely with various teams. Be prepared to discuss how you've successfully collaborated with stakeholders in the past, particularly in a cyber security context. Emphasise your ability to communicate complex concepts clearly to non-technical team members.
