Controls Testing Consultant Chief Controls Office - Security and Technology

As a Testing Consultant in the Controls Testing Team you will assess the design and operational effectiveness of controls across the Society, centred on Automation, Data (Governance and Privacy), Technology and Information Security Risk Management Frameworks and Cloud, to ensure they mitigate the risks that the Society faces to a defined risk appetite.

You will be responsible for testing controls to the highest standards and in accordance with our defined methodology, as well as working with the business to ensure control framework uplifts and enhancements deliver sustainable and proportionate risk mitigation.

To support this, our Control Testing Team is expanding and looking for an ambitious, energetic controls tester with a background in any of the above disciplines, ideally in the Financial Services sector, but not a necessity.

As part of the Chief Controls Office, the Controls Testing Team is critical to ensuring the design and operational effectiveness of controls through regular assessment, ensuring they are sufficiently robust to safely and reliably deliver the services our Members expect.

At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected.

For this job you’ll be located at our nearest regional hub. There will be a need to regularly connect with colleagues for collaboration events in one of our office sites. This is anticipated to be once a month in either Swindon, Northampton, Bournemouth or London. If your application is successful, your hiring manager will provide further details on how this works.

What you’ll be doing

You will be working as key part of the Controls Testing Team (CTT) to:

• Proactively contribute to the planning and timely delivery of a control testing plan for the first line of defence.
• Test controls against standards that drive continuous improvement in risk and control management practices and contribute to consistency.
• Report on the design adequacy and operational effectiveness of controls in line with our established control testing methodology.
• Work with the business to explain the results of your testing, and suggest ways through which control gaps can be remediated to strengthen the control environment.
• Explore new technologies / approaches to derive and deliver control testing efficiencies.
• Provide constructive challenge and advice to ensure the right outcomes for our members.
• Work as an integral member of CTT contributing to internal initiatives to drive a continuous improvement approach in all we do.

About you

• You’ll have a Technology, Information Security, Data Privacy, Technical Audit, Controls, Risk or Compliance background.
• Good communication skills are essential, you’ll be communicating updates and solutions with a variety of stakeholders working in different disciplines.
• The ability to relate to and influence peers and business colleagues.
• A degree, relevant qualification or equivalent operational experience in a technical technology or information security role.

You’ll have experience in at least one of the below three areas:

• Certified in or be on your way to completing any of CISA, CISM, CISSP and/or relevant Cloud, Cyber security or Data/Data Privacy certifications. (Training and support can be provided).
• A knowledge of NIST and ISO 27001/27002 standards and applicable security regulations (PCI-DSS etc.) – or Cloud and Cyber risk and control frameworks (CCM and CIS etc.).
• Any experience of applied testing of technology and/or information security management controls across large diverse technology environments. For example, MS Windows and Windows Server, UNIX, LINUX, Mainframes (UNISYS and Fujitsu) and/or database management systems, or networks etc.

Our Customer First behaviours are all about putting customers and members at the heart of how we work together. You can strengthen your application by showing the behaviours that resonate with you, and how you might have already demonstrated these.

• Say it straight – This is about being honest and direct with good intent and saying what needs to be said in the room. It’s also about being clear, precise, and using language that we and, importantly, our customers and members can understand.
• Push for better – This is about aiming high and constantly looking for better in how we work together and serve our customers and members.
• Get it done – This is about prioritising what will have the greatest impact, being decisive and taking accountability for delivering on the end-to-end outcome.

The extras you’ll get

There are all sorts of employee benefits available at Nationwide, including:

• A personal pension – if you put in 7% of your salary, we’ll top up by a further 16%
• Up to 2 days of paid volunteering a year
• Life assurance worth 8x your salary
• A great selection of additional benefits through our salary sacrifice scheme
• Wellhub – Access to a range of free and paid options for health and wellness
• Access to an annual performance related bonus
• Access to training to help you develop and progress your career
• 25 days holiday, pro rata

What makes us different

Nationwide is the world’s largest building society. With over 15 million customers, we have a relationship with almost a quarter of the UK’s population. We’ve got the scale to compete with the big banks, but we’re not a bank.

As a building society, we’re owned by our members – that’s our customers who have their current account, mortgage or savings with us. It means we can do things differently to deliver our Purpose – Banking – but fairer, more rewarding, and for the good of society.

When you work at Nationwide, you can experience that difference for yourself. You’ll be part of a high-performing, purpose-driven organisation that offers rewarding career experiences and a highly competitive range of benefits to match. You’ll also be joining us at an important time as we seek to reach more and more people in the UK. We want everyone in the UK to know that they don’t have to bank with a bank. They can choose a modern mutual instead.

What to do next

If this role is for you, please click the ‘Apply Now’ button. You’ll need to attach your up-to-date CV and answer a few quick questions for us.

We respond to everyone, so we will be in contact shortly after the closing date to let you know the outcome of your application.

#J-18808-Ljbffr