Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support the Information Security programme, focusing on risk management and compliance.
- Company: OSB Group is a leading specialist mortgage lender with a unique cost-efficient operating model.
- Benefits: Enjoy hybrid working, 28 days leave, and a bonus of up to 15%.
- Why this job: Join a diverse team committed to your growth and making a real impact in security.
- Qualifications: Experience in Information Security, knowledge of NIST framework, and relevant certifications preferred.
- Other info: Flexible working options available to support your work-life balance.
The predicted salary is between 38000 - 55000 £ per year.
About Us
OSB Group is a leading specialist mortgage lender, primarily focused on carefully selected segments of the mortgage market. Our specialist lending is supported by our Kent Reliance and Charter Savings Bank retail savings franchises. Diversification of funding is provided by sophisticated securitisation platforms. OSB’s unique cost-efficient operating model is supported by our wholly-owned subsidiary OSBIndia.
What you will be doing
The key purpose of this role is to support the Information Security programme and framework. You will focus on core areas such as risk management, third-party security due-diligence reviews, ensuring compliance with legal, regulatory and relevant security standards such as ISO 27001, PCI DSS and the UK data protection act / GDPR.
You will also support the security awareness and training activities as defined by an annual schedule of targeted training and testing across the Group.
Responsibilities
- Support the Vulnerability Management reporting and IT remediation planning
- Support a pre-defined schedule of work to conduct third party risk management reviews through security questionnaires and on-site security reviews
- Assist with implementation, monitoring and assurance reviews of IT security controls
- Maintain information security frameworks, policies, standards and guidelines
- Implement process improvements and efficiencies as defined by the agreed service improvement plans
- Assist with the definition and enforcement of configuration standards and policies for security technologies
In return for your commitment
We offer a base salary dependent on experience of between £38,000 – £55,000 and a competitive benefits package including :
- Discretionary annual bonus opportunity of up to 15%
- 28 days annual leave plus bank holidays
- Contributory pension (8% employer 5% employee)
- Life Assurance (4x salary) plus Group Income Protection
- Access to Private Medical Insurance and Medical Cash Plan
- Additional benefits such as Hybrid working, Cycle Purchase scheme, Technology Purchase scheme, Season Ticket Loan, Holiday purchase / sell schemes, Employee Perk Portals, Payroll giving and Save as you Earn scheme
Could you be the one?
We are looking for talented individuals who have the experience and knowledge set out below :
- Previous work experience in an Information Security role within financial services with the following experience : Performing security assessments for IT systems and processes Conducting 3rd party risk assessments Creating a security awareness training programme Use of vulnerability management tools and remediation planning
- Strong knowledge of IT Security technologies, principles and practices
- Strong knowledge of the NIST framework
- Qualifications in or working towards any SANS GIAC Security certifications (Administration, Software, or GSE Expert), ISC2 CISSP, or any security systems vendor administration-level certifications
What to do next
If this sounds like you, please apply now! For internal applications please visit the internal careers page to apply.
If shortlisted from your initial application we operate a personalised recruitment process. Interviews are a two way street, we aim for them to be relevant and conversational to get the best out of you!
Equal Opportunities
As part of our public commitment to the Women in Finance Charter, we have introduced our own initiatives to attract, develop and advance senior women in our sector. We don’t stop there though, we have broadened our approach to encourage diversity and inclusion at all levels and in all roles. Our leadership and Executive Committee are right behind us, to the extent that our Diversity Champions sit at Board level and on a monthly basis receive updates on our progress.
Whilst we are an organisation that values face-to-face interaction to build and nourish our culture, we also acknowledge that people are not just productive in an office and tied to the 9 to 5. Flexible-working opportunities are important for establishing a healthy work-life balance so if you see a role of interest we are happy to be asked about flexibility and explore together if we can make it work.
All applicants must have rights to work in the UK and be willing to undertake the relevant pre-employment screening checks should your application be successful.
#J-18808-Ljbffr
NIST Cyber Assurance Analyst employer: OSB Group
Contact Detail:
OSB Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land NIST Cyber Assurance Analyst
✨Tip Number 1
Familiarise yourself with the NIST framework and its application in information security. Being able to discuss specific examples of how you've implemented or assessed security controls based on this framework will set you apart during interviews.
✨Tip Number 2
Network with professionals in the financial services sector, particularly those involved in information security. Attend relevant industry events or webinars to make connections and gain insights that could be beneficial during your application process.
✨Tip Number 3
Prepare to discuss your experience with vulnerability management tools and remediation planning. Be ready to share specific instances where you've successfully identified and mitigated security risks in previous roles.
✨Tip Number 4
Showcase your ability to create and implement security awareness training programmes. Think of innovative ways to engage employees in security practices, as this is a key aspect of the role and can demonstrate your proactive approach.
We think you need these skills to ace NIST Cyber Assurance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, particularly within financial services. Emphasise your skills in risk management, third-party assessments, and familiarity with security standards like ISO 27001 and PCI DSS.
Craft a Compelling Cover Letter: Write a cover letter that connects your background to the specific requirements of the NIST Cyber Assurance Analyst role. Mention your experience with vulnerability management tools and any relevant certifications you hold or are pursuing.
Showcase Your Knowledge: In your application, demonstrate your understanding of the NIST framework and how it applies to the role. Provide examples of how you've implemented security controls or improved processes in previous positions.
Highlight Soft Skills: Don't forget to mention soft skills that are crucial for this role, such as communication and teamwork. Since the position involves training and awareness activities, showcasing your ability to engage and educate others will be beneficial.
How to prepare for a job interview at OSB Group
✨Understand the NIST Framework
Make sure you have a solid grasp of the NIST Cybersecurity Framework. Be prepared to discuss how you've applied its principles in previous roles, especially in risk management and compliance.
✨Showcase Your Security Assessment Experience
Be ready to share specific examples of security assessments you've conducted. Highlight your experience with third-party risk assessments and how you approached them.
✨Discuss Vulnerability Management Tools
Familiarise yourself with common vulnerability management tools and be prepared to discuss how you've used them in remediation planning. This will demonstrate your technical knowledge and practical experience.
✨Prepare for Behavioural Questions
Expect questions that assess your problem-solving skills and teamwork. Think of scenarios where you've successfully collaborated on security initiatives or resolved conflicts in a team setting.
