Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support and enhance the company's information security controls and management system.
- Company: Join Hyundai Capital Services UK, a dynamic finance joint venture with global reach.
- Benefits: Enjoy hybrid working, competitive salary, generous holidays, and wellness perks.
- Why this job: Be part of a crucial team ensuring cybersecurity while developing your skills in a collaborative environment.
- Qualifications: Knowledge of information security principles and relevant qualifications are essential.
- Other info: Opportunity for professional growth and involvement in impactful security initiatives.
The predicted salary is between 40000 - 45000 £ per year.
Overview
HCUK Information Security Assurance Analyst
Country: United Kingdom
Company Background and Job Purpose: Hyundai Capital Services UK Ltd (HCUK), a joint venture between Santander Consumer UK and Hyundai Capital Services Korea, operates under multiple finance brands providing funding solutions for retailers and consumers. The Information Security Assurance Analyst reports to the CISO, Head of Information Security & IT and is tasked with supporting the effective operation, reporting, and evidencing of the company\\\’s technology and information security controls and Information Security Management System (ISMS).
Responsibilities
- Maintain and improve the ISMS.
- Review and update ISMS policies, procedures, standards, and guidance.
- Coordinate internal ISMS reviews and audits.
- Facilitate supplier onboarding and conduct annual security assessments.
- Develop and deliver security awareness initiatives.
- Monitor security alerts and incidents, escalating when necessary.
- Prepare reports on security incidents, risks, and vulnerabilities.
- Schedule penetration tests and vulnerability scans, supporting remediation efforts.
Technology
- Analyse external vulnerability bulletins and coordinate remediation.
- Assist in evaluating cybersecurity tools.
- Use third-party assessment platforms for risk and compliance.
- Operate and improve the online ISMS platform ensuring data quality.
Project Delivery
- Support Senior Information Security Analyst with project delivery including research, coordination, and documentation.
- Participate actively in project teams to implement security initiatives.
Framework Management & Monitoring
- Monitor and maintain evidence of control effectiveness.
- Support audits by coordinating evidence collection.
- Evaluate controls and document nonconformities.
- Respond to audit findings ensuring timely remediation.
Stakeholder Engagement
- Build relationships with internal and external stakeholders to support security objectives.
- Collaborate with IT teams to prioritize and track remediation of vulnerabilities.
Communication and Reporting
- Produce clear reports on security activities and projects.
- Document and report incidents with root cause analysis.
- Generate ISMS reports using defined metrics for governance.
- Communicate risks effectively tailored to audience technical levels.
Insight and Continuous Improvement
- Support ongoing ISMS review and enhancement.
- Research and recommend new security tools and practices.
- Keep colleagues and managers informed of security issues and implications.
Risk and Compliance
- Assist in targeted information security risk assessments.
- Participate in risk meetings and prepare reports.
- Report risks, incidents, and breaches in line with policies.
Qualifications
Key Competencies
- Documentation & Attention to Detail: Ability to translate complex technical information into business-relevant language with strong accuracy.
- Communication: Excellent verbal and written skills for technical and non-technical audiences.
- Teamwork: Collaborative and professional in building strong working relationships.
- Time Management: Effective multitasking and independent work with minimal supervision.
- Influencing & Negotiating: Builds trust and uses interpersonal skills to influence and build consensus.
- Problem Solving: Applies initiative and critical thinking with adaptability and curiosity.
Key Expertise
- Understanding of information security principles, frameworks (e.g., ISO/IEC 27001), and risk management.
- Familiarity with ISMS maintenance and security incident response.
- Knowledge of regulatory requirements such as GDPR, NIS2, and Cyber Essentials.
- Experience with third-party security assessment platforms and GRC tools is desirable.
- Exposure to vulnerability management and audit involvement is advantageous.
- Relevant education or professional qualifications in risk, compliance, or information security.
Benefits
What we offer:
- Hybrid working model with a minimum of two days per week at the Reigate, Surrey office.
- Occasional domestic travel may be required.
- Salary range between £40,000 – £45,000 depending on experience.
- Eligibility for an annual bonus of up to 15%.
- 25 days holiday plus bank holidays, with flexible holiday options and additional leave after five years.
- Company pension with generous contributions.
- Voluntary benefits allowance of £500 per annum.
- Family support benefits including death in service and income protection.
- Discounted voluntary healthcare benefits and company-sponsored private medical insurance after one year.
- Employee car scheme.
- Employee assistance program.
Enhanced family-friendly policies and flexible working opportunities.
#J-18808-Ljbffr
HCUK Information Security Assurance Analyst employer: Santander
Contact Detail:
Santander Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land HCUK Information Security Assurance Analyst
✨Tip Number 1
Familiarise yourself with the ISO/IEC 27001 framework, as it's crucial for the role. Understanding its principles will not only help you in interviews but also demonstrate your commitment to information security.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience with ISMS and risk management. Engaging in discussions or attending relevant events can provide insights and potentially lead to referrals.
✨Tip Number 3
Stay updated on the latest cybersecurity trends and vulnerabilities. Being knowledgeable about current threats will show your proactive approach and readiness to tackle security challenges.
✨Tip Number 4
Prepare to discuss specific examples of how you've contributed to security initiatives in past roles. Highlighting your hands-on experience with audits, incident response, or security assessments will set you apart from other candidates.
We think you need these skills to ace HCUK Information Security Assurance Analyst
Some tips for your application 🫡
Understand the Role: Before applying, make sure to thoroughly read the job description for the HCUK Information Security Assurance Analyst position. Understand the key responsibilities and required competencies to tailor your application accordingly.
Highlight Relevant Experience: In your CV and cover letter, emphasise any previous experience related to information security, risk management, or compliance. Use specific examples that demonstrate your understanding of ISMS and your ability to handle security incidents.
Showcase Communication Skills: Since the role requires excellent communication skills, ensure your application reflects your ability to convey complex technical information clearly. Consider including examples of how you've successfully communicated with both technical and non-technical audiences.
Tailor Your Application: Customise your CV and cover letter to align with the specific requirements of the job. Mention relevant qualifications, such as familiarity with ISO/IEC 27001 or GDPR, and express your enthusiasm for contributing to HCUK's security objectives.
How to prepare for a job interview at Santander
✨Understand the ISMS Framework
Familiarise yourself with the Information Security Management System (ISMS) and its principles, especially ISO/IEC 27001. Be prepared to discuss how you can contribute to maintaining and improving the ISMS at HCUK.
✨Showcase Your Communication Skills
Since the role requires translating complex technical information into business-relevant language, practice explaining security concepts in simple terms. This will demonstrate your ability to communicate effectively with both technical and non-technical audiences.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills and ability to handle security incidents. Prepare examples from your past experiences where you successfully managed risks or resolved security issues.
✨Highlight Your Teamwork Experience
The role involves collaboration with various stakeholders. Be ready to share examples of how you've built strong working relationships in previous roles and how you contributed to team success in security initiatives.
