Oferta pracy

Senior Information Security Analyst

HL Tech Sp. z o. o.

15 00018 000 gross / mth.

HL Tech Sp. z o. o.

plac Europejski 1

Wola

Warszawa

Technologies we use

Operating system

About the project

We are a technology center creating internal products as part of the Hargreaves Lansdown Group, the UK financial and investment giant. Our aim is to provide secure software that will help people manage their savings and investments easy and with confidence. Initially, the team consisted of 15 people, today we have 80 best-in-class IT experts. Thanks to their passion, commitment and expertise, we are able to implement truly innovative solutions using cutting-edge technologies.

The Senior Information Security Analyst is a specialist role with the primary focus being Information Security Governance, Risk & Compliance. They deputise for the Cyber Risk manager and are jointly accountable in ensuring Hargreaves Lansdown's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. This requires a mixture of technical, and non-technical information security risk experience.

Your responsibilities

  • Deputise for the Cyber Risk manager in ensuring HL's Information Security Management System remains effective in protecting HL critical information assets within risk appetite

  • Approve within delegated limits risk assessments and 3rd party due diligence assessments that have been carried out by analysts and apprentices

  • Direct the work of analysts and apprentices, and provide guidance where needed.

  • Own the delivery of the cyber security awareness and training program

  • Accountable for the compliance and third party security audits and reviews against best practice security control frameworks

  • Carry out horizon scanning through research of security related topics and report back to the wider cyber risk team

  • Be responsible for the ongoing policy maintenance of the ISMS

Our requirements

  • Minimum 4 to 5 years experience in an Information Security or related role. Ideally some of this will have been gained in a regulated environment.

  • Exposure to Information Security in a DevSecOps cloud context

  • Must be certified to a recognised security standard, , such as CISSP, CISM, CCSP (or equivalent.

  • Have practical work based experience across the areas of security policy, culture, forensics, incident response and risk management.

  • Good exposure to security standards such as a ISO27001, NIST CSF or PCI-DSS

  • Be able to evaluate the adequacy of security controls, and how they are applied in a business context.

  • Experience of carrying out security reviews against recognised security control frameworks such as NIST CSF

  • Advanced English (B2/C1)

Optional

  • Experience operating in a Cloud compliant environment will be advantageous

What we offer

  • Conference budget

  • Training budget

  • Private Pension Scheme (4% employer contribution without any additional cost nor employee contributions required)

  • Annual bonus depending on performance

  • English lessons with native speakers

  • Private health care

  • Life insurance

  • Sports card

  • Comfortable work environment in modern office

  • Well communicated location: close to Rondo Daszyńskiego

  • Bike parking

  • Gym

  • Play room

  • Shower

  • Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • integration events

  • retirement pension plan

  • corporate library

  • leisure zone

HL Tech Sp. z o. o.

HL Tech is a technology centre responsible for software development and strategic digital transformation of the British financial market giant, Hargreaves Lansdown. Our goal is to provide secure software to help investors perform their financial operations. We promote innovative technologies that enable delivery of financial services.

Scroll to the company’s profile

Many opportunities to gain and share knowledge and ideas

  • Agile / SCRUM methodology

  • Opportunity to grow according to your level of expertise

  • Working with new technologies and a multi-diverse team

  • Many opportunities to share knowledge and ideas

  • In-house Trainings

Supporting team

  • Best welcome for new employees

  • Buddy program

  • Team Events