Information Security Analyst

About us

We’re The Very Group and we’re here to help families get more out of life. We know that our customers work hard for their families and have a lot to balance in their busy lives. That’s why we combine amazing brands and products with flexible payment options on Very.co.uk to help them say yes to the things they love. We’re just as passionate about helping our people get more out of life too, building careers with real growth, a sense of purpose, belonging and wellbeing.

We are looking for an Information Security Analyst who will be responsible for delivery of all areas of Information Security policy and procedure at The Very Group. With particular focus on Vulnerability management, Penetration testing and the assurance of the identity access management processes.

For this role you will have the following responsibilities:

• Arrange and where directed manage cyber threat assessment activities.
• Deliver vulnerability assessments, arrange penetration tests and red/purple team exercises within The Very Group
• Cover for the Information Security Specialist where required.
• Be accountable for fixes and decisions relating to vulnerability assessment services.
• Assist in producing security assurance metrics related to threat and vulnerability assessments and provide key stakeholders with performance data as required by the Head of Information Security and manager.
• Support teams within IT Security in the production and maintenance of Security Procedures, Guidelines, Work Instructions, Working Practices and other operational documentation.
• Provide information to other teams within IT Security as required to support development of threat intelligence, security strategy and all service improvement activities.
• Responsible for delivering threat and vulnerability assessment services and assuring they are frequently reviewed and where required service improvement plans are implemented.
• Assist in the establishment and maintenance of IT Security standards and policies.
• Key contributor in various facets of Security incident response including notification, escalation response and post incident review.
• Provide general advice and guidance on IT Security related matters as and when required.
• Assist and support Threat Hunting and Digital Forensics as directed by the Security Operations Lead.
• Managing and develop IAM/ PUAM functions
• Ensuring the business is compliant with all issues relating to IAM/ PUAM including legal and regulatory changes affecting UK financial services and engaging in professional development to maintain professional skills and knowledge essential to the position.
• Build relationships across TVG to support essential security policy adherence

Requirements

What you’ll bring

• A broad understanding of the Information Security industry and specifically, a solid understanding of UK regulations and compliance.
• Experience of contributing and improving the Information Security agenda within a corporate organisation
• The ability to understand and integrate business and security strategies.
• Experience in IT Security Vulnerability Management.
• Strong knowledge of security vulnerability assessment tooling, report analysis and remediation plans.
• Good understanding of networking concepts and enterprise IT systems including OS (Windows, Mac, *nix)
• Knowledge of Windows Active Directory and Linux identity management
• Experience with Identity management and privilege user access management in an enterprise environment would be advantageous.
• Experience in the implementation and day to day running of IAM/ PUAM tooling
• Experience of cloud based IAM especially with AWS and Office 365
• An understanding of incident response procedures and standards and the managing of information security and privacy incidents.
• Excellent interpersonal skills
• Information Security and /or Information Technology industry qualification would be advantageous (such as CISSP or CISM) or equivalent time served

Benefits

Some of our benefits

• Flexible, hybrid working model
• Inclusive culture and environment, check out our Glassdoor reviews
• Flexible benefits allowance to suit your needs
• 30 days holiday + bank holidays
• Udemy learning platform
• Bonus potential (performance and business-related)
• Up to 25% discount on Very.co.uk
• Matched pension up to 6%
• More benefits can be found on our career site

How to apply

Please note that the talent acquisition team are managing this vacancy directly, and if successful in securing this role, you may be required to undertake a credit, CIFAS and CRB check.

What happens next?

Our talent acquisition team will be in touch if you’re successful so keep an eye on your emails! We’ll arrange a short call to learn more about you, as well as answer any questions you have. If it feels like we’re a good match, we’ll share your CV with the hiring manager to review, and then be in touch to move to the interview process. Our interview process is tailored to each role and can be in-person and remotely. We will always look to make the adjustments you need to bring your best self to interview.

Equal opportunities

We’re an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.