Security Assurance Advisor
The Security Assurance Advisor reports to the Security Assurance Manager within the CISO (Chief Information Security Officer) function.
The Security Assurance Advisor will be responsible for ensuring projects and change initiatives within RSA are compliant with security standards, policies and strategy.
You will be responsible for the evaluating the risk profile of projects as part of the Systems Development Life Cycle (SDLC) and will work with the Delivery and Change community to ensure change activity complies to RSA control requirements and that applicable risks have been appropriately assessed and managed. You will also be responsible for the continued development of the RSA security assurance framework in line with emerging cybersecurity threats and RSA’s risk appetite.
In your role you will be also be responsible for engagement with third party suppliers as required to ensure continued compliance to RSA security standards and controls where a project is considering an outsourced arrangement, including challenging the business where proposed controls are not in line with best practice or may introduce unnecessary risk to RSA.
As part of the Security Solutions team within RSA you may also need to represent the team in design, architectural and project delivery forums.
• Maintaining RSA’s project security assurance capability
• Providing security assurance services to the business communities
• Maintaining and championing project security assurance processes as part of the SDLC
• Act as a conduit between business change and the RSA Information Security team
• Track any required exceptions to RSA security controls and standards remediation
• Review emerging cyber threats and industry trends to ensure that RSA’s project assurance capability remains effective and relevant
You will have:
• Broad knowledge of Information Security domains and best practise
• Gravitas to challenge the business and ensure compliance with standards, confident in delivering difficult messages
• Experience in managing third party supplier risk
• Ability to communicate technical risk information in business terms and contexts
• Relevant security qualifications or experience, for example CISMP, CISSP
RSA is one of the world's leading FTSE 100 general insurers with a proud heritage dating back over 300 years. We provide high quality, innovative insurance products and services for some 20 million customers in over 100 countries, setting new standards in the industry.
Why are we telling you all this? Well, we’re an ambitious sort of company. And if you’re an ambitious sort of person – with the drive to improve us as you improve yourself – we’ll promise you all the resources and career opportunities you need
We aim to provide every one of our employees with a great work-life balance and the opportunity to contribute to charity. We have a thriving community investment programme, volunteer weeks, social events, focus groups, and team outings.
If this sounds like a role you’re interested in then please apply.