Information Security Compliance Analyst
Excited to grow your career?
Our purpose is to empower people to save and invest with confidence. We are looking for great people to join us, so please come and invest in YOUR future at HL.
We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We'd love to hear from you!
About the role
An exciting opportunity has arisen to join a new branch of our InfoSec team, as an Information Security Compliance Analyst. You will assist in delivering compliance to internal and external standards, frameworks, and attestations. You will also be responsible for the maintenance of documentation and processes necessary to maintain compliance to industry frameworks, including assisting with post internal and external audit finalisation of findings and follow–ups.
What you'll be doing
- Assisting in meeting compliance requirements within HL, such as PCI–DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST.
- Monitoring of scheduled compliance activities such as Firewall rule reviews, developer security training, colleague policy attestations and collecting and collating evidence of such activities to assist in audit and assessment activities.
- Security Compliance oversight of transformation initiatives and cloud security compliance activities.
- Collating and compiling Management Information to provide assurance to the Head of Infosec and CISO of ongoing security compliance.
- Assisting in creating, reviewing, and updating key ISMS documentation including standards and process documents ensuring reviews are carried out on time and take into account any changes in compliance and framework requirements.
- Working with risk functions to complete security controls testing and alignment of controls with industry frameworks, performing gap analysis and assisting with remediation activities.
- Maintaining the program of remediation for audit and assessment findings, including updating of task status, reporting of progress and escalation of issues and identifying opportunities for improvement.
- Experience in a Security Compliance or Information Security role with a strong technical background.
- Ideally experience must have been gained within a regulated environment with experience of securing cloud environments such as AWS & Azure and understanding compliance requirements for cloud environments.
- Must be certified to a recognised industry certification such as CISSP, CCSK, CCAK or equivalent.
- Exposure to compliance and risk management in a NIST CSF or ISO27001 aligned environment, along with PCI–DSS and SWIFT is an advantage.
- Good report writing capabilities, analytical skills, including demonstrated experience identifying and communicating opportunities for improvement.
This will be a two–stage interview process, consisting of an introductory conversation and competency and behavioural based interview.
The role is based in our Bristol head office, BS1 5HL. This role is permanent, full time, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern.
Here at HL, we're the UK's number 1 investment platform for private investors, based in Bristol. For more than 40 years we've helped investors save time, tax and money on their investments.
To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.
What's on offer?
- Discretionary annual bonus & annual pay review
- 25 days holiday plus bank holidays and 1–day additional Christmas closure time
- Option to purchase an additional 5 days holiday per year at annual enrolment
- Flexible working options available, including hybrid working
- Enhanced parental leave
- Annual personal L&D budget.
- Pension scheme up to 11% employer contribution
- Sharesave scheme – have a real stake in HL's future
- Income Protection & Life insurance (4 x salary core level of cover)
- Private medical insurance
- Health care cash plans – including optical, dental, and outpatient care
- and an Employee Assistance Programme
- Gympass – gym memberships and wellbeing apps available
- Variety of travel to work schemes with free bike storage and shower facilities
- An inhouse barista serving subsidised coffee and snacks
- Join HL's sports, I&D networks and volunteering groups (two paid volunteering days per year)
- LifeWorks Discounts on services, restaurants and retailers
dependant on role level
Hargreaves Lansdown is an inclusive employer that values diversity in its workforce. We encourage applications from all individuals without regard to race, religion, gender, sexual orientation, national origin, disability or age.
This role may also be available on a flexible working or part time basis – please ask the Recruitment & Onboarding team for more information.
Please note, we are unable to provide employment sponsorship to candidates.