Information Security Consultant
£45k – £65k (DOE) + Company Benefits Package
Full time – 37.5 hours/week
We’re a leading health insurer and healthcare provider, with care homes, health centres, dental practices and a hospital. With no shareholders, our customers are our focus. We reinvest profits into providing more and better healthcare for the benefit of current and future customers.
We believe in quality, affordable and accessible healthcare for all. If you share our purpose of helping people live longer, healthier, happier lives, then look no further, Bupa could be the perfect match.
Join a team that’s passionate about leading the healthcare market with products and services designed to help people lead better lives.
At Bupa you’ll work on high-impact, innovative projects in an organisation that makes a real difference. You’ll have to be ambitious and eager to play an integral role in our overall digital strategy.
What you’ll be doing
As an Information Security Consultant you will safeguard the confidentiality, integrity and availability of Bupa information and data, and the security of Bupa infrastructure and applications.
You will provide IT Security consultancy and guidance to IT Shared Services UK, its internal and external customers and suppliers to ensure business needs can be delivered in a secure manner, adhering to Information Risk policies and standards.
Acting as advocate for the Information Security and Governance function you will ensure its’ vision and objectives are clearly articulated, understood and delivered. You will Undertake security assurance activities relating to programmes and projects; Information Security risk assessment and analysis; and perform other Security Management activities including governance, compliance, strategy and awareness. You will assist with the co-ordination of response to information security incident e.g. through impact analysis and remediation planning and co-ordination
What’s a typical day?
You will provide advice, guidance and policy interpretation to a wide audience of internal and external entities (teams, projects, suppliers, customers and partners).
You will provide detailed technical standards content, based on established security policies and practices. You will obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
Contribute to the investigation of major breaches of security and recommend appropriate control improvements. You will Review information systems for compliance with policy, standards and regulatory requirements and specify any required changes. You will Responsible for provision of interpretation of security testing output, where required, to assist in prioritisation of remediation activity. You will define the plan for penetration testing. You will provide security consultancy for business as usual activities and to ensure that security related capabilities are fit for purpose and in line with the agreed operating model and risk appetite. You will Ensure that security requirements are specified, appropriately reflected in design documents, and supported in deployment by the appropriate tools, processes and metrics. You will provide detailed, expert level advice and guidance on technical security tools and processes required to support or further develop organisational security capabilities. You will Implement stakeholder engagement/ communications plans, including, for example; handling of complaints; problems and issues; managing resolutions; corrective actions.
Who we’re looking for?
- Good experience and knowledge of Information Security management, ideally with a technical degree and /or industry recognised qualification (e.g. CISM, CISA, CISSP, GEGIT, QCA).
- A sound understanding of British and International Security Standards (e.g. ISO/IEC 27001, ISO/IEC 27002) relevant Privacy legislation (especially Data Protection Act 1998) and regulatory obligations (e.g. PCI/DSS, FCA, PRA).
- Knowledge of process improvement and project management methodologies
- The ability to partner with IT and business stakeholders operating at all levels within the organisation.
- Knowledge of security architecture and design; experience of developing security requirements and ensuring these are adequately specified, represented in designs, and implemented in deployment.
- A proven track record of security policy implementation and deployment; experience of creating technical security standards based on established policy objectives and requirements.
- Knowledge of security process and control assurance; experience of providing assurance to customers and gaining assurance from suppliers.
- Knowledge of current security tools, processes and techniques; experience of deploying tools, processes, training to demonstrate measurable security benefit.
We’re driven by one purpose, helping people live longer, healthier, happier lives and that that means our people too. As a Bupa employee you’ll be entitled to some fantastic benefits which include 25 days holiday increasing to 30 days as your length of service increases, the option to buy and sell holiday, an enhanced pension plan, life assurance and income protection. You’ll join our annual bonus scheme, amount variable dependent upon your role and performance. Looking after your health is important to us and you can benefit from our health trust scheme where all our people have the option of taking our market-leading medical insurance cover, which includes mental health support and treatment, at a greatly reduced price as well as a free health assessment every 2 year. Your health and wellbeing matter to us and we provide lots of family friendly policies too. You can keep fit at our free onsite gyms (local gym discounts where no onsite gym). We will support you to get to work, offering a season ticket loan to spread the cost of an annual train/bus ticket as well as our cycle to work scheme.
Whether you’ve found your feet or are discovering a new path. Welcome to a place that celebrates you. This isn’t where you’ve been. This is where you’re going. This is what we have belief in.
Bupa is committed to making sure that every applicant is assessed solely on the basis of personal merit and qualifications, regardless of gender, sexual orientation, pregnancy or maternity, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.