Job Description

###

Role Overview

This is a new role for nest and will report to the Senior IT Service Operations Manager.


Nest operates a three lines of defence approach to information security with the second and third lines delivered by an internal information security team and external auditors respectively. This role covers the first line of defence, of which a large part is outsourced.


Currently management of the 3rd party contract provisions related to security, together with various internal control responsibilities are covered by other members of the team for whom this is not a specialism. This role will take on those responsibilities, bringing more specialist experience and knowledge. You will help to develop and improve our information security controls as we seek to improve our infosec maturity using the NIST framework as an externally assessed benchmark.



This first line role combines a contract management aspect with the requirement for hands-on process operation for internally managed controls such as access reviews, and some investigations such as subject access requests or insider threats.


This role will support the 'cyber security' theme within the Corporate Technology IT Strategy 2030.

The minimum criteria for this role are:

Practical experience of operating information security controls under a certified ISMS using ISO 27001/12, NIST, CSF or other security standards. Practical experience working with third party suppliers in evidencing their compliance with security policies, standards and controls to internal and external auditors. Understanding and experience of various Information Security domains including Security Architecture, Information Security Governance, Network Security, Data Protection, Risk Management, Identity & Access Management, Vulnerability Management, Anti-Malware, Mobile Device Management and Cloud Security. Experience of working within Financial Services, whilst beneficial, is not essential.

Don't worry if you think you don't have all the key skills, it might be worth taking the few minutes to apply as we're good at spotting potential and offer a generous training budget.

Please download a full job description to find a full scope, deliverables, experience and personal

attributes

required for this role.

Flexible and agile working

Everyone's personal situation is different.

To make the most out of hybrid working, we've introduced different ways of working, which include (subject to role requirements):


hybrid of office (Canary Wharf, London) and home working (there will be an expectation to attend the office, once - twice a week, or more, as required) reduce or vary working hours reduce or vary the days worked work compressed hours job share
Click here to see the benefits we offer at Nest.
For more information about our recruitment process click here
###

Directorate/Department Overview

The

Central Change and Corporate IT

department reports to the Director of Central Change and Technology. It is one of several teams overseen by the Chief Technology and Operations Officer (CTOO). We are a team of about 25 colleagues and our aim is to ensure the smooth running and implementation of Nest technology and change.



The

IT Team

of 11 colleagues in 2 functional teams exists to:


Set IT strategy and architecture in order to ensure that we all have the IT tools to do our jobs. Make sure that we have an infrastructure that is fit for the future. The

IT Service Operations Team

in which this role sits is responsible for:
Overseeing the relationship with our outsourced IT service provider and other suppliers. Introducing new services. Ensuring value for members' money First line security. The

Business Applications and Solutions

section of the IT Team supports the organisation to:
Better organise and manage its files and other data. Manage and automate its processes with the deployment and configuration of effective applications and solutions, including development of low and no-code solutions and with AI. Help select, onboard and administer various 3rd party applications such as CRM and Finance systems.
###

Organisational Overview

Nest is an award-winning workplace pension scheme, the largest in the country.



Set up by the government to give every worker in the UK somewhere to save, our first-class responsible investment practice and governance are the backbone of what we do, supported by all the functions you'd expect to find in a thriving business. We're committed to creating a workplace where you can be your authentic self and offer an inclusive and flexible working environment.

Diversity, Equity and Inclusion

Everyone is welcome to apply for our roles, and we are determined to ensure that no applicant or employee receives less favourable treatment because of their age, disability, gender identity, marital status, national origin, pregnancy or caring responsibilities, race, religion/belief, sex, sexual orientation or socio economic background.



We also recognise the importance of diversity of thought and other forms of neurocognitive variation.

Nest is a Disability Confident Leader, which is the highest level of the Disability Confident Scheme. If you have a disability, please declare that you're applying through the scheme.
We aim to offer an interview to those applicants who apply through the Disability Confident Scheme and best meet the minimum criteria. However, there may be some circumstances where this is not possible due to the volume of applications.
Please note that this advert may close early if we receive a sufficient number of satisfactory applications.



If you have any difficulty in sending your application or need the application pack in an alternative format, or you require any reasonable adjustments please contact: careers@nestcorporation.org.uk.