Cyber Protection Technical Specialist

Cyber Protection Technical Specialist

Apply locations Lloyd's UK: London time type Full time posted on Posted 4 Days Ago time left to apply End Date: February 13, 2025 (22 days left to apply) job requisition id R4092

Lloyd’s is the world’s leading insurance and reinsurance marketplace. We share the collective intelligence and risk sharing expertise of the market’s brightest minds, working together for a braver world.

Our role is to inspire courage, so tomorrow’s progress isn’t limited by today’s risks.

Our shared values: we are brave; we are stronger together; we do the right thing; guide what we do and how we act. If you share our values and our passion to build a future that’s more sustainable, resilient and inclusive, you’ll find a home at Lloyd’s – build a braver future with us.

Lloyd’s are currently seeking to recruit a Cyber Protection Technical Specialist. You will protect Lloyd’s through setting of security standards for how to protect ourselves against cyber security threats, drive improvements in technical security capabilities and provide technical security expertise across all team processes. This role will support the Head of GRC and Cyber Protect.

Principal Responsibilities and Accountabilities

1. Provide technical security input and expertise to all capabilities across the Governance, Risk and Compliance and Cyber Protect team.
2. Support technical security oversight and assurance of cyber security remediation programme activities.
3. Support the development of actions to address RED team, risk review, internal audit and external audit observations and findings.
4. Own and overhaul the technical security standards across Lloyd’s.
5. Lead on and manage driving improvements in Lloyd’s Privileged Access Management capability.
6. Support driving improvements in all technical security capabilities including Identity Security, Endpoint Security, Network Security, Application Security and Certificate / Key Management.
7. Collaborate with other members of the security team and cross-functional teams to improve the overall security posture of the organisation.

Skills, Knowledge, and Experience

1. Deep knowledge of standard enterprise computer systems, networks, and security protocols.
2. Deep knowledge of enterprise-level technical IT security controls.
3. Good working knowledge of industry good practice frameworks such as NIST Cyber Security Framework, Centre for Internet Security (CIS) Critical Security Controls (CSC), ISO 27001, MITRE ATT&CK (Adversaries Tactics, Techniques & Common Knowledge), Cyber Kill Chain, etc.
4. Deep knowledge of how different risks can materialise across the layers of defence and framework of managing risks.
5. Passionate about staying abreast of the threat landscape, attacker tools, techniques and procedures, and latest defence strategies.
6. Knowledge of financial services and governance processes.
7. Experience of implementing security controls within enterprise-level IT systems and networks.
8. Experience of overseeing and assuring the delivery of security controls in IT systems by third parties.
9. Extensive knowledge of assessing and improving processes and procedures with a continuous improvement and risk focused mindset.
10. Experience of influencing stakeholders internally and externally to an organisation leading to impact both in and outside own function.
11. Experience in effectively communicating security topics at a senior level in a large organisation.
12. Working knowledge within a regulated business/operational environment, ideally gained in the Financial Services industry would be beneficial.
13. Ability to provide technical security input into disparate projects and to non-IT technical audiences/stakeholders.
14. Proven ability to appropriately challenge IT and security technical delivery/output and influence stakeholders internally and externally to an organisation in order to achieve a desired outcome and impact both in and outside own function.
15. Ability to learn and absorb new detailed technical information quickly and recognise how that links to initiatives being delivered.
16. Ability to assess and improve (security) processes and procedures with a continuous improvement and risk focused mindset.
17. Ability to author technical documents.
18. Security certifications such as CISM, CISSP, M.Inst.ISP, CISA by a recognised professional body are desirable.

We recognise that there are many people with strong ethical hacking skills who did not follow a traditional education route. We encourage those who have the skills to apply.

Diversity and inclusion are a focus for us – Lloyd’s aim is to build a diverse, inclusive environment that reflects the global markets we work in. One where everyone is treated with dignity and respect to achieve their full potential. In practice, this means we are positive and inclusive about making workplace adjustments, we offer regular health and wellbeing programmes, diversity and inclusion training, employee networks, mentoring and volunteering opportunities as well as investment into your professional development.

We understand that our work/life balance is important to us all and that a hybrid of working from the office and home can offer a great level of flexibility. Flexible working forms part of a total reward approach which offers a host of other benefits over and above the standard offering (generous pension, healthcare, wellbeing etc). These include financial support for training, education & development, a benefit allowance (to spend on our flexible benefits such as gym membership, dental insurance, extra holiday or to partake in our cycle to work scheme), employee recognition scheme and various employee discount schemes.

By choosing Lloyd's, you'll be part of a team that brings together the best minds in the industry, and together with our underwriters and brokers, we create innovative, responsive solutions allowing us to share risk and solve complex problems.

Should you require any additional support with your application, or any adjustments, please click the following link:

Click here for support

Please note, clicking on this link does not register your application for the vacancy

About Us

Lloyd’s aim is to build a diverse, inclusive environment that reflects the global markets we work in and in which everyone is treated with dignity and respect.

We will invest in attracting the best talent to Lloyd’s, making sure recruitment is targeted at bringing in the skills we need to evolve.

We will develop a talent pipeline that provides us with the key capabilities we will need for the future. To also create a culture in which every employee fulfils their full potential, ensuring that leaders role-model the behaviours we expect in ourselves and others.