Information Security Assurance Analyst

Apply
  • Type: Full Time
  • Location: Reigate, Surrey
  • Posted: 2 days ago

Background

Hyundai Capital Services UK Ltd (HCUK), a joint venture between Santander Consumer UK and Hyundai Capital Services Korea, operates under multiple finance brands providing funding solutions for retailers and consumers.

Job Purpose

The Information Security Assurance Analyst reports to the CISO, Head of Information Security & IT and is tasked with supporting the effective operation, reporting, and evidencing of the company’s technology and information security controls and Information Security Management System (ISMS).

Key Accountabilities

1. Information Security

  • Maintain and improve the ISMS.
  • Review and update ISMS policies, procedures, standards, and guidance.
  • Coordinate internal ISMS reviews and audits.
  • Facilitate supplier onboarding and conduct annual security assessments.
  • Develop and deliver security awareness initiatives.
  • Monitor security alerts and incidents, escalating when necessary.
  • Prepare reports on security incidents, risks, and vulnerabilities.
  • Schedule penetration tests and vulnerability scans, supporting remediation efforts.

2. Technology

  • Analyse external vulnerability bulletins and coordinate remediation.
  • Assist in evaluating cybersecurity tools.
  • Use third-party assessment platforms for risk and compliance.
  • Operate and improve the online ISMS platform ensuring data quality.

3. Project Delivery

  • Support Senior Information Security Analyst with project delivery including research, coordination, and documentation.
  • Participate actively in project teams to implement security initiatives.

4. Framework Management & Monitoring

  • Monitor and maintain evidence of control effectiveness.
  • Support audits by coordinating evidence collection.
  • Evaluate controls and document nonconformities.
  • Respond to audit findings ensuring timely remediation.

5. Stakeholder Engagement

  • Build relationships with internal and external stakeholders to support security objectives.
  • Collaborate with IT teams to prioritize and track remediation of vulnerabilities.

6. Communication and Reporting

  • Produce clear reports on security activities and projects.
  • Document and report incidents with root cause analysis.
  • Generate ISMS reports using defined metrics for governance.
  • Communicate risks effectively tailored to audience technical levels.

7. Insight and Continuous Improvement

  • Support ongoing ISMS review and enhancement.
  • Research and recommend new security tools and practices.
  • Keep colleagues and managers informed of security issues and implications.

8. Risk and Compliance

  • Assist in targeted information security risk assessments.
  • Participate in risk meetings and prepare reports.
  • Report risks, incidents, and breaches in line with policies.

Key Competencies

  • Documentation & Attention to Detail: Ability to translate complex technical information into business-relevant language with strong accuracy.
  • Communication: Excellent verbal and written skills for technical and non-technical audiences.
  • Teamwork: Collaborative and professional in building strong working relationships.
  • Time Management: Effective multitasking and independent work with minimal supervision.
  • Influencing & Negotiating: Builds trust and uses interpersonal skills to influence and build consensus.
  • Problem Solving: Applies initiative and critical thinking with adaptability and curiosity.

Required Experience

  • Understanding of information security principles, frameworks (e.g., ISO/IEC 27001), and risk management.
  • Familiarity with ISMS maintenance and security incident response.
  • Knowledge of regulatory requirements such as GDPR, NIS2, and Cyber Essentials.
  • Experience with third-party security assessment platforms and GRC tools is desirable.
  • Exposure to vulnerability management and audit involvement is advantageous.
  • Relevant education or professional qualifications in risk, compliance, or information security.

Remuneration Package

  • Hybrid working model with a minimum of two days per week at the Reigate, Surrey office.
  • Occasional domestic travel may be required.
  • Salary range between £40,000 - £45,000 depending on experience.
  • Eligibility for an annual bonus of up to 15%.
  • 25 days holiday plus bank holidays, with flexible holiday options and additional leave after five years.
  • Company pension with generous contributions.
  • Voluntary benefits allowance of £500 per annum.
  • Family support benefits including death in service and income protection.
  • Discounted voluntary healthcare benefits and company-sponsored private medical insurance after one year.
  • Employee car scheme.
  • Employee assistance program.
  • Enhanced family-friendly policies and flexible working opportunities.
 

Complete this form to apply

 Required fields

About You
About Your Current Role/Job
About This Role/Job
   
   
Max 250 words