Information Security Lead

Company Description

Legal & General (L&G) is a leading UK financial services group and major global investor.

We’ve been safeguarding people’s financial futures since 1836, and strive to build a better society, while improving the lives of our customers and creating value for shareholders.

We are one of the world’s largest asset managers and provide powerful asset origination capabilities. Together, these underpin our retirement and protection solutions: we are an international player in pension risk transfer, in UK and US life insurance, and in UK workplace pensions and retirement income.

Our Group Functions provide the services that all areas of the business need. This requires a talented and diverse team behind the scenes, who enable everyone at L&G to do what they do best. 

Joining us means helping to improve the lives of our customers and contributing to the success of the business every day.

Job Description

Are you passionate about cloud security and ready to lead in a fast-paced, agile environment?

We’re looking for an Information Security Lead to join our team and help shape the future of secure cloud operations at Legal & General. You'll lead the Azure product team's security and compliance efforts - ensuring secure development and operation of the Group’s strategic Azure Platform.

This is your opportunity to work at the forefront of technology, influencing how we protect our platforms and data while enabling innovation and speed.

What you’ll be doing:

• Translating enterprise-wide security policies into practical, domain-specific initiatives
• Designing and embedding security frameworks into the DevSecOps lifecycle
• Acting as a trusted security partner to product teams and stakeholders
• Driving compliance through scalable, automated controls and governance
• Delivering clear, data-driven security performance reporting
• Leading risk assessments and supporting mitigation strategies
• Promoting a proactive security culture through mentoring and collaboration
• Championing a proactive security culture across your domain by mentoring engineers, influencing product leadership, and embedding security as a shared responsibility

Qualifications

Who we’re looking for:

• Strong knowledge of Azure security principles and cloud architecture patterns
• Familiarity with cybersecurity frameworks such as NIST, ISO27001 or MS-CSB
• Ability to influence and guide technical teams on security best practices
• Relevant security certifications (e.g. CISSP, CCSP, MS Certified Security Engineer)
• Experience in a DevSecOps environment including policy-as-code and security testing automation using CI/CD tools including GitHub, Terraform and Veracode
• Experience with implementing and managing Azure Compliance using native tools like Microsoft Defender and Azure Policy, as well as third party CSPM tools like Wiz/Orca Security

Whatever your role, we reward performance and behaviour with a package that looks after all the things that are important to you. Here are some of the benefits we offer:

• The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
• Generous pension contribution
• Life assurance
• Healthcare Plan (permanent employees only)
• At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
• Competitive family leave
• Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
• There are the many discounts we offer – both for our own products and at a range of high street stores and online
• In 2023, some of our workspaces were redesigned. Our offices are great spaces to connect and collaborate and have your wellbeing at the heart

Additional Information

At L&G, we believe it's possible to generate positive returns today while helping to build a better future for all. 

If you join us, you’ll be part of a welcoming, inclusive culture, with opportunities to collaborate with people of diverse backgrounds, views, and experiences. Guided by leaders with integrity who care about your future and wellbeing. Empowered through initiatives which support people to develop their careers and excel.

We care passionately about outcomes rather than attendance and are therefore open to discussing all kinds of flexible working options including part-time, term-time and job shares. Although some roles have limited flexibility due to customer demand, we accommodate requests when we can. 

It doesn’t matter if you don’t meet every single criterion in this advert. Instead, think about what you excel at and what else you can bring in terms of strengths, potential and connection to our purpose.