Up to £75,000 depending on Experience

** Remote/home working allowed **

At Saga we believe in exceptional experiences everyday whilst being a driver for positive change in our markets and communities. Our values are precision pace, empathy, curiosity, collaboration. If this resonates with you then it’s time to do the best work of your life!

…And right now, we are looking for an Information Security Technical lead to work in our Central part of the IT business at an exciting time in Saga’s history. As a Group, Saga is taking to the seas in our brand new, luxury cruise ships, leading the market with innovative insurance and financial products.    

You will be responsible for testing including undertaking ad hoc penetration tests, monitoring, and continually evolving cyber security controls to deliver Saga’s Cyber Security Strategy and help manage cyber risk.  

You will bring a strong blend of technical ability, with Cyber Security experience. The Information Security Technical Lead will be highly technical and business facing, so a strong communicator that possesses first class stakeholder management skills is required for this role.  

And in return, you can look forward to all the responsibility and involvement of an integral role, providing you with a rewarding and fast-paced career with an excellent benefits package.   

So, if you have these specialists’ skills, then we would like to hear from you. 

As an Information Security Technical Lead, your top responsibilities are:    

  • Undertaking ad hoc security testing of web applications and infrastructure.  

  • Threat hunting and monitoring of cyber security solutions for indicators of compromise (IoCs) and anomalous activity 

  • Providing advice and guidance on how to minimise the impact of threats to assets / services and support business initiatives, including providing subject matter expertise for development teams in secure application development and remediation of security test findings.  

  • Monitoring and management of technical cyber security solutions against defined performance KPIs as well as continuously identifying opportunities to improve technical cyber risk management controls.  

  • Actively identifying inefficiencies and championing the adoption of new controls/technologies and approaches to meet business needs and manage risk.  

  • Helping to shape and support the delivery of the Cyber Strategic plan and policies, including the definition and evolution of security controls and associated KPIs.  

  • The ability to undertake application security testing and provide consultancy.  

  • Detailed knowledge of application security (including OWASP), Linux and Azure security.  

  • Understanding and application of technical Cyber Security risk management controls.  

  • Deep understanding of cyber-attack techniques.  

  • Understanding of, and experience with, vulnerability testing frameworks / techniques.  

  • Deep understanding of the cyber security domain and risk to applications.  

  • Technical Risk Management.  

  • Knowledge of Cyber threats to shape and support Cyber strategy, policies and KPIs.  

  • Communication and Stakeholder Management skills.  

  • Understanding of business technology to inform mitigation strategies.  

  • Industry certifications including, but not limited to, CRT, CEH, OSCP, GPEN, Microsoft AZ-500. 

Our values are:

  • Precision Pace – Always owning and making things happen
  • Empathy – Always aware of others
  • Curiosity – Always asking why
  • Collaboration – Always one team, the Saga team!

Job Reference: saga/TP/74/1369