Engineer the Quantum RevolutionYour expertise can help us shape the future of quantum computing at Oxford Ionics.

View Open Roles

Senior Information Security Analyst

Hargreaves Lansdown
Bristol City
2 days ago
Create job alert

Excited to grow your career?

Our purpose is to make it easy for people to save and invest for a better future. We are looking for great people to join us, so please come and invest in YOUR future at Hargreaves Lansdown.

We know that sometimes people can be put off applying for a job if they don't tick every box. If you're excited about working for us and have most of the skills or experience we're looking for, please go ahead and apply. We’d love to hear from you!

About the role

As Hargreaves Lansdown (HL) continues it digital journey, we are enhancing our Cloud Assurance capabilities, within our Information Security Team. We are seeking a highly skilled Senior Security Analyst with a proven track record in delivering and maintaining Cloud assurance, preferably within a financially regulated enterprise environment or similar.

The Senior Security Analyst is a specialist lead SME role with the primary focus on AWS Cloud Security Assurance, as well as Governance, Risk and supporting Compliance. You will be supporting the Information Security function to ensure HL remains effective in protecting critical information assets within risk appetite. You will be working with a highly skilled and committed Security, Digital IT and Cloud teams. You will play a significant role in our Cloud journey, working with our AWS and Azure Cloud platforms and security toolsets. We offer a commitment to your career development through training, mentoring and internal opportunities.

What you’ll be doing

You will be the SME and lead for the technical aspects of Cloud security assurance risk and controls.  You will oversee and conduct, as necessary, Cloud Compliance assessments for AWS and Azure risk assessments, enforce cloud security policies and standards. Leading the AWS SRC workstream. Assisting the Information Security Team in ensuring HL's Information Security Management System remains effective in protecting HL critical information assets within risk appetite. Lead assurance activities against Information Security Compliance frameworks, including but not limited to: PCI, NIST, SWIFT, GDPR Conducting analysis of cloud-based assets pertaining to information security incidents, audits, and testing while adhering to best practices. Lead engagement of Cloud Audits and remediation activities. Leading in the identification and reporting of remediation and mitigation activities related to cloud security findings across multiple cloud platforms (AWS and Azure). Identifying gaps in cloud security posture and prioritise remediation efforts. Building relationships across multiple business functions, locations, and technical stakeholders to accomplish goals. You will help deliver the strategy by emphasising the importance of AWS Well Architected Framework, Shared responsibility model and good cloud governance. Delivering a best-in-class service within a high performing Security team Leading by example to create a culture of continuous service improvements

About you

Experience in a regulated environment, preferably Financial Services. Previous experience in Information/Cyber Security, with demonstrable experience of Cloud Security tooling, to reduce risks and maintain strong controls in a DevSecOps cloud context Highly organised with the ability to prioritise workload Excellent verbal and written communication skills A willingness to learn as well as to knowledge share. Effective interpersonal skills to engage and collaborate with multiple internal and external Stakeholders at all levels. Practical work-based experience across the areas of security policy, culture, audit, and risk management. Strong knowledge of common, cloud technologies, enterprise, and network architecture.

You will have minimum or similar certifications in:

AWS Certified Cloud Practitioner Certified to advanced security standards, for example CCSK, CCSP, CISSP, CRISC

Hands on demonstratable experience and knowledge of:

Carrying out security reviews against recognised security control frameworks such as CSA Cloud Control Matrix, ISO27017/27001, NIST CSF, PCI-DSS, SWIFT, AWS CAF Atlassian, IAAC Terraform, Merge Requests, GIT Ops, Git Hub, Workflow, Wiz, Security Hub, Macie, Audit Manager, Microsoft Compliance Portal/Purview, Microsoft Information Protection (AIP), Azure Security Centre. Strong experience with DevOps practices, continuous integration/continuous deployment (CI/CD) pipelines, and related tools Ability to evaluate the adequacy of cloud security controls, and how they are applied in a business context.

Interview process

The interview process for this role will be in two stages. The first stage will incorporate competency-based questions including an assessment of your technical knowledge and transferable skills. For successful candidates, the second stage will be a presentation followed by questions, face-to-face in our Bristol office.

Working Schedule

This role is based in our Bristol head office, BS1 5HL. This is a permanent full-time role, 37.5 hours per week, Monday to Friday. We have returned to the office, however for this role we offer a hybrid flexible working pattern of working in the office and at home.

Why us?

Here at HL, we’re the UK’s number 1 investment platform for private investors, based in Bristol. For more than 40 years we’ve helped investors save time, tax and money on their investments.

To achieve our mission, we believe we have a workplace like no other, with constant learning, dynamic teams, and a great ethos. We're steered by core values that promote service, quality, innovation, and opportunity in everything we do.

What's on offer?

Discretionary annual bonus*and annual pay review 25 days* holiday plus bank holidays and 1-day additional Christmas closure Option to purchase an additional 5 days holiday** Flexible working options available, including hybrid working Enhanced parental leave Pension scheme up to 11% employer contribution Income Protection and Life insurance (4 x salary core level of cover)  Private medical insurance* Health care cash plans - including optical, dental, and outpatient care Health screening programme <- confidential support including mental health counselling and remote GP Wellhub - unlimited access to fitness providers and wellness coach sessions Variety of travel to work schemes with bike storage and shower facilities Inhouse barista and deli serving subsidised coffee and sandwiches Two paid volunteering days per year

* dependant on role level

** only available to select during our annual benefits window, in November each year

Related Jobs

View all jobs

Senior Information Security Analyst

Senior Information Security Analyst - Spalding/Boston

Senior Information Security Analyst - Spalding/Boston

Senior Information Security Analyst

Senior Information Security Analyst

Senior Information Security Analyst

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Pre-Employment Checks for Cyber Security Jobs: DBS, References & Right-to-Work and more Explained

The cyber security sector in the UK stands at the forefront of protecting national infrastructure, business operations, and personal data from increasingly sophisticated cyber threats. As organisations across all sectors recognise cyber security as a critical business function, employers are implementing the most rigorous pre-employment screening processes in the technology industry to ensure they recruit professionals capable of defending against advanced persistent threats and maintaining the highest standards of security and trustworthiness. Whether you're a penetration tester, security analyst, incident response specialist, or chief information security officer, understanding the comprehensive vetting requirements is essential for successfully advancing your career in this security-critical field. This detailed guide explores the extensive background checks and screening processes you'll encounter when applying for cyber security positions in the UK, from fundamental eligibility verification to the most stringent security clearance requirements and specialised threat intelligence assessments.

Why Now Is the Perfect Time to Launch Your Career in Cyber Security: The UK's Digital Defence Revolution

The United Kingdom faces an unprecedented cyber security challenge that presents an extraordinary career opportunity. With cyber attacks increasing by 300% year-on-year and the average cost of a data breach reaching £4.24 million, Britain urgently needs skilled cyber security professionals to defend its digital infrastructure, protect citizens' data, and maintain national security in an increasingly connected world. If you've been considering a career change or seeking to future-proof your professional trajectory, cyber security represents one of the most secure, well-compensated, and socially impactful career choices available. The convergence of escalating threats, skills shortage, government investment, and regulatory requirements has created a perfect storm of opportunity that shows no signs of abating.

Automate Your Cyber Security Jobs Search: Using ChatGPT, RSS & Alerts to Save Hours Each Week

Cyber roles drop across consultancies, MSSPs, hyperscalers, banks, gov & start-ups every day—often buried in ATS portals or duplicated across boards. The fix is simple: put discovery on autopilot with keyword-rich alerts, RSS feeds & a reusable ChatGPT workflow that triages listings, ranks fit, & tailors your CV in minutes. This copy-paste playbook is built for www.cybersecurityjobs.tech readers. It’s UK-centric, practical, & designed to save you hours each week. What You’ll Have Working In 30 Minutes A role & keyword map spanning SecOps/Detection, DFIR, AppSec, Cloud Security, GRC, Red Team, Threat Intel, IAM/PAM, OT/ICS & Vulnerability Management. Shareable Boolean search strings for Google & job boards to cut noise fast. Always-on alerts & RSS feeds delivering fresh roles to your inbox/reader. A ChatGPT “Cyber Job Scout” prompt that deduplicates, scores fit & outputs tailored actions. A simple pipeline tracker so deadlines & follow-ups never slip.