End User Services - Security Compliance Lead (S&R Consultant)

In the role of Security Compliance Lead, you will safeguard Nationwide’s endpoint technology and oversee vulnerability patching compliance for our Release & Protect function. You will lead daily meetings with cross-community teams, monitor metrics, and develop plans to maintain operational compliance. You will be responsible for regulatory compliance and fostering a culture of security awareness alongside the delivery and maintenance of strict SLAs and KPIs. Importantly, a key part of the role will be managing relationships with both Senior Managers and Team members alike. End User Services (EUS) is responsible for the delivery and support of all the Society's end user technology. This includes laptops; physical and virtual desktops; mobile phones & tablets; audio & video conferencing technologies; operating systems and software. We empower our colleagues to provide a brilliant experience by ensuring their endpoint is fit-for-purpose, to seamlessly perform their duties and keep Nationwide’s data safe, enabling them to focus on customer outcomes from start to finish. Working in EUS as a Security Compliance Lead, you’ll be a senior member of a small team that is responsible for security compliance oversight of our end user devices. We are happy to consider flexible working approaches to help you perform at your best. At Nationwide we offer hybrid working wherever possible. More rewarding relationships are supported through our hybrid approach, bringing colleagues together across our UK wide estate, whilst also supporting generous access to home working. We value our time in the office to solve problems, to learn, and to feel connected. For this job you'll spend at least two days per week, or if part time you'll spend 40% of your working time, based at our Swindon office. If your application is successful, your hiring manager will provide further details on how this works. You can also find out more about our approach to hybrid working here . What you'll be doing Working in our Release & Protect team, you will be responsible for promoting a robust Security culture across our teams and organisation. A typical day will include evaluating, prioritising and reporting on vulnerabilities that impact our endpoint devices. This will include coordinating appropriate treatments to ensure security compliance is achieved and maintained. Occasionally, you may support the investigation and resolution of Threat Incident Management responses. The security landscape is constantly evolving. Working within your team and the wider function, you will actively identify and deliver the continual improvement of our processes and measures, providing advice to our change delivery teams to maintain hardened controls. Drawing on previous experience, you will monitor and leverage Continuous Improvement for new and existing threats and regulatory change. This will include overseeing the development of security policies and their associated processes, helping to govern our security controls whilst keeping the end user experience at the forefront of your mind. You will be asked to facilitate action plans for audits conducted by internal and external auditors, overseeing risk assessments and remediate any non-conformities. About you A good working knowledge of Cyber Security and Information Assurance, with the ability to demonstrate understanding of governance, compliance and risk from different perspectives, including Security and Operational risk. You will possess IT Security expertise in endpoint security, underpinned by relevant certifications, for example ISO 27001 and Security (Plus) or equivalent. An advocate for security best practice and with a curious mindset, you will possess a deep industry understanding of Security threat vectors and be able to describe these as risks (impact/likelihood). Demonstrating excellent communication skills, you can interpret and present complex information into plain language. Self-motivated, you’ll be able to translate risks & issues into action plans and roadmaps and be comfortable managing stakeholder expectations at all levels. You will have experience leading small teams of multi-disciplined people to meet our organisational goals. Our customer first behaviours put customers and members at the heart of how we work together. They are the set of behaviours that every colleague needs to display, in every role: Feel what customers feel - We step into our customers’ shoes, using their feedback and insights to empathise with them and to understand their needs, so that every decision we make starts and finishes with our customers in mind Say it straight - We are brave in speaking out and saying what we think – we’re honest and direct with good intent, openly sharing diverse perspectives to reach the best conclusions and using language everyone can understand Push for better - We don’t settle for mediocrity, we challenge the status quo, taking responsibility for continuous improvement and personal development Get it done - We prioritise what will have the greatest impact, we are decisive, and we take accountability for delivering brilliant customer outcomes. You can strengthen your application by showing how our customer first behaviours resonate with you, and where you may have already demonstrated these. The extras you'll get There are all sorts of employee benefits available at Nationwide, including: A personal pension – if you put in 7% of your salary, we’ll top up by a further 16% Up to 2 days of paid volunteering a year Life assurance worth 8x your salary A great selection of additional benefits through our salary sacrifice scheme Wellhub – Access to a range of free and paid options for health and wellness. Access to an annual performance related bonus Access to training to help you develop and progress your career 25 days holiday, pro rata

Location: Swindon, GB

Posted Date: 5/23/2025