26 Oct
Open GI
Worcester
Job description
It is our vision to connect the insurance community through market-leading technology. Our people are placed at the heart of this, and diversity, equity and inclusion are central to everything we do.
We know the key to achieving success is to enable a positive, inclusive, and collaborative working culture, and, as part of our commitment, we have signed up for a number of pledges and programmes designed to support and nurture our people.
No matter where you sit or which team you are a part of, we want you to know that you contribute in helping us to shape where the company will be in the future.
We would love for each employee to be able to talk with pride about our company and, most importantly,
consider Open GI to be an inclusive, fun and fulfilling place to work.
To support Open GI’s cyber and data protection initiatives and develop processes to enhance Open GI’s overall security posture.
Work closely with the cyber and data protection officer and other departments to ensure the confidentiality, integrity, and availability of data.
Respond positively to customer requests for information and perform due diligence of Open GI’s own partners and suppliers, and Open GI’s alignment to its own policies and baseline controls.
Key responsibilities
- Act as a first point of contact for responding to cyber security or data protection customer assessments or requests for information, including internal customers such as account managers or support teams.
- Create, maintain, and contribute to a pool of knowledge (multiple business areas) for use in due diligence requests and RFI / RFP requests, improving the turnaround of new business requests, or periodic customer audits.
- Perform and manage assessments of control measures for cyber, data protection, business continuity, and other controls such as sanctions, modern slavery, or ESG controls to Open GI’s partners, suppliers, or vendors.
- Maintain and manage a schedule of policy reviews and updates, including regulatory or legal requirements, such as modern slavery statements.
- Maintain a register of sub-processors or material sub-contractors processing data on behalf of Open GI, and work with Legal and Data Protection to ensure that all necessary notices are up to date and displayed in line with regulatory and contractual requirements.
- Work with the Data Protection Officer to continually develop and maintain Open GI’s record of processing activities (ROPA)
in clear line with the regulatory requirements of the UK and EU GDPR.
- Work with required parties and the data protection officer to assist with the management and reporting of security or data protection incidents, such as collating event activities, timelines, and control measures.
- Act as the first point of contact for ensuring that data protection impact assessments (DPIA’s) are initiated and progressed for all group companies where risks are present, seeking final approval from the DPO and wider working groups.
- Assist with planning and testing of business continuity or disaster recovery plans and ensure that supporting policies are maintained, and that the security of systems and data are preserved throughout testing.
- Perform scheduled group wide department independent assessments to determine the current cyber and data protection control alignment with our agreed baseline.
- Maintain a schedule of external penetration tests and internal vulnerability tests liaising between targeted departments or platforms, the CISO / DPO, and the external testing vendor.
Ensure that a programme of agreed testing is established and adhered to and assist with budgeting of tests, including reporting.
- Reasonably assist the legal team with information collection as required for contractual clauses and other such matters.
- Perform any other duties that are reasonably required from time to time.
Qualifications
- Formal qualifications such as a relevant degree of ISTQB Foundation certification (advantageous).
- Agile qualifications (advantageous)
- Microsoft Azure accreditation (advantageous)
Experience
- 5 years+ of experience in a senior QA Management role
- Strong test automation application experience
- Excellent experience in Non-functional testing techniques
- Demonstrable experience of working directly with development teams
- Experience of working in Financial and insurance industries
- Experience of working with and managing dedicated offshore teams
- Experience in writing test harnesses to facilitate manual testing.
- Commercial experience in a software testing environment.
- Broad understanding of QA tools and industry best practices
Skills and Aptitudes
- Willingness to use and improve the use of software tools which automate or assist any part of the testing process,
execution of tests and test reporting functions.
- String leaning toward collaboration and ability to delegate
- Ability to represent the company in a positive and professional manner when interfacing with customers. Excellent telephone manner is required.
- A commitment to quality and a thorough approach and strong attention to detail.
- Calm and level-headed, works well under pressure.
- MS Office Suite proficiency required.
- Consistent information gathering and documenting.
- Tenacity able to keep on digging.
- Intuition, initiative, drive, and a strong desire to succeed.
- Ability to work as part of a team as well as independently.
- Strives to continuously develop and improve own skills and knowledge.
- Willingness to take on new tasks / duties to achieve Job Summary objectives.
- Strong test planning skills.
- The ability to consistently deliver to tight deadlines.
Mission and Values
Our mission is to be both the Technology Partner and Employer of choice for the UK General Insurance Market. Our values are central to this vision, as they represent how we collaborate to continually deliver for our customers :
- Accountability : We own our actions and shape our success on the results we deliver
- Innovation : We tackle challenges with fresh thinking and bold ideas
- Teamwork : We work together, recognising we can’t do this without each other
- Trust : We build trust on integrity, transparency and respect
We are looking for an individual who embraces our values in their actions,
decisions, communications and processes to inspire positivity and, ultimately, exceptional performance.
Benefits package
- Competitive salary depending on skills and experience
- Company pension
- Bonus opportunity
- Life assurance and critical illness cover
- Cycle to work scheme
- Perkbox an exclusive platform offering a wide range of discounts and benefits
- Holiday entitlement of 25 days per annum pro-rata, increasing to 26 days per annum after three years of service & a holiday purchase scheme
- A hybrid approach to work, with office attendance typically required twice per month.
- Opportunity for a more flexible approach to start, finish, and lunchtimes to allow you to better manage events outside of work
- Social clubs - whether you’re into your cycling, crafts, or other hobbies, we have a number of groups at Open GI where individuals who enjoy the same pursuits can get together
- Wellbeing wills at work scheme, employee assistance programme and mental health first aiders
Please note that this role will be based in our Worcester office and we are looking for candidates who are currently based within a 50-mile radius of the office.
To apply for this role please fill out the application form and send us your CV.
▶️ Information Security and Data Protection Analyst
🖊️ Open GI
📍 Worcester