Full Job Description
ALD is uniquely positioned as an international organisation which has kept its Bristol-based family roots. We are proud to be part of the international French financial services firm, Société Générale, and to uphold the highest ethical and regulatory standards.

We are the leading vehicle leasing operation in Europe, managing over 1.6 million vehicles across 43 countries. Within the UK, ALD has a portfolio of over 150,000 leased and fleet managed vehicles, and is a market leader in innovation and service quality. A fully owned subsidiary of Société Générale we are global leaders in mobility solutions providing full service leasing and fleet management services, Ranked #3 Worldwide and #1 in Europe by number of contracts under management.

Through our Move 2025 strategy, we will become the global leader in our industry. That means investing in innovation and technology, sustainable solutions, state of the art digital capability and OF COURSE OUR PEOPLE!

If you come to work for ALD, you’ll be part of this exciting journey (take out if internal advert)
Are you looking to take the next step in your career?
Are you looking for an exciting challenge, with plenty of growth opportunity

Information Security refers to the processes and methodologies involved with keeping information systems confidential, available, and assuring their integrity. The Information Security department is key in maintaining all domains related to the risk of confidentiality, availability and integrity. These domains include, but are not limited to, the ALD Information Security processes for incident management, digital fraud, cyber security, governance, risk management, risk reporting, continuity management, and other essential services.

A growing team we’re currently seeking an additional team member, for a 12 Month Fixed Term with responsibilities, criteria and key purpose indicated below:

Summary of the key purposes

To develop, manage and promote best practice in all aspects of Information Security at ALD Automotive.
To add value to the Technology department and to the wider business through the definition and implementation of the internal control policy, frameworks and process management.
To promote a risk based approach to systems use and software development in order to deliver stable, secure solutions.
Summary of responsibilities

Provide technical subject matter expertise, security standards and define security tools, systems and solutions.
Work closely with enterprise architects, solution architects, technical architects and other senior IT designers to ensure services are ‘Secure by Design’ – with specific focus on software development. • Produce and maintain documentation for minimum security standards.
Produce and maintain documentation for a secure development lifecycle.
Provide IT teams with security focused technical consultancy to ensure compliance with security policies, standards and regulations.
Providing technical oversight and review of designs being primarily defined by developers / engineers in their area of speciality – with specific focus on software development.
Produce and disseminate management information in relation to security technical assurance of projects and all associated solutions.
Management of Security projects where required.
Provide clear guidance and education to the business as to group policies, legal requirements and procedures in place relating to Security issues.
Promote best practice in relation to Security.
Liaise with parent company on all matters relating to Information Security on a timely basis.
Support the business in advising on key Information Security changes.
Contribute to the ongoing maturity of the IT applications and infrastructure within the business.
Essential Criteria

Excellent written, verbal, report writing and presenting skills.
Excellent time management, planning, and organisational skills.
Demonstrable Cyber / Information Security knowledge and experience. • Good understanding of Risk Management and Security assessments within an IT or Security environment.
Good understanding of Information Technology and software development vulnerabilities and risks.
Experience of managing multiple streams of work.
Knowledge of secure software development lifecycles and software security vulnerabilities.
Awareness of threat modelling techniques.
Awareness of secure software frameworks and guidelines such as OWASP, and NIST.
A passion for detail and accuracy.
An ability to analyse complex problems and understand root causes.
Articulate, with the ability to explain things in non-technical language at all levels.
Self-motivated with a desire to learn about new and evolving technologies, and associated Security threats, by seeking out resources to support personal development.
What we can offer…..

Generous contributory pension scheme
25* days holiday, in addition to Bank Holidays
Volunteering days to assist in charity work / CSR Initiatives
An excellent CSR agenda – Ecovadis certification
Flexible working options available
Study leave where applicable
Enhanced parental leave
Occupational Health Programme
Introduction Bonuses for referring an Employee or Customer
Access to LinkedIn Learning / time towards to your CPD
Cycle2work Scheme
EV charging points, bike storage, shower & changing facilities and car parking
Progressive / collaborative culture
If you’re excited about the prospective of working with us and have most of the skills or experience we’re looking for, please go ahead and apply. You could be just what we need!
Studies have shown that women and people of colour are less likely to apply for an opportunity unless they exactly meet the criteria specified.

At ALD Automotive we are committed to building a diverse, inclusive, enjoyable and authentic workplace so if you are excited about this, or any role at ALD but your experience doesn’t exactly align, we’d encourage you to apply regardless! What’s the worst that can happen?!