Junior Information Security Officer

Role: Junior Information Security Officer

Title: Junior

Salary Range: £25k - £30k, dependent on experience

Position Type: Permanent and full-time

Manager: Senior Privacy Programme Manager

Ideal Start Date: ASAP**No. More. Paper. Receipts**

At Flux, we think it's insane that paper receipts still exist when the rest of the payment process is digital. Paper receipts are non-recyclable, consume oil, trees, and water, and they don’t fit into the digital lifestyle that we currently have - so we’re on a mission to eradicate them once and for all. We work with banks and retailers across the UK to create digital receipts that are delivered straight into your banking app.

We’re looking for an organised and diligent Junior Information Security Officer to help us prepare for and manage regular audits and certifications renewals. You will support the business in maintaining our BSI and other standard setting bodies to ensure that as a company we go into audits prepared. Post audit this role will also be responsible for tracking and following up on actions.

In the longer term, the world is your oyster There are many directions that this role can develop, with a specific focus on information security and ensuring the business meets its obligations continuously. As an early hire you will have the opportunity to define and grow your own role - whether you want to change processes or implement new processes, it’s your call. We’re passionate about making Flux an incredible place to work and see your role as a crucial part of that journey.
**What you’ll be doing on a day-to-day basis**
- Look after resources needed for an ISO27001 Audit
- Schedules annual certifications (ISO, Cyber Essentials Plus, FCA Audit)
- Prepare resources and people for a certification audits
- Ensures our risk management documentation and registers are up to date and actions are followed up with the responsible parties internally
- Can eventually manage our internal ISO Audits
- Monitors remediation measures and ISO requirements and non conformities
- Support our regular reporting to be submitted to the FCA
- Supports our FCA audit requirements and carries out any required remediation
- Looks after any further certifications (in case we get PSP licence or something in the future)
- Bring together everyone involved in audits to make sure audits go as smoothly as possible.

**Tools we use**:

- We make extensive use of contract management software such as Juro and Docusign
- We use Slack, Notion, and Trello to manage communication and work
- MacOS, MS Office, and Google Suite
- We are open to adopting new tools and technologies to further enhance our effectiveness and are currently in the process of implementing a new compliance management system.

**Diversity**

Technology drives a lot of our day to day lives and the under-representation of minority communities in the Technology sector is concerning at best and discriminatory at worst. Our interview process will never disadvantage anyone on the basis of race, age, gender, sexual orientation, disability, religious affiliation or family situation. Digitising the world’s receipt data means building a company with products that works for everyone including those in under-represented communities and the only way we can achieve this is by building a diverse team.
**Our Interview Process**
- Interview with Talent Team
- Compliance Interview with Compliance Team
- Team Interview with Customer or Tech Teams
- Interview with a member of our SLT

**Requirements**:
**We want to hear from you if you have**
- Experience with obtaining and renewing Information Security certifications including ISO27001. Experience of CyberEssentials is also beneficial
- Experience of managing ISO audits and understanding of the fundamental requirements of ISO27001 as well being able to recommend the best practice process
- The ability and confidence to manage and remedy any ISO nonconformities that an audit may highlight
- Experience working for an FCA regulated company and the associated responsibilities to remain FCA compliant
- An awareness and understanding of the full range of responsibilities that encompasses compliance and how this role can best interesting with the wider compliance processes in the company
- Passion about working in a dynamic start up environment
- The ability to be a quick learner who can adapt to this high paced environment and will be ready to make an impact in a matter of days as opposed to months.
- Have impeccable attention to detail in your written English

It would amazing if you also had
- Experience maintaining and/or supporting ISO27001 standards at a start up
- Experience with Fintech and Data Protection.

**Benefits**
**Compensation**
- £25k - £30k, dependent on experience
**Benefits**
- 36 Holidays (inc Bank Holidays)
- Equity: EMI share options
- Macbook Pro and additional set up
- Flux Club - £100 a month at any Flux retailer
- Personal Development Fund - £1,200 pe