Information Security Governance, Risk and Compliance Manager
2 months ago
The Role
Compliance Oversight
Ensure compliance with the Security aspects of applicable laws, regulations, and industry standards including ISO 27001, SOX, PCI DSS, Data Protection. Maintain and continuously improve our ISO 27001 Information Security Management System, ensuring it is effective and well embedded across the business. Lead all internal and external auditing activities, including facilitating audits and delivering your own audits. Develop and maintain pragmatic and relevant security policies and procedures.Security Risk and Control Management
Develop, implement, and maintain comprehensive security risk management processes to ensure security risks are effectively identified, assessed and managed. Identify, evaluate, monitor and drive accountability for security risk mitigation and control compliance across all the business. Collaborate closely with our Risk team to ensure alignment to our Enterprise Risk Management framework and requirements. Monitor and analyse emerging threats and trends to proactively identify and adjust security risks and appropriate controls.Third Party Security
Mature our third-party security risk management capabilities, ensuring third-parties are adequately assessed and adhere to our standards. Propose and ensure deployments of security measures to minimise third party risk. Ensure the satisfactory completion of due diligence requests from third parties including customers and partners. Collaborate with our Privacy and Legal teams to negotiate security terms in vendor and customer contracts, ensuring they protect the needs of the business.Other
Contribute to the successful execution of the Security strategy, owning the delivery of risk and compliance aspects. Drive continuous improvement to streamline and mature our processes, working cross-functionally with key stakeholders. Communicate security, risk, and compliance initiatives, and outcomes to senior leadership, the broader organisation and external stakeholders. Develop and provide frequent reports on our security risk and compliance profile to key stakeholders.REQUIRED SKILLS & EXPERIENCE
Who you are:
An experienced, self-starter who strives for continuous improvement, bringing solutions to the table and taking ownership for delivery. Able to operate with high levels of autonomy and build or adapt processes, rather than rely on pre-existing ones. Able to hold others accountable to their responsibilities and influence through encouragement and conveying the value of risk and compliance. Views security as an enabler, promoting a positive mindset around security, but able to be firm when needed. Empathetic to competing priorities, able to disagree and commit, and remain resilient. Technology minded without needing to be a deep expert. An understanding of software development practices and cloud environments, able to understand and build credibility with highly technical teams (e.g. IT, Engineers, Product). Able to develop and deliver reporting at an Exec level with the confidence to call out deficiencies in a constructive manner.What you’ll bring:
Extensive experience overseeing risk and compliance activities, including leading the maintenance and improvement of ISO 27001 certified ISMS. Deep understanding of risk management practices and experience driving risk culture. Expertise in applicable laws, regulations and standards including Data Protection Laws, SOX, ISO 27001, SOC 2 and NIST. Relevant certifications in cybersecurity, GRC, or related areas is desirable (e.g., CISM, CISSP, Lead Auditor). Experience in a technology and software engineering led organisation working with Agile methodologies is desirable.What’s in it for you?
As well as a competitive salary and annual leave allowance, our benefits include health insurance, skills training and much more, depending on the location. We also offer a host of softer benefits, including many social events throughout the year such as summer and winter holiday parties, monthly team building events, sports tournaments, charity days and wellbeing activities.
How we work
We have adapted a forward-thinking ‘Ways of Working’ framework, which sets out (amongst other things) the opportunities for Geniuses to work flexibly, remotely and on working holidays. It affects different teams and locations differently, so please ask for further information in how it would work with this role.
Our employees are empowered to stretch the boundaries of what’s achievable, always reaching further and pushing the edges to see what gives. We collaborate, we innovate, and we celebrate. We will continue to grow as an organisation and continue to invest in our highly talented and diverse team of Geniuses.
-
Information Governance Trainee
1 week ago
London, United Kingdom Information Governance Services Full time**Immediate Start** **A little about us**: We are a consultancy firm that cares deeply about each and every client, this attitude has enabled us to call some of the world’s leading institutions as our current and past clients. Currently our consultants all have legal backgrounds (barristers, solicitors, legal executives or law graduates, but this is not...
-
Information Governance Trainee
5 days ago
London, United Kingdom Information Governance Services Full time**About us** We are agile, engaging and collaborative. Our work environment includes: - Growth opportunities - Work-from-home days - **About the Role** **Key duties and responsibilities**: - Support the Lead Consultant and/or Consultants to complete client work; - Work well under instructions and within agreed timelines; - Conduct research and interpret...
-
Information Security Analyst
5 days ago
London, United Kingdom ASOS Full timeWe're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions. Through our Fashion with Integrity strategy we are driving diversity,...
-
Information Security Analyst
2 weeks ago
London, United Kingdom ASOS Full timeWe're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions. Through our Fashion with Integrity strategy we are driving diversity,...
-
Information Security Analyst
5 days ago
London, United Kingdom ASOS Full timeWe're ASOS. We blend our flair for fashion with our love of cutting-edge technology, but more importantly were interested in how we can bring the best out of you. At ASOS, you're free to be your true self without judgment, and channel your creativity into a platform used by millions. Through our Fashion with Integrity strategy we are driving diversity,...
-
Information Security Analyst
7 days ago
London, United Kingdom LHV Bank Full timeLHV Bank, a fully licensed UK bank, specialises in Banking Services for global fintechs and SME Lending solutions for UK businesses. The SME Lending division offers commercial real estate investment loans and trading loans from £0.As a leading Banking Services provider, LHV Bank delivers a wide range of services, including real-time multi-currency payments,...
-
Information Security Analyst
7 days ago
London, United Kingdom LHV Bank Full timeLHV Bank, a fully licensed UK bank, specialises in Banking Services for global fintechs and SME Lending solutions for UK businesses. The SME Lending division offers commercial real estate investment loans and trading loans from £0.As a leading Banking Services provider, LHV Bank delivers a wide range of services, including real-time multi-currency payments,...
-
Information Security Analyst
5 days ago
London, United Kingdom LHV Bank Full timeLHV Bank, a fully licensed UK bank, specialises in Banking Services for global fintechs and SME Lending solutions for UK businesses. The SME Lending division offers commercial real estate investment loans and trading loans from £0.As a leading Banking Services provider, LHV Bank delivers a wide range of services, including real-time multi-currency payments,...
-
Information Security Analyst
5 days ago
London, United Kingdom LHV Bank Full timeLHV Bank, a fully licensed UK bank, specialises in Banking Services for global fintechs and SME Lending solutions for UK businesses. The SME Lending division offers commercial real estate investment loans and trading loans from £0.As a leading Banking Services provider, LHV Bank delivers a wide range of services, including real-time multi-currency payments,...
-
Information Security, Governance, Risk and
3 weeks ago
London, United Kingdom ASOS Full timeCompany Description We're ASOS. We blend our flair for fashion with our love of cutting - edge technology, but more importantly were interested in how we can bring the best out of you. We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and...
-
Information Security, Governance, Risk and
3 weeks ago
London, United Kingdom ASOS Full timeCompany Description We're ASOS. We blend our flair for fashion with our love of cutting - edge technology, but more importantly were interested in how we can bring the best out of you. We exist to give people the confidence to be whoever they want to be, and that goes for our people too. At ASOS, you're free to be your true self without judgment, and...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeJob DescriptionInformation Security Governance LeadLocation: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeInformation Security Governance Lead Location: London, UK Reporting to: Director of Security & Trust Basic + Bonus + Share options + Benefits As an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeInformation Security Governance LeadLocation: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique opportunity to...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeJob Description Information Security Governance Lead Location: London, UK Reporting to: Director of Security & Trust Basic + Bonus + Share options + Benefits As an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role...
-
Information Security Governance Lead
2 weeks ago
London, United Kingdom Stott and May Full timeInformation Security Governance LeadLocation: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique opportunity to...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeInformation Security Governance LeadDo not pass up this chance, apply quickly if your experience and skills match what is in the following description.Location: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team,...
-
Information Security Governance Lead
2 weeks ago
London,, UK, United Kingdom Stott and May Full timeInformation Security Governance LeadLocation: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique opportunity to...
-
Information Security Governance Lead
3 weeks ago
London, United Kingdom Stott and May Full timeInformation Security Governance LeadDo not pass up this chance, apply quickly if your experience and skills match what is in the following description.Location: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team,...
-
Information Security Governance Lead
3 weeks ago
london, United Kingdom Stott and May Full timeInformation Security Governance LeadLocation: London, UKReporting to: Director of Security & TrustBasic + Bonus + Share options + BenefitsAs an Information Security Governance Lead, you will be an integral part of the Security & Trust Team, driving the implementation of industry standards and best practices. This hands-on role offers a unique opportunity to...