Senior Information Security Officer
Fast growing FinTech / Tech Scale Up seeking to expand their security team and urgently require a contractor Senior Information Security Officer.
An exciting role with huge scope
What you’ll be doing day to day:
- Leading the development and maintenance of the Information Security Policy Framework in line with risk appetites, relevant legislation and industry standards
- Maintaining compliance with our security certification and accreditations (ISO27001, SOC1, SOC2), and managing audit activities in assessment of control design and effectiveness
- Conducting Information Security risk assessments across the technology stack and physical locations, and participating in the end-to-end Risk Management process
- Providing InfoSec advice and guidance when responding to legal and compliance requirements and new initiatives
- Maintaining a good understanding of the existing and emerging threat landscape
- Leading the response to Security Incidents and Vulnerabilities
- Leading the assessment and completion of Information Security questionnaires and InfoSec diligence activities for existing customers and new prospects
- Working closely across the organisation to ensure compliance with security policies and the promotion of a strong Information Security culture
We’d love to hear from you if you have the following,
- 5+ years of experience in Information Security in an equivalent role
- Relevant industry certifications such as CISSP, CISM, CRISC, etc.
- Experience with maintenance of an established ISMS and retention of security accreditations such as ISO27001, SOC1 and SOC2
- Experience with Information Security Risk and Incident Management
- Experience with managing Information Security assessments from 3rd parties and conducting similar on service providers/vendors
Bonus points if you have any of these:
- Experience in the Financial Services or other similarly regulated industry
- Experience with cloud computing & DevOps environments, container based technologies and associated controls and standards
- Experience with security tools such as vulnerability scanners, web content filters, intrusion detection, SIEM, etc.
- Knowledge of JIRA and Confluence
4 month contract