Avatar for Thought Machine Group Limited

Thought Machine is building technology to revolutionise banking

Security Compliance Officer

Apply now
Thought Machine is looking for highly talented individuals to help grow the company and achieve our ambitious goal. We prides ourselves on having an excellent internal culture, where we strive hard to create the best possible working environment; a healthy mix of great technical work, fast pace, supportive atmosphere, and of course our irreverent sense of fun.

Thought Machine hires team members of excellent calibre in every role. While a lot will be asked of you, you will benefit greatly from working in a world class team, with colleagues who excel. Working at Thought Machine is fast paced and team oriented with an emphasis in delivering the highest quality work in every role.

Thought Machine Information Security team is developing an ISO 27001:2013 ISMS framework that enables agile business operations and engineering practices.

Thought Machine operates within several other standards and legislative domains, including GDPR and banking industry regulations.

You would be involved in the running and growth of these frameworks and associated processes to the certifications obtention and maintenance.

You will take a pragmatic approach to security and host a wealth of information security experience with a heavy focus on ISMS/governance/data protection and banking industry regulations.


Developing a suitable ISMS framework to achieve ISO 27001:2013 certification.
Maintaining and updating ISMS documentation and processes; based on new legislation, Gap Analysis/risk assessment or audit findings.
Performing Gap Analysis between the Thought Machine ISMS and standards/legislation that are, or will be adopted by Thought Machine.
Plan and conduct audits and risk assessments, both against compliance and legislative requirements; as well as internal audits and compliance checks against company policies.
Responding to third party security documentation requests, including contract reviews.
Developing and delivering internal training materials.
Understanding of global security and data privacy standards
Developing, delivering and maintaining a KRI reporting suite for Information Security Risks.
Build and maintain a regulatory road-map for incoming regulatory change and identify any key requirements for Thought Machine to consider

In-depth Knowledge and implementation experience of Information Security processes and approaches; including a strong working knowledge of PCI:DSS, ISO 27001:2013, and related standards; and privacy regulations, such as the EU GDPR and Data Protection Act.
Knowledge and understanding of the current banking regulatory landscape and key regulatory initiatives (e.g. PSD2, GDPR)
Regulatory change project delivery experience within a management consultancy or an internal change function in the banking industry
Experience in a related information security role, with proven ability to engage with customers and senior management.
Experience with writing and updating Information Security Policy documentation.
Experience performing Risk assessment / gap analysis and proposing suitable documentation and process changes to meet identified requirements.
Experience in working on regulations and compliance in financial or legal services.
Strong English communication and documentation writing skills.
Sound technical Understanding of devops model

Competitive salary
Share options
Healthcare (including dental & optical)
Other perks like sports clubs, healthy (and sometimes not so healthy) snacks, tea and coffee
A talented & experienced team as your colleagues
An environment where you can learn and progress
Friday team wrap up with drinks and food!

More jobs at Thought Machine Group Limited

View all jobs

Back End Developer (Python / Go)

Apply now

Front End Engineer

Apply now

Site Reliability Engineer (SRE)

Apply now