Security Compliance Officer
Published: yesterday
Thought Machine
Thought Machine is building technology to revolutionise banking
Job Location
Job Type
Full TimeVisa Sponsorship
Not AvailableRelocation
AllowedSkills
Compliance
Iso 27001
Hiring contact
Alex DuffyThe Role
Thought Machine is looking for highly talented individuals to help grow the company and achieve our ambitious goal. We prides ourselves on having an excellent internal culture, where we strive hard to create the best possible working environment; a healthy mix of great technical work, fast pace, supportive atmosphere, and of course our irreverent sense of fun.
Thought Machine hires team members of excellent calibre in every role. While a lot will be asked of you, you will benefit greatly from working in a world class team, with colleagues who excel. Working at Thought Machine is fast paced and team oriented with an emphasis in delivering the highest quality work in every role.
Thought Machine Information Security team is developing an ISO 27001:2013 ISMS framework that enables agile business operations and engineering practices.
Thought Machine operates within several other standards and legislative domains, including GDPR and banking industry regulations.
You would be involved in the running and growth of these frameworks and associated processes to the certifications obtention and maintenance.
You will take a pragmatic approach to security and host a wealth of information security experience with a heavy focus on ISMS/governance/data protection and banking industry regulations.
DUTIES:
Developing a suitable ISMS framework to achieve ISO 27001:2013 certification.
Maintaining and updating ISMS documentation and processes; based on new legislation, Gap Analysis/risk assessment or audit findings.
Performing Gap Analysis between the Thought Machine ISMS and standards/legislation that are, or will be adopted by Thought Machine.
Plan and conduct audits and risk assessments, both against compliance and legislative requirements; as well as internal audits and compliance checks against company policies.
Responding to third party security documentation requests, including contract reviews.
Developing and delivering internal training materials.
Understanding of global security and data privacy standards
Developing, delivering and maintaining a KRI reporting suite for Information Security Risks.
Build and maintain a regulatory road-map for incoming regulatory change and identify any key requirements for Thought Machine to consider
REQUIREMENTS
In-depth Knowledge and implementation experience of Information Security processes and approaches; including a strong working knowledge of PCI:DSS, ISO 27001:2013, and related standards; and privacy regulations, such as the EU GDPR and Data Protection Act.
Knowledge and understanding of the current banking regulatory landscape and key regulatory initiatives (e.g. PSD2, GDPR)
Regulatory change project delivery experience within a management consultancy or an internal change function in the banking industry
Experience in a related information security role, with proven ability to engage with customers and senior management.
Experience with writing and updating Information Security Policy documentation.
Experience performing Risk assessment / gap analysis and proposing suitable documentation and process changes to meet identified requirements.
Experience in working on regulations and compliance in financial or legal services.
Strong English communication and documentation writing skills.
Sound technical Understanding of devops model
BENEFITS
Competitive salary
Share options
Pension
Healthcare (including dental & optical)
Other perks like sports clubs, healthy (and sometimes not so healthy) snacks, tea and coffee
A talented & experienced team as your colleagues
An environment where you can learn and progress
Friday team wrap up with drinks and food!
Thought Machine hires team members of excellent calibre in every role. While a lot will be asked of you, you will benefit greatly from working in a world class team, with colleagues who excel. Working at Thought Machine is fast paced and team oriented with an emphasis in delivering the highest quality work in every role.
Thought Machine Information Security team is developing an ISO 27001:2013 ISMS framework that enables agile business operations and engineering practices.
Thought Machine operates within several other standards and legislative domains, including GDPR and banking industry regulations.
You would be involved in the running and growth of these frameworks and associated processes to the certifications obtention and maintenance.
You will take a pragmatic approach to security and host a wealth of information security experience with a heavy focus on ISMS/governance/data protection and banking industry regulations.
DUTIES:
Developing a suitable ISMS framework to achieve ISO 27001:2013 certification.
Maintaining and updating ISMS documentation and processes; based on new legislation, Gap Analysis/risk assessment or audit findings.
Performing Gap Analysis between the Thought Machine ISMS and standards/legislation that are, or will be adopted by Thought Machine.
Plan and conduct audits and risk assessments, both against compliance and legislative requirements; as well as internal audits and compliance checks against company policies.
Responding to third party security documentation requests, including contract reviews.
Developing and delivering internal training materials.
Understanding of global security and data privacy standards
Developing, delivering and maintaining a KRI reporting suite for Information Security Risks.
Build and maintain a regulatory road-map for incoming regulatory change and identify any key requirements for Thought Machine to consider
REQUIREMENTS
In-depth Knowledge and implementation experience of Information Security processes and approaches; including a strong working knowledge of PCI:DSS, ISO 27001:2013, and related standards; and privacy regulations, such as the EU GDPR and Data Protection Act.
Knowledge and understanding of the current banking regulatory landscape and key regulatory initiatives (e.g. PSD2, GDPR)
Regulatory change project delivery experience within a management consultancy or an internal change function in the banking industry
Experience in a related information security role, with proven ability to engage with customers and senior management.
Experience with writing and updating Information Security Policy documentation.
Experience performing Risk assessment / gap analysis and proposing suitable documentation and process changes to meet identified requirements.
Experience in working on regulations and compliance in financial or legal services.
Strong English communication and documentation writing skills.
Sound technical Understanding of devops model
BENEFITS
Competitive salary
Share options
Pension
Healthcare (including dental & optical)
Other perks like sports clubs, healthy (and sometimes not so healthy) snacks, tea and coffee
A talented & experienced team as your colleagues
An environment where you can learn and progress
Friday team wrap up with drinks and food!
More about Thought Machine
Similar Jobs
Wandera
Secure Mobile Gateway
Happyguest London
Shortlet property management
Dart Technologies
Smart infotainment for connected cars
Geomiq
Revolutionising Manufacturing
Pulse
Transforming healthcare by creating remarkable experiences for doctors and patients
Finimize.com
Finimize empowers our users to become smarter investors
Zipcube.com
online marketplace for meeting rooms and venues
Cleo
An AI assistant for your money
Sharify App
The Social Network to share real life, in real-time