Avatar for TrueLayer

Power the new era of financial innovation.

Information Security Compliance Manager

Apply now
Security is at the core of TrueLayer’s products. By championing security practices across our business, the Security team ensures TrueLayer maintains its position as the most reliable financial API platform as we grow and expand internationally.

We’re looking for an ambitious Information Security Compliance Manager to join our team and be the authority on regulatory compliance, due diligence and security processes and procedures. They will work closely with the Security team to identify gaps and influence TrueLayer’s global security strategy.

We’ll give our Information Security Compliance Manager the chance to work with colleagues hailing from leading international tech companies and consultancies. They will gain exposure to the latest technologies and security practices and entrusted with crucial responsibilities, playing a key role in our ambitious international expansion.

Who we are:

At TrueLayer, we build universal APIs that allow companies to access the financial data of their customers and facilitate direct bank payments, securely, reliably and efficiently.

Headquartered in London, we’re a small team of talented, creative problem-solvers who are working hard to build the most innovative financial technology possible. To date, we’ve raised $47M (workable.com/nr?l=https://blog.truelayer.com/today-and-tomorrow-180ef88fa4a0) from investors like Tencent, Temasek, Northzone, Anthemis, and Connect Ventures.

Our long term vision is to power the next era of financial innovation, and our short term mission is to grow the Open Banking economy.

And, we’re just getting started.

As our/one of our Information Security Compliance Manager, you will:

* Be responsible for Information Security (“IS”) regulatory compliance and alignment with standards such as ISO27001, SOC 2 Type 2 and PCI DSS;
* Work with internal and third-party security engineers to assess TrueLayer’s security posture;
* Own customer RFPs/due diligence enquiries on information security;
* Work with Compliance and Risk to manage customer and other IS risks;
* Lead our due diligence process against third-parties;
* Prepare and maintain security policies and procedures.

Requirements

What we need from you:

* 3-5 years’ experience in information security risk management and compliance
* Experience building an Information Security strategy
* Be able to communicate with our engineering teams
* Strong understanding of information security controls & ISMS standards such as ISO27001, SOC 2 Type 2 and PCI DSS
* Solid writing and verbal communication skills
* Capacity to work autonomously

Nice to haves:

* Previous experience in a similar role at a financial institution or fast-growing fintech / start-up
* Understanding of modern technology stacks, such as Cloud and continuous integration pipeline
* Working knowledge of privacy/data protection

Benefits

What you can expect from us:

As well as working alongside other friendly, passionate and talented people, you’ll also get:

* Competitive salary and meaningful equity in the company
* A lovely, spacious, natural light filled office in Clerkenwell (workable.com/nr?l=https://goo.gl/maps/nKGeDjsA7KYLBxZi9) 🏢
* 🥗🍝Team lunches on Friday 🍕🍔
* Flexible work and hours - we all work at home, or elsewhere, from time to time ⌛
* Flexible holiday policy ✈️
* Generous parental leave 👩‍👩‍👦
* An employer sponsored pension 👴🏾
* Vitality Health Insurance from day 1⚕️
* Learning & development allowance 📚
* Annual retreat 🏖️
* Regular socials 💃🏽
* Choice of hardware 💻
* (and yes we have a ping pong table 🏓)

Be your True(Layer) self at work

At TrueLayer, we choose to talk about Inclusion and Diversity [in that specific order] because we believe Diversity won’t be successful without Inclusion first.

We value our people. We celebrate multiple approaches and points of view. And we feel comfortable voicing a contrary opinion. We build teams, cultivate leaders and create a company that’s the right fit for every person in it.

As we go global, we want our team to reflect the diverse and multicultural world we live in.

We look forward to hearing from you!