Information Security Manager

What you'll do

• Create and deliver a roadmap that ensures Moneybox remains secure and is compliant with the NIST CSF, Cyber Essentials, data protection laws and industry regulations
• Craft and implement comprehensive information security policies and procedures, ensuring these are socialised and used throughout the organisation
• Maintain and deliver security awareness training programs for employees to ensure a strong security culture within the organisation
• Maintain incident response plans, ensuring the organisation is well-prepared to respond to and recover from security incidents
• Oversee the implementation of vulnerability management processes, including regular scanning and patch management to address potential vulnerabilities
• Evaluate and manage the security risks associated with third-party vendors and partners
• Develop and maintain security metrics to measure the effectiveness of the information security program.
• Provide regular reports to senior management
• Continuously assess and improve the information security program based on emerging threats, industry best practices, and the evolving needs of the organisation

Who you are

• A driven, ambitious individual who’s looking to build their career at an exciting, fast-growing company
• Have an ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements
• Be comfortable presenting in a concise manner to very senior stakeholders and able to chair committee meetings when required
• Be a self starter who is keen to get their hands dirty but also able to build a department as the role evolves
• Have an understanding of legislation and regulations that impact Information Security. E.g. Data Protection Act and GDPR, Freedom of Information Act
• Have an understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats

Experience and skills

• Have proven experience in information security management, ideally with the NIST CSF
• Have a good practical knowledge of security technologies and wider business solutions including Identity and access management, SIEM, remote working and cloud technologies
• It's desirable to have one of the following qualifications: CISSP, CISM, CRISC
• Have a good understanding of financial services and awareness of broader requirements
• Fluency in English
• Demonstrated leadership skills with the ability to collaborate cross-functionally and influence key stakeholders

What's in it for you?

• Opportunity to join a fast-growing, award-winning and super ambitious, profitable startup
• Work with a friendly team of highly motivated individuals
• Be in an environment where you are listened to and can actually have an impact
• Thriving collaborative and inclusive company culture
• Company shares
• Company pension scheme
• Hybrid working environment
• Home office furniture allowance
• Personal Annual Learning and Development budget
• Private Medical Insurance
• Health Cash Plan (cashback on visits to the dentist & opticians etc)
• Cycle to work scheme
• Gympass subscription to a variety of gyms and wellbeing apps
• Enhanced parental pay & leave25 days holiday + bank holidays with additional days added with length of service.
Plus many more