- Apraksts
- Pamatinformācija
- Uzņēmums
Requirements for candidates
- Strong background implementing and managing security and regulatory frameworks including ISO27001, PCI DSS, Cyber Essentials, GDPR/DPA
- Data Loss Prevention tools/technologies, data discovery & classification, policies & procedures
- Strong understanding of IT infrastructure, architecture, and information security.
- Knowledge of security tools & technologies within a large & complex environment including anti-malware / EDR, SIEM, DLP, etc.
- Background in security governance of a company including security audits/assessments, reporting, and defining and implementing improvement roadmaps
- Experience in defining and implementing data governance projects within organisations, setting out plans and strategies for data discovery, classification, retention, and disposal.
- Experience in implementing security solutions across growing cloud environments and infrastructure.
- Minimum three years experience in an Information Security role.
Good, practical knowledge of information security and privacy standards, regulation & legislation - Relevant information security professional certification(s) desirable (or willing to obtain these) such as CISSP, CISM and CIISec membership.
- Ability to understand business drivers and risk appetite and align information security compliance accordingly.
Job description
Clear Junction is a global payments company, licensed and regulated by the FCA in the UK, that offers regulated end-to-end payments solutions based on proprietary in-house technology. The company's infrastructure is designed to meet the growing needs of global financial companies.
Founded in 2016, the business has seen double-digit growth year on year, with over 100 fintech professionals now based across the UK and mainland Europe. Clear Junction is ranked number one in the FEBE Growth 100 list as the fastest-growing, founder-led, privately owned business in the UK.
The Information Security Manager (ISM) plays a key role in the development, implementation, monitoring and improvement of a comprehensive Information Security Management System (ISMS) in CJ, which should be compliant with ISO 27001 and other information security standards, as decided by the Board and CEO of CJ.
The ISM role is focused on protecting the organisation's computer systems, networks, databases and other assets from cyber threats and security breaches.
Responsibilities
Assessing information security risks to systems, and developing plans to minimise potential threats.
Design and implementation of Security Controls in collaboration with the IT Department (among others, taking into account that the technology aspect of this task is performed by the IT
Department). Within the scope of this task, the ISM bears primary responsibility for providing guidance for the IT Team in the following ways:
With respect to the implementation project of a new external security service/tool, the ISM researches possible solutions and provides the IT Team with the Research Report.
With respect to in-house technology improvements, the ISM develops, agrees, and provides the IT Team with the Statement of Work.
Overseeing activities of the IT Department aimed at the design, implementation and support of Security Controls from the technology perspective.
Design and implementation of a security monitoring environment with alerting and response capabilities, taking into account that the technology aspect of this task is performed by the IT Department.
Develop and measure information security metrics.
Overseeing proper management and acceptable use of assets in CJ from the information security perspective.
Run the issue management process from the non-technology perspective, while the technology aspect of this job is performed by the IT Department.
Managing ISO27001 certification, auditing and other related projects and activities. Participating in other security-related certification, auditing and other projects and activities, as decided by the CEO and the Board.
Responsibilities which are performed jointly by the Security Director (leads, manages, contributes) and the ISM (contributes, supports):
Planning for the ISMS.
Ensuring that the ISMS achieves its intended outcome while being supported by the SMT and other departments of CJ.
Managing security risks, conducting security risk assessments, and developing respective security risk action plans in collaboration with the Risk and Compliance Department.
Being primarily responsible for the development and update of information security policies and procedures in CJ.
Ensuring the company-wide implementation of information security policies and procedures.
Ensuring compliance of the ISMS with internal policies and selected standards. Identify areas of non-compliance and develop remediation plans.
Overseeing proper functioning and ensuring proper use of Security Controls.
Running investigations on information security incidents and non-compliance cases.
Monitoring CJ IT systems for internal and external threats, in cooperation with the IT Department.
Providing leadership in company-wide information security awareness, as well as information security competence and knowledge management in CJ.
Directing and supporting company teams to contribute to the effectiveness of the ISMS, promoting continual improvement.
Facilitate adherence to the established business strategy by providing information security expertise to ensure the business strategy is empowered from the information security perspective.
Developing requirements for Learning and Development activities related to information security.
Developing and delivering information security training, running information security surveys and tests.
Developing and implementing an internal security audit programme for the ISMS, as decided by the CEO and the Board.
Serving as a primary liaison with 3rd parties in the information security area: consultants, auditors, certification bodies, regulators, etc.
Ensuring proper documenting of activities related to information security.
Evaluating and reporting on the performance of the ISMS to the CEO and the Board.
Other responsibilities:
Work collaboratively with other CJ employees and teams
Maintain other records and documentation, keep an audit trail
Develop reports on the above activities.
What we offer
- Private Health Insurance
- Paid Time Off
- Work From Home
- Training & Development
- Performance Bonus
- Work in a friendly team
- Great opportunity to grow your career in cutting-edge payments fintech
Papildu informācija: Private Health Insurance Paid Time Off Work From Home Training & Development Performance Bonus Work in a friendly team Great opportunity to grow your career in cutting-edge payments fintech
Atrašanās vieta
- Rīga, Latvija
Darba veids
- Pilna slodze
Prasmes
Valodas
- Angļu
- Krievu
Han Vong
07707307411
Clear Junction is a global payments company, licensed and regulated by the FCA in the UK, that offers regulated end-to-end payments solutions based on proprietary in-house technology. The company's infrastructure is designed to meet the growing needs of global financial companies.
Founded in 2016, the business has seen double-digit growth year on year, with over 100 fintech professionals now based across the UK and mainland Europe. Clear Junction is ranked number one in the FEBE Growth 100 list as the fastest-growing, founder-led, privately owned business in the UK.
The Information Security Manager (ISM) plays a key role in the development, implementation, monitoring and improvement of a comprehensive Information Security Management System (ISMS) in CJ, which should be compliant with ISO 27001 and other information security standards, as decided by the Board and CEO of CJ.
The ISM role is focused on protecting the organisation's computer systems, networks, databases and other assets from cyber threats and security breaches.
Reģistrācijas numurs: 10266710