Information Security Manager

London
Workplace Technology – Workplace Technology /
Full Time /
Hybrid
Apply for this job
The aim of this role is to take ownership of Moneybox’s Information Security Programme, based on the NIST Cyber Security Framework (CSF). Reporting to the Engineering Director, the Information Security Manager will be the first full time Information Security hire at Moneybox and hold responsibility for Information Security at Moneybox. The role will suit an ambitious information security or cyber specialist who would like to build a department from the ground up and transition into a Head of position and beyond

What you'll do

    • Create and deliver a roadmap that ensures Moneybox remains secure and is compliant with the NIST CSF, Cyber Essentials, data protection laws and industry regulations
    • Craft and implement comprehensive information security policies and procedures, ensuring these are socialised and used throughout the organisation
    • Maintain and deliver security awareness training programs for employees to ensure a strong security culture within the organisation
    • Maintain incident response plans, ensuring the organisation is well-prepared to respond to and recover from security incidents
    • Oversee the implementation of vulnerability management processes, including regular scanning and patch management to address potential vulnerabilities
    • Evaluate and manage the security risks associated with third-party vendors and partners
    • Develop and maintain security metrics to measure the effectiveness of the information security program.
    • Provide regular reports to senior management
    • Continuously assess and improve the information security program based on emerging threats, industry best practices, and the evolving needs of the organisation

Who you are

    • A driven, ambitious individual who’s looking to build their career at an exciting, fast-growing company
    • Have an ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements
    • Be comfortable presenting in a concise manner to very senior stakeholders and able to chair committee meetings when required
    • Be a self starter who is keen to get their hands dirty but also able to build a department as the role evolves
    • Have an understanding of legislation and regulations that impact Information Security. E.g. Data Protection Act and GDPR, Freedom of Information Act
    • Have an understanding of current and emerging threats and countermeasures and the organisational challenges to addressing these threats

Experience and skills

    • Have proven experience in information security management, ideally with the NIST CSF
    • Have a good practical knowledge of security technologies and wider business solutions including Identity and access management, SIEM, remote working and cloud technologies
    • It's desirable to have one of the following qualifications: CISSP, CISM, CRISC
    • Have a good understanding of financial services and awareness of broader requirements
    • Fluency in English
    • Demonstrated leadership skills with the ability to collaborate cross-functionally and influence key stakeholders

What's in it for you?

    • Opportunity to join a fast-growing, award-winning and super ambitious, profitable startup
    • Work with a friendly team of highly motivated individuals
    • Be in an environment where you are listened to and can actually have an impact
    • Thriving collaborative and inclusive company culture
    • Company shares
    • Company pension scheme
    • Hybrid working environment
    • Home office furniture allowance
    • Personal Annual Learning and Development budget
    • Private Medical Insurance
    • Health Cash Plan (cashback on visits to the dentist & opticians etc)
    • Cycle to work scheme
    • Gympass subscription to a variety of gyms and wellbeing apps
    • Enhanced parental pay & leave25 days holiday + bank holidays with additional days added with length of service.
      • Plus many more
Please read before you apply!
By sending us your application you acknowledge and agree to Moneybox using your personal data as described below.
We collect applicants’ personal data to manage our recruitment related activities. Consequently, we may use your personal data to evaluate your application, to select and shortlist applicants, to set up and conduct interviews and tests, to evaluate and assess the results, and as is otherwise needed in the recruitment process generally.
We do not share your personal data with unauthorised third parties. However, we may, if necessary, share your personal data to carefully selected third parties acting on our behalf. This may include transfers to servers and databases outside the country where you provided us with your personal data. Such transfers may include for example transfers and/or disclosures outside the European Economic Area and in the United States of America.
If you are unsuccessful in your application, we may keep your details on file so that we can tell you about other suitable vacancies which may be of interest to you when they arise in the future. If you would rather we did not keep your details on file, you can contact us at email: DPO@moneyboxapp.com

Your application will be subject to criminal record and adverse credit history checks (such as CCJs, IVAs and bankruptcy). As a regulated financial business, an adverse financial history could impact your suitability for the role. If you are aware of anything that could affect your suitability for the role, please let us know.
Apply for this job
Jobs powered by Lever logo