Are you a highly experienced Information Security professional looking for a new challenge?
If the answer is yes, Freedom Finance has the perfect opportunity for you!
Freedom Finance are an award winning and growing FinTech company and we are currently seeking the right candidate for our Information Security Manager role. You will join our expanding team in Manchester to help deliver the technology supporting our range of product offerings and be part of our ambitious plans for the future.
Reporting to the Head of Programmes and Change the role will require in-depth understanding of information security, technology architecture and business security. You will be knowledgeable of the wider information security agenda and be looking for autonomy to control and develop our ISO 27001 ISMS, an increasingly crucial element of our technology strategy. You will seize the opportunity to develop wider infosec leadership skills within an ambitious, forward thinking SME high growth fintech environment.Successful candidates will be expected to demonstrate relevant experience working in a dynamic business environment, managing complex challenges, and communicating to all levels of the business.
Our people are our most important asset. Without the right people in our business, we would not be where we are today. We are always on the lookout for individuals who want to help shape and build our business to move towards the future. We are constantly driving change with no two days the same. We welcome those who aren’t afraid of a challenge to come join us.
What can we offer you?
- Starting salary up to £55,000 (dependent on experience)
- Hybrid working arrangements (2 days in the office, 3 days work from home)
- 33 days holiday inclusive of Bank Holidays
- Enhanced Westfield Health cash plan
- Life Assurance
- Holiday buy & sell
- Workplace pension
- Access to our great benefits portal with a range of retailer discounts
Responsibilities
- Full ownership of the ISO27001 management system and its ongoing maintenance and improvement
- Creating and performing a schedule of internal audits
- Chairs and presents the Information Security Management Committee
- Implementing and improving procedures to comply with ISO27001 and GDPR
- Owns the business continuity and disaster recovery plans and their scheduled testing
- Working with the CTO to develop a cybersecurity strategy and maintain an on-going programme of security testing
- Identify weaknesses or failures in Information Security and drive appropriate improvements
- Work with HR to rollout an on-going programme of security awareness and training to engender a culture of security awareness within the organisation
- Work with the platform engineering, business operations and delivery functions to guide and ensure security principles/procedures are understood and applied consistently
- Providing direction and guidance on Information Security matters as part of the leadership team, collaborating closely with peers to ensure that security is built into everything we do
- Review third party security controls and respond to partner security due-diligence requests
Key Experience / Skills
- Must have a broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies.
- Must have extensive experience implementing/maintaining ISO27001 and managing external audits
- Must be comfortable performing regular internal audits
- Demonstrable experience in building relationships across the organisation to develop buy-in to infosec matters
- An understanding of infosec best practices and approaches such as OWASP
- Professional certification (CISSP/CISM/ISO 27001 Lead implementer or similar)
Person Specification
- Dedicated to the security discipline but pragmatic and adaptable with the tenacity to get things done
- Excellent communicator with the ability to present security topics to a non-technical audience and presenting the business value of security.
- updates in a range of styles and formats to various levels in the organisation
- Must have a reasonable approach to balancing business objectives with information security
- Well organised, focussed with a strong attention to detail
- Must be self-starting, able to define and drive deliverables through to completion
- Continually strives to improve themselves and those around them
If this sounds like the right career move for you, click apply for our Information Security Manager role!
At Freedom Finance we are committed to equality and diversity. We ensure that a job criterion is relevant to the successful undertaking of the job. We do not indirectly disadvantage any persons on the grounds of gender, age, disability, race, ethnic origin, religious belief, sexual orientation, or social status.
As part of any recruitment process, Freedom Group collects and processes personal data relating to job applicants. Freedom Group is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
Department
Platform – Information Security
Job Title
Information Security Manager