• Location: London, England
  • Date Posted: 26th Oct, 2021
  • Reference: 2547173

Job Description


An amazing opportunity to work for one of the highest growing businesses in the world. The company operates within a highly competitive space within the FMCG market where it see's itself as more of a fin-tech company. The business has heavily invested in it's tech and are driven by focused and determined individuals. Due to being a fast growing company there is not much legacy to work through and allows you make your mark quickly.



Role & Responsibilities


Working as a Security Risk Management Lead, the company see's this role as having the ability to handle the outside impact on the business. You will be directly responsible for how the company manages its security risk. Your role in driving sound risk management practices will play a major part in the development of the business. Your key duties will include:



  • Build and manage a small team of security risk analysts

  • Design, embed and manage a scalable security risk management framework, taking into account business context and relevant industry standards, regulatory requirements and stakeholder expectations

  • Develop and update security policies, standards and guidance in collaboration with business stakeholders

  • Create and manage a security risk acceptance process and relevant governance structures

  • Assess security risks and track exposure and remediation activities

  • Drive and maintain compliance with industry standards such as PCI-DSS, ISO27001 and SOC2

  • Organise relevant security awareness training



Skills & Qualifications


In order to be successful in the role you must have the following skills or experience:



  • Significant experience in security risk management in a fast paced business, ideally a public technology company or in a regulated industry

  • Previously defined policies, processes and procedures for managing security risk

  • Expertise in performing security risk assessments in a cloud environment

  • Comfortable having difficult risk management conversations with different stakeholders across the business in both technical/engineering and non-technical role

  • Familiar with security standards such as PCI-DSS, NIST, ISO27001 and SOC2


Benefits



  • Highly competitive Salary

  • Benefits Package which includes Stock / Equity Options

  • Company Bonus

  • WFH Opportunities