It is our vision to connect the insurance community through market-leading technology. Our people are placed at the heart of this, and diversity, equity and inclusion are central to everything we do.
We know the key to achieving success is to enable a positive, inclusive, and collaborative working culture, and, as part of our commitment, we have signed up for a number of pledges and programmes designed to support and nurture our people.
No matter where you sit or which team you are a part of, we want you to know that you contribute in helping us to shape where the company will be in the future. We would love for each employee to be able to talk with pride about our company and, most importantly, consider Open GI to be an inclusive, fun and fulfilling place to work.
Position:
An overview of the role
The Cyber CRC Administrator will support the day-to-day operation of the Information Security Management System (ISMS) and the internal audit programme, helping the business maintain its security posture and compliance obligations across ISO 27001, PCI DSS, and DORA.
Your key responsibilities
* Maintain the ISMS on a day-to-day basis, including policy and procedure document control, version management, and review cycles.
* Plan, schedule, and conduct internal audits against ISO 27001 and other applicable frameworks; document findings and track corrective actions to closure.
* Maintain the risk register, supporting risk owners with assessments, treatment plans, and periodic reviews.
* Collect and maintain evidence to support certification audits, customer assurance requests, and regulatory obligations.
* Coordinate management review meetings, prepare reports and metrics, and minute outcomes.
* Support supplier and third-party risk activities, including questionnaire issuance and review.
* Help deliver the security awareness and training programme, tracking completion and exceptions.
* Act as a first point of contact for ISMS-related queries from across the business.
Requirements:
What you'll need to succeed
Essential Skills and Experience
* Minimum 1–2 years' experience in a cyber security, GRC, IT audit, or information assurance role
* Working knowledge of core cyber security concepts (e.g. confidentiality/integrity/availability, access control, risk management, common threats and controls).
* Practical exposure to at least one recognised security or compliance framework (ISO 27001, PCI DSS, NIST CSF, Cyber Essentials, or similar).
* Strong organisational skills, attention to detail, and a methodical approach to documentation.
* Confident written and verbal communication; able to engage with both technical and non technical stakeholders.
* Comfortable working with Microsoft 365 (Word, Excel, SharePoint) and GRC or ticketing tools.
* A foundational cyber security qualification (e.g. CompTIA Security+, ISO 27001 Foundation, ISC2 CC) or demonstrable equivalent knowledge.
Desirable Skills and Experience
* Prior experience supporting an ISO 27001-certified ISMS.
* Familiarity with PCI DSS v4.0 and/or DORA requirements.
* Internal Auditor training (e.g. ISO 27001 Internal Auditor or Lead Auditor).
* Experience in regulated environments (financial services, insurance, or critical service providers).
* Exposure to GRC platforms.
Other information:
Mission and Values
It is our mission to be both the Technology Partner and Employer of Choice to the UK General Insurance market. Our people are placed at the heart of this and diversity, equality and inclusion are central to everything we do.
* Accountability: We own our actions and shape our success on the results we deliver
* Innovation: We tackle challenges with fresh thinking and bold ideas
* Teamwork: We work together, recognising we can’t do this without each other
* Trust: We build trust on integrity, transparency and mutual respect
We are looking for an individual who embraces our values in their actions, decisions, communications and processes to inspire positivity and, ultimately, exceptional performance.
Benefits package
* Salary in the region of £52,000 dependant on skills and experience
* Company pension
* Bonus opportunity
* Life assurance and critical illness cover
* Cycle to work scheme
* Perkbox – an exclusive platform offering a wide range of discounts and benefits
* Holiday entitlement of 25 days per annum, increasing to 26 days per annum after three years of service & a holiday purchase scheme
* Opportunity for a more flexible approach to start, finish, and lunchtimes to allow you to better manage events outside of work
* Social clubs - whether you’re into your cycling, crafts, or other hobbies, we have a number of groups at Open GI where individuals who enjoy the same pursuits can get together
* Wellbeing – wills at work scheme, employee assistance programme and mental health first aiders
Please note, this is a hybrid position requiring in-office attendance at our Worcester location twice a week .