Do you have experience of working in security governance, risk, and compliance? Do you have a proven track record of performing regular audits, managing processes, standards and quality assurance? Have you got an in-depth knowledge of information security standards? If you’ve answered yes, then you could be the right person to join the Information Security team, here at Cabot Credit Management. What you can expect from us: Salary of £50-56k Permanent Contract Must be within in comutable distance of our Hull office Not only are we offering a competitive salary and a fantastic bonus scheme, you’ll also be entitled to loads of great benefits including, discount, private health insurance, and cash back on hundreds of high-street shops, plus much more. What can you expect as an Governance, Risk and Compliance Specialist? You will be responsible for providing expert and professional information security services through understanding the control and management of Information Security Management Systems, and the effective use of information & cyber security controls relating to both technology and process. You will be involved in assisting in the development and optimisation of control management processes to ensure Encore business entities operate and can evidence effective InfoSec controls which address their risks, any local legislative or regulatory requirements, company policies, and security best practice. You will develop and manage processes, standards, and quality assurance for the smooth operation of the ISMS across the Encore businesses, including risk, audit, awareness, and continuous improvement activities. You will also support fellow departments and group businesses with information security advice and guidance as necessary. Key Accountabilities & Responsibilities Develop, implement, and maintain information security policies, standards, procedures, guidelines, and training associated with the effective delivery of Encore ISMS, and ensure recommendations associated with effective governance of information security are adopted. Provide a key resource for GRC activities across European business entities, building relationships with key business stakeholders and strong working relationships with the risk and compliance team globally. Ensure effective management of IS risk to deliver security through clear, consistent, and prioritised communication of key vulnerabilities and recommended mitigations; obtain ownership and support remediations required to bring residual risks in line with targets Perform regular audits of our InfoSec controls in line with policy and our ISMS; support our control owners; document evidence; report findings, recommend actions; manage remediations. Conduct regular and ad hoc risk reviews; prepare analysis for senior stakeholders/risk owners; provide prioitised recommendations, with options based on clearly communicated compensating controls, their impact, and effect on residual risk. Operate the continuous service improvement plans for all our businesses to ensure we refine our Information Security Management System, adhering to ISO27001 standards. To provide deep expertise in our chosen frameworks (ISO27001, NIST CSF and others), applying IS best practice through reviews and recommendations to our business entities; up skilling other team members and sharing knowledge within IS. Help define and implement a maturity model based on NIST CSF Domains; agree sub-domains, controls and control statements; evaluate business unit performance on a regular basis; make recommendations to key internal stakeholders; report status. Responsible for escalation of any identified security issues to required timescales and quality; recommending remediating actions and ensuring these are completed within the required timescales and SLAs. Provide GRC InfoSec support to the business outside of normal working hours in response to key incident or event management practice. Knowledge & Experience: Professional qualification in one or more IS standards. Knowledge of ISO 27001/PCI Deep knowledge of frameworks Analytical and problem solving skills Ability to review and report reccommendations to key stakeholders and risk committees, ensuring actions and recommendations are actioned in a timely manner Ability to prioritise and work under pressure to meet strict deadlines Strong customer focus with the drive and commitmnet to improve the level of service clients recieve Excellent communication skill with the ability to liaise with clients and suppliers What happens next? If this sounds like you and you’d like to join our rapidly expanding company that offers excellent career progression, then apply now Working for Cabot: You’ll be working for an award winning; Investors in People Gold accredited organisation. We’re passionate about the ethical treatment of our customers and employees. Our mission is to create pathways to economic freedom. Our vision is to make credit accessible by partnering with our consumers to restore their financial health. Diversity and inclusion are very important to us at Cabot, and we value a multitude of diverse talent within our business. We want everyone to be themselves at work and encourage a culture that includes everyone. Our policies ensure that every candidate and employee are treated fairly and with equal opportunities. At Cabot we are highly regulated by our clients, as such, any successful candidates will have to undergo a basic credit check and criminal background check. Please note that we are unable to proceed to interview stage if a CCJ, IVA or Bankruptcy appears on a credit file, or if you do not have full right to work in the UK – we are unfortunately unable to offer sponsorship.