š· Salary: Ā£68,000 - Ā£78,000 DOE
š¼ Contract Type: Full time, permanent
š¢ Work Life Balance: Hybrid, likely 1 day per week at our Northampton office
āļø Candidate Journey: Our goal is to reply to applications within 3 working days. Additionally, we make sure to acknowledge, evaluate, and respond to all applications as a way of showing our appreciation for your time and effort in applying to us.
Ready to help redefine insurance?
Weāre an award-winning business thatās changed how customers experience insurance. By challenging traditional thinking and raising the bar on service, weāve built a reputation for doing things differently.
Our people are at the heart of that success. We invest in talent, back bold ideas and create space for innovation to flourish because growth happens when great people are empowered to do their best work.
With a global ambition to innovate, dominate and disrupt niche insurance markets, weāre looking for forward-thinkers who thrive on change and want to shape the future of the industry.
š The Role:
We are seeking an Information Security Officer to support the delivery of our organisationās information security programme and help ensure the protection of our customersā data. Reporting directly to the Director of Information Security, this newly created role will play a key part in strengthening our security framework, supporting compliance requirements, and promoting a strong security culture across the business.
This is an excellent opportunity for a security professional who enjoys working across governance, risk, compliance, and stakeholder engagement, helping to embed best practice in information security.
š What will you do?
* Develop and maintain the organisationās Information Security Management System (ISMS) in line with ISO 27001:2022
* Support and manage the ISO 27001 certification process, including planning and coordination of external audits
* Support alignment with PCI DSS and other compliance obligations
* Manage internal security audits and assessments
* Develop, implement, and maintain information security policies and procedures
* Identify, assess, and report on information security risks
* Develop a strong understanding of how the organisation operates to ensure security practices are effectively applied
* Work closely with Risk & Compliance and IT teams to ensure data is securely protected
* Support the development and delivery of security training and awareness programmes
* Build strong relationships with key internal stakeholders to help develop and embed a strong security culture
š What we are looking for:
* ISO 27001 Lead Implementor/Auditor certification or at least 2 yearsā experience supporting an ISO 27001 accredited organisation
* Strong knowledge of security risk and control frameworks, including ISO 27001, Cyber Essentials, PCI DSS, and ITIL
* Experience developing and implementing information security policies and procedures
* Understanding of a range of security technologies, including:
o Firewalls
o Cyber threat intelligence services
o Data Loss Prevention (DLP)
o Email security
o Endpoint encryption and endpoint protection
o SIEM platforms
o Vulnerability management tools
o Web security technologies
* Ability to review security controls, assess control maturity, and recommend improvements
* Knowledge of Data Protection Act 2018 and GDPR
Weāre assembling a diverse team, where skills, not checkboxes, reign supreme, regardless of race, religion, sex, sexual orientation, gender identity or disability.
Staysure Group welcomes all new starters with open arms, providing training, development opportunities, and great benefits.