Commify is one of Europe's leading suppliers of business messaging services that allows its customers to communicate brilliantly. Our messaging solutions encompass everything from SMS to mobile payments, accessed through web applications, APIs, or bespoke integrations. We operate in the UK, Ireland, Italy, France, Spain, Germany, The Netherlands, Australia, and The United States. We are headquartered in Nottingham, UK, and our products and platforms are supported by a passionate and innovative international team, with in-house development and support. Our mission is to make business communication brilliant, and we are actively seeking more acquisition targets to enable us to help even more companies transform their business communications.
At Commify, we recognise that our people are our biggest asset. As we continue to grow, we are looking for a Cyber Security Manager to support our commitment to maintaining a secure operating environment for our clients and stakeholders.
The Role:
The overall purpose of the role is to communicate Technology Risk and to deliver Risk Mitigations at Commify. You will play an important part in establishing Commify as an industry leader in Cybersecurity, both for our existing platforms and for our new developments. You will develop a firm understanding of Technology and Cybersecurity risk across all of Commify’s platforms, and oversee the implementation of all Cybersecurity programs. You will engage with technical teams to ask the right questions and document risks clearly, and ensure stakeholders from varying backgrounds across the business understand the risk in their language. Your stakeholders will include Compliance / Audit functions, Customer Success, Technical teams, and Senior Leadership. You will prioritise the risks according to customer, regulatory and internal stakeholder drivers, and then ensure that the work to mitigate the risks is delivered to expectations (time, cost and quality). Responsibilities:
Develop and implement a comprehensive Cybersecurity strategy Accountable for delivery of overall strategy, collaborating with key stakeholders to ensure agreed actions and programmes are implemented according to the agreed plans Understand, document and communicate Technology and Cybersecurity risk across the company Translate risk mitigation needs into actionable work requirements for relevant teams Ensure projects and other work activities are delivered to address these risks Maintain, report on and communicate the Technology Risk Register to different stakeholders within the company Ensure technology teams are meeting Cybersecurity policies and international audits Create / maintain technical answers for Common Controls Framework for all Commify platforms Prioritise and organise the mitigation efforts across all Cyber risks Liaise with customers and auditors if required regarding Cybersecurity questions The Person:
Have excellent verbal and written communication skills to achieve buy-in for Cybersecurity risks and decisions from stakeholders across the organisation Possess the skills and knowledge sufficient to understand technical Cybersecurity risks across a variety of on-premise and Cloud platforms Demonstrate effective networking and delivery skills to ensure technical security work is actionable for technical teams, and then tracked and delivered Ability to pay attention to the detail, but simplify for effective communication Resilience under pressure and decisiveness in complex situations Capacity to learn and document multiple unique technology environments Experience with Public Cloud and On-Premise technologies and risk profiles Experience with Network Security, Windows, Linux, Platform-as-a-Service and Infrastructure-as-a-Service technologies Track record of delivering successful audit submissions for standards such as ISO 27001, Cyber Essentials, SOC 2, HIPAA etc Benefits:
Competitive Salary Company Bonus Scheme based on performance Private Healthcare & Dental 27 days annual leave plus Bank Holidays Birthday off work 5% Pension (company) Death in service (4x salary) End of year award Monthly/quarterly socials Training & Development opportunities Hybrid working
#J-18808-Ljbffr
The overall purpose of the role is to communicate Technology Risk and to deliver Risk Mitigations at Commify. You will play an important part in establishing Commify as an industry leader in Cybersecurity, both for our existing platforms and for our new developments. You will develop a firm understanding of Technology and Cybersecurity risk across all of Commify’s platforms, and oversee the implementation of all Cybersecurity programs. You will engage with technical teams to ask the right questions and document risks clearly, and ensure stakeholders from varying backgrounds across the business understand the risk in their language. Your stakeholders will include Compliance / Audit functions, Customer Success, Technical teams, and Senior Leadership. You will prioritise the risks according to customer, regulatory and internal stakeholder drivers, and then ensure that the work to mitigate the risks is delivered to expectations (time, cost and quality). Responsibilities:
Develop and implement a comprehensive Cybersecurity strategy Accountable for delivery of overall strategy, collaborating with key stakeholders to ensure agreed actions and programmes are implemented according to the agreed plans Understand, document and communicate Technology and Cybersecurity risk across the company Translate risk mitigation needs into actionable work requirements for relevant teams Ensure projects and other work activities are delivered to address these risks Maintain, report on and communicate the Technology Risk Register to different stakeholders within the company Ensure technology teams are meeting Cybersecurity policies and international audits Create / maintain technical answers for Common Controls Framework for all Commify platforms Prioritise and organise the mitigation efforts across all Cyber risks Liaise with customers and auditors if required regarding Cybersecurity questions The Person:
Have excellent verbal and written communication skills to achieve buy-in for Cybersecurity risks and decisions from stakeholders across the organisation Possess the skills and knowledge sufficient to understand technical Cybersecurity risks across a variety of on-premise and Cloud platforms Demonstrate effective networking and delivery skills to ensure technical security work is actionable for technical teams, and then tracked and delivered Ability to pay attention to the detail, but simplify for effective communication Resilience under pressure and decisiveness in complex situations Capacity to learn and document multiple unique technology environments Experience with Public Cloud and On-Premise technologies and risk profiles Experience with Network Security, Windows, Linux, Platform-as-a-Service and Infrastructure-as-a-Service technologies Track record of delivering successful audit submissions for standards such as ISO 27001, Cyber Essentials, SOC 2, HIPAA etc Benefits:
Competitive Salary Company Bonus Scheme based on performance Private Healthcare & Dental 27 days annual leave plus Bank Holidays Birthday off work 5% Pension (company) Death in service (4x salary) End of year award Monthly/quarterly socials Training & Development opportunities Hybrid working
#J-18808-Ljbffr
