Information Security Compliance Manager

Vacancy Name Information Security Compliance Manager Vacancy No VN3475 Employment Type Full Time Work Place Location City Andover Location Country United Kingdom Role Pitch CloudPay is looking for a highly motivated Information Security Compliance Manager to support the rapid expansion of the company. The Information Security Compliance Manager will ensure that our payroll and payment products and services comply with industry regulations, security standards, and internal policies. Working closely with technology, legal, and operational teams, the successful candidate will drive security initiatives, conduct risk assessments, and manage internal and external audits to uphold a strong security and compliance posture. Key Responsibilities Daily Duties and Main Responsibilities will include: Policy and Process Development Develop and enforce policies that comply with regulations and standards such as GDPR, ISO27001, SOC2, and NIST. Continuously monitor evolving regulations and standards to assess relevant impacts to the security framework at CloudPay. Work closely with stakeholders to advise on the appropriate implementation of security policies to protect customer data. Ensure that policies are communicated to all employees. Audit and Security Assessments Prepare for and support external audits related to information security such as ISO27001, ISO22301 and SOC. Support the vendor assurance team with the interpretation and review of security elements of compliance assessment responses. Work closely with stakeholders on information security questionnaires from prospects and existing customers. Security Risk Assessment Management Conduct security risk assessments on new products or enhancements to existing products, working with stakeholders to advise on risks and potential mitigation strategies. Work with product and development teams to ensure security controls are embedded into new products and enhancements. Act as subject matter expert to advise stakeholders on the security impacts of new products, services and partnerships. Incident Response and Reporting Work closely with the technology teams on security incidents to ensure compliance with Incident Response Plans. Support relevant teams with communications and root cause analysis. Monitor and ensure that actions arising from security incidents are logged and managed through to completion. Continuous Improvement and Monitoring Monitor the effectiveness of security controls through periodic assessments and identify areas for improvement. Ensure that nonconformities are appropriately captured and managed through to completion. Description Attributes and Experience Required: Proficiency in creating and maintaining information security policies and procedures to a high-quality standard Strong, practical knowledge and experience with ISO27001 and SOC frameworks, including implementation and compliance analysis Comprehensive knowledge of common information security technologies, tools, and best practices (i.e. Microsoft Azure, Vulnerability Management, Incident Management, Risk Analysis, Security Awareness and Training etc.) Experience in conducting risk assessment and implementation of security controls Exceptional attention to detail Ability to use initiative to solve problems Ability to work autonomously when required Preferred CISSP, CISM, CRISC, CISA, PCI-DSS certification, or other relevant certifications preferred. Experience working in a global technology company. Experience of working in financial services. Benefits Package and Benefits: Competitive annual salary 25 days annual leave, plus bank holidays Flexible remote working Birthday leave Flexible pension contribution Life assurance x4 Private medical insurance Earned Wage Access (via CloudPay Now app) Personal and professional development opportunities Friendly working environment CloudPay is committed to being an equal opportunities employer.

#J-18808-Ljbffr