Information Security Officer

5+ years’ experience in Information Security, ideally within a fast-paced technology or financial services industry. Strong working knowledge of frameworks such as ISO27001, ISO22301, SOC 1, SOC 2, NIST, and GDPR. Proven experience developing, implementing, and improving information security policies, standards, and controls aligned to recognised frameworks. Hands-on experience conducting audits, risk assessments, and business impact analyses. Hands-on experience with vulnerability management within a complex and dynamic cloud environment. Broad understanding of cloud security. Excellent communication and stakeholder engagement skills. Analytical mindset with a focus on continual improvement and measurable outcomes.

Apply expert knowledge of security frameworks and controls (NIST, ISO22301, ISO27001, ISO27017/18, ISAE3000/SOC2, GDPR) to support security governance. Support the development, maintenance, and continual improvement of the ISMS and BCMS. Assist in drafting and maintaining Information Security Policies. Contribute to the planning and execution of external audits. Monitor and report on adherence to security controls via risk assessments and internal audits. Assess and support the remediation of information security risks, non-conformities, and issues. Support vulnerability management processes. Conduct vendor and third-party security assessments. Partner with the Defensive Engineering team to ensure security requirements are built into product developments. Deliver and enhance security awareness and training initiatives.