Information Security Officer - London, United Kingdom - SmallWorld FS

SmallWorld FS

Verified Company

London, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Here at SmallWorld Financial Services, we know how important it is to be able to support friends and family from abroad. Put simply, we believe that the more people we can help transfer money to overseas family, friends and businesses, the smaller the world becomes.

Our employees are as diverse as our customer base and we value the sharing of skillsets and cultures that come with a truly international company present in several countries.

SmallWorld is one of the largest money transfer companies in the world. We have a network of over 253,000 pick-up locations and a global team of over 1000 people who are responsible for over 15 million worldwide transactions each year.

Are you passionate about working for a global company that celebrates differences? Do you want to empower people and families to support each other regardless of distance?

Then join us Let's make this big world into SmallWorld.

Purpose of role:

The Information Security Officer will be responsible for overseeing the implementation of an ISO 27001 program of work within a regulated payments company.

Additional responsibility for improving and maintaining IT security performance, policies, and procedures across the organisation globally.

The Information Security Officer will report directly to the SW Group's Chief Risk Officer with overall responsibility for Global Compliance, Data Protection, Cybersecurity, Enterprise Risk and Legal functions.

Specific Role Requirements:

Review of the current information security policies, procedures and guidelines and proposal of improvements or development of new documents where applicable.
Identification of security controls and requirements from third parties (partners, regulators, etc.).
Support in the gap analysis between security controls and corporate policies and procedures, including proposal and guidance to implement outstanding controls.
Support in the development and delivery of security training and awareness contents.
Monitoring and reporting on KPIs related to the security training plan.
Support in the assessment of systems/software and tools from a security standpoint as well as in the Due Diligence of third parties.
Support in security incident management may be required.

Skills & Experience:

13 years of prior relevant experience in Cyber/Information Security risk management, governance, and compliance.
Experience in financial services is highly advantageous.
Strong knowledge of ISO management systems and specifically ISO 2700
Strong MS office skills in addition to JIRA/Confluence experience.
Understanding of security principles, best practice, and tools.
Experience in security monitoring, vulnerability, and incident management.
Experience developing security policies and procedures.
Analytical and problemsolving skills to identify and assess risks, threats, patterns, and trends.
Teamworking skills for collaborating with stakeholders.
Strong time management skills with the ability for multitasking.
Excellent oral and written communicator.
Detailorientated with a commitment to accuracy.
Continuous learning mindset.
Relevant certifications (e.g. CISSP, CISM,) are a plus but the role will provide the opportunity to sponsor study for these qualifications.
Knowledge in the following security areas would be a plus: Cyber Intelligence, Ethical Hacking, Computer Forensics, Incident Management and Response.

Personal attributes:

Commitment and strong implementation skills
Able to lead through ambiguity and competing agendas
Ability to influence stakeholders at multiple levels
Resilience and adaptable to changing environments
Strong delivery capability as both and individual and through disparate global teams.