Security Compliance Manager

A challenging position has become available within a high-growth technology business based in Surrey. This leading organisation is looking to take on a Security Compliance Manager who can successfully maintain and improve compliance with security regulations and standards, such as PCI DSS, ISO2700k, Cyber Essentials (UK), in addition to establishing compliance with the NIST Cyber Security Framework. This is a hybrid role requiring 2 days per week in the office.

• Maintain and ensure continued certifications to PCI DSS and ISO 27001 and Cyber Essentials.
• Maintain the library of evidence to support audits.
• Ensures potential and existing clients are supported, responding to their security assessment questionnaires.
• Identify and support internal projects and initiatives to ensure compliance.
• Provide high quality consultancy in relation to industry codes, quality, privacy and data protection regulations, internally and in client facing scenarios.

• Knowledge and experience of implementing PCI DSA and ISO 27001 standards and data protection frameworks. Knowledge of NIST CSF is advantageous.
• Knowledge of data protection principles, including GDPR, and the practical application of data protection laws around data handling and management.
• Ability to develop an understanding of internal systems, governance, and IT infrastructure to allow the accurate completion of client security questionnaires and contract reviews.
• Experience of planning and conducting internal audits in relation to quality, information security and data protection, producing clear and actionable findings and supporting business teams to implement these actions.
• Exposure to working with external audit bodies in the planning, preparation and hosting of external audits.
• Ability to take a solution-focused approach, building collaborative relationships and communicating credibly and effectively with a wide range of stakeholders.
• Exposure to dealing with quality or data related incidents efficiently and effectively, ensuring issues are managed and appropriately escalated within the business.
• Project management skills and a coaching, enabling, business partnering mindset.

£55-60K plus bonus and benefits

The ideal candidate will be dependable and flexible, with a passion for Information Security and a desire to motivate people. If you want to be part of a growing organisation with ambitious plans, and the above describes you, please send in your CV for immediate review.