Job Title: Security & Compliance Officer
About Us:
We are a dynamic and growing portfolio of companies, each with unique challenges across diverse industries. Our focus on maintaining the integrity, confidentiality, and availability of information assets requires a comprehensive approach to security and compliance. As we continue to evolve, we're seeking a Security & Compliance Officer to lead and manage our security and compliance efforts across the portfolio.
Position Summary:
We are looking for an experienced Security & Compliance Officer to oversee and implement security and compliance programs within our companies. The successful candidate will have a strong understanding of compliance frameworks such as PCI DSS, ISO 27001, SOC 2, and others, with a particular focus on the aviation industry at the start. You will play a pivotal role in aligning our portfolio's security standards with those of the parent organisation, conducting risk assessments, and guiding teams on compliance best practices.
Key Responsibilities:
- Align portfolio security and compliance efforts with organisational standards, ensuring a cohesive and unified approach.
- Develop and implement robust compliance and security programs across the portfolio, ensuring adherence to PCI DSS, ISO 27001, SOC 2, and other relevant standards.
- Conduct regular audits, security assessments, and risk analyses to identify vulnerabilities and non-compliance.
- Serve as the primary point of contact for compliance-related audits, liaising with external auditors and regulatory bodies.
- Establish and maintain policies, procedures, and controls to manage security risks across the companies.
- Provide guidance and training to internal teams on compliance and security best practices.
- Lead incident response efforts, managing investigations and remediations for any security breaches.
- Collaborate with IT and business leaders to align security initiatives with business objectives.
- Stay updated on the latest security threats and compliance regulations to enhance security posture.
What You Bring:
- Bachelor's degree in Information Security, Computer Science, or related field (Advanced degrees and certifications such as CISSP, CISM, CISA are preferred).
- 5+ years of experience in information security and compliance, ideally in complex organisations.
- Expertise in compliance standards such as PCI DSS, ISO 27001, SOC 2, and GDPR.
- Strong knowledge of security principles, including risk assessment, threat modelling, and incident response.
- Exceptional communication skills, capable of explaining complex security concepts to both technical and non-technical audiences.
- Proven leadership skills, with a history of managing cross-functional initiatives.
- Ability to work independently and manage multiple priorities in a fast-paced environment.
Terms:
- Employment subject to background and criminal record checks.
- Must have indefinite right to work in the UK.
Apply Now to join our dynamic team and drive security and compliance excellence across a portfolio of exciting and diverse companies!