Information Security Manager (FTC)

Join to apply for the Information Security Manager (FTC) role at Compare the Market.

Our purpose is to make great financial decision making a breeze for everyone, and that purpose drives us every day. It’s why we’re on a mission to create an automated quoting engine, with the simplest of experiences, wrapped in a brand everyone loves. We change lives by making it simple to switch and save money and that’s why good things happen when you meerkat. We’d love you to be part of our journey.

The role is responsible for completing line 1 risk and control management covering aspects of the cybersecurity framework. The role will check technical data provided by the analysts and ensure it is accurate. Manage InfoSec 3rd party due diligence and report the risk from non-conforming vendors to the risk owners. Responsible for enhancing security awareness across the business and enhancing that awareness to align with new threats. Operate within the NIST framework and ensure the standards remain aligned to InfoSec Standards and metrics are reported. The InfoSec Manager will be the elevation point for analysts offering a reliable source of security advice and guidance to the business.

Everyone is welcome. We have a culture of creativity. We approach our work passionately, improve constantly and celebrate our wins at every turn. We are an inclusive workplace and our employees are comfortable bringing their authentic, whole selves to work. Everyone is welcome. Be you.

This means we’re excited to hear from people with a range of skills, experiences and ideas. We don’t expect you to tick all the boxes, but would love to hear what makes you great for this role.

• Manage third party due diligence reviews and identify security risks.
• Manage a team of analysts who answer security queries from the business.
• Responsible for the management of third-party external requests.
• Manage the delivery of effective security awareness programs and campaigns to the business.
• Management of data to inform the monthly and quarterly MI reporting of NIST controls.
• Initial assessment of cyber risks and offer advice on lowering the risk.
• Management of data produced from security tools to assess the threat and elevate where necessary.
• Continuous reporting of cyber risk and control effectiveness.

• Prior experience in a security function.
• Experience of 3rd party security due diligence.
• Experience of Risk Management Frameworks.
• Experience of managing cyber metrics and deciphering raw data.
• Understanding of NIST framework is preferred.

We’re a place of opportunity. You’ll have the tools and autonomy to drive your own career, supported by a team of amazingly talented people. And then there’s our benefits. For us, it’s not just about a competitive salary and hybrid working, we care about what matters to you. From a generous holiday allowance and private healthcare to an electric car scheme and paid development, wellbeing and CSR days, we’ve pretty much got you covered!

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Industries: Software Development