Information Security Manager

Posted 26 days 17 hours ago by Abound

Permanent
Not Specified
I.T. & Communications Jobs
London, United Kingdom
Job Description

About the role

We're on a mission to make affordable loans available to more people. We have built award-winning technology to look beyond credit scores and offer fair credit to people ignored by traditional lenders.

We have two parts of our business. On the consumer side, we have Abound. Abound has helped us prove that our approach works at scale. While other lenders only look at your credit score, we look at all of the full picture - what you earn, how you spend, and what's left at the end. We're able to do this thanks to Open Banking.

On the B2B side, we have Render. Render is the platform that allows Abound to make better lending decisions. By better we mean less risky. And less risky decisions mean we can offer customers better rates than they can usually find elsewhere. We're taking Render global so that more companies can offer affordable credit to their customers.

Who you are

  • 5+ years professional experience as a security analyst

  • Strong understanding of security principles, threat intelligence, and risk management.

  • Experience implementing ISO27001 / SOC2 and conducting associated compliance assessments

  • Experience performing security assessments on cloud-based production services and endpoint devices

  • Verify the security of third-party vendors and collaborate with them to meet security requirements

Ideally, you'll also have

  • Proficiency in ethical hacking, intrusion prevention, and incident response.

  • Experience setting up private bug-bounty programs

  • Experience using or deploying a CSPM tool

  • Familiarity using or deploying EDR, SIEM, SOAR platforms for endpoint devices

What you'll be doing

  • Support the implementation of policies and controls to attain and maintain security certifications

  • Support both internal and external 3rd party security assessments

  • Set up processes to monitor and provide continual improvement of the security posture of the organization

  • Facilitate regular pen-tests

  • Own internal security training programs

  • Collaborate with compliance, IT and development teams to implement security best practice and policy controls

What we offer

  • Everyone owns a piece of the company - equity

  • 25 days' holiday a year, plus 8 bank holidays

  • 2 paid volunteering days per year

  • One month paid sabbatical after 4 years

  • Free gym membership

  • Save up to 60% on an electric vehicle through our salary sacrifice scheme with Loveelectric

  • Team wellness budget to be active together - set up a yoga class, a tennis lesson or go bouldering