At Reward Gateway, we’re driven by our culture and our mission to “make the world a better place to work.” We do this through our products and technology, supporting over 4500 clients and their leaders to connect, recognise and engage with their people.
An opportunity has become available for an InfoSec Risk & Compliance professional to support our Governance, Risk & Compliance, and Information Security operations and be part of a growing business.
At Reward Gateway, we already understand that Compliance and Security are paramount to our success, reflected in the culture. Our Leadership Team is fully committed to Compliance and Information Security and you won’t have to spend time convincing stakeholders to care - you’ll be empowered to improve the company.
We have a longstanding ISO 27001 programme and are on the final stretch toward SOC2 Type II compliance. We are also working toward attaining Cyber Essentials Plus compliance, with ISO 9001 planned as well. These standards structure everything we do and enable our business to grow by providing a high level of assurance to our customers.
Support our control framework covering ISO 27001, SOC2 Type II, PCI DSS, Cyber Essentials Plus and (in the future) ISO 9001
Ensure ISO readiness/compliance by conducting/supporting periodic internal audits and participate in hosting ISO registrar audits
Assist with analysis, documentation and remediation actions for detected audit observations
Verify implementation and effectiveness of the corrective/preventative actions
Support the GRC Manager and process owners in developing, documenting, reviewing, and communicating company processes and procedures to incorporate best practices in Quality Management and Information Security Management
Maintain the compliance automation platform for achieving streamlined compliance activities
Support the Director of Information Security and Risk Owners with the risk management process
1+ year experience working in Information Security Compliance/Internal Audit
Experience with a compliance framework (ISO27001, SOC 2 Type II, PCI DSS) (You’re not expected to have expertise in all these frameworks)
Understanding of information security concepts and technology
Previous exposure to cloud technologies and cloud security
Experience in Document Management (incl. Good Documentation Practices) and procedure review
Excellent English communication skills
Comfortable with working across multiple projects, geographical locations and assignments at once
Have a risk-based approach for problem solving
The Interview Process
A 30 minute video interview with the Senior Talent Partner
First stage online interview with the Governance Risk & Compliance Manager
Final stage video interview with the Director of Information Security and the Governance Risk & Compliance Manager
Be comfortable. Be you. At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER. From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.