Job Description

Key Responsibilities

• Support our control framework covering ISO 27001, SOC2 Type II, PCI DSS, Cyber Essentials Plus and (in the future) ISO 9001
• Ensure ISO readiness/compliance by conducting/supporting periodic internal audits and participating in hosting ISO registrar audits
• Assist with analysis, documentation and remediation actions for detected audit observations
• Verify implementation and effectiveness of the corrective/preventative actions
• Support the Head of GRC and process owners in developing, documenting, reviewing, and communicating company processes and procedures to incorporate best practices in Quality Management and Information Security Management
• Maintain the compliance automation platform for achieving streamlined compliance activities
• Support the Director of Information Security and Risk Owners with the risk management process

Skills

• At least 1+ year of experience working in Information Security Compliance/Internal Audit 
• Experience with at least one compliance framework (e.g., ISO 27001, ISO 9001, ISO 22301, SOC 2 Type II, PCI DSS).
• Understanding of information security concepts and technology
• Previous exposure to cloud technologies and cloud security will be beneficial
• Experience in Document Management (incl. Good Documentation Practices) and procedure review
• Excellent English communication skills 
• Comfortable with working across multiple projects, geographical locations, and assignments at once
• Have a risk-based approach to problem-solving

The Interview Process

• A 30-minute online interview with the Senior Talent Partner
• First stage online interview with the Head of Governance Risk & Compliance  
• Final stage interview with the Director of Information Security and the Head of Governance Risk & Compliance