Information Security Manager (UK/Remote)
ZEN.COM is a smart financial app designed for your everyday life – at home and on the go. We make payments, online shopping, and personal finance management fast, secure, and effortless. With ZEN.COM, you can enjoy cashback on purchases, full control over your spending, and peace of mind thanks to purchase protection. A built-in multi-currency account lets you spend abroad or shop internationally with great exchange rates and no hidden fees.
We are looking for an Information Security Manager to lead our local security strategy and collaborate with regulatory authorities, senior management, and the risk and compliance team.
This role will require ongoing monitoring of UK regulations, ensuring compliance with applicable frameworks including Operational Resilience and UK GDPR.
The successful candidate will collaborate closely with Information Security team members and leverage the global cyber security control framework to monitor controls and associated risks.
Requirements:
- 5+ years of experience in information security management, ideally within financial services, banking, or payments.
- Experience in InfoSec and Cyber Security.
- Experience setting up policies and processes in InfoSec area.
- Familiarity with PCI-DSS, ISO27001, SOC 2/3 or other global standards.
- Familiarity with regulatory requirements (DORA, PCI-DSS, PSD2, GDPR).
- Understanding of agile development processes and devops.
- Strong analytical and problem solving skills.
- An analytical mindset with great stakeholder management and communication skills.
- The ability to work independently and take initiative when needed elevant information security certifications.
Responsibilities:
- Policy and procedure localizing, writing and implementing as efficient processes.
- Periodic review and improvement of existing processes and policies.
- Conducting security vendor assessments.
- Monitor the effectiveness of security controls and identify areas for improvement.
- Performing security risk and control assessments for new products or initiatives.
- Working with third party InfoSec auditors (penetration testing, PCI compliance etc.).
- Conduct regular risk assessments and vulnerability assessments to identify security gaps and develop appropriate mitigation plans.
- Conducting regulatory gap analysis for regulations and local laws.
- Answering regulatory requests related to information security.
- Managing information security incidents.
- Oversee information security risks associated with outsourced services and intra-group arrangements.
- Testing the annual information security control plan in collaboration with the wider Information Security and Technology teams.
What we offer:
- Real influence on shaping the ZEN.COM.
- Work in an environment where innovation and effectiveness truly matter.
- Competitive salary and flexible working conditions.
- Internal and external training opportunities.
#J-18808-Ljbffr