Information Security Manager

At SilverRock, we are building a new bank. Our vision is to “Pioneer fairer financial outcomes by empowering lenders to deliver and enabling savers to prosper” We are doing this by building a unique and highly scalable data driven multi-asset bank through a partnership of ecosystems, specialising in the delivery of forward flow partnerships and portfolio acquisitions from non-bank lenders, alongside our own brand deposits.Purpose of Role/Job Overview The Information Security Manager will be a critical member of the SilverRock team, with responsibility for the Bank's Information Security function and related functions, reporting to the COO/Head of Technology and subject to oversight from the firms COO and DPO. The post holder will be responsible for managing the Firm's, overall infrastructure and data security profile, ensuring GDPR compliance programmes and managing an on-going information security risk assessment program, as well as initiating and managing information governance initiatives.In conjunction with the COO and the Head of Technology and data, develop and continuously improve the firm's information security strategy;In conjunction with the Firm's COO and Head of Technology and data, review and update the firms Information Security policies and guidance notes.Responsible for the on-going compliance with the UK GDPR Regulation in conjunction with the firms Data Protection OfficersResponsible for carrying out due diligence on third party suppliers to ensure ongoing compliance with UK GDPR and ISO accreditations.Act as the Bank’s subject matter expert in relation to information/cyber security and privacy risk management matters and undertake a comprehensive, in-depth review of the Bank’s Information/cyber security and privacy risk analysisLead security strategy for business transition, risk appetite and develop IT risk landscapeResponsible for facilitating, managing and delivering successful external audits, penetration and vulnerability scanning as requiredManage and respond to all security related incidents, developing strong internal and external relations to promote the early identification and resolution of incidentsDevelop Information security roadmap and strategy across business landscapeResponsible for collating Information Security and Cyber reporting and providing senior management with updates and advice as required.Responsible for security awareness training initiatives and communication plans to promote security awareness in the Firm.Key Accountabilities We are looking for an exceptionally talented and experienced individual, highly motivated and with proven expertise across financial services, and in-depth knowledge of information security solutions. The successful candidate will lead the Information Security strategy working across the wider business. We require an individual with energy and authenticity – capable of initiating and nurturing relationships, leading the investment / asset team with skill, experience and passion.An ideal candidate should have: High degree of honesty and integrityStrong work ethicStrategic thinker and proficient decision makerAbility to develop and maintain professional relationshipsStrong organisational and planning skillsProven leadership abilitiesAbility to effectively delegate and manageExcellent communication skills (written and verbal)Start up experienceKey Qualifications We would expect the successful candidate to have a minimum of 5-7 years' experience in a similar role in a financial services environment SMEThe ability to grasp and apply complex new technologies quicklyA good understanding of the regulatory framework constituted by the Data Protection Act, the GDPR and the SRA Guidelines, and any other regulatory framework to which the Firm may be or become subjectAll round technical understanding of IT system, Cloud, SaaS and M365 platformsA proven record of project delivery and implementationCertified in advanced security standards (CISSP, CISM or CCSP)Ideally hands-on participation in the implementation of the security landscape across M365 and 3rd parties SaaS based platformsExperience working with data and ETL solutions and securityAbility to perform functions independently with minimal supervision, operate flexibly according to evolving priorities and achieve stated goals within agreed-upon timelinesProposed Start Date: TBCInterview Process Stage 1 – Initial team’s chatStage 2 – Face to face with Head of Technology & COOSalary and BenefitsLifestyle and family friendly policiesHealth Insurance for you and your spouse28 days Holiday Entitlement (plus bank holidays)Life InsurancePension ContributionMust be able to work in the UK without requiring Sponsorship.No recruiters