About this Information Security Officer role at Recognisebank
Key Responsibilities
-
Security Governance, Policy & Reporting
-
Cyber Security
-
Security Awareness & Training
-
Data Loss Prevention & Insider Risk
-
Data Protection & Privacy
-
IT Infrastructure Oversight
-
Incident Management & Operational Resilience
-
Risk Leadership
Corporate Responsibilities
-
Read and follow all relevant company policies and procedures
-
Adhere to all risk-related responsibilities applicable to your role, as set out in the Risk Management Policy
-
Abide by all compliance and financial crime related policies, procedures and reporting obligations applicable to your role
- A Material Risk Taker for the bank you will need to act in accordance with regulatory expectations of a Certified individual
Required Skills & Experience
-
A minimum of 5 years’ experience in a second line information security, GRC or data protection role within a UK regulated financial services firm.
-
Working knowledge of PRA and FCA expectations, UK GDPR, PECR and operational resilience requirements.
-
Experience running security awareness programmes, including phishing simulations and e-learning platforms.
-
Working knowledge of Microsoft Purview 9DLP< Insider Risk management, Communication Compliance) and the wider Microsoft E5 security stack.
-
Experience responding to internal and external audits and drafting Board and committee papers.
-
Experience of third-party security due diligence and supplier risk assessments
-
Relevant certifications such as CISSP, CISM, CRISC, CIPP/E or ISO 27001 Lead Auditor (desirable).