Information Security Director
London, England, United Kingdom - Remote
Cytora
Cytora transforms underwriting for commercial insurance. Our platform helps insurers to underwrite more accurately, reduce frictional costs, and achieve profitable growth.We are a high-growth FinTech start-up using data and machine learning to revolutionize the insurance industry. You will be joining a strong and mission driven team, working to build products that are fundamentally changing the way insurers see the world, enabling them to move from an assumption-based understanding of risk to an empirical, data-driven view.
The Role
As we continue to evolve and improve our information security environment across different countries and become ISO27001 certified, we are seeking an expert to design, own and run the compliance environment.
We need someone who is a digital-native (ideally with software experience), passionate about technology and proactively stays on the bleeding edge of the latest innovation in software and cybersecurity.
Responsibilities
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Evaluate the company’s threat landscape. Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management framework
- Ensure consistent application of security policies and standards across all technology projects, systems and services
- Provide leadership to the company's information security organization
- Partner with business stakeholders across the company to raise awareness of risk management concerns
- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
- Lead security audits and compliance initiatives
- Lead or support business continuity and disaster recovery initiatives
- Lead data privacy aspects of information security
- Report on the company's cybersecurity posture and risk management priorities to senior management
Requirements
- Professional security management certifications, such as CISSP, CISM or CISA
- Minimum of 5 years of experience in a combination of risk management, information security and IT jobs
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, SOC2 and NIST
- Innovative thinking and leadership with an ability to lead and
- motivate cross-functional, interdisciplinary teams
- Experience with contract and vendor negotiations and management
- Experience working with best in class software development practices and modern IT environments
- Excellent written and verbal communication skills and high level of personal integrity
- Self driven and entrepreneurial
- Strong program and project management skills
Benefits
- We're remote first, meaning you can work wherever you want in Europe.
- Monthly get togethers with fun activities
- Quarterly 3-day offsites in exciting places (eg. Menorca, Greece, Malaga)
- Freedom to choose your own desk setup including laptop, desk, chair and others
- Flexi-working outside core hours of 10-4pm GMT
- We give you £2k/€2k every year for you to go anywhere in the world and work from there
- £1,500/€1,500 learning and development budget each year
- Stock options that are exercisable on termination
- Enhanced parental leave: 18 weeks primary carer, 6 weeks secondary carer
- Private health insurance with Vitality
*We employ people across the UK and EU (using a 3rd party Employer of Record model), and inevitably the benefits that we can offer vary slightly in different territories, due to local employment law and feasibility. Our salary range does not vary depending on territory.
Tags: Audits CISA CISM CISSP Compliance FinTech ISO 27001 Machine Learning NIST Privacy Risk assessment Risk management SOC 2
Perks/benefits: Career development Equity Health care Parental leave Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs