Information Security Manager
Bristol, England, United Kingdom
Ripjar
Our Labyrinth platform supports leading global companies and governments to detect criminal behaviour.Ripjar specialises in the development of software and data products that help governments and organisations combat serious financial crime. Our technology is used to identify criminal activity such as money laundering and terrorist financing and enables organisations to enforce sanctions at scale to help combat rogue entities and state actors.
Team mission:
Our IT team is responsible for the implementation, management, and delivery of IT services to meet the needs of Ripjar. It ensures that the appropriate mix of people, processes, and technology are in place to provide value. In essence, the team makes sure Ripjar runs as efficiently as possible.
What you’ll be doing:
The Information Security Manager will be responsible for the internal IT systems of Ripjar and for implementing and maintaining our Information Security Management System.
The candidate will be responsible for monitoring and improving the information security of Ripjar’s technology infrastructure and products and will play a vital role in maintaining our ISO27001, SOC2 and Cyber Essentials certifications.
There will have 2 direct reports to you who currently run the company’s internal IT and 3 indirect reports, who are responsible for our operational product infrastructure.
Key tasks
- Developing and implementing IT policy and best practice guides for the organisation
- Identifying and acting on opportunities to improve and update software and systems
- Providing direction for IT team members
- Managing and reporting on allocation of IT budget
- Conducting Internal Information Security audits and IT Risk assessments
- Main point of contact for external security audits.
- Answering client security questionnaires
- In conjunction with our operational product infrastructure team, assess and monitor current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
- Managing/maintaining our ISMS, company security policies, procedures, and processes.
- Educate the business on Information Security best practices and ensure training and internal standards are sufficient
- Conducting 3rd party/supplier risk assessments
The successful candidate should have these skills:
We recognise that demonstrable skills in all these technologies is not easy to find. Don’t let that stop you from applying! We can work in partnership to identify your strengths and provide you with the training necessary to fill any gaps:
- Strong understanding of IT including Cyber Security, Infrastructure, Cloud
- A solid understanding of IT Security standards and management across major cloud service providers including AWS and GCP
- Working knowledge of Security Architecture and potential security issues across PaaS, IaaS, SaaS in AWS environments
- Understanding of IAM, and Data Loss Prevention in an AWS environments
- Good knowledge of Network architecture - CCNP level knowledge desirable
- Knowledge of Infrastructure architecture, including Cloud / Hybrid Cloud / private data centres
- Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.
- Experience implementing and managing security standards and frameworks including ISO27001, SOC-2 and Cyber Essentials
- Experience managing Linux (RHEL / CentOS ) environments
- Communication
- Analytical Skills
- Experience leading a team
- CISM / CISSP Desirable
Benefits
Why we think you’ll love it here
- Competitive salary DOE
- 25 days annual leave, rising to 30 days after 5 years of service
- Hybrid position – minimum 2 days a week in the office
- Company Share Scheme
- Private Family Healthcare
- Employee Assistance Programme
- Company contributions to your pension
- Enhanced maternity/paternity pay
- The latest tech including a top of the range MacBook Pro
- Offices in Cheltenham, London and Bristol
- There is a well-stocked pantry with food, snacks and drinks when in the office
Ripjar’s Commitment to Diversity
“Diversity is essential in the way we operate. Having people from different backgrounds, genders and experiences ensures that we make decisions with a truly global perspective. Diversity gives us strength in our technology, analysis and relationships.” - Maria Cox, Head of People Operations
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS CCNP CISM CISSP Cloud Firewalls GCP IaaS IAM IDS IPS ISMS ISO 27001 Linux Monitoring PaaS Risk assessment SaaS SOC SOC 2 Vulnerabilities
Perks/benefits: Career development Competitive pay Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs