Information Security Manager

Ripjar specialises in the development of software and data products that help governments and organisations combat serious financial crime. Our technology is used to identify criminal activity such as money laundering and terrorist financing and enables organisations to enforce sanctions at scale to help combat rogue entities and state actors.

Team mission:

Our IT team is responsible for the implementation, management, and delivery of IT services to meet the needs of Ripjar. It ensures that the appropriate mix of people, processes, and technology are in place to provide value. In essence, the team makes sure Ripjar runs as efficiently as possible.

What you’ll be doing:

The Information Security Manager will be responsible for the internal IT systems of Ripjar and for implementing and maintaining our Information Security Management System.

The candidate will be responsible for monitoring and improving the information security of Ripjar’s technology infrastructure and products and will play a vital role in maintaining our ISO27001, SOC2 and Cyber Essentials certifications.

There will have 2 direct reports to you who currently run the company’s internal IT and 3 indirect reports, who are responsible for our operational product infrastructure.

Key tasks

• Developing and implementing IT policy and best practice guides for the organisation
• Identifying and acting on opportunities to improve and update software and systems
• Providing direction for IT team members
• Managing and reporting on allocation of IT budget
• Conducting Internal Information Security audits and IT Risk assessments
• Main point of contact for external security audits.
• Answering client security questionnaires
• In conjunction with our operational product infrastructure team, assess and monitor current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
• Managing/maintaining our ISMS, company security policies, procedures, and processes.
• Educate the business on Information Security best practices and ensure training and internal standards are sufficient
• Conducting 3rd party/supplier risk assessments

The successful candidate should have these skills:

We recognise that demonstrable skills in all these technologies is not easy to find. Don’t let that stop you from applying! We can work in partnership to identify your strengths and provide you with the training necessary to fill any gaps:

• Strong understanding of IT including Cyber Security, Infrastructure, Cloud
• A solid understanding of IT Security standards and management across major cloud service providers including AWS and GCP
• Working knowledge of Security Architecture and potential security issues across PaaS, IaaS, SaaS in AWS environments
• Understanding of IAM, and Data Loss Prevention in an AWS environments
• Good knowledge of Network architecture - CCNP level knowledge desirable
• Knowledge of Infrastructure architecture, including Cloud / Hybrid Cloud / private data centres
• Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls.
• Experience implementing and managing security standards and frameworks including ISO27001, SOC-2 and Cyber Essentials
• Experience managing Linux (RHEL / CentOS ) environments
• Communication
• Analytical Skills
• Experience leading a team
• CISM / CISSP Desirable

Benefits

Why we think you’ll love it here

• Competitive salary DOE
• 25 days annual leave, rising to 30 days after 5 years of service
• Hybrid position – minimum 2 days a week in the office
• Company Share Scheme
• Private Family Healthcare
• Employee Assistance Programme
• Company contributions to your pension
• Enhanced maternity/paternity pay
• The latest tech including a top of the range MacBook Pro
• Offices in Cheltenham, London and Bristol
• There is a well-stocked pantry with food, snacks and drinks when in the office

Ripjar’s Commitment to Diversity

“Diversity is essential in the way we operate. Having people from different backgrounds, genders and experiences ensures that we make decisions with a truly global perspective. Diversity gives us strength in our technology, analysis and relationships.” - Maria Cox, Head of People Operations