Information Security Manager

Turtl is an exciting software company with more than 300 customers around the world and 120+ employees based in London and Boston.

Our software enables anyone to create, personalize, publish and track digital documents - with no need for specialist design or coding skills. Turtl is used by businesses of all sizes, from small organizations to big names, such as Cisco, Nestle and Lexus. We think there’s huge potential for growth given the wide applicability of our software and the clear benefits we’re hearing from customers.

It’s a fast-paced work environment, so we’re looking for talented people who want to continuously learn and actively embrace challenges. You’ll find Turtl a straightforward and open place to work, where colleagues can be relied on to help.

If you’re ready to take that next step in your career, then it’s a great time to be joining the team!

THE ROLE

We are looking for an IT Security Manager to join us in this newly created role where you will play a crucial part in ensuring the protection and integrity of our organisation's information assets.

Your primary tasks will include implementing and maintaining an Information Security Management System (ISMS), reviewing and updating policies and procedures, providing security guidance to teams, conducting risk assessments, and supporting the implementation of risk treatment controls. Additionally, you will be involved in business continuity planning, compliance activities, and serving as the point of contact for ISO 27001 audits.

WHAT YOU'LL DO

• Implement and maintain an Information Security Management System (ISMS) and best practices throughout the business.
• Review and update policies, statements, and procedures to ensure they are relevant and kept updated.
• Plan, implement, maintain, audit, and test procedures for business continuity and disaster recovery.
• Provide information security guidance to teams across the organisation.
• Support HR with onboarding/offboarding following the least-privilege policy access principle and other IT related activities (device management, VPN & malware setup, etc.),
• Be the primary contact for all compliance and information security matters, including:
  • financial compliance,
  • data protection,
  • client’s information security questionnaires, vendor assessments, and
  • ISO 27001 audits.
• Ensure regular compliance processes are carried out, including
  • employee training,
  • background checks,
  • penetration testing, and
  • backup testing.

Requirements

• Holistic understanding of global information security standards, regulations, policies, and procedures.
• Experience working with ISO27001/SOC2 (or equivalent) compliant IT environments.
• Expertise in IT security, cloud computing concepts, systems administration, data storage, and vulnerability mitigation.
• Good communication and presentation skills with attention to detail, capable of effectively conveying technical issues to both technical and non-technical stakeholders.
• Familiarity with UK Data Protection Act and European GDPR.
• Ability to make informed, yet pragmatic decisions.
• Familiarity with encryption, access controls, and secure software development practices is a big plus.
• Background in the field of Computer science, Informatics, or Legal is a big plus.

Benefits

• A competitive base salary
• Stock Options

EQUAL OPPORTUNITIES STATEMENT

Turtl is an equal opportunity employer and are committed to growing a diverse workforce that represents all people regardless of race, ethnicity, religion, age, gender identity or expression, sexual orientation, disability or neurodiversity. We encourage applications from all backgrounds and will make any recruitment or interview adjustments that will ensure a comfortable candidate experience.