Information Security Manager

2 days ago

Apply Now

Receive Emails with Similar Jobs

eduMe

WebsiteLinkedInAll Job Openings

The only Workday Certified frontline training platform 🚀

E-learning • SaaS • Microlearning • Workforce Success • Mobile Training

51 - 200

💰 Series B on 2022-01

Description

•Oversee our security programme and maintain our annual SOC 2 compliance recertification •Lead our information security efforts: define approaches, help teams and individuals adopt good practices and run security related processes •Work with key stakeholders to ensure that security is built into the design of projects and initiatives across the business •Lead and evolve eduMe’s information security and privacy programme •Manage our annual security and compliance activities such as our annual SOC 2 Type 2 recertification and annual penetration testing •Act as the central point of contact with the business based in the UK and US with regards to security and compliance •Articulate security and compliance requirements in our evaluation of third party products •Manage vendor security processes such as completing security questionnaires and including security language in contractual agreements •Facilitate eduMe’s response to security incidents with the support from the management team and the necessary squads •Work with teams collaboratively across the business to implement processes and tooling that facilitate a strong security conscious culture •Work with customer facing teams to communicate eduMe’s security and compliance posture effectively •Take a pragmatic approach to balance security best practices and the needs of the business •Collaborate closely with our Product, Engineering, Sales, People, Finance and Customer Success teams to drive solution that align with business goals, user needs and security best practices

Requirements

•Knowledge and experience of designing controls and processes against the SOC 2 Type 2 requirements and the NIST Cyber Security Framework •Hands on experience with information security, especially working with security technologies in cloud based environments •Ability to conduct threat and risk assessments across varied technology stacks, identifying suitable mitigating controls •Good understanding of privacy requirements (including UK and EU GDPR and CCPA) •Experience working with developer and product teams to improve security processes and integrate security tooling •Experience in managing and completing vendor security reviews and working with legal and procurement teams on contractual agreements. •Ability to manage or support incidents requiring coordination across teams •Strong cross functional collaboration skills and problem solving skills •Excellent spoken and written communication skills in English •Ability to participate in-person in team and company activities in London at least 2 days per week

Benefits

•33 days of paid leave a year, with the option to carry 5 days over •Vitality Health cover for physical & mental health support •Inclusion in the company share option plan - you're a part of the success! •Flexible working to support you, your life, and those around you, supported by a budget to set up your home working environment for comfort and success •On top of the above, we offer every employee the chance to spend 30 days working from anywhere around the globe, every year •Enhanced parental leave for primary and secondary carers •Sick pay for physical and mental health •A Personal Learning and Education budget and time dedicated for any learning activities you want to pursue •Team socials twice a year •We take the entire company for a multi-day off-site every year!