Information Security Officer

Flexible hours
Fully remote
Employment type
Full time
Industry
FinTech
Key skills
Cybersecurity, Business Analysis

This is a challenging, exciting, varied and broad role. Some key duties include responding to alerts from the SIEM, Vulnerabilities Management with Qualys, managing and implementing security tools such as DLP and IPS, co-ordinating pen test and security remediation with engineering team, Risk Management, updating Risk Register and Continual Improvement log where security issues have been identified, updating documentation when required, and participation in internal and external audit activities.

THE TEAM

Our awesome Security team consists of Information Security Officers, Cloud Security Engineers and Ethical Hackers and we're now looking to grow this team.

THE ROLE

This is a challenging, exciting, varied and broad role. Some key duties include responding to alerts from the SIEM, Vulnerabilities Management with Qualys, managing and implementing security tools such as DLP and IPS, co-ordinating pen test and security remediation with engineering team, Risk Management, updating Risk Register and Continual Improvement log where security issues have been identified, updating documentation when required, and participation in internal and external audit activities.

Some of our main security tools: Cloudflare, Trend Micro Deep Security, Alienvault USM, Carbon Black, Qualys, Jamf, Snyk, AWS GuardDuty, AWS Cloudtrail, AWS IAM, AWS Shield, Ubuntu Landscape, Vault, Auth0.

Occasional travel to our London office will be required.

WHAT WE'RE LOOKING FOR

ESSENTIAL

  • 5+ years in Information/Cyber Security.
  • A technical background.
  • Working knowledge of security frameworks and security controls e.g. NIST CSF, ISO22301, IS027001, ISAE3000/SOC2, SOC1, GPDR and PCI DSS.
  • Exposure to security operations and application security best practices.
  • Experience developing, writing, implementing, auditing and improving information security policies and procedures aligned to relevant industry frameworks/standards to ensure that security and compliance accreditations are achieved and maintained.
  • Perform periodic internal audits, reviews and contribute to the continuous improvement of IT security standards, processes and procedures.
  • Ability to perform Business Impact Analysis, risk assessment and treatment.
  • Experience operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems.Relevant certifications (CISSP etc.)

DESIRABLE

  • Experience in security incident response, forensic security investigations, management and remediation of identified and day zero vulnerabilities, alerts, threats and breaches.
  • Public Cloud Security experience.

BENEFITS  

  • 30 days annual leave plus Bank Holidays
  • Remote friendly environment
  • Flexible working arrangements
  • Udemy and educational reimbursements
  • Full details are available on our careers page

ABOUT US

We are an award-winning cloud-native payment technology provider for financially regulated institutions. Launched in 2016, we've doubled in size year on year as we continue to redefine what a truly instant payment experience means.

We celebrate diversity, promote entrepreneurialism and are committed to giving everyone a say in shaping our business. Here you will grow as a person and accomplish incredible things. A career at Form3 is empowering, inspiring and fun. Join us and help shape the future of payments.

EQUAL OPPORTUNITIES

At Form3 we embrace equal opportunity and are committed to building a diverse team of exceptional individuals. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status and it is our strong belief that the more inclusive we are as a business, the better our work will be.

For more information regarding how we process your data, please read our Recruitment Data Policy

Flexible hours
Fully remote