Information Security Officer

Job Description

At a Glance

Us: Fast growing startup of 90+ people. Remote team, mainly based in the UK. YC alumni (summer 2019). We’re on a mission to connect people around the world to make trustworthy data more accessible and facilitate world-changing research 🚀

The Role

As ISO, you will be our ‘go-to’ person for all data security and data compliance operations and expertise. You will be managing and driving security initiatives across the business, taking strategy and policy forward and driving implementation, focus and delivery for all of Prolific’s data security needs. You will have the platform to bring your passion for information security and grow and nurture from the ground up the data security infrastructure that will support a fast-growing, ambitious and ethical online marketplace business.

What you'll be doing

• Be a hands-on ISO with a strong background in web and API security, data security, public cloud security and experience in implementing secure development and testing processes
• Help implement and monitor company data security policies and undertake and manage the day-to-day operational data security elements within the Prolific Group, internal self-assessments against security controls standards, vendor security assessments and monitoring, business continuity, security incident response, vulnerability and penetration testing of our IT infrastructure and web services.
• Be a cultural champion for data security and data compliance across our team, with a deep understanding of the culture change elements of adopting information security into a culture. You’ll be a partner and collaborator, not a gatekeeper.
• Keep on top of movements in the cybersecurity space and new threats and keep the Prolific team aware of and actively defending against these.

What you’ll bring

• You’ll have work excellent experience in network, systems administration, or IT security
• Ideally some experience of overseeing security policies and frameworks, such as ISO 27001 / NIST / CIS / COSO / RMF / PCI / HIPAA
• Good knowledge of GDPR and cybersecurity measures
• Good knowledge of technical solutions for MFA, password management, secure file transfer and encryption & current cyber security threat landscape
• Experience with IT Security Architecture or a System/Software Development background
• Knowledge of web application security, data security, public cloud security as well as experience in implementing secure development and testing processes

Even better if you have

• Previous experience working within financial services
• Previous auditing experience
• Experience in a similar role in a complex, scaling organisation in the UK or USA

Qualifications

• You’ll have either an industry recognised qualification i.e. CISSP/CISM/CISA, or be able to provide demonstrable evidence that you’re self-driven and self-taught to a exceptional degree in this space

What you’ll get

⚖️ Work Life Balance: We’re all looking to strike the right work-life balance, and as a remote-first company you’re able to work flexibly from home or our dog-friendly co-working space in Old Street. We offer 25 days of holiday, plus bank holidays of course, which you can opt out of if you’d like. We also offer summer hours, with early finish Fridays throughout June to August.

🏡 Family Life: We offer generous maternity, paternity and shared parental leave. Need to pick your child up from school? No Problem. Our flexible working gives you the childcare flexibility you need.

🧘 Wellbeing: We care deeply about our employee's well-being and that’s why we offer comprehensive Bupa private health insurance that disregards medical history and also Medicash (a health cash plan). We also offer a taxable monthly stipend of £150 that you can spend on whatever improves your wellness and remote working experience. Having a healthy working environment is really important to us and so we offer a £1,000 home office budget, along with a Mac laptop when you start - plus a £200 yearly top-up.

📚 Learn & Grow: Development is really important to us and we want to give all of our employees the opportunity to learn and grow. There are many personal growth and career progression opportunities available, as well as mentoring. And we also offer a £1,000 yearly budget for education, growth and training for you to use at your discretion.

💙 Culture: We’re a friendly bunch here at Prolific; open, transparent and inclusive. Although we’re a remote-first company, we still love to hang out with each other! We run frequent collaborative company-wide meet-ups, team meet-ups & socials throughout the year (both virtually and in-person). As a business we’re also committed to carbon offsetting; each month we donate money in your name to plant trees, and being remote we’re doing our bit to offset travel as well.

Our Interview Process

Talent Call: You'll meet with one of our Talent team and have an exploratory call about the role requirements, life at Prolific, as well as your background and aspirations.

Hiring Manager Interview: You'll interview with two members of the team, one of which will be the hiring manager. You'll have the opportunity to ask about the company and the role, and we'll ask you questions about your experiences and goals. Panel Interview: We'll hold a panel interview that evaluates skills required for the role. You'll meet with more of our team and may be asked to complete a presentation or task. You'll be compensated with a £50 voucher 💰 for completing the task because we know your time is valuable! Final Interview: We will deep dive into your past experiences, goals, motivations, and skills all aligned to our Prolific Principles. You'll speak with two to three members of the team and - as always - have an opportunity to ask questions about the role and company.

Diversity, Equity and Inclusion Monitoring

Prolific is an equal opportunity employer. We celebrate diversity and are committed to fostering diversity, equity and inclusion in the workplace. We welcome all applications, and consider them without regard to race, religion, belief, age, gender, gender expression, gender identity, gender reassignment, disability, marriage or civil partnership status, pregnancy or maternity, sex or sexual orientation.

We are committed to ensuring a fair recruitment process, it's essential to our success. Under the Equality Act (2010) we collect information from individuals at the point of application. We anonymously monitor the profiles of individuals that apply to each vacancy to ensure that no individual is unfairly discriminated against or disadvantaged.

Privacy Statement

By submitting your application, you agree that Prolific may collect your personal data for recruiting and global organisation planning. Prolific's Candidate Privacy Notice explains what personal information Prolific may process, where Prolific may process your personal information, its purposes for processing your personal information, and the rights you can exercise over Prolific’s use of your personal information.