Atom is a digital bank, which bring with it a set of risks from a security perspective. This role will work within the Security Team, to protect, detect, respond and recover to Atom’s customers, brand, people and reputation. The role holder must be an advocate of best in class security practice with the ability to influence at all levels, provide practical advice and guidance and remain approachable to all of Atoms people.
The role holder will be accountable for ensuring that our security is in-line with various security standards, applicable legal, regulatory and best practice frameworks e.g. Data Protection Act 1998, FCA regulations, ISO 27001/2 compliance, PCI DSS and ITIL. The role requires a proven level of technical knowledge with a bias towards security risk management.
- Support the development of Atom’s Cloud initiatives.
- Engagement and support all activities that Atom will undertake.
- Scope, conduct and assess complex penetration testing; e.g. to CREST, CHECK or CBEST standards or handcrafting application exploits
- Looking at Security Threat and converting this to a material impact.
- Collaborate on appropriate training requirement.
- General audit and risk assessment support
- Third party security assessments.
- Manage and assess Security risk in accordance with ISO 27001/2 and industry best practice.
- Regular report generation and presentation.
- Acquire and maintain knowledge of relevant industry trends, and product offerings
- Be the key focal point for all security matters across the business
- Raise awareness of security within Atom through various communication exercises
- Ensure the Atom security policy is communicated to and followed by all staff and assist management with investigation of breaches.
- User admin of high level financial systems
- Supervision of Vulnerability management on Firewalls/Switches/Servers/Desktops
- Maintenance of 3rd party connectivity ensuring best practice security standard is followed
Key Performance Indicators
- Partner due diligence
- Security assessments to maintain alignment with industry benchmarks and compliance
- Pentest/Vulnerability management maintenance and improvement
- Design and deliver company wide security awareness program
- Risk assessment and management
- Partner relationship management
- Strong third-party management skills.
- Extensive experience of security governance in a technology environment.
- Good project management and consulting skills
- Experience of implementing and monitoring performance against the IS027001 standard and audit process.
- A good understanding of the PCI standard and audit process.
- Strong written and verbal communication skills with ability to adapt style to suit audience
- Excellent interpersonal skills with ability to build, develop and maintain relationships across all levels
- Strong attention to detail
- Excellent influencing skills
- Confident, assertive and pragmatic approach with ability to exercise judgement and discretion where appropriate
- Highly organised, with ability to work under pressure and to tight deadlines
- Flexible team player who can work autonomously
- Security architecture and security technology design
- Strong understanding of data and voice networks
- Business Continuity
- Initiative, Resourceful
- Flexibility and Agility. Able to multi-task and deliver
- Results orientated
- Experience of forensics and incident management; full incident response, chain of custody and engagement with legal and law enforcement
How do I apply?
Email your application to
with the job title you’re applying for in the subject heading and attach your CV. This is your chance to be you.
The legal bit.
If you send us your CV we'll use your details when we’re looking at your application for this job. We'll also store your CV for six months in case any roles that we think you'd be a great fit for become available.
If you don’t want us to use your details for this, or if you'd like any information at all about how we use your data, then just let us know at