Atom is a digital bank, which brings with it a set of risks from a security perspective. This role will work within the Security Team, to protect, detect, respond and recover to Atom’s customers, brand, people and reputation.
The role holder must be an advocate of best in class security practice with the ability to influence at all levels, provide practical advice and guidance and remain approachable to all of Atoms people.
The role holder will support Atom to ensure that security is in-line with various security standards, applicable to legal, regulatory and best practice frameworks relating to banking standards. The role requires a broad understanding of Information security with some experience in a similar role.
- Support the development of the Security Framework for Atom
- Assisting with Third party security assessments
- Engagement and support all activities that Atom will undertake
- Understanding of General Data Protection Regulation (GDPR)
- Supporting with scoping, conducting and assessing complex penetration testing; e.g. to CREST, CHECK or CBEST standards or handcrafting application exploits
- Looking at Security Threat and converting this to a material impact
- Collaborate on appropriate training requirement
- General audit and risk assessment support
- Regular report generation and presentation
- Acquire and maintain knowledge of relevant industry trends, and product offerings
- Help to raise awareness of security within Atom through various communication exercises
- Ensure the Atom security policy is communicated to and followed by all staff and assist management with investigation of breaches
Key Performance Indicators
- Partner due diligence assurance
- Security assessments to maintain alignment with industry benchmarks and compliance
- Pentest/Vulnerability management maintenance and improvement
- Design and deliver company wide security awareness program
- Risk assessment and management
- Partner relationship management
- Experience within an Information security environment
- Experience of security governance
- Good project management and consulting skills
- Knowledge of implementing and monitoring performance against the NIST, IS027001 standards and audit process.
- An appreciation of the PCI standard and audit process.
- Strong written and verbal communication skills with ability to adapt style to suit audience
- Excellent interpersonal skills with ability to build, develop and maintain relationships across all levels
- Strong attention to detail
- Excellent influencing skills
- Confident, assertive and pragmatic approach with ability to exercise judgment and discretion where appropriate
- Highly organised, with ability to work under pressure and to tight deadline
- Flexible team player who can work autonomously
- Business Continuity
- Initiative, Resourceful
- Flexibility and Agility. Able to multi-task and deliver
- Results orientated
- Third party management skills
- Relevant industry qualification or experience, i.e. diploma/masters in information security, CCSA, SSCA, CISM, CISSP or equivalent.
The legal bit.
If you send us your CV we'll use your details when we’re looking at your application for this job. We'll also store your CV for six months in case any roles that we think you'd be a great fit for become available.