Information Security Specialist GRC

Location Durham Hybrid
Contract Type Permanent
Hours Full time

We’re Atom…

The bank that’s leading the fintech charge.

Tech is at the heart of everything we do here at Atom. We’ve rebuilt the bank, from our app to our banking platform, to make sure it’s native and cloud based. Thanks to this approach, we can develop new products and ship updates to customers rapidly.

We have very little legacy, but that doesn’t stop us looking for ways to improve. For instance, we are already exploring ways to improve some services we transitioned to the cloud very recently. Quickness and efficiency are always a priority, but we never compromise on security, usability, or reliability getting there.

What’s it all about?

Technology is at the heart of the business, and we have a world-leading Technology stack that enables us to offer the most efficient, user-friendly app-based bank. The Technology team has end to end responsibility for all aspects of our Technology, from architecting the future, engineering solutions, and design, implementation of security requirements across internal projects and security operations.

You’ll be an advocate of best-in-class security practice with the ability to influence at all levels, provide practical advice and guidance and remain approachable to all of Atom’s people. As an InfoSec Specialist GRC you’ll be accountable for ensuring the bank is following governance, compliance to regulation and appropriately assessing information risk to ensure Atom’s customers, brand, people & reputation are protected from information security threats.

Please note, this role will require 1-2 days office-based work in Durham, only apply if this is viable from your location.

What will your ‘typical’ day look like…. (there’s no 2 days the same in Atom):

  • Be the lead for Information Security governance, risk & compliance
  • Support with the continuous development of the Information Security strategy
  • Collaborate with procurement & legal to deliver third party due diligence risk assessments
  • Be a key focal point for all things InfoSec compliance & regulatory
  • Manage & assess security risk in accordance with ISO 27001/2 & industry best practice.

What do we need from you?

  • Information Security experience & knowledge
  • Third party management experience
  • Security governance experience
  • An understanding of PCI standards & audit processes
  • Excellent interpersonal skills, with the ability to develop & maintain relationships at all levels.

What you’ll get from us:

  • Flexible and hybrid working
  • Annual Share Option – performance related
  • 4 day week
  • Incredibly generous company pension scheme (maximum of 13% of Atom input – candidate can put in more)
  • ‘All About Me’ fund: £200 per year to spend on personal development
  • 25 days holiday + 8 statutory days (rising by half a day with every year in the company)
  • Private Medical Insurance for you and full family
  • Health Cash Plan – expenses paid on Optical/Dental/other appointments/treatments
  • Life Insurance – 4 times annual salary
  • Critical illness cover – 1 x lump sum annual salary
  • Cycle to work Scheme

PLEASE NOTE: You must have the legal right to work in the UK to apply for this role as Atom is unable to support Visa Applications/Sponsorship

Atom is an equal opportunities employer.We value you as an individual and therefore disregard race, religion/belief, gender, sexual orientation, maternity/pregnancy, age, gender reassignment, marriage/civil partnership and disability in any hiring decisions we make. Atom will always adhere to the Equality Act 2010.

All roles within Atom must adhere to the Conduct Rules as set out by the Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA)