Information Security Manager at iProov

 InfoSec Manager

If you’d like to make the online world a safer place, come and join us.

About iProov:

iProov is the world leader in face biometric verification. We establish trust in remote users and deliver effortless, customer centric, device independent authentication tied to trusted ID credentials.  We are on a mission to make the Internet a safer place for businesses and consumers. 

Our unique facial biometric technology allows banks, governments, healthcare and travel providers to verify customer identity online and provide simple access to secure services.  In 2020 we were recognised as a Gartner Cool Vendor and as the 5th fastest growing technology company in the UK by Deloitte. We work with leading customers & partners across a number of industry sectors worldwide - organisations using our technology include the US Department of Homeland Security, the UK Home Office, the NHS, Eurostar, the Australian government, the Singapore government, ING and many more. 

Our flagship Genuine Presence Assurance technology continues to solidify its global market leadership, with verifications growing at a consistent rate of 25% per month worldwide.  This has been driven by demand from organizations needing to verify the identity of online users to prevent fraud. iProov’s patented technology assures the genuine presence of an online user to ensure they are the right person, a real person, and authenticating right now.

Diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together.  We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to our purpose.

Our role:

iProov has continued to scale rapidly this year and is looking for a Information Security Manager to join our friendly, high performing & collaborative team, you’ll report into our Head of Compliance & Information Security, working closely with the Cyber Security Manager and colleagues across iProov.

The key responsibility for this role is to improve iProov’s security posture and continue the on-going development of iProov’s Information Security Management System and safeguard our information security standards certifications. The Information Security Lead will be an integral part of the highly collaborative and performing Compliance & Information Security function and our champion conducting internal audits inline with the requirements of several security standards such as ISO 27001, SOC-2,  IRAP and eIDAS. 

The Information Security Lead will want to be able to hit the ground running and will likely have a consultative approach, possessing the skills to liaise with senior stakeholders whilst articulating highly technical matters in a non-technical manner. The ISM will partner with the Technical Operation and Biometric teams to continually simplify and improve upon the architecture of our environments.

The Information Security Lead will thrive in this friendly and supportive environment whilst being surrounded by impassioned colleagues. We care about the career and professional development of everyone within the iProov community; and it is our promise to you that you’ll continue on your learning journey, make a real impact and never get bored.  

How you’ll make an impact:

• Working with the Head of Compliance & information security  and Cybersecurity Manager in driving all the  iProov functions to improve its security posture.
• Assist the Cyber Security Manager with regular BCP, DR and Incident response tests.
• Work closely with the Head of Red Team to oversee the outcomes of penetration tests.
• Prioritising and managing mitigations to identified threats.
• Create and maintain Information Security and compliance documentation, policies and procedures. Ensure that all documentation is kept up-to-date with the appropriate version control.
• Conduct  Internal Information security audits and assist with data protection audits, ensuring company wide compliance with 27001,  eIDAS, IRAP, SOC-2.
• Assist Head of Compliance & information security in attaining new certifications as and when required.
• Be responsible for maintenance of information security certifications. 
• To put together a corrective action plan for areas of non-conformance from internal & external audits and pen tests. 
• Maintaining the corrective actions log. 
• Conducting post-audit follow-ups. 
• Ensure security considerations are made within new projects.
• Identifying potential weaknesses and  ensuring that appropriate countermeasures are in place, such as firewalls and encryption.
• Maintain the asset & risk register.
• Assist with sales Compliance and information security queries, including new/current customer security questionnaires.
• Conduct supplier security checks and supplier risk assessments ensuring that new suppliers have the appropriate level of security in place.
• Form part of the Incident response and insider threat teams.
• Work closely with the Cyber Security manager in conducting regular cloud audits, monitoring and assessments.
• Ensure internal Information security training is completed by all company employees.
• Send phishing simulations and create phishing awareness campaigns.
• Keep ISMS and Vanta and other compliance tools up-to-date.
• Lead on providing specialist regulatory and compliance advice and promote a compliance and security  culture throughout the business.
• Maturing Information Security process through continuous improvement.
• Innovating and working with the team to build an internal Compliance and Information Security tool.
• Where required, lead on conducting allocated compliance monitoring and engage with business managers to discuss findings, recommendations and changes.
• Develop and implement a framework to ensure that all compliance and information Security  policies and procedures are reviewed and compliant with applicable external standards. 
• Lead on monitoring the operational impacts of the changing regulatory landscape through reviewing and interpreting consultation papers, policy statements and other publications, ensuring appropriate  implementation of requirements are in place.
• Reporting key findings and to provide a weekly progress report to the Head of Compliance & InfoSec and Head of Red Team. 
• Any other tasks as directed by the Head of Compliance & InfoSec, Cyber Security Manager and  Head of Red Team.

We'd like to hear from you if you identify with any the following:

• At least 2 years experience in Information security/ Cyber Security 
• Keen understanding of Cybersecurity Frameworks such as NIST, COBIT, ISO & ITIL
• Understanding of GCP & AWS/Azure 
• ISO 27001 qualification Internal audit experience
• Working towards CISSP/CISM or equivalent 
• Knowledge of SOC-2.
• Excellent communication and negotiation skills, including influencing, educating and reporting to Senior Management.
• Strong research qualities, acting as a role model to the team and other colleagues.
• Good analytical and problem solving skills.
• Ability to work calmly under pressure and deliver to tight deadlines.

While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply.

This means we're excited to hear from people with a range of skills, experiences and ideas. We don't expect you to tick all the boxes, but would love to hear what makes you great for this role.

Benefits

• 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
• Share Options allocated after passing probation (6 months of service)
• Company Bonus Scheme
• Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme
• Work Overseas Perk - Work globally for up to 2 weeks
• Life Assurance
• SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family
• Award winning L&D platform with personal allocated training budgets
• Work From Home budget which goes towards helping make your home working set up more comfortable
• Enhanced paid family leave
• Pension - 5% employee, 3% employer
• Flexible hybrid working environment
• Free Barista Coffee/Tea, biscuits with fruit in the office
• Free access to WeWork discounts and free online well-being sessions
• Vitality Health - a range of options available on this below

The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example:

• Private Health cover including Dental, Optical, and Audiology
• 50% off monthly gym memberships
• Apple watches significantly discounted based member vitality status
•  Half price trainers with Runners Need
• Weekly rewards – Free coffee with Café Nero
• Monthly rewards – Free Cinema ticket
• Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status
• Amazon prime free months based on activity
• Up to 25% cashback at Waitrose when buying healthy foods
• 75% off stays at Champneys Health Spas
• Allen Carr’s £299 no smoking programme for free
• Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace
• Discounts on Weight Watchers
• 50%-80% off Comprehensive Private Health screenings

And so many more, please speak with our Talent Partners to find out more!

Awards

• iProov Is Recognized as One of the World’s Most Innovative Companies in the CyberTech100
• U.S. Govies Government Security Awards! - Genuine Presence Assurance® won Gold (2022)
• iProov is listed as the 57th fastest-growing company in Europe in the FT1000
• iProov takes home Gold in 3x Cybersecurity Excellence Awards: Government, Financial Services, and Identity Proofing & Corroboration
• iProov wins Best Biometric Solution at 2021 Cyber Security Global Excellence Awards!
• iProov named winner of coveted Global InfoSec Award during RSA Conference