Information Security Officer - SBS UK
UK Visa Sponsorship Analytics
Above analytics are generated algorithmically based on job titles and may not always be the same as the company's job classification. You can also check detailed occupation eligibility, and salary criteria on our UK Visa Eligible Occupations & Salary Thresholds page.
Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with SBS. For the most up-to-date job details, please visit the official website by clicking "Apply Now."
Description de l'entreprise
SBS is a global financial technology company that’s helping banks and the financial services industry to reimagine how to operate in an increasingly digital world. SBS is a trusted partner of more than 1,500 financial institutions and large-scale lenders in 80 countries worldwide, including Santander, Societé Generale, KCB Bank, Kensington Mortgages, Mercedes-Benz, and Toyota. Its cloud platform offers clients a composable architecture to digitize operations, ranging from banking, lending, compliance, to payments, and consumer and asset finance. With 5,000 employees in 50 offices, SBS is recognized as a Top 10 European Fintech company by IDC and as a leader in Omdia’s Universe: Digital Banking Platforms. SBS is a subsidiary of European digital consulting leader Sopra Steria (EPA: SOP), a 56,000-person company that generates annual revenue of €5.8 billion in 2023.
Description du poste
SBS is embarking on delivering a significant programme of work over the next 2 years, which will improve the experience of millions of customers in the UK. We are looking for an Information Security Officer (ISO) to lead the development of the programme’s security posture, ensuring appropriate certifications, processess and operating model are in place.
The ISO plays a critical role in ensuring a highly effective and secure service for one of our major UK clients. Reporting directly to the Head of Service line and program manager, and facing off to senior stakeholders across Europe, including the CISO, the ISO will be expected to demonstrate Leadership, strategic planning and experience in establishing Information Security Management Systems which comply with government standards.
The role will require the candidate to travel occasionally within both the UK, Belgium and France.
High-Level Objectives:
- Responsible for all aspects of Security delivery for the Major UK Client.
- Be the go-to authority for all Security-related issues and strategies regarding service delivery to the Client.
- Identify, manage, and mitigate information security risks.
- Align information security strategy with business goals and objectives.
- Ensure compliance with relevant local and international laws, as well as internal policies.
- Foster a culture of information security awareness and continuous improvement.
- Drive the adoption of best practices in data protection and cybersecurity.
Core Responsibilities:
- Strategic Leadership: Develop and implement an annual information security roadmap in alignment with business objectives.
- Compliance Management: Keep up-to-date with legal and regulatory changes, ensuring timely compliance and client commitments.
- Risk Assessment: Ensure regular Data Protection Impact Assessments, vulnerability scans, and risk assessments are executed.
- Stakeholder Engagement: Liaise with internal and external stakeholders including regulatory bodies, auditors, and third-party vendors to ensure alignment of Security standards & plans
- Incident Management: Develop and maintain an incident response plan. Handle security incidents and breaches effectively.
- Budget Oversight: Manage the information security budget to ensure adequate funding for critical initiatives.
- Policy Development & Enforcement: Create and enforce policies related to emerging trends which may impact the service to our client.
- Performance Metrics: Establish, monitor, and report on KPIs to assess the effectiveness of the information security program.
- Resilience Testing: Conduct periodic resilience and penetration testing to evaluate organizational preparedness.
Qualifications
Minimum Competencies & Experience :
- Educational Qualification: Relevant security professional accreditations, such as CISSP, IBITGQ, (ISC)² - with evidence of how these have been applied into a working role.
- Experience: Minimum of 5 years of experience in information security, preferably in the financial services or technology sectors.
- Technical Skills: Proficiency in common security tools and AWS platforms, including SIEM, firewalls, and endpoint protection.
- Legal and Regulatory Knowledge: Familiarity with GDPR, ISO 27001, and other relevant information security laws and standards.
- Communication Skills: Excellent written and verbal communication skills, with the ability to convey complex information in a clear manner.
Preferred Competencies & Experience
- Strong experience across UK government security requirements, such as GBEST, ITHC, His Majesty’s Government (HMG) Security Policy Framework, and equivalent UK public‑sector security standards, particularly in Technology / IT practices is considered as a strong asset.
- Experience in working within a Service Integration and Management (SIAM) model
- Experience leading or participating in cross-functional teams across departments like legal, human resources, and operations, particularly in the context of incident response and compliance.
- BPSS Security Cleared
Informations complémentaires
At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.
All of our positions are open to people with disabilities.