Security Engineer ensuring protection of corporate environment at Creditas. Implementing security controls and elevating defensive maturity with a focus on fintech standards.
About the role
- Lead Information Security Manager ensuring compliance for NQC's SaaS platform. Oversee audit processes and improve security frameworks for cloud migration efforts.
Responsibilities
- Act as the primary point of contact and project lead for ISO 27001 and TISAX recertification cycles.
- Conduct a comprehensive review of our existing systems, policies, and controls against necessary audit standards.
- Identify, analyse, and formulate treatment plans for information security risks.
- Identify vulnerabilities within the new cloud architecture and ensure the platform maintains security standards.
- Lead the external penetration testing requirements for our platforms.
- Draft, refine, and implement essential documentation, including the Statement of Applicability (SoA) and internal security policies.
- Work with our Development and Infrastructure teams to embed security controls into our SaaS workflow (e.g., access management, incident response, and change management).
- Perform a "pre-audit" to ensure all departments are compliant before the external body arrives.
- Brief senior staff on security best practices and their specific responsibilities under the ISMS.
- Any other ad-hoc duties as assigned.
Requirements
- Proven experience leading organisations to successful audit certification or recertification.
- Proven experience implementing ISO 27001 within cloud-native (AWS/Azure/GCP) environments.
- Proven experience leading organisations through pentesting workflows within cloud-native environments,
- Exceptional documentation skills with the ability to simplify complex compliance requirements for non-technical stakeholders.
- *Desirable*: ISO 27001 Lead Implementer or Lead Auditor; CISSP or CISM.
- **Key Competencies**
- Is consistently motivated, committed and able to perform duties in all situations.
- Communicates and receives ideas, views and information to achieve understanding.
- Champions NQC’s values and consistently acts in a principled, open and conscientious manner, challenging unacceptable behaviour.
- Plans and prioritises activities and resources to maximise performance and minimise errors.
- Thinks creatively and embraces opportunities for change.
- Works collaboratively with cross-functional teams and acts as a team player while supporting colleagues.
Benefits
- Hybrid working policy of 60% office-based
- Salary sacrifice scheme
- 25 days holiday (Increasing with service) + bank holidays
- Enhanced Maternity and Paternity Leave
- Health Cash Plan
- Learning & Development through Udemy platform
- 24/7 Access to a Virtual GP
- Life Assurance (4 x Salary after 6 months)
- YuLife: Employee discounts and wellbeing platform
- Regular company socials & events
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Security Engineering Lead ensuring Creditas maintains innovation and integrity in product security and incident response. Leading multi - disciplinary teams in a hybrid work environment.
Staff Engineer in IAM at Creditas responsible for identity access systems and architecting robust security solutions for cloud environments. Leading strategy and mentoring other security engineers.
Supervisor de seguridad fisica en Cargill ayudando a proteger empleados y propiedades. Coordinando autorizaciones de seguridad y respondiendo a eventos de contingencia.
Providing clerical support in the HSC Security Services department at Shared Health in Winnipeg. Ensuring effective staffing and reporting activities in a high - volume environment.
Cybersecurity Manager overseeing cybersecurity compliance and operations within Leidos' Cybersecurity Team. Responsible for ensuring systems meet defense guidelines and maintaining clearance requirements.
Information Security Awareness Specialist supporting cybersecurity awareness programs at Amadeus. Combining data analysis, communication, and collaboration to enhance security practices.
Security Controls Assessor performing security assessments and gap analysis for Federal agency clients in Washington, D.C. Designing security controls and risk management strategies to meet regulatory compliance standards.
Technicien SST responsible for implementing health and safety policies on - site at Airbus Protect. Ensuring compliance with safety regulations through audits and training while developing a safety culture.
Cyber Security Software Developer at Airbus Defence and Space working on innovative projects in defense and aerospace. Responsible for developing and maintaining secure software systems against cyber threats.