Part - Time Security Officer safeguarding personnel and property at Kaman Air Vehicles. Providing access control, monitoring systems, and responding to incidents in Bloomfield, CT.
PC
Hybrid Head of Operational Risk, Information Security
Posted 2 months ago
About the role
- Head of Operational Risk & Information Security at Pliant managing compliance and risk frameworks. Overseeing information security across UK, Germany, and US operations in fintech environment.
Responsibilities
- Lead the development and continuous enhancement of Pliant’s Operational Risk and Information Security Frameworks in line with FCA, PRA, and UK EMI expectations
- Maintain governance, control, and reporting structures that meet SYSC 13A, Operational Resilience, and Risk Management requirements
- Act as the 2nd Line of Defence lead, providing independent oversight, challenge, and assurance across all Pliant entities
- Partner with Engineering, Compliance, and Operations teams to embed security by design into all products and processes
- Advise senior management, the UK Board, and Group Risk Committee on risk trends, resilience, and information security posture
- Own and maintain the enterprise-wide incident management framework, covering ICT and non-ICT incidents
- Ensure consistent incident classification, escalation, root cause analysis, and reporting in line with FCA/PRA operational incident and major incident requirements
- Lead post-incident reviews and ensure lessons learned are documented and integrated into ongoing risk management processes
- Oversee compliance with UK incident notification obligations
- Maintain and improve Pliant’s Information Security Management System (ISMS) in accordance with ISO 27001, SOC 2, and PCI DSS
- Develop, implement, and enforce security policies and standards aligned with NCSC guidance and ICO data protection expectations
- Oversee cyber incident detection, response, and recovery in coordination with the Group Technology team
- Ensure business continuity and disaster recovery plans are regularly tested and compliant with FCA and PRA operational resilience principles
- Coordinate Business Continuity Management (BCM) and Operational Resilience across the UK entity and the wider group
- Conduct and maintain Business Impact Analyses (BIAs) and ensure Important Business Services (IBS) have tested impact tolerances
- Oversee alignment of technical recovery objectives (RTOs/RPOs) with regulatory and business requirements
- Collaborate with IT and Operations to ensure continuity arrangements remain fit for purpose and demonstrably resilient
- Oversee the outsourcing and third-party risk management framework in compliance with FCA/PRA outsourcing rules and the EBA Outsourcing Guidelines
- Conduct due diligence and ongoing monitoring of critical third parties and cloud providers
- Ensure supplier contracts include clear provisions for risk management, data protection, and security obligations
- Liaise with the Group Legal and Compliance teams to ensure consistent governance of material outsourcing arrangements
- Serve as the primary point of contact for the FCA on operational risk, ICT risk, and information security matters
- Represent Pliant Payments Ltd and the Group in regulatory reviews, audits, and assurance activities
- Support audit readiness for FCA, ISO 27001, SOC 2, PCI DSS, and other relevant frameworks
- Track audit findings, ensuring timely remediation and effective follow-up
- Foster a strong risk and security culture throughout the organisation
- Design and deliver regular training on cybersecurity, incident reporting, risk management, and operational resilience
- Encourage continuous improvement, open communication, and proactive identification of risks
Requirements
- Bachelor’s or Master’s degree in Information Security, Risk Management, Computer Science, or a related field
- 5+ years of experience in operational risk, ICT risk, or information security management within financial services, fintech, or EMI environments
- In-depth understanding of FCA and PRA operational resilience, UK GDPR, and information security expectations
- Proven experience implementing or managing ISO 27001, SOC 2, and PCI DSS frameworks
- Strong leadership and stakeholder management skills, with experience managing a small risk/security team
- Excellent written and verbal communication skills, capable of engaging senior management, regulators, and auditors.
Benefits
- The opportunity to work in a growing team with big responsibilities that thrives on a strong exchange of knowledge and excellence
- Attractive remuneration
- Flat hierarchy and transparent communication in a relaxed, professional atmosphere
- Opportunity to develop your talent in a dynamic team with ambitious goals
- Flexibility and possibility to work remotely
- Company card with a monthly allowance for lunches, coffee, etc. with co-workers
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Officer responsible for maintaining a safe environment for clients and employees. Enforcing policies and responding to emergencies at the client's site.
Senior Security Advisor enhancing security measures to align with corporate objectives at Desjardins. Leading development of strategic initiatives and overseeing best practices in security.
Controls Professional assessing internal control frameworks at Barclays, improving control effectiveness and managing risks to ensure compliance with regulations.
Senior Information Security Engineer at Wells Fargo investigating insider threats and strengthening cybersecurity measures. Conducting advanced investigations and collaborating with cyber teams to mitigate risks.
Staff Product Manager overseeing enterprise security product strategy for Tenable. Collaborating with various teams to deliver customer - focused solutions and product features.
Program Security Representative providing multi - discipline security support for Special Access Programs. Ensuring compliance, developing policies, and conducting security assessments in a military context.
Information Systems Security Officer managing operational security posture for information systems at GDIT. Collaborating closely with ISSM and ISO, handling security aspects, and ensuring compliance with security standards.
Senior Cyber Security Project Manager at Airbus Protect managing medium complexity projects in Cyber Security Consulting. Focusing on project leadership and team management in diverse client settings.
Security Architect responsible for designing cloud security architectures for leading brands. Ensuring compliance and guiding incident response strategies in AWS environments.