Information Security Manager
London
Multiverse
We're building an outstanding alternative to university and corporate training via professional apprenticeshipsWe’re on a mission to provide equitable access to economic opportunity, for everyone.
We close critical skill gaps in the workforce through a new kind of apprenticeship that combines work and learning. We begin by recognizing high-potential individuals both inside and outside of a company's current workforce and then we create applied, guided and equitable learning programs, with measurable impact. Because we believe the world needs a better way to match its potential.
We work with over 1,500 leading companies including the likes of Microsoft, Citi and Just Eat to help solve their business-critical problems, and we’ve trained over 16,000 professional apprentices in the tech and data skills of the future. This is made possible by our global team who are driven to achieve a mission that matters, together.
Join Multiverse and help us set a new course for work.
The opportunity
As an Information Security Manager at Multiverse, you will support our Infosec Director and Privacy team to help us secure our modern cloud-native platforms. You will help by securing work delivered by dev ops engineers, IT operations (end-user computing), suppliers, and support client security requirements.
Please note we cannot offer sponsorship for this role.
Specifically, you will:
Help to build and scale out a secure engineering culture, working with teams to embed secure engineering practices & secure–by–design principles
Review the security posture of our cloud platforms and identify cloud security risks and issues and work with our platform and product teams to improve our platforms.
Deliver clear recommendations for building security capabilities to deliver security policy and compliance objectives.
Lead internal learning sessions, giving our security champions help and support to improve their security knowledge
Conduct maturity assessments of application security practices
Improve security culture and awareness program for Engineering / IT Operations / Business Teams
Support our sales teams/clients with timely completion of Self Assurance Questionnaires (SAQ) accurately at pace.
Review client contracts for security/privacy requirements, assessing compliance posture and suggesting mitigations if required.
Manage delivery of security tooling.
Produce Documentation - documenting standard operating procedures (SOPs), Policy reviews and updates.
Secure critical business products/services to internal requirements in line with good practise and to meet client expectations.
About you:
Experience leading security engineering teams Secure By Design / Privacy By Design
You will have lived experience of running/being part of security operations such as running security operation centres, responding to security incidents/breaches, overseeing patching/vulnerabilities or hardening systems.
Comfortable working at pace to deliver systems and security designs, patterns and decisions.
Experience managing team ways of working and ownership of work items.
From a leadership perspective you will understand the power of diverse thought, kindness, humanity, creating the conditions for success, learning from failure.
Experience working with senior stakeholders, working between multiple teams, building complex services in code and working in a culture of continuous release.
Prepared to respond to security incidents to minimise the impact on the business,
Experience supporting Governance, Risk and Compliance across the business, enforcing compliance with key data and security policies.
Supplier Assurance – supply chain security, completing client Self Assurance Questionnaires (SAQ).
Expertise in planning and delivering roadmaps, contributing to our cloud security strategy
Good understanding of security risk management in a cloud security context, and of cloud security principles
Knowledge of multiple regulatory requirements e.g UK GDPR, CCPA
Expertise in security and compliance frameworks and standards, e.g. CE+, NIST SP 800-207
Bonus points if you have or are willing to learn:
Security Architecture
Knowledge of Infrastructure as Code
Knowledge of Azure, Google, AWS, and Kubernetes cloud–native services
Securing GitOps and Continuous Deployment
Identity and Access Management, including securing privileged access
Relevant certifications such as SABSA, CISSP, CCSK, AZ–500, GIAC, CISM, ISO Lead Auditor/ Implementer, CISLA, CISMP, Security +, AWS Certified Security, MSc Information Security
Benefits
Time off - 27 days holiday, plus 7 additional days off: 1 life event day, 2 volunteer days and 4 company-wide wellbeing days
Health & Wellness- private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Gympass and access to Spill - all-in-one mental health support
Hybrid & remote work offering - with weekly or monthly visits to the London office and the opportunity to work abroad 45 days a year
Team fun - weekly socials, company-wide events and office snacks!
Our commitment to Diversity, Equity and Inclusion
We’re an equal opportunities employer. And proud of it. Every applicant and employee is afforded the same opportunities regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. This will never change.
Safeguarding
All posts in Multiverse involve some degree of responsibility for safeguarding. Successful applicants are required to complete a Disclosure Form from the Disclosure and Barring Service ("DBS") for the position. Failure to declare any convictions (that are not subject to DBS filtering) may disqualify a candidate for appointment or result in summary dismissal if the discrepancy comes to light subsequently.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure CCPA CISM CISSP Cloud Compliance DevOps GDPR GIAC Governance IAM Kubernetes NIST Privacy Risk management Security strategy Strategy Vulnerabilities
Perks/benefits: Career development Fitness / gym Health care Insurance Salary bonus Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs