Information Security and Governance Manager

IT & Security · Lancaster, Lancashire
Department IT & Security
Employment Type Full-Time
Minimum Experience Manager/Supervisor

About us

Relative Insight is a SaaS based text analysis tool which analyses our customer’s text data like surveys, reviews, customer experience and social, to reveal critical business insights. We believe that text data represents one of the biggest and most valuable – but often, most under-used sources of business value. It tells us why things happen, how people feel, and how best to engage with them.


The software leverages a comparative methodology developed in law-enforcement to give transformative insights, meaning our customers can make smarter and more informed decisions across their business.


Due to the rapid expansion of the business, we have an opportunity for a IT Manager to join one of the region’s most innovative and in-demand start-ups, working with world-leading customers such as Sky, Warner, Starbucks, Unilever and Nespresso.


Working in a fast-paced, high-growth environment, we work as a team, embracing challenges together, supporting our professional development and encouraging internal promotions. As you develop, there will be opportunities to expand the remit of the role-based upon your skills and appetite.


Relative Insight takes the security of its customers data incredibly seriously. This new role will work directly with the COO and help ensure the company has the right security infrastructure and governance in place to support its rapid growth. As InfoSec & Governance Manager, you will be responsible for providing high quality expert guidance relating to information security, governance and data protection, and be the company's lead for everything relating to these fields. You will also manage business-critical frameworks and ensure that there are appropriate policies and structures in place to ensure that standards remain high and are set across all of the Relative Insight companies.


Key Roles and Responsibilities:

  • Develop, manage, and maintain effective information security & data protection policies, processes, standards, and procedures.
  • Take responsibility for the monitoring of compliance with key policies and identification of key InfoSec and Data risks across the company.
  • Train, guide, and act as a resource on InfoSec and Data Protection to all other functions within the company.
  • Lead the cross-company security committee
  • Oversee the company’s internal and external audits; ISO27001, Cyber Essentials, SOC 2, etc.
  • Maintain an awareness of regulation and best practice in Information Security & Data Protection and ensure that this is included within relevant policies.
  • Keep up to date with developing security threats (i.e. Targeted Attacks, Ransomware, Malware and Phishing).
  • Support the COO in overseeing broader company governance


Required Skills, Knowledge & Experience:

  • A degree level qualification in information systems or cybersecurity or qualified by experience;
  • A certification in Information Security Management (CISM/SANS/CISSP/MSc);
  • Proven experience of overseeing Information Security and Data Protection within a digital business;
  • Thorough understanding of data protection regulations including those around Personal Identifiable Information (PII);
  • Excellent working knowledge of the GDPR regulatory framework and hands-on experience of ensuring businesses in applying GDPR requirements. Experience of data protection regulations in other countries (i.e. US and Canada) is also desirable;
  • In-depth knowledge of ISO27001 and how to support it within a business. Experience of SOC 2 and Cyber Essentials is also desirable;
  • Experience developing and maintaining policies, procedures, standards, and guidelines;
  • Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies;
  • Experience in broader company governance within areas such as health and safety, financial crime, etc. is also desirable;
  • Knowledge of relevant IT Security related hardware, software and vendor solutions;
  • Leadership skills and the ability to work effectively with business managers, engineers and operational staff;
  • The ability to build strong relationships at all levels and understand business imperatives;
  • A strong understanding of the business impact of security tools, technologies, and policies;
  • Excellent verbal, written and interpersonal communication skills including the ability to communicate effectively with the organisation;


What your first 12 months will look like

  • You will take ownership of the company’s existing Information Security Management System, carrying out internal audits and overseeing the annual ISO 27001 audits.
  • You will oversee the rolling out of ISO 27001 certification into our US subsidiary
  • You will perform regular reviews and risk assessments over the companies current processes, and identify and implement improvements.
  • You will review existing policies and ensure they are up to date - reflecting company practices and regulation changes.
  • You will roll out regular and comprehensive security & data protection training to all members of the company – tailored for each specific team
  • You will work closely with the COO and take ownership of the ongoing project to support the processing of clients PII data within our analysis platform.
  • You will establish and lead a cross team security committee to ensure that security/data protection policies are being considered across the company whilst also working alongside broader company objectives


Perks:

  • Employee Assistance Programme (EAP) - We care about the wellbeing of our team so no matter what life throws your way, our EAP can help you through it.  Providing you with free and confidential expert guidance and counselling, and more.
  • Relative Insight Academy - We love learning! Our Academy provides an opportunity for us to stretch our knowledge and learn new skills.  This starts with a structured Induction Programme, where you learn everything you need to know to get up to speed in your role as quickly as possible.
  • Off-Site Days & Socials - Summer Party, Christmas Party, End of Month Parties - if there is an excuse, we'll have a get-together to celebrate successes and get to know each other better.
  • Tech Scheme - If you are in need of personal tech, we will loan you the money (up to a certain value) to purchase what you need and agree on a payment plan for you to pay back the owed amount.
  • Holidays - We want everyone to take time off and recharge regularly so encourage you to use up your full allowance of holiday each year.
    • UK: 24 holidays a year (excluding Bank/Public Holidays) Plus 5 days special leave.
  • Cycle to Work Scheme (UK) - This is a government tax exemption initiative to promote healthier journeys to work and to reduce environmental pollution. It allows you to loan money from the company to purchase cycles and cyclists' safety equipment.  We will then agree on a payment plan to pay back the owed amount, less TAX.

 

Relative Insight believes in, and commits to promoting equal opportunities in employment. Anyone who applies for a job with us will receive equal treatment regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation. We strive to provide team environments that let everyone maximise their potential in the company. We take all of this seriously.

Thank You

Your application was submitted successfully.

  • Location
    Lancaster, Lancashire
  • Department
    IT & Security
  • Employment Type
    Full-Time
  • Minimum Experience
    Manager/Supervisor