Job Information
PSI Services Manager_Info Security Governance Risk & Compliance (£60-£70K) in Remote, United Kingdom
Description
Title: Manager, Information Security, Governance, Risk and Compliance
Location: Remote, UK
About PSI
We are PSI Services. We power world leading tests. Delivered with trusted science and the very best test taker experience. PSI supports test-takers on their journey to pursuing dreams and gaining certifications that are important to them. They believe that their dreams are worth working for; that their dreams are worth the effort. And we believe that too. This is our core purpose, to empower people to achieve their dreams. We do this by being the best provider of workforce solutions, which foster both technology and science to deliver the best solutions for our test takers.
We are searching for top talent to join our PSI team and help grow our products and services. We have a creative, supportive and inclusive culture where we empower people in their careers to be their authentic self and make the most of their great talent.
At PSI, we are committed to helping people meet their potential and we believe that promoting diversity, equity and inclusion is critical to our success. That’s why you’ll find these ideals are intrinsic to our company culture and applied throughout the employee lifecycle.
Learn more about what we do at: https://www.psiexams.com/
About the Role
The Manager of Information Security, Governance, Risk and Compliance role drives activities related quality, environment, risk, data security, privacy and compliance, with the aim of enabling Lifelong Learner and its subsidiaries to comply with ISO, PCI and other industry standard frameworks. The purpose of this role is to ultimately help provide assurances to our stakeholders that our organizations take the security and privacy of data seriously.
This is a full time, permanent position, Monday to Friday with flexible hours around a standard 0900-1700. This is a managerial role providing leadership to the role of Information Security and Compliance Analyst, and reports to the Director of Information Security, Governance, Risk and Compliance. The role can be performed remotely, with occasional travel to offices and test centres required to support with audits.
Role Responsibilities
Act as the main point of contact for the design and deployment of the security GRC framework
Partner with all team members to maintain an integrated end-to-end security GRC framework to provide a "one-stop shop" shop for all security activities and controls
Manage all security policies, standards, procedures, and guideline, and any related GRC issues with stakeholders including the management of exceptions to policies and standards
Ensure controls are in place and working as they should
Ensure policies, standards, procedures, and guidelines are updated to reflect changes in the business and IT environment
Ensure clients, regulatory, and internal requirements are being met consistently and cost-effectively
Automate and streamline all processes related to managing the security GRC framework
Provide multi-level reporting to all stakeholders in the company: Executives, clients, business leads, IT leads, audit and regulatory representatives
Manage all security assessments required internally or externally including the consulting firms and/or contractors engaged to support such assessments
Build partnerships across the organization in all disciplines: audit, legal, information technology, financial management, business operations, sales and marketing, corporate communications, etc. to ensure the security GRC program is aligned with business objectives and requirements
Manage internal and external audit activity. PSI is currently certified for ISO27001, ISO22301, ISO9001, ISO14001, SOC2 Type 2
Maintain and develop the Risk management program for Entity level and Third party risksEducate end-users and IT staff in security threats, risks, policies, and security best practices
Contribute to the design and implementation of an operational reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to key stakeholders throughout the organization
Manage any security business practice irregularities, violations and infractions including exceptions, risk memos, security position memos
Prepare detailed plans for security reviews/audits and any other compliance tasks required internally or externally
Knowledge, Skills and Experience Requirements
Experience working within, achieving and/or maintaining ISO standards such as ISO 27001, 9001, 14001 and 20000 (essential).
Proficient with MS Office
Solid understanding of common security tools (e.g., vulnerability scanners, firewalls, IDS/IPS, AV software) strongly recommended
Extensive training and experience in computer disciplines such as application and data security, systems programming, systems design, computer technology or software disciplines
Familiarity with OneTrust GRC and Privacy tools desired
Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) desirable.
Experience in a fast-paced GRC/ISO function (desirable).
Benefits & Culture
At PSI, our culture is to be transparent and fair. That’s why all of our roles have been benchmarked at a competitive rate against the local market they are based in. To be transparent all of our adverts now include the salary so you can see if we align with your expectations when looking for your next role.
In addition to a competitive salary, we offer a comprehensive benefits package and supportive culture when you join us. This includes;
401k/Pension/Retirement Plan – with country specific employer %
Enhanced PTO/Annual Leave
Medical insurance – country specific
Dental, Vision, Life and Short Term Disability for US
Flexible Spending Accounts – for the US
Medical Cashback plan covering vision, dental and income protection for UK
Employee Assistance Programme
Commitment and understanding of work/life balance
Dedicated DE&I group that drive core people initiatives
A culture of embracing wellness, including regular global initiatives
Access to supportive and professional mechanisms to help you plan for your future
Volunteer Day and a culture of giving back to our community and industry through volunteering opportunities