Connecting to LinkedIn...

Security & Compliance Manager

Job Title: Security & Compliance Manager
Contract Type: Permanent
Location: Edinburgh, United Kingdom
REF: 703
Contact Name: Peter Sanders
Contact Email:
Job Published: over 1 year ago

Job Description

Information Security Roles from identifi Global

Information Security & Compliance Manager - Edinburgh - 50k + Bens

An Information Security Compliance Manager is required an multiple award winning retail technology business. With over 500 people across the UK, they are the number 1 provider of technology solutions to the Retail & Hospitality Sector. 

This Information Security & Compliance Manager role is pivotal to ensure the business and it's customer’s stay abreast of all relative legislative acts and guidelines which are relevant to the regions and sectors they operate in. These will include, but are not limited to PCI-DSS, PA-DSS, The European Data Protection Act and General Data Protection act. You will report directly to the company Chief Operating Officer

As this business continues to grow, and as our technologies continues to transform your role as the Information Security Manager will be integral to ensuring compliance and security throughout the lifecycle of products, and various businesses.

Through strong research, security experience and in-depth analysis of the business you will build an understanding of security risks, and provide mitigation plans.

Security risks relating to core services, business as usual and business change will all relate to your role and will be included in the business risk profile and control framework you will put in place.

Working closely with external security consultants and Qualified Security Assessors you will coordinate penetration testing’s and PCI and PA-DSS validations. You will also liaise closely with Zonal’s customers and partners during their own testing and validation periods.

Essential Skills & Experience

  • An Awareness of NIST, OWASP, CSK and other security frameworks, as well as regulatory requirements.

  • Deep understanding of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR)

  • Have proven experience in IT Risk Management

  • A minimum of 3 years’ experience in a similar role operating in a B2B company

  • Experience working within multiple regulatory frameworks

  • Be able to engage with and understand the commercial purpose and apply negotiating skills to help business colleagues to understand the compliance context and influence the decision

  • Strong understanding of PCI DSS and ISO 27001 compliance

  • Ideally hold a CISSP or CISA or CISM qualification

For immediate consideration please contact Peter Sanders on 01908 886033