Information Security Assurance Manager (9-12 months FTC)
Remote - UK
Work on ground-breaking multiplayer titles, push the boundaries of games technology and virtual worlds, or get to grips with some of the world’s toughest security challenges. If your ambitions are high, we’ll give you the tools, support and culture to take them even higher.
We are a British metaverse technology company that builds interconnected, immersive virtual worlds. Our technology, expertise, creativity and services help partners – including entertainment companies, game creators and public institutions – realise their ambitions in the metaverse.
It is our strong belief that the metaverse is an opportunity for positive change. It will help communities connect and exchange at scale, and evolve how we work, play and create. At Improbable, you’ll be surrounded by people motivated to solve the hard challenges that enable us to bring these transformative worlds to life and shape the future.
As an Information Security Assurance Manager, you will be supporting the Security Policy, Governance and Compliance function in implementing the Information security vision, model and principles across all of Improbable, ensuring compliance with internal and external information security standards (such as ISO 27001, PCI DSS, DPA 2018), and other appropriate industry standards, to support the organisational strategy. You will be working with the Central Security Team to guide the selection and deployment of technical controls to meet specific security requirements, and define processes and standards to ensure that security configurations are maintained.
Your Opportunity
- Managing the corporate information risk management activities, including performing risk assessments, managing risk remediation initiatives and supporting other teams with their risk management requirements
- Planning and conducting internal audits, reviews and compliance checks against Improbable business, IT and security operational processes, procedures and practices to ensure compliance to the current legislation, applicable standards including ISO27001 and customer requirements
- Assisting with the preparation for, and managing the conduct of, external audits and assessments.
- Measuring and tracking compliance over time with organisational policies and standards and the overall information security strategy
- Advising on appropriate remediation or mitigation for identified gaps and then managing and coordinating appropriate actions to address these
- Contributing to the maintenance and ongoing development and improvement of policies, standards and guidelines
- Reviewing security requirements set out in client or other contracts ahead of signing to advise on whether these can be met, ensuring compliance to contractually agreed controls
Why You're made for this
- Strong knowledge of applicable risk assessment and risk management practices required to create a strong risk management culture
- Previous experience in the planning, conducting and reporting of audits and compliance reviews
- Appropriate audit/risk qualification such as ISO27001 Lead Implementer or ISO27001 Lead Auditor (preferred) or CMIRM, CISA, CISSP, CRISC, CISM, CCP, etc (Preferred)
- Experience of information governance processes and a sound knowledge of IT security best practices
- Strong stakeholder management experience, up to and including Board level
- Knowledge of national and international regulatory compliances and frameworks such as ISO 27001, 27017 & 27018, the Data Protection Act, General Data Protection Regulation (GDPR), CE and CE+, SOC2
- Sufficient technical confidence in order to assess compliance of, and drive delivery from technical resources
- Strong time management, project management and organisation skills
LI-DD1
This role is available as remote, hybrid or in-office. We have a great office space in Spitalfields in London but are equally happy if you'd prefer to work from home, some or all of the time. We are 'Flexa' certified, meaning our entire employee experience is anchored around flexibility and autonomy.
While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply.
About Us
Improbable is determined to foster an environment where people can do their best work and feel like they belong. We believe a healthy culture, strong values and contribution from a diverse range of individuals will help us to achieve success.
We do not discriminate based on race, ethnicity, gender, ancestry, national origin, religion, sex, sexual orientation, gender identity, age disability, veteran status, genetic information, marital status or any other legally protected status.
Learn about Improbable
Discover more