At Octopus we’re transforming the industries we operate in and improving the lives of millions of people. We’ve built market-leading positions in a number of specialist sectors, including smaller company financing, renewable energy, healthcare and property finance. We employ 500 people and manage more than £6 billion on behalf of more than 50,000 investors. Our products don’t just help real people solve real life problems, they also make a positive impact on the world around us.
The Octopus Group incorporates Octopus Energy, Octopus Healthcare, Octopus Investments, Octopus Property, Octopus Ventures and Octopus Labs. Our aim is to have an impact in everything we do, and to make a vital contribution to the UK economy by helping people, companies and institutions generate wealth. And we’re always on the look-out for smart, talented people who share our values.
The main role and responsibilities of the Information Security Manager is to provide support and advice to the business on all aspects of information risk, including information security, data protection and privacy. In addition you will manage information security governance projects and initiatives, assist the business to define appropriate controls to manage the risks associated with all information (including personal data and business information) regardless of its medium, and provide necessary guidance and direction to ensure we comply with information security and data protection legislative and regulatory requirements and relevant industry best practices.
In this role you will provide 2nd-line defence with thought leadership on IT Risk, Cyber Risk and Digital Risk reporting to the Head of Risk. You will provide oversight of management of IS, IT Risk and Digital Risk associated control landscape. This includes, but is not limited to, oversight of: risk management processes and governance; embedding of the IT Risk Management Framework as part of the Operational Risk Framework; policy ownership and embedding.
Responsibilities will include but are not limited to:
To be successful in the role, you will have relevant experience in an IT / Information Security role as well as extensive knowledge of Information Security and Cyber risk and control frameworks and practical experience of implementing risk management improvements or performing oversight. You will be an excellent communicator both written and verbally, and have a strong track record of building positive relationships at a senior level and providing constructive support and challenge to Directors.
As a Risk expert or leader in your operational field, you will demonstrate a thorough knowledge of the operational and/or regulatory complexities within financial services. Experience of interaction with Regulators would be an asset for this role.
Experience in Financial Services is desirable but not essential as is external and / or Internal Audit experience. You will be expected to learn quickly and demonstrate an ability to deal effectively with new challenges and complexities associated with IT and Information Security.
Random acts of kindness make the workplace a better place so, go out of your way to be helpful, and give people reasons to smile
Life is complicated enough. Don’t make it harder for yourself, or for others. Sometimes the simplest approach works wonders.
Every great business started with a flash of inspiration. If you’ve got a great idea, don’t keep it to yourself.
At Octopus, we recognise the importance of embracing diversity in order to create a high performance culture.