Information Security and Compliance Officer

Job description

Are you a hands-on Information Security & Compliance expert with a genuine interest in Cyberspace? 

Do you have experience achieving industry-standard accreditations such as ISO27001? 

Do you want to have a real demonstrable impact in safeguarding a high-growth, forward-thinking and truly innovative retail software company that's recently gone public?

If you have answered yes to these questions, we would love to hear from you!

In June last year, we became a Public Listed Company and as a result, are significantly investing in the growth and protection of our business, which is where the successful candidate (hopefully you) would come in! As I'm sure you are aware, having strong and effective cybersecurity is of paramount importance for any software business, let alone a Public Listed one and we are, therefore, looking for someone to join us as an Information Security and Compliance Officer!

This role reports to the Director of IT Infrastructure & Hosting operations and will be key to the success of delivering itim’s private cloud offering to our SaaS-based customers. You will work alongside our existing Infrastructure team to help support, architect & offer continuous improvement to all security aspects of itim’s Infrastructure. 

You will be supporting the ongoing development of the information security and compliance function through the use of clear and updated published documentation, achieving and maintaining industry-standard accreditations such as ISO27001 and Cyber Essentials PLUS. You will also be responsible for the timely resolution of security incidents, requests and changes, following existing ITIL based processes and procedures. 

Itim’s IT Services team is devoted to innovation whilst providing the best in class I.T and Hyper-converged hosting to the business and our customers. You will get the opportunity to work with all aspects of a professional hosting team and to really stretch your forward-thinking technical mind to embrace all products without prejudice. 

We are itim, but who are we?

itim is a global retail software provider with a vision to empower multi-channel retailers to thrive in today’s digital world by accelerating their digital transformation and helping them achieve omnichannel excellence. 

We have developed an industry-leading omnichannel platform that empowers retailers to adopt a more engaging customer-centric approach to shopping in-store, online, and on mobile. Our technology is highly data-driven and flexible, providing retailers with the agility to meet real-world retailing demands and adapt to future challenges.

We connect retailing IT strategy with effective execution, helping our clients strengthen their core systems, scale with flexibility and create seamless omnichannel consumer experiences. Our deep retail experience combined with our comprehensive suite of omnichannel retailing applications means we can help retailers achieve their trading objectives while streamlining processes, managing cost, minimising risks and giving them the ability to deploy quickly. 

We are very proud to work with over 65 leading retailers across 11 countries, which include; Majestic Wine, The Entertainer, John Lewis, Sainsbury’s, Office and The Fragrance Shop. We partner with our customers to continuously evolve their technology to meet their business goals and vision with a confident, agile, and commercially flexible approach.

What would be my main responsibilities?

  • To create and maintain a full library of corporate security documents
  • To take itim through industry-standard security accreditations
  • To understand the relevance of emerging industry-standard security accreditations and recommend to the business
  • Monitor security access, security events and respond to alerts
  • To assist the Cyber Security officer to carry out threat hunting
  • Participation in technical research and developments in the cyber security space
  • Provide security advice and guidance to other teams within the business
  • To Implement and provide Ci and support for products in the cyberspace
  • Providing reports and feedback/deciphering reports on each topic above.
  • To arrange regular Penetration testing from external sources
  • To carry out vulnerability and patch management

Job requirements

What we’d like from you

  • 4+ years recent direct Information Security and Compliance experience
  • A strong desire to work as part of a team that embrace’s technology and business change
  • You must have a genuine interest in tech & the tech industry cyberspace as it’s essential for us to drive innovation
  • Good working experience of Pii locating and recent exposure to the associated GDPR regulations
  • Awareness of legal compliance and standards including PCI DSS, GDPR
  • To be able to produce and permanently maintain a full library of security documentation
  • Lead on engagement with stakeholders, across the itim group and work with external stakeholders to ensure successful exploitation and protection of information assets.
  • Introduce a programme of continual service improvement based on compliance industry best practice
  • Have a hands-on approach to carrying out all aspects of the role
  • Be a positive, adaptable and dynamic individual that values strong communication and collaboration

Desired Experience:

  • Recent experience of EDR tools
  • Recent experience of NSX Intrusion prevention
  • Exposure to the process of obtaining and keeping an ISO27001 Accreditation 
  • Exposure to the process of obtaining and keeping a Cyber Essentials PLUS Accreditation 

Why choose itim?

  • Make A Difference - the chance to be part of a progressive company that’s adding real value to the retail industry with innovative products
  • A Connected Company Culturework alongside great people! We genuinely care about our employees and foster a people-first approach with a strong collaborative, autonomous and friendly working environment
  • Hybrid Working Patterns - have the flexibility to work from home or in the office
  • Work/life balanceflexible holiday requests and an extra day off to celebrate your birthday!
  • Enhanced Maternity & Paternity Leave – offering 16 weeks at full pay and 10 weeks at half pay
  • Great Career Development – with our flat hierarchy structure and flexibility to get involved in different projects, we can tailor your career path to suit your interests and goals
  • Great Office Location – when you’re not choosing to work from home, our office is based in London Victoria right next to both underground and overground stations
  • Fun Monthly Socials – Crystal Maze, Wine Tasting, Axe Throwing, Indoor Mini Golf to name a few…
  • & Other Fantastic Benefits – such as private BUPA medical insurance, 5% employer pension contribution, automatic entry to the Group Income Protection policy providing a benefit of 75% of basic salary in the case of illness or accidents, automatic entry to the Group Life Assurance policy offering cover of 4x your basic salary, smart casual dress code, a stocked office kitchen with fresh fruit and biscuits

Salary: Negotiable, depending on experience

Location: Plymouth Office

Hours: 37.5 hours per week with Mon-Fri working hours from 9am to 5:30pm, some out of hours work will be required on an ad-hoc basis 

We’re innovative, we’re passionate, we’re collaborative, we’re GROWING and more importantly, we’d love to hear from you!

itim is an equal opportunities employer and welcomes applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.