Information Security Officer
Why is our Security Governance team the next step for you?
Our Security Governance team is a key liaison between all facets of the organisation and the global Enterprise Security team. Whilst supporting the overall Enterprise Security team in their strategic aims, the Security Governance team’s principle services include security policy oversight, information risk assessments, security awareness, governance of security controls, security audit co-ordination including PCI DSS, security assessments of key suppliers and the promotion of the overall security management programme within regulatory and client audits.
You will be expected to carry out these duties across our Indore-based technology delivery centre, supporting key business and technology stakeholders therein with their security responsibilities.
How will you add value on a day-to-day basis?
You will be responsible for security policy management and risk assessment, including managing and performing risk assessments of a technical and business process nature, assisting our Cyber Security team on technical risk assessments and working with business and operations teams on process based risk assessments. You will be responsible for security compliance, ensuring regular PCI activities are tracked and provide escalation where not completed. And you will manage PCI annual assessments, assisting the Security Compliance team as required.
Assisting our Threat & Vulnerability Management team in the analysis and reporting of vulnerability scan and penetration test results are part of the role, as well as overseeing the scheduling and requesting of vulnerability scans and penetration testing. You will track remediation activities in order to schedule retesting, and report and track remediation of newly discovered vulnerabilities. You will be responsible for educating business and IT staff across business units on security best practices, ensuring they have completed the yearly mandatory security awareness training. You will perform information security risk assessments upon critical third parties at point of engagement and throughout the relationship, including those parties that hold cardholder data, those whom provide offsite storage facilities and those deemed critical to business owners. You will also organise and conduct regular security incident testing and act as a key liaison point in incident response activities.
What will make you the ideal candidate?
You will have extensive experience working within information security governance from the financial services industry, ideally with PCI DSS compliance obligations experience. You will have a proven track record of managing risk to the business and threat landscapes, as well as good experience providing governance and validating compliance of internal and external teams providing security services. A strong background in developing and delivering security awareness programmes is key to the success in this role, as well as robust knowledge of PCI DSS, including previous experience of PCI Level 1 assessment processes. You will also ideally hold an industry recognised certification such as CISSP, CISA, CISM, ISO27001 or equivalent.
Strong inter-personal skills with the ability to nurture relationships at all levels of the organisation are important. You will take a collaborative approach and work well under pressure. Experience in business impact analysis, threat and vulnerability assessments and control selection processes are advantageous, as well as experience overseeing ISO27001 audits. Experience in the development and execution of supplier security assessments is ideal as well as knowledge of network architectures, Windows and Linux operating systems and development lifecycles.
How is Worldpay changing the world?
We are leaders in modern money. Each and every time you use your debit card or credit card to pay for something, whether online or face-to-face, there’s a good chance it happened because of us. On an annual basis our innovations, systems and technology enable billions of money transactions globally. Working with customers large and small, we help them to take your payments quickly, safely and reliably, allowing them to grow their businesses and making your life more convenient in the process. As a leader in global fintech and the largest London IPO since 2011, this is a great time to join us in building for the next phase of the Worldpay journey.