The IT Compliance Specialist is expected to manage and maintain the IT security and compliance programme including industry standard accreditations.
- Update and maintain the Information Security Management System (ISMS) within the business.
- Review and maintain all IT policies.
- IT contribution to PCI DSS compliance.
- Ensuring the business maintains its Cyber Essentials Plus accreditation.
- IT audit activities.
- IT compliance scheduling and activities.
- Working closely with the group legal team and the IT Infrastructure Solutions and Architecture team to ensure new solutions meet relevant security and compliance standards.
- Responsible for providing IT contributions to third party due diligence requests.
- Attend and provide IT contribution to the Information Security Committee.
- Auditing IT suppliers as to their own IT security and controls.
- Co-ordinate and plan any other certification standards that the group and associated companies may feel appropriate to support/protect its business and to the benefit of its customers.
You’ll have the following skills & experience:
- Proven experience of implementing an information security management system (ISMS) and maintaining certification standards.
- Experience in undertaking internal audits covering IT governance and information security controls.
- Solid understanding of IT and experience in developing IT governance, controls and best practices in the form of the IT infrastructure library (ITIL).
- Proven ability to author and revise policies and procedural documentation for IT systems/requirements.
Who We Are
At Somerset Bridge Group we aim to build a sustainable and innovative business focused on underwriting, broking and claims handling of UK motor insurance, offering transparent products and an efficient and fair service to our policyholders.