We are a British metaverse technology company that builds interconnected,
immersive virtual worlds. Our technology, expertise, creativity and services
help partners – including entertainment companies, game creators and public
institutions – realise their ambitions in the metaverse.
It is our strong belief that the metaverse is an opportunity for positive
change. It will help communities connect and exchange at scale, and evolve how
we work, play and create. At Improbable, you'll be surrounded by people
motivated to solve the hard challenges that enable us to bring these
transformative worlds to life and shape the future.
As an Information Security Assurance Manager, you will be supporting the
Security Policy, Governance and Compliance function in implementing the
Information security vision, model and principles across all of Improbable,
ensuring compliance with internal and external information security standards
(such as ISO 27001, PCI DSS, DPA 2018), and other appropriate industry
standards, to support the organisational strategy. You will be working with
the Central Security Team to guide the selection and deployment of technical
controls to meet specific security requirements, and define processes and
standards to ensure that security configurations are maintained.
Your Opportunity
Managing the corporate information risk management activities, including
performing risk assessments, managing risk remediation initiatives and
supporting other teams with their risk management requirements
Planning and conducting internal audits, reviews and compliance checks
against Improbable business, IT and security operational processes,
procedures and practices to ensure compliance to the current legislation,
applicable standards including ISO27001 and customer requirements
Assisting with the preparation for, and managing the conduct of, external
audits and assessments.
Measuring and tracking compliance over time with organisational policies
and standards and the overall information security strategy
Advising on appropriate remediation or mitigation for identified gaps and
then managing and coordinating appropriate actions to address these
Contributing to the maintenance and ongoing development and improvement of
policies, standards and guidelines
Reviewing security requirements set out in client or other contracts ahead
of signing to advise on whether these can be met, ensuring compliance to
contractually agreed controls
Why You're made for this
Strong knowledge of applicable risk assessment and risk management
practices required to create a strong risk management culture
Previous experience in the planning, conducting and reporting of audits
and compliance reviews
Appropriate audit/risk qualification such as ISO27001 Lead Implementer or
ISO27001 Lead Auditor (preferred) or CMIRM, CISA, CISSP, CRISC, CISM,
CCP, etc (Preferred)
Experience of information governance processes and a sound knowledge of IT
security best practices
Strong stakeholder management experience, up to and including Board level
Knowledge of national and international regulatory compliances and
frameworks such as ISO 27001, 27017 & 27018, the Data Protection Act,
General Data Protection Regulation (GDPR), CE and CE+, SOC2
Sufficient technical confidence in order to assess compliance of, and
drive delivery from technical resources
Strong time management, project management and organisation skills
LI-DD1
About us
At Improbable, we are determined to foster an environment where people can do
their best work and feel like they belong. We believe a healthy culture,
strong values and contributions from a diverse range of individuals will help
us to achieve success.
We do not discriminate based on race, ethnicity, gender, ancestry, national
origin, religion, sex, sexual orientation, gender identity, age disability,
veteran status, genetic information, marital status or any other legally
protected status.
Life at Improbable
Diversity, inclusion and belonging