We are seeking an Information Security & Compliance Officer to support and strengthen our organisations security and compliance posture.
This role is responsible for coordinating security activities across the business supporting compliance initiatives managing third-party risk and acting as the internal liaison with our outsourced Security Operations Centre (SOC) and Virtual CISO.
The successful candidate will help implement security governance risk management and compliance frameworks while ensuring security best practices are embedded across the organisation.
This role is ideal for someone with experience in security operations governance risk and compliance (GRC) who enjoys working across teams to improve organisational security maturity.
Key Responsibilities
Security Operations Oversight
Act as the primary internal liaison with the outsourced SOC provider
Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender
Support incident response coordination and internal communications
Track remediation of security vulnerabilities and incidents
Governance Risk & Compliance
Support the implementation and maintenance of security frameworks such as:
ISO 27001
Cyber Essentials Plus
NIST / CIS frameworks
Maintain and develop security policies standards and procedures
Conduct risk assessments and track remediation actions
Coordinate internal and external security audits
Coordinate with other governance teams to ensure alignment around key initiatives
Third Party Risk Management (TPRM)
Lead the rollout and ongoing management of a Third Party Risk Management programme
Perform vendor security assessments and due diligence
Maintain vendor risk registers and track remediation activities
Work with procurement and legal teams to embed security requirements into supplier onboarding
Security Governance & Awareness
Support security awareness and training initiatives across the organisation
Work with IT and engineering teams to ensure security best practices are followed
Maintain risk registers and compliance documentation
Provide reporting and metrics on security posture to leadership
Security Projects & Initiatives
Support compliance initiatives and security improvement programmes
Work with the virtual CISO to implement strategic security improvements
Assist with policy development and control implementation
Help coordinate vulnerability management and remediation programmes
Provide input into client security questionnaires and audits where appropriate.
About You
Requirements
Skills & Experience
35 years experience in information security IT security or compliance
Understanding of security governance risk and compliance (GRC)
Experience with Microsoft security tooling (Sentinel Defender or Microsoft Security stack)
Familiarity with security frameworks (ISO 27001 NIST CIS Cyber Essentials)
Experience working with third party vendors or supplier risk assessments
Strong communication and stakeholder management skills
Ability to translate security requirements into practical business processes
Desirable
Experience working with outsourced SOC providers
Knowledge of Third Party Risk Management (TPRM) programmes
Experience supporting ISO 27001 certification or audits
Certifications such as:
ISO 27001 Lead Implementer / Lead Auditor
CISSP
CISM
Security
Key Competencies
Strong organisational and documentation skills
Ability to manage multiple compliance initiatives simultaneously
Analytical thinking and risk assessment capability
Collaborative approach to working across technical and non-technical teams
Proactive mindset with a focus on continuous improvement
What Success Looks Like
Within the first 12 months you will:
Establish a structured Third Party Risk Management programme
Improve visibility and reporting of security risks
Strengthen security governance processes
Develop ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognized standard within the next 12-18 months.
Improve collaboration between internal teams the SOC provider and the virtual CISO
About Us
Who we are:
PEI Group is a subscriber-focused business intelligence company. With our multi-talented global team of over 490 people spread across EMEA USA & Asia our purpose is to inform and connect investment professionals across global specialised markets. We identify specific high growth high value investment sectors and themes where deep insight strong market relationships and active capital flows are critical for success.
What we do:
PEI Group provides industry-leading journalism data and market insight to subscribing clients via a wide portfolio of specialist brands supported by our robust and scalable digital publishing analytics and database platform. We also track the firms and individuals who shape markets and bring client-communities together to enable knowledge sharing profile building and relationship development through professional networks and events. Wherever our markets are active in New York Los Angeles Tokyo Sydney Hong Kong Singapore London and elsewhere PEI is hard at work examining crucial market forces and shifting investment themes identifying active investors and their capital allocations and scanning ahead for regulatory changes new compliance requirements and other risk factors.
At PEI we value diverse talent and welcome applications from everyone regardless of background. We are an equalopportunity employer and our inclusive culture at PEI is reflected in every stage of the recruitment journey. Please inform us at initial stages of the recruitment process if you require any reasonable adjustments and we can accommodate this.
PEI Group supports flexible working arrangements and we welcome career returners.
Required Experience:
Unclear Seniority
We are seeking an Information Security & Compliance Officer to support and strengthen our organisations security and compliance posture.This role is responsible for coordinating security activities across the business supporting compliance initiatives managing third-party risk and acting as the inte...
We are seeking an Information Security & Compliance Officer to support and strengthen our organisations security and compliance posture.
This role is responsible for coordinating security activities across the business supporting compliance initiatives managing third-party risk and acting as the internal liaison with our outsourced Security Operations Centre (SOC) and Virtual CISO.
The successful candidate will help implement security governance risk management and compliance frameworks while ensuring security best practices are embedded across the organisation.
This role is ideal for someone with experience in security operations governance risk and compliance (GRC) who enjoys working across teams to improve organisational security maturity.
Key Responsibilities
Security Operations Oversight
Act as the primary internal liaison with the outsourced SOC provider
Monitor and coordinate responses to alerts generated through Microsoft Sentinel and Microsoft Defender
Support incident response coordination and internal communications
Track remediation of security vulnerabilities and incidents
Governance Risk & Compliance
Support the implementation and maintenance of security frameworks such as:
ISO 27001
Cyber Essentials Plus
NIST / CIS frameworks
Maintain and develop security policies standards and procedures
Conduct risk assessments and track remediation actions
Coordinate internal and external security audits
Coordinate with other governance teams to ensure alignment around key initiatives
Third Party Risk Management (TPRM)
Lead the rollout and ongoing management of a Third Party Risk Management programme
Perform vendor security assessments and due diligence
Maintain vendor risk registers and track remediation activities
Work with procurement and legal teams to embed security requirements into supplier onboarding
Security Governance & Awareness
Support security awareness and training initiatives across the organisation
Work with IT and engineering teams to ensure security best practices are followed
Maintain risk registers and compliance documentation
Provide reporting and metrics on security posture to leadership
Security Projects & Initiatives
Support compliance initiatives and security improvement programmes
Work with the virtual CISO to implement strategic security improvements
Assist with policy development and control implementation
Help coordinate vulnerability management and remediation programmes
Provide input into client security questionnaires and audits where appropriate.
About You
Requirements
Skills & Experience
35 years experience in information security IT security or compliance
Understanding of security governance risk and compliance (GRC)
Experience with Microsoft security tooling (Sentinel Defender or Microsoft Security stack)
Familiarity with security frameworks (ISO 27001 NIST CIS Cyber Essentials)
Experience working with third party vendors or supplier risk assessments
Strong communication and stakeholder management skills
Ability to translate security requirements into practical business processes
Desirable
Experience working with outsourced SOC providers
Knowledge of Third Party Risk Management (TPRM) programmes
Experience supporting ISO 27001 certification or audits
Certifications such as:
ISO 27001 Lead Implementer / Lead Auditor
CISSP
CISM
Security
Key Competencies
Strong organisational and documentation skills
Ability to manage multiple compliance initiatives simultaneously
Analytical thinking and risk assessment capability
Collaborative approach to working across technical and non-technical teams
Proactive mindset with a focus on continuous improvement
What Success Looks Like
Within the first 12 months you will:
Establish a structured Third Party Risk Management programme
Improve visibility and reporting of security risks
Strengthen security governance processes
Develop ISO 27001 implementation roadmap and compliance processes to ensure group compliance can evolve to a recognized standard within the next 12-18 months.
Improve collaboration between internal teams the SOC provider and the virtual CISO
About Us
Who we are:
PEI Group is a subscriber-focused business intelligence company. With our multi-talented global team of over 490 people spread across EMEA USA & Asia our purpose is to inform and connect investment professionals across global specialised markets. We identify specific high growth high value investment sectors and themes where deep insight strong market relationships and active capital flows are critical for success.
What we do:
PEI Group provides industry-leading journalism data and market insight to subscribing clients via a wide portfolio of specialist brands supported by our robust and scalable digital publishing analytics and database platform. We also track the firms and individuals who shape markets and bring client-communities together to enable knowledge sharing profile building and relationship development through professional networks and events. Wherever our markets are active in New York Los Angeles Tokyo Sydney Hong Kong Singapore London and elsewhere PEI is hard at work examining crucial market forces and shifting investment themes identifying active investors and their capital allocations and scanning ahead for regulatory changes new compliance requirements and other risk factors.
At PEI we value diverse talent and welcome applications from everyone regardless of background. We are an equalopportunity employer and our inclusive culture at PEI is reflected in every stage of the recruitment journey. Please inform us at initial stages of the recruitment process if you require any reasonable adjustments and we can accommodate this.
PEI Group supports flexible working arrangements and we welcome career returners.
PE Hub is the premium intelligence service covering private equity deal-making in North America and Europe. Access our latest deal news and insights now.
Job Location:
Monthly Salary:
Posted on:
Vacancies:
