Information Security Compliance Specialist

IT, Legal
United Kingdom · Remote
Posted on Thursday, October 19, 2023
Hello 👋! 
We make Octopus Deploy.
We simplify complex software deployments so our customers can focus on what they do best and ship software on time without unwanted disruptions or surprises.
🐙235,000+ people use Octopus Deploy.
🐙600,000+ virtual machines run our Tentacle agent.
🐙300,000,000+ deployments to date.
🐙90% of support emails answered in 2 hours or less.
🐙Over 3,500 organisations use Octopus Deploy (curious? check this out)
Octopus Deploy is one of Australia’s fastest-growing software companies (and we’re taking on the world). After bootstrapping for a decade, in 2021, we quietly raised Australia's second largest ever venture capital raise, accepting a USD 172M minority investment from Insight Partners.
In this role, you will play a pivotal part in safeguarding our organization by performing comprehensive cyber security risk assessments on internal projects, external services, products, and vendors. As part of our Legal, Compliance, & IT team you'll engage closely with our customers, ensuring transparency about our security measures, and collaborate with various teams to conduct risk workshops, identify vulnerabilities, and implement effective solutions. If you possess a deep understanding of globally recognized cyber security standards, exceptional communication skills, and hands-on experience in policy formulation and internal audits, we invite you to apply and contribute to our innovative, security-focused environment.
Salary Expectations: £45000-£55,000 GBP

A Typical Day Might Include

  • Performing cyber security risk assessments on internal projects of external services, products, or vendors.
  • Working with our customers to provide information on the security of our business and product.
  • Monitoring compliance performance metrics and responding to alerts in our compliance systems.
  • Performing risk workshops to assist teams in identifying, assessing, and remediating cyber security risks.
  • Maintaining a cyber security risk register and tracking remediation actions to completion.
  • Reviewing and maintaining cyber security governance documentation and assessing compliance.
  • Assisting with cyber security awareness activities and initiatives.

You'll Be A Great Fit If You:

  • Have experience performing cyber security risk reviews, third party assessments and vendor due diligence.
  • Understand intentionally recognised cyber security standards such as ISO27001 and SOC 2, and overlapping regulations such as GDPR.
  • Are familiar with writing cyber security policy and process documentation and performing internal audit functions.
  • Understand data privacy concepts and practices and are familiar with global privacy regulations.
  • Are comfortable communicating cyber security concepts and requirements to a wide variety of audiences.
  • Possess a knowledge of DevOps, software development, or SaaS would be advantageous.

Why Is This A Great Opportunity?

  • We offer great benefits, including generous laptop and home office allowances, plus stock options!
  • Annual leave of 25 x days.
  • Parents receive 12 weeks of fully Paid Parental Leave.
  • We value transparency and fairness in every aspect of our business. For example, Paul (our CEO) shares monthly updates on company performance, and our pay structures are designed to pass the ‘printer test’.
  • Trust and autonomy. Octonauts are treated like adults, and are trusted to find the best way of working for the task at hand, without managers looking over their shoulder.
  • You’ll be joining a high-growth company with numerous opportunities to learn and advance your career.
  • Remote first: work from wherever you feel most productive.
  • We are a supportive company where everyone’s contribution is valued.
  • We respect and encourage work/life balance.

Equal Opportunity:

  • We’ve built an inclusive workplace culture and understand the true importance of culture-add, versus culture-fit.
  • From day 1, you'll have a buddy helping you get your bearings. You can book in coffee chats with anyone in the company. We encourage everyone to have a voice in all aspects of the product and the business. So much so that we have an open chat policy (all channels are public by default) and everyone is welcome!
  • If you need assistance or accommodation during the application process because of disability, please let us know and we’ll try our best to accommodate.
  •  Also when it comes to inclusivity, we mean it, check out our handbook!
  •  If you’d like to work at Octopus, reach out and say hello!

How To Apply:

  • You must have ongoing unrestricted work rights in the relevant job ad location to apply for this opportunity (The United Kingdom).
  • Submit a CV - your LinkedIn profile is also acceptable as long as it contains enough information for us to assess your fit for the role.
  • We welcome any other relevant documents or portfolios necessary to showcase your skillset and why you think you’d be a great fit here at Octopus.
[Note to Search Firms/Agencies]
Octopus Deploy does not compensate search firms for unsolicited assistance unless they have a written search agreement with Octopus Deploy and the requisition is position-specific. Any resumes, curriculum vitae and other unsolicited assistance from search firms that do not have a written search agreement or position-specific requisition submitted to any Associate of Octopus Deploy will be deemed the sole property of Octopus Deploy and no fee will be paid in the event the candidate is hired by Octopus Deploy.