JaJa Finance Ltd

Head of Information Security

 

About JAJA

Jaja is a consumer finance business, launching its first product, a digital credit card, in 2018. Since then it has grown rapidly and has recently completed the acquisition of a multi-£000m credit card portfolio. With backing from several major Private Equity funds, Jaja has an ambitious growth strategy that includes providing consumer finance in partnership with leading consumer brands, with a number of partnerships secured alongside an exciting pipeline of opportunities. 

Jaja is on a mission to redefine the consumer finance experience and liberate customers from needless complexity, wasted time, and frustration. Or as we say it, Make Simple. We will delight our customers – making the customer experience simpler, more enjoyable, more intelligent – treating customers fairly and giving them more control of their money.

 

Purpose of the Role

Jaja Finance is looking for an Head of Information Security to manage a small team of Information Security specialists and drive the strategic implementation of Information Security controls across the business.

Reporting in to the Chief Risk Officer, you will demonstrate a solid understanding of cloud infrastructure and a corporate environment that is based in the cloud and leverages SaaS applications very heavily.

You will create the roadmap and programme for the implementation and development of security controls for the company, and will act as the key security subject matter expert for the business.

The ideal candidate will have previously built and managed successful security programmes in small businesses that are scaling rapidly, preferably in the financial services sector. An understanding of the challenges of maturing controls in a rapidly developing organisation will be key.

Given the size and scale of the organisation you will need to be adept at working with senior stakeholders yet able to roll up your sleeves to support junior members of the team with theoretical and technical challenges.

 

Responsibilities

• Manage a small team of technical Information Security specialists
• Own and manage the PCI-DSS audit responsibilities
• Maintain a holistic view of Information Security across the building and prioritise threats
• Conduct gap analysis and risk assessments to provide valuable insight to Executive Committee on risks and priorities
• Ensure that security operational capability is fit for purpose
• Build out technology and security risk frameworks and map to best practice models
• Enhance and maintain the policy and process library
• Work closely with colleagues in cross functional departments to ensure that Jaja’s products are secure by design and secure by default
• Manage the security aspects of the Software Development Lifecycle
• Oversee and enforce access control across the company
• Manage the programme for the effective control of third party provider risk to operational resilience
• Evaluate and develop security tooling for the business
• Conduct second line audit function on IT Operations processes that have a deep impact on the security posture: “joiners, movers, leavers”, access control, asset register, approved software, etc.
• Provide consultancy and support function to colleagues across the business
• Demonstrate and promote security best practices
• Report relevant KPIs and metrics regularly to internal teams, summarising new and emerging security risks
• Build and develop an effective security awareness programme
• Prepare reports and present recommendations
• Evaluate employees’ risk awareness and train them when necessary

Essential Skills and Experience

• Proven experience as an Information Security Manager or Head of Information Security in a cloud-first environment
• Previous experience securing agile software development projects
• Knowledge of risk frameworks
• Previous experience of managing PCI-DSS audits and general auditing and reporting procedures
• Experience with team management in an Information Security capacity
• Ability to present and communicate complex technical terms to business stakeholders

 

What's in it for you? 

• The chance to make a real impact in a growing start-up on a mission to change the face of the consumer finance industry forever.
• Competitive salary
• Pension
• More exciting benefits you will hear about when we talk