Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead our info security efforts and ensure HIPAA compliance while achieving ISO27001 certification.
- Company: Join Psychology Tools, a passionate team dedicated to mental health resources for professionals.
- Benefits: Enjoy a flexible work environment, competitive salary, 25 days holiday, and a contributory pension scheme.
- Why this job: Make a real impact in mental health while growing your skills in a supportive culture.
- Qualifications: Degree in Cyber Security or relevant experience; knowledge of ISO27001 and HIPAA preferred.
- Other info: We celebrate diversity and are committed to an inclusive workplace.
The predicted salary is between 38000 - 62000 £ per year.
About Us
Psychology Tools (psychologytools.com) is an online platform publishing evidence-based therapy resources for clinical professionals. We are a small team of passionate individuals, intent on creating best-in-class resources and making them available to our customers in innovative formats.
Role Overview
We are seeking to appoint an Information Security and Governance Manager to join our growing team to manage our on-going information security management and HIPAA compliance requirements. You will be responsible for achieving ISO27001 certification and for the development of plans to improve our information security management system and policies, ensuring that staff are kept informed and trained to a high standard. Operating in the healthcare sector, we can hold sensitive data and so having good practical experience and knowledge of best security practices is essential, ideally including a knowledge of HIPAA compliance.
Key Responsibilities
- To develop and maintain the information security policy and accompanying standards, procedures and guidance in order to gain and maintain ISO27001 certification
- To develop and deliver a programme of planned compliance reviews and regular risk assessments and to identify and mitigate security risks and address gaps
- Ensure secure implementation and maintenance of cloud-based solutions for secure storage of sensitive data
- To promote security awareness by developing and implementing a security awareness and training programme
- To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
- Produce regular reports for the Chief Operating Officer and Board as required Respond to enquiries from staff and provide security advice as required
- Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required
- Work with external suppliers and auditors as required Maintain a good working knowledge of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies
Qualifications and experience
- Graduate in Cyber Security or Information Security; Or
- Work experience at a level demonstrating ability to successfully implement or manage information security management systems and security risks, ideally in a HIPAA compliant setting
- A good working knowledge of ISO27001 and, ideally, HIPAA compliance and/or Cyber Essentials Plus
- Ability to influence on matters relating to security and information risk
- Good verbal and written communication skills and able to communicate effectively at all levels
- Ability to manage time and priorities appropriately
- Positive attitude towards learning and development demonstrated by a record of continuing development
The successful candidate will ideally also have experience with some or all of the following;
- An understanding of the Data Protection Act, the Freedom of Information Act and other related legislation, including standards and codes of practice
- One or more Information Security Certificates from the following list;
- CISSP (Certified Information Systems Security Professional)
- CISM (Certified Information Security Manager)
- ISO27001 Lead Implementer or equivalent
- CISA (Certified Information Systems Auditor)
What We Offer
- An opportunity to contribute to a growing, mission-driven organisation focused on mental health
- A collaborative, flexible and supportive work environment
- Competitive salary of £44,000 – £52,000 dependent upon qualifications and experience.
- Contributory pension scheme 25 days holiday
How to Apply
Please submit your CV and a cover letter detailing your relevant experience and interest in the role via the button below.
Psychology Tools is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Agencies: We are not able to accept applicants and unsolicited interest via recruitment agencies.
Information Security and Governance Manager employer: Psychology Tools Limited
Contact Detail:
Psychology Tools Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security and Governance Manager
✨Tip Number 1
Familiarize yourself with ISO27001 and HIPAA compliance requirements. Understanding these standards will not only help you in the interview but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the information security field, especially those with experience in healthcare. This can provide you with insights into best practices and may even lead to referrals.
✨Tip Number 3
Stay updated on emerging security trends and technologies. Being knowledgeable about the latest developments will show that you are proactive and dedicated to continuous learning.
✨Tip Number 4
Prepare to discuss specific examples of how you've managed security risks in previous roles. Real-world scenarios can illustrate your problem-solving skills and practical experience.
We think you need these skills to ace Information Security and Governance Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your relevant experience in information security management, particularly any work related to HIPAA compliance and ISO27001 certification. Use specific examples to demonstrate your skills.
Craft a Compelling Cover Letter: In your cover letter, express your passion for mental health and how your background aligns with the mission of Psychology Tools. Clearly outline your experience with security policies and risk assessments, and mention any relevant certifications.
Showcase Communication Skills: Since good verbal and written communication skills are essential for this role, ensure that your application reflects your ability to communicate complex security concepts clearly and effectively.
Highlight Continuous Learning: Demonstrate your positive attitude towards learning and development by mentioning any recent training or certifications you have pursued in the field of information security. This shows your commitment to staying updated with emerging trends and standards.
How to prepare for a job interview at Psychology Tools Limited
✨Show Your Knowledge of ISO27001 and HIPAA
Make sure to brush up on your understanding of ISO27001 and HIPAA compliance. Be prepared to discuss how you have implemented or managed these standards in previous roles, as this will demonstrate your practical experience and knowledge.
✨Demonstrate Your Risk Assessment Skills
Prepare examples of how you've conducted risk assessments and identified security risks in past positions. Highlight your ability to develop and implement plans to mitigate these risks, as this is a key responsibility of the role.
✨Communicate Effectively
Since good verbal and written communication skills are essential for this position, practice articulating your thoughts clearly. Be ready to explain complex security concepts in a way that non-technical stakeholders can understand.
✨Emphasize Your Continuous Learning
Show your positive attitude towards learning and development by discussing any recent training, certifications, or emerging trends in information security that you are following. This will reflect your commitment to staying updated in the field.
