Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead our info security efforts and ensure HIPAA compliance while managing sensitive data.
- Company: Join Psychology Tools, a passionate team creating innovative therapy resources for mental health professionals.
- Benefits: Enjoy a competitive salary, 25 days holiday, and a contributory pension scheme in a flexible work environment.
- Why this job: Make a real impact in mental health while developing your skills in a supportive, mission-driven culture.
- Qualifications: Degree or experience in Cyber Security; knowledge of ISO27001 and HIPAA compliance is a plus.
- Other info: We celebrate diversity and are committed to an inclusive workplace.
The predicted salary is between 44000 - 52000 £ per year.
About Us Psychology Tools (psychologytools.com) is an online platform publishing evidence-based therapy resources for clinical professionals. We are a small team of passionate individuals, intent on creating best-in-class resources and making them available to our customers in innovative formats. Role Overview We are seeking to appoint an Information Security and Governance Manager to join our growing team to manage our on-going information security management and HIPAA compliance requirements. You will be responsible for achieving ISO27001 certification and for the development of plans to improve our information security management system and policies, ensuring that staff are kept informed and trained to a high standard. Operating in the healthcare sector, we can hold sensitive data and so having good practical experience and knowledge of best security practices is essential, ideally including a knowledge of HIPAA compliance. Key Responsibilities To develop and maintain the information security policy and accompanying standards, procedures and guidance in order to gain and maintain ISO27001 certification To develop and deliver a programme of planned compliance reviews and regular risk assessments and to identify and mitigate security risks and address gaps Ensure secure implementation and maintenance of cloud-based solutions for secure storage of sensitive data To promote security awareness by developing and implementing a security awareness and training programme To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken Produce regular reports for the Chief Operating Officer and Board as required Respond to enquiries from staff and provide security advice as required Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required Work with external suppliers and auditors as required Maintain a good working knowledge of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies Qualifications and experience Graduate in Cyber Security or Information Security; Or Work experience at a level demonstrating ability to successfully implement or manage information security management systems and security risks, ideally in a HIPAA compliant setting A good working knowledge of ISO27001 and, ideally, HIPAA compliance and/or Cyber Essentials Plus Ability to influence on matters relating to security and information risk Good verbal and written communication skills and able to communicate effectively at all levels Ability to manage time and priorities appropriately Positive attitude towards learning and development demonstrated by a record of continuing development The successful candidate will ideally also have experience with some or all of the following; An understanding of the Data Protection Act, the Freedom of Information Act and other related legislation, including standards and codes of practice One or more Information Security Certificates from the following list; CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) ISO27001 Lead Implementer or equivalent CISA (Certified Information Systems Auditor) What We Offer An opportunity to contribute to a growing, mission-driven organisation focused on mental health A collaborative, flexible and supportive work environment Competitive salary of £44,000 – £52,000 dependent upon qualifications and experience. Contributory pension scheme 25 days holiday How to Apply Please submit your CV and a cover letter detailing your relevant experience and interest in the role via the button below. Psychology Tools is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Agencies: We are not able to accept applicants and unsolicited interest via recruitment agencies.
Information Security and Governance Manager employer: Psychology Tools Limited
Contact Detail:
Psychology Tools Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security and Governance Manager
✨Tip Number 1
Familiarize yourself with ISO27001 and HIPAA compliance requirements. Understanding these standards will not only help you in the interview but also demonstrate your commitment to the role.
✨Tip Number 2
Showcase your practical experience in managing information security systems. Be ready to discuss specific examples where you've successfully implemented security measures or managed risks.
✨Tip Number 3
Highlight your ability to communicate effectively with various stakeholders. This role requires collaboration, so be prepared to share instances where you've successfully influenced security practices within a team.
✨Tip Number 4
Stay updated on emerging security trends and technologies. Being knowledgeable about the latest developments in information security will set you apart as a candidate who is proactive and engaged in continuous learning.
We think you need these skills to ace Information Security and Governance Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your relevant experience in information security management, particularly any work related to HIPAA compliance and ISO27001 certification. Use specific examples to demonstrate your skills.
Craft a Compelling Cover Letter: In your cover letter, express your passion for mental health and how your background aligns with the mission of Psychology Tools. Be sure to mention your understanding of security practices and your commitment to continuous learning.
Highlight Relevant Certifications: If you have any certifications like CISSP, CISM, or ISO27001 Lead Implementer, make sure to include them prominently in your application. This will show your qualifications and dedication to the field.
Showcase Communication Skills: Since the role requires good verbal and written communication skills, provide examples in your application that demonstrate your ability to communicate effectively at all levels, especially in a team setting.
How to prepare for a job interview at Psychology Tools Limited
✨Show Your Knowledge of ISO27001 and HIPAA
Make sure to demonstrate your understanding of ISO27001 certification and HIPAA compliance during the interview. Prepare specific examples of how you've implemented or managed these standards in previous roles, as this will show your practical experience and knowledge.
✨Highlight Your Communication Skills
Since the role requires effective communication with various stakeholders, be ready to discuss how you've successfully communicated security policies and procedures in the past. Share examples of how you’ve influenced others on matters related to security and information risk.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you've managed, how you identified risks, and the steps you took to mitigate them. This will showcase your ability to handle security incidents effectively.
✨Demonstrate a Commitment to Continuous Learning
The company values a positive attitude towards learning and development. Be prepared to discuss any recent training, certifications, or self-study you've undertaken in the field of information security. This shows your dedication to staying updated with emerging trends and best practices.
