IT Compliance and risk manager

Pluxee is a global player in employee benefits and engagement that operates in 31 countries. Pluxee helps companies attract, engage, and retain talent thanks to a broad range of solutions across Meal & Food, Wellbeing, Lifestyle, Reward & Recognition, and Public Benefits. Powered by leading technology and more than 5,000 engaged team members, Pluxee acts as a trusted partner within a highly interconnected B2B2C ecosystem made up of more than 500,000 clients, 36 million consumers and 1.7 million merchants. Conducting its business as a trusted partner for more than 45 years, Pluxee is committed to creating a positive impact on all its stakeholders, from driving business to local communities, to supporting wellbeing at work for employees while protecting the planet.

The IT Compliance and Risk Manager is responsible for developing, implementing and overseeing the organisation's IT compliance and risk management programmes, with a strong focus on maintaining the ISO 27001 and ISO 9001 certifications. The role ensures that IT security and operations align with global Pluxee policies & procedures as well as regulatory, legal, GDPR and industry standards while mitigating risks and enhancing overall posture.

Your next challenge:

• Lead and manage the organisation's ISO certification and surveillance audit processes.
• Develop and maintain policies, procedures and documentation to align with ISO and Global Pluxee standards.
• Identify, assess and prioritise IT risk across platforms & services, processes and projects, and take appropriate actions to drive to closure.
• Conduct regular risk assessments for core platforms, services and vendors.
• Ensure compliance with GDPR, NIST etc.
• Serve as a subject-matter expert for IT compliance questions.
• Develop and enforce IT policies and procedures that support compliance and risk objectives.
• Respond to client Information Security tenders and questionnaires.
• Conduct training and awareness programmes.

Accountabilities:

• Maintain ISO certification and promote the standards within the business.
• Quarterly reporting to SLT on compliance status, IT risk posture.
• Present findings and recommendations to COMEX and relevant stakeholders.
• Define an annual roadmap for IT risk management and mitigations aligned to UK Portfolio, Information Security and Business Risk Roadmaps.

PLX UK holds ISO27001 (Information Security Management System) and 9001 (Quality Management System) certifications and already has a traditional framework for risk management. Globally as Pluxee expands its governance to encompass local entities, alignment of local policy and methodology is key.

Competencies:

• Customer focus - Building strong customer relationships and delivering customer-centric solutions.
• Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
• Communicates effectively - Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
• Drives results - Consistently achieves results, even under tough circumstances.
• Optimizes work processes - Knows the most effective and efficient processes to get things done, with a focus on continuous improvement.

Your a Match:

• 5+ years in information security or IT risk management.
• CRISC (Certified in Risk and Information Systems Control) would be a distinct advantage.
• Strong organisation, administration and documentation skills.
• Experience and knowledge of ISO27001 (Information Security Management System) and ISO 9001 (Quality Management System), ideally to Management Representative level.
• Knowledge of GDPR (General Data Protection Regulation) rules and obligations.
• Good knowledge of Information Security Tools, techniques and processes.
• Good knowledge of Business Continuity strategy and planning.
• Strong communication skills with the gravitas to influence senior leadership.
• Energetic with initiative, drive and an enthusiastic 'can do' approach.
• Internal audit experiences an advantage.
• Manage relationship and organise annual external audits to maintain certification.

To get this challenge:

• Video call Discussion with TA Partner.
• Video call Discussion with Hiring Manager.
• Video call Discussion with Hiring Manager & Tech Panel.
• Video call Discussion with HRBP.

Your Team: IT Team

Your Location: Milton Keynes, UK

Happy at work:

1. A meaningful job: Be the change! Help us build the future of employee benefits by bringing to life sustainable and personalized experiences and contribute to make a real impact on millions of lives. Our business model delivers not just for individuals but their communities too, by supporting local businesses and economies.
2. A great culture: People matter - a lot! Be part of a multicultural team that moves as one in a fast paced and innovative environment. We respect and care authentically about our people, we embrace wellbeing and work-life balance, new ideas and we have a lot of fun!
3. An empowering environment: Be yourself! At Pluxee we proudly embrace diversity and value the uniqueness of our talents, fostering an inclusive workplace where all abilities are celebrated, and equal learning and growing opportunities are a given.