Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support information security policies, risk management, and compliance across diverse teams.
- Company: Keyloop empowers car dealers with innovative technology for a better buying and selling experience.
- Benefits: Enjoy flexible work options, career development opportunities, and a supportive, inclusive culture.
- Why this job: Join a dynamic team shaping the future of the automotive industry while enhancing your skills.
- Qualifications: Experience in cybersecurity or risk management; relevant certifications are a plus.
- Other info: No academic qualifications required; we value experience and potential over credentials.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Join to apply for the Information Security Officer role at Keyloop
Join to apply for the Information Security Officer role at Keyloop
Keyloop bridges the gap between dealers, manufacturers, technology suppliers and car buyers.
We empower car dealers and manufacturers to fully embrace digital transformation. How? By creating innovative technology that makes selling cars better for our customers, and buying and owning cars better for theirs.
We use cutting-edge technology to link our clients’ systems, departments and sites. We provide an open technology platform that’s shaping the industry for the future. We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it?
Reporting to the Senior Governance, Risk & Compliance Officer, the Information Security Officer will assist in strengthening the organisation’s security posture within a large, complex, and fast-paced environment. This role supports the development and implementation of GRC policies, risk management frameworks, and control processes to ensure the confidentiality, integrity, and availability of Keyloop’s information assets.
The Information Security Officer will work cross-functionally with stakeholders across diverse teams and departments to embed strong information security practices throughout the business. The role also includes identifying and tracking risks within the supply chain and supporting the organisation’s broader information security governance, risk, and compliance efforts. A critical part of this role is helping to promote a strong risk-aware culture and embedding positive security behaviours across the organisation.
Role & Responsibility :
- The job holder will be responsible for assisting and supporting in a range of activities across the Governance, Risk and Compliance function. The job holder will be responsible for the following activities:
Governance
- Support the development, maintenance, and review of Information Security policies, standards, and associated processes
- Monitor regulatory and industry developments to ensure evolving external requirements are reflected in internal practices
- Attend and document meetings such as the Information Security Forum, ensuring actions and decisions are appropriately recorded and tracked
- Collate, analyse, and visualise GRC-related data to support reporting on key metrics such as risk trends, policy compliance, control effectiveness, and audit findings, enabling informed decision-making by stakeholders and leadership
Risk
- Contribute to the ongoing risk management process by identifying, assessing, and tracking information security risks, maintaining the Risk Register, and coordinating risk treatment plans with relevant risk owners
- Conduct third-party risk assessments and due diligence during onboarding and at scheduled intervals to ensure vendor compliance with security requirements
Compliance
- Support internal and external audits, including evidence gathering, issue tracking, and remediation of findings or control gaps
- Perform ongoing control assurance activities to validate the effectiveness of implemented security controls and identify areas for improvement
- Manage and respond to governance and compliance queries and tickets from business units and technical teams
- Respond to customer security questionnaires, RFPs, compliance assessments, and related documentation requests as needed, ensuring alignment with both internal standards and customer expectations
Collaboration & Culture
- Promote adoption and compliance with Information Security policies, standards, and guidelines across the organisation and support stakeholder education and awareness initiatives
- Collaborate with key business functions including HR, Procurement, Legal, IT, and Engineering to embed GRC requirements into core business processes
- Foster a strong security culture across the organisation, helping to embed risk-aware behaviours and make information security integral to day-to-day operations
Expereince :
- Essential
- Prior experience in cybersecurity, risk management, compliance, or governance
- Strong understanding of regulatory requirements, security frameworks, and standards such as ISO 27001, NIST CSF, CIS, and SOC 2
- Hands-on experience with ISO 27001 implementation and audit readiness
- Experience supporting SOC 2 readiness and evidence collection
- Proficient with risk assessment methodologies and control frameworks to evaluate and mitigate risks, including third-party/vendor risk assessments
- Experience supporting internal and external audits
- Skilled in developing and maintaining security policies, processes, and controls
- Relevant industry certifications such as Security+, ISO 27001 Lead Implementer, CRISC, or equivalent
Desirable
- Understanding of GDPR principles and their application to information security and data protection practices
Skills & Abilities:
- Excellent written and verbal communication skills, with the ability to engage effectively and adapt content for both technical and non-technical audiences.
- Strong analytical and problem-solving skills, with keen attention to detail and a methodical approach
- Proficient in producing a wide range of business-relevant documentation, including processes, procedures and reports
- Ability to prioritise and manage multiple tasks effectively in a fast-paced, dynamic environment
- Strong collaboration skills with experience working across diverse teams and departments to achieve shared goals and drive effective governance, risk, and compliance outcomes
- Strong organisational skills with the ability to track issues, audits, and remediation efforts to ensure timely resolution
- Proactive mindset with the ability to anticipate potential risks and compliance challenges before they arise
- Proficient in collating and visualising data to communicate GRC metrics, risk trends, and compliance status
Why join us?
We’re on a journey to become market leaders in our space – and with that comes some incredible opportunities. Collaborate and learn from industry experts from all over the globe. Work with game-changing products and services. Get the training and support you need to try new things, adapt to quick changes and explore different paths. Join Keyloop and progress your career, your way.
An inclusive environment to thrive
We’re committed to fostering an inclusive work environment. One that respects all dimensions of diversity. We promote an inclusive culture within our business, and we celebrate different employees and lifestyles – not just on key days, but every day.
Be rewarded for your efforts
We believe people should be paid based on their performance so our pay and benefits reflect this and are designed to attract the very best talent. We encourage everyone in our organisation to explore opportunities which enable them to grow their career through investment in their development but equally by working in a culture which fosters support and unbridled collaboration.
Keyloop doesn’t require academic qualifications for this position. We select based on experience and potential, not credentials.
We are also an equal opportunity employer committed to building a diverse and inclusive workforce. We value diversity and encourage candidates of all backgrounds to apply.
Seniority level
-
Seniority level
Not Applicable
Employment type
-
Employment type
Full-time
Job function
-
Job function
Information Technology
-
Industries
Software Development
Referrals increase your chances of interviewing at Keyloop by 2x
Sign in to set job alerts for “Information Security Officer” roles.
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Business Information Security Officer employer: Keyloop
Contact Detail:
Keyloop Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Business Information Security Officer
✨Tip Number 1
Familiarise yourself with the key security frameworks mentioned in the job description, such as ISO 27001 and NIST CSF. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the cybersecurity and compliance fields. Attend industry events or webinars where you can meet people who work at Keyloop or similar companies. This can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss real-world examples of how you've contributed to risk management and compliance in previous roles. Be ready to explain your thought process and the impact of your actions on the organisation's security posture.
✨Tip Number 4
Showcase your proactive mindset by identifying potential risks or compliance challenges that Keyloop might face in the automotive technology sector. Presenting your insights during the interview can set you apart from other candidates.
We think you need these skills to ace Business Information Security Officer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, risk management, and compliance. Use keywords from the job description to demonstrate that you meet the essential criteria.
Craft a Compelling Cover Letter: Write a cover letter that showcases your understanding of Keyloop's mission and how your skills align with their needs. Mention specific experiences that relate to the responsibilities outlined in the job description.
Showcase Relevant Certifications: If you have certifications like Security+, ISO 27001 Lead Implementer, or CRISC, make sure to include them prominently in your application. This will help demonstrate your qualifications for the role.
Highlight Soft Skills: In addition to technical skills, emphasise your communication, analytical, and collaboration abilities. Provide examples of how you've worked across teams to achieve shared goals, as this is crucial for the role.
How to prepare for a job interview at Keyloop
✨Understand the Role
Make sure you have a solid grasp of what the Business Information Security Officer role entails. Familiarise yourself with key responsibilities such as risk management, compliance, and governance. This will help you articulate how your experience aligns with the job.
✨Showcase Relevant Experience
Prepare to discuss your previous experience in cybersecurity, risk management, or compliance. Highlight specific projects or achievements that demonstrate your hands-on experience with frameworks like ISO 27001 or SOC 2, as these are crucial for the role.
✨Demonstrate Communication Skills
Since the role involves collaboration across various teams, practice explaining complex security concepts in simple terms. Be ready to showcase your written and verbal communication skills through examples of documentation or presentations you've created.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities and how you handle real-world security challenges. Think of scenarios where you've identified risks or managed compliance issues, and be prepared to discuss your thought process and outcomes.