IT Compliance and risk manager

Job Description

Pluxee is a global player in employee benefits and engagement that operates in 31 countries. Pluxee helps companies attract, engage, and retain talent thanks to a broad range of solutions across Meal & Food, Wellbeing, Lifestyle, Reward & Recognition, and Public Benefits.
Powered by leading technology and more than 5,000 engaged team members, Pluxee acts as a trusted partner within a highly interconnected B2B2C ecosystem made up of more than 500,000 clients, 36 million consumers and 1.7 million merchants.
Conducting its business as a trusted partner for more than 45 years, Pluxee is committed to creating a positive impact on all its stakeholders, from driving business to local communities, to supporting wellbeing at work for employees while protecting the planet.

• The IT Compliance and Risk Manager is responsible for developing, implementing and overseeing the organisation's IT compliance and risk management programmes, with a strong focus on maintaining the ISO 27001 and ISO 90001 certifications.
• The role ensures that IT security and operations align with global Pluxee policies & procedures as well as regulatory, legal, GDPR and industry standards while mitigating risks and enhancing overall posture.
• Respond to client Information Security tenders and questionnaires, establish and maintain a central repository of documentation available for Sales and Planning Team access.

Your next challenge:

• Lead and manage the organisation's ISO certification and surveillance audit processes.
• Develop and maintain policies, procedures and documentation to align with ISO and Global Pluxee standards.
• Identify, assess and prioritise IT risk across platforms & services, processes and projects, and take appropriate actions to drive to closure.
• Conduct regular risk assessments for core platforms, services and vendors.
• Ensure compliance with GDPR, NIST etc
• Serve as a subject-matter expert for IT compliance questions
• Develop and enforce IT policies and procedures that support compliance and risk objectives.
• Respond to client Information Security tenders and questionnaires.
• Conduct training and awareness programmes.

Accountabilities:

• Maintain ISO certification and promote the standards within the business.
• Quarterly reporting to SLT on compliance status, IT risk posture.
• Present findings and recommendations to COMEX and relevant stakeholders.
• Define an annual roadmap for IT risk management and mitigations aligned to UK Portfolio, Information Security and Business Risk Roadmaps.
• PLX UK holds ISO27001 (Information Security Management System) and 9001 (Quality Management System) certifications and already has a traditional framework for risk management.
• Globally as Pluxee expands its governance to encompass local entities, alignment of local policy and methodology is key.

Competencies

• Customer focus - Building strong customer relationships and delivering customer-centric solutions.
• Collaborates - Building partnerships and working collaboratively with others to meet shared objectives.
• Communicates effectively - Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.
• Drives results - Consistently achieves results, even under tough circumstances.
• Optimizes work processes - Knows the most effective and efficient processes to get things done, with a focus on continuous improvement.

Your a Match:

• 5+ years in information security or IT risk management.
• CRISC (Certified in Risk and Information Systems Control) would be a distinct advantage.
• Strong organisation, administration and documentation skills.
• Experience and knowledge of ISO27001 (Information Security Management System) and ISO 9001 (Quality Management System), ideally to Management Representative level.
• Knowledge of GDPR (General Data Protection Regulation) rules and obligations.
• Good knowledge of Information Security Tools, techniques and processes.
• Good knowledge of Business Continuity strategy and planning
• Strong communication skills with the gravitas to influence senio.r leadership.
• Energetic with initiative, drive and an enthusiastic 'can do' approach.
• Internal audit experiences an advantage.
• Manage relationship and organise annual external audits to maintain certification.

To get this challenge:

• Video call Discussion with TA Partner
• Video call Discussion with Hiring Manager
• Video call Discussion with Hiring Manager & Tech Panel.
• Video call Discussion with HRBP

Your Team:

• IT Team

Your Location:

• Milton Keynes, UK

️ Happy at work

1) A meaningful job: Be the change! Help us build the future of employee benefits by bringing to life sustainable and personalized experiences and contribute to make a real impact on millions of lives. Our business model delivers not just for individuals but their communities too, by supporting local businesses and economies.

2) A great culture: People matter - a lot! Be part of a multicultural team that moves as one in a fast paced and innovative environment. We respect and care authentically about our people, we embrace wellbeing and work-life balance, new ideas and we have a lot of fun!

3) An empowering environment: Be yourself! At Pluxee we proudly embrace and value the uniqueness of our talents, fostering an inclusive workplace where all abilities are celebrated, and equal learning and growing opportunities are a given.