We are looking for an Information Security Auditor to joining our growing Security team. To help find vulnerabilities and flaws within our internal systems.
Security breaches such as data theft, unauthorized access to company resources and malware infections all have the potential to affect a business's ability to operate and could be fatal to Farfetch.
On-site the majority of the time, you'll coordinate and drive the audit process with both tech and business areas. This is a hands-on role, so prepare yourself to collaborate with the engineering and product teams to promote a productive organization and amazing culture.
What you'll do
Recommend and implement changes to enhance systems security and prevent unauthorized access;
Administrate and disseminate security policies and procedures by reviewing and auditing security policies;
Monitor compliance with legal requirements;
Help to increase Information Security Awareness within the business;
Perform risk assessments and other security reviews as required;
Help maintaining information security policies and coordinate company-wide information security controls to protect the integrity of Farfetch's assets.
Who you are
Graduated in Computer Science or higher in an Information Security field
A professional with a background in software development or systems administration and more than 4 years in a similar position
Knowledgeable of network protocols, design, and operations;
Working knowledge of Security principles, techniques, and technologies
Certified on Information Security (CISA, CISM or similar)
Working knowledge of COBIT and ISO 27001, policy and procedure review and document management, gap analysis
Good understanding of risk-assessment methodologies (OCTAVE, NIST SP 800-30)
Experienced in Data Privacy impact assessment is a plus
Experienced in Identity Management projects or Cloud Access Security Broker is a plus
Fluent in English (written and spoken)