OverviewMaintain and operate the Cyber Risk Register, ensuring timely tracking and treatment of issues. Provide reporting for key governance committees. Deliver the Information Risk Assessment Programme, engaging business and technical stakeholders to assess and manage cyber threats and risks. Deliver Supplier Risk Assessments, working with procurement and business teams to assess and monitor third-party risk through the supplier life-cycle. Facilitate and document Security Risk Exceptions.ResponsibilitiesCyber Training and Awareness: Contribute to the design and rollout of security awareness content and phishing simulation programmes to embed a strong cyber culture.Security Policy Framework: Support the ongoing development, maintenance, and communication of the organisation's Security Policy framework, reviewing and updating policies and procedures to ensure alignment with good practice frameworks and business activities.Cyber Security & Resilience Compliance: Coordinate compliance efforts across standards such as PCI-DSS, external/internal audit requirements, user access reviews, and FCA operational resilience requirements. Work closely with stakeholders to manage remediation actions and audit responses.Support Cyber Incident Management: Act as a supporting resource in cyber incident response activities, working with security and technical teams to log, track and learn from incidents and near misses.QualificationsA minimum of two years' experience in a cyber risk / information security role.Working knowledge of cyber risk frameworks (e.g. ISO 27001, NIST CSF).Hands-on experience with maintaining risk registers and conducting information risk assessments, including supplier risk assessments.A good understanding of regulatory and compliance requirements such (e.g. PCI-DSS).Excellent communication skills, with the ability to articulate technical and risk concepts to diverse stakeholders.A proactive and structured approach to managing tasks and stakeholders.A collaborative mindset and a desire to strengthen the organisation's security posture, in line with our business objectives.DesirableCertified qualifications such as CRISC, CISMP, CISM, CISSP, ISO 27001 Lead Implementer, or equivalent.Experience working with GRC tools (e.g. OneTrust, Archer, Protecht).Awareness of cloud platforms and SaaS (e.g. Microsoft Azure, M365, AWS) and associated security risks.An understanding of SYSC15 Operational Resilience (FCA Handbook).Exposure to incident management or support in data breach scenarios.Our valuesOur values are our personal brand and lay the foundation of what we care about the most. They provide us with guidance, so we can work towards the same goals. They are our DNA and are kept at the forefront of our Oodler's mind when making business decisions.Embrace being human - empathy and diversity make us stronger.Strive for awesome - it''s awesome when we do better every day.Everyone's a builder - we''re in this together and we win as a team.Bravely honest - we''re honest with ourselves and everyone else.Think customer - they''re at the heart of everything we do.To find out more about our culture and what happens at Oodle check out our LinkedIn and Instagram.Benefits£+ Discretionary Company Bonus SchemeMonday - Friday (37.5 hours per week - hybrid)Our perks25 days holiday (rising to 28 after 3 years' service) plus bank holidays, to take time to recharge and do something you love.Private Medical - via vitality, with reward schemes paid for you and your family.Health cash plan - via Simply Health for employee's and children claiming money back for dental, optical, etcPension - Oodle will contribute 5% of your salary into your pension pot to help you save for the future.Free breakfast, drinks and fruit in the office - you can help yourself to cereals, toast, fizzy drinks and lots of fruit.Employee discounts - discounts you can access anywhere, anytime for all major shops.1 day volunteer day per year - an opportunity to give back to the community each year.Mental health care - 6 free counselling sessions via our EAP (Employee Assistance Programme).Paid sick leave - enhanced company sick pay.Enhanced family leave - we provide enhanced family leave for primary and secondary caregivers.Oodle - who are we?Our mission is to be the UK's simplest way to find and finance a great value used car. We want to put car buyers back in control and make the car buying experience as simple, straightforward, and joyful as possible as car buyers deserve oodles of car buying confidence!We are a team of 450 people located in Manchester, Oxford and London. Over the past 6 years, we've supported 10,000''s of customers on their car buying journey and know 2025 is shaping up to be another exciting year! #J-18808-Ljbffr