ABOUT US

People are at the heart of allpay and we reward our employee with a competitive benefits package which includes, a defined contribution group pension scheme, income protection, life assurance, an array of health and wellbeing options including private healthcare cover and an onsite gym. This is coupled with our excellent Learning and Development offering.
We work with some great recruitment agencies. We don’t choose to partner with everyone. Explicit consent or confirmation must be received from our HR department before we accept CV’s. Contractual terms and specific campaigns must have been signed and agreed before you are considered a partner. We never accept unsolicited CV’s, EVER! Even from our trusted partners. We consider it “spoiling,” which does not endear you to us. By sending us unsolicited CV’s we deem these a free gift. If we choose to engage these candidates directly we will not pay you any fees. You will be deemed to have accepted this zero fee by providing unsolicited or spoiled candidates.
We are a company committed to Equal Opportunities.
All roles at allpay Limited are subject to successful background checks including a DBS and Credit Check

ABOUT THE ROLE

We’re looking for a proactive and capable Lead Information Security Analyst, or a Senior Analyst who’s ready to take the next step in their career into team leadership and management.
This is an ideal opportunity for someone with strong hands-on experience of information security frameworks and audit processes, looking to grow and develop further in their career.
Working closely with the Head of Operational Governance, you’ll support and coordinate key compliance activities across ISO 27001, PCI DSS, and Cyber Essentials Plus. You’ll also take the lead in drafting policies, engaging with suppliers, and contributing to commercial tenders from a data protection and risk perspective.
This role includes the opportunity to lead, mentor and support the members of the Information Security team.

KEY RESPONSIBILITIES

• Lead on the operation and continual improvement of the Information Security Management System (ISMS)
• Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus
• Draft and update information security policies, procedures, and technical standards
• Work with procurement and commercial teams to support supplier assurance and risk assessment
• Contribute to tender responses and bid processes, ensuring security and compliance requirements are met
• Promote good security practices and raise awareness across departments
• Act as an escalation point and day-to-day contact for other team members.
• Stay up to date with changes in legislation and standards relating to information and cyber security