About Us
Psychology Tools is an online platform publishing evidence-based therapy resources for clinical professionals. We are a small team of passionate individuals, intent on creating best-in-class resources and making them available to our customers in innovative formats.
Role Overview
We are seeking to appoint an Information Governance Manager to join our growing team to manage our on-going information security management and HIPAA compliance requirements. You will be responsible for plans to develop and improve our information security management system and policies, ensuring that staff are kept informed and trained to a high standard. Operating in the healthcare sector, we can hold sensitive data and so having good practical experience and knowledge of best security practices is essential, ideally including a knowledge of HIPAA compliance.
Key Responsibilities
* To develop and maintain the information security policy and accompanying standards, procedures and guidance
* To develop and deliver a programme of planned compliance reviews and regular risk assessments and to identify and mitigate security risks and address gaps
* Ensure secure implementation and maintenance of cloud-based solutions for secure storage of sensitive data
* To promote security awareness by developing and implementing a security awareness and training programme
* To investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken
* Produce regular reports for the Chief Operating Officer and Board as required Respond to enquiries from staff and provide security advice as required
* Work with internal stakeholders to develop relationships to help promote and improve information security and provide security advice on procurements, projects and new initiatives as required
* Work with external suppliers and auditors as required Maintain a good working knowledge of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies
Qualifications and experience
* Graduate in Cyber Security or Information Security; Or
* Work experience at a level demonstrating ability to successfully implement or manage information security management systems and security risks, ideally in a HIPAA compliant setting
* A good working knowledge of ISO27001 and, ideally, HIPAA compliance and/or Cyber Essentials Plus
* Ability to influence on matters relating to security and information risk
* Good verbal and written communication skills and able to communicate effectively at all levels
* Ability to manage time and priorities appropriately
* Positive attitude towards learning and development demonstrated by a record of continuing development
What We Offer
* An opportunity to contribute to a growing, mission-driven organisation focused on mental health
* A collaborative, flexible and supportive work environment
* Competitive salary of £44,000 - £52,000 dependent upon qualifications and experience.
* Contributory pension scheme 25 days holiday