We are a technology business operating in the global energy sector. ENSEK have become the go-to option for top energy suppliers across the globe. Why? Because our technology is a significant step change away from the legacy systems that have historically dominated the market. It’s also massively cheaper to adopt the ENSEK solution, with no loss in customer service or standards. But by far the biggest reason why ENSEK is the best choice in energy supplier software, is because of the people who work here and their endless enthusiasm, energy, and the way they support their colleagues. All our clients comment on what great people we have. Our people are our superpower. That is where you come in. ROLE SUMMARY: ENSEK designs and develops software that enables energy retailers to manage their energy consumers. ENSEK’s Ignition platform is a SaaS tool that provides energy suppliers with the tech to manage energy consumers - from quote to sign up, billing, collection, and service, all in real-time. As an Information Security & Compliance Manager, you will play a key role in ensuring ENSEK’s information security posture aligns with best practices and regulatory requirements. The role will oversee the development, implementation, and continuous improvement of information security policies, practices, and compliance programs. The successful candidate will lead efforts to safeguard sensitive data, manage risk, and ensure compliance with relevant standards, such as GDPR, ISO27001:2022, SOC2 and other applicable frameworks. The individual will work cross-functionally with engineering, product, and legal teams to maintain secure systems, conduct regular audits, and implement risk mitigation strategies. The role will also include responding to security incidents, managing third-party vendor security assessments, and reacting to emerging security threats. The Information Security & Compliance manager will play a crucial role in protecting the company’s reputation, maintain customer trust, and ensuring the organisation meets all compliance obligations in a rapidly evolving cloud environment. KEY RESPOSBILITIES: Develop, implement, and maintain information security and compliance programs tailored to cloud-based systems. Ensure compliance with global regulations and industry standards (e.g., GDPR, SOC2, ISO27001, ISO27701, NIST, SEC, REC, PCI-DSS). Conduct regular risk assessments, audits, and security reviews. Manage the response to security incidents, including root cause analysis and corrective action. Collaborate with internal and external stakeholders to improve security practices. Monitor security posture and manage security controls for infrastructure and applications. Lead internal training and awareness programs for staff on security policies and procedures. Assist with vendor risk assessments and ensure third-party vendors comply with security standards. Stay information on latest trends, vulnerabilities and best practices in information security and cloud technologies. TECHNICAL SKILLS: Proven experience in information security, risk management, and/or compliance roles, ideally within a SaaS or cloud-based environment. Strong knowledge of relevant security and compliance frameworks, including ISO27001, SOC 2 and GDPR. Knowledge in cloud security technologies (e.g., AWS, GCP) would be beneficial. Familiarity with data privacy laws and regulatory requirements across multiple regions. SOFT SKILLS: 1. Strong analytical and problem-solving skills, with the ability to make data-driven decisions. 2. Excellent communication and leadership abilities to work across technical and non-technical teams.