Partner with Nomo Fintech to create future-proof banking products with the customer at their core.
Join the teamWe take projects from conception to completion, keeping the customer experience at the heart of everything we do.
Our seamless digital experiences are built on holistic designs and empathetic research, helping businesses drive impactful change.
Service Delivery within Nomo Fintech is divided into four main areas: Service Management, End-User Compute & Agile delivery.
Our Quality Assurance vision is to develop a knowledge-driven and multi-skilled QA team that transcends traditional QA practices.
The People and Office Management vertical ensures that the business strategy is fulfilled and is a catalyst for mobilising the collective potential of the company.
The Finance Department of Nomo Fintech plays a critical role in managing the financial health and resources of the company.
The marketing vertical is to promote Nomo Bank and its partners’ suite of financial products and services
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Discover the key moments shaping Nomo Fintech's story, the challenges strengthening our core, and the innovations driving us confidently into the future of finance.
The project to build the world’s first fully digital international Islamic bank begins, and we start assembling a global team of experts from the worlds of tech and finance
Nomo Bank launches, having been built entirely remotely during the global pandemic, offering Sharia-compliant UK bank accounts to customers in Kuwait
Nomo Property Finance launches, giving customers the opportunity to receive finance for rental and residential properties in the UK
Nomo expands into the UAE through strategic partnerships with ADCB and Al Hilal, and the launch of ADCB | Nomo and Al Hilal | Nomo
Nomo becomes the first bank to offer digital payments using Apple Pay in Kuwait.
We take projects from conception to completion, keeping the customer experience at the heart of everything we do.
Flexible working
30 Days Annual Leave
Health insurance
Career development budget
Your choice of tech
Generous Individual Performance Bonus
Working from home budget
Private Medical Insurance
Ride to work scheme
Gym Membership Allowance
Mortgage advice
Life Assurance & Group Income Protection
We’re on a mission to create a new digital future for Islamic digital banking through the development of innovative, customer-centric products that give people more control over their money.
Data
Design
Operations
London
Full-time
BB2 Digital and Technology Services Ltd (t/a Nomo Fintech) is a cloud-based business-to-business Fintech company which owns the digital platform that powers the digital retail banking services of Bank of London and The Middle East plc (“BLME”), branded Nomo (available on iOS and Android), and provides various other services to BLME. Nomo Fintech is currently in scale-up mode to support international digital banking across the GCC, and it’s an incredibly exciting time to join the business with great ambition and an effective combination of talent, culture, and world class technology.
This role will work with teams across multiple departments including Cloud Services, Cybersecurity, Information Technology and our Risk & Data Protection functions. The Information Security Manager will be help define and shape our cyber and data/ information security practices moving forwards through the development and implementation of appropriate Policy, Procedure, and Controls aligned to industry standard frameworks and applicable regulatory requirements.
The role holder will report to the Head of Cloud Services.
- Cross functional working typically with, but not limited to, Cloud Services, Head of Cyber Security and the Cyber Security Team, Service Delivery, Engineering, Data Services, Data Protection Officer, and Operational Risk to build on an existing data compliance and information security program.
- Assist with implementation of information security frameworks: CSA CCM (Star), SOC 2 – type 2.
- Review information security events and incidents inline with BB2 Policy/ Procedures and industry best practice.
- Participate in the preparation for, and management and execution of, regulatory agency and collaborator/ audit inspections.
- Provide support and advice to stakeholders by facilitating the escalation of any data compliance issues through the appropriate routes.
- Ensuring a process for the proper control of IT assets, including correct licensing, with a view to the automation of these controls.
- Keeping abreast of cybersecurity developments, industry standard updates, and applicable regulatory requirements with a view to understanding their impact on IT requirements and controls.
- Ensure audit trails, system logs, and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements,
- Review the feasibility of automating ingestion into GRC tooling
- The development of metrics to measure/ assess the quality of audit trail review/ actions and their ingestion into Continuous Control Monitoring tooling,
- Design security testing schedules and oversee penetration testing & vulnerability management practice
- Provide information security awareness training to identified personnel
- Identify information security risk and define remediation plans
·- Ability to work in a team and on your own.
- The ability to evaluate complex situations and find appropriate/ pragmatic solutions in a professional manner
- Strong interpersonal and organisational skills, with the ability to successfully work both independently and effectively within a team
- Strong influencing skills, executing as appropriate in the areas of responsibility
- High degree of attention to detail
- Collaborative, as you will be working across teams, departments, locations and legal entities.
- Excellent communication skills, including the ability to explain technology solutions to non-technology internal client base
- The ability to manage multiple/varied tasks and prioritise workload with attention to detail
- Open, helpful and transparent with the ability to quickly establish credibility and build rapport and trust.
- IT experience, with a number of those gained within an information security role
- Experience of working as an IT Security Manager/ Information Security Manager having previously defined and implemented security strategy/ processes.
- Experience of Data Compliance, IT support, cyber security, and service level agreements etc,.
- A working knowledge of the Data Protection Act (1998) and General Data Protection Regulations (GDPR).
- Strong working knowledge of SOC 2 controls including security, confidentiality, availability and data privacy.
- A proven ability to engage constructively with colleagues at all levels across different departments to deliver objectives.
- A working knowledge of Security Architecture and potential security issues related to them PaaS, IaaS, SaaS and understanding of IAM, and Data Loss Prevention in a cloud environment.
- Knowledge of technologies such as IDS/IPS, vulnerability testing and firewalls experience working in, or knowledge of DIFC, and other Middle Eastern territories and associated regulations
- Experience with AWS and/or Microsoft cloud ecosystem
- A degree in Computer Science, IT, Systems Engineering or a related qualification
- CISSP, CRISC or CISM qualification is desirable