allpay Limited

About the Company

As a business we pride ourselves on making payments easy.

We stand as a leading payments specialist in the UK, facilitating the seamless collection and distribution of funds between organisations and their customers.

Established in 1994, allpay has consistently been at the forefront of payment aggregation, processing over £9.4 billion annually for over 900 public and private sector entities. With over three decades of experience, we now process in excess of 66.4 million transactions annually, offering a comprehensive bill payment solution that encompasses all major payment methods.

Our commitment to innovation has led us to pioneer the introduction of Prepaid Cards within the Public Sector. From card design to printing and fulfilment, all aspects are handled by our dedicated team. We are also proud to serve over 500 Housing Associations (HAs) and ALMOs, with 90% of the top 200 HAs in England and nearly 60% of all UK Local Authorities (LAs) choosing allpay for their bill payment services.

What sets us apart is our unwavering commitment to security and compliance. We adhere to the highest standards of PCI DSS compliance, hold various ISO certifications, maintain Bacs-approved Bureau status, and boast accreditations from Mastercard and Visa. In essence, allpay is the preferred payment supplier for the public sector, offering reliability, security, and efficiency in every transaction.

For more detailed information please visit www.allpay.net.

Listed Jobs

Company Name

allpay Limited

Job Title

Lead / Senior Information Security Analyst

Job Description

**Job Title** Lead / Senior Information Security Analyst **Role Summary** Lead and manage the Information Security Management System (ISMS), ensuring continuous improvement and compliance with ISO 27001, PCI DSS, and Cyber Essentials Plus. Oversee audit readiness, draft and update security policies, support supplier risk management, contribute to tender processes, and mentor team members. Serve as the primary escalation point for security incidents and day‑to‑day security queries. **Expectations** - Demonstrate leadership and initiative in a fast‑moving environment. - Maintain meticulous documentation and evidence for audits. - Communicate effectively with stakeholders at all levels. - Mentor and support the growth of team members. - Keep abreast of evolving legislation, standards, and industry best practices. **Key Responsibilities** - Lead operation and continuous improvement of the ISMS. - Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus. - Draft, review, and update security policies, procedures, and technical standards. - Partner with procurement and commercial teams on supplier assurance and risk assessment. - Contribute to tender responses and bid processes, ensuring security and compliance requirements are met. - Promote security awareness and best practices across departments. - Act as the escalation point and day‑to‑day contact for other team members. - Stay current with changes to legislation, standards, and regulatory requirements. **Required Skills** - In‑depth knowledge of ISO 27001, PCI DSS, and Cyber Essentials Plus frameworks. - Proven experience preparing for and supporting audits, including evidence collation and audit readiness. - Strong documentation skills with exceptional attention to detail. - Excellent written and verbal communication; ability to influence stakeholders at all levels. - Ability to work independently and proactively across cross‑functional teams. - Familiarity with supplier risk management and tender processes is a plus. **Required Education & Certifications** - Degree or equivalent experience in IT, Cyber Security, Information Systems, or related discipline. - Desirable certifications: ISO 27001 Lead Auditor/Implementer, PCIP, CISM, CompTIA Security+, CISMP.

White stone, United kingdom

Hybrid

Senior

07-11-2025