Job Description
We’re recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting information security risks across Technology Services and the wider business.
You’ll work closely with stakeholders to ensure appropriate controls, policies, and procedures are in place, aligned to industry best practice and regulatory requirements. You’ll also support internal and external audits, as well as due diligence activities with partners and suppliers.
Key responsibilities
1. Develop and maintain information security policies aligned to recognised frameworks (e.g. ISO27001/2)
2. Manage and report on policy exceptions
3. Produce management reporting on information security and change programmes
4. Partner with business and technology teams to track remediation of risks and issues
5. Support the assessment of third-party security posture
6. Undertake risk profiling of information and technology assets
7. Support audit activity and supplier due diligence processes
8. Ensure all activities support customer protection and regulatory requirements, including Consumer Duty
Technical skills
9. Strong knowledge of information security risk management tools and techniques
10. Experience with security frameworks and standards
11. Understanding of the threat landscape
12. Awareness of security technologies (e.g. SIEM, endpoint protection, email/web gateways)
13. Knowledge of IT General Controls frameworks
14. Awareness of operational risk and RCSA processes
Skills and experience
15. Experience working within frameworks such as ISO27001, NIST or similar
16. Ideally 5+ years’ experience in an information security role within financial services
17. Strong attention to detail and ownership of tasks
18. Confident challenging approaches to improve security outcomes
19. Self-motivated, organised, and able to work independently
20. Strong communication skills
21. Ability to manage multiple priorities in a fast-paced environment
22. CISM certification (achieved or in progress) preferred
About AJ Bell
AJ Bell is one of the UK’s fastest-growing investment platform businesses, providing award-winning solutions for everyone, from professional financial advisers to first-time investors.
Today, over 644,000 customers trust us to manage more than £103.3 billion of assets. By continually striving to make investing simpler and more accessible, we’re helping more people take control of their financial futures.
We’re proud to be recognised as one of the UK’s Best 100 Companies to Work For for six consecutive years, and a Great Place to Work® in 2025 and 2026 a reflection of our supportive and collaborative culture.
What we offer
23. 27 days holiday, increasing with service + buy/sell scheme + bank holidays
24. 8% Pension with matched contributions
25. Discretionary bonus scheme
26. Share schemes (including free shares and BAYE)
27. Health Cash Plan and discounted private healthcare
28. Free onsite gym
29. Enhanced family leave (subject to qualifying criteria)
30. Travel and bike loan schemes
31. Employee Assistance Programme
Life at AJ Bell
32. Regular social events including summer and Christmas parties
33. Learning and development opportunities tailored to you
34. Casual dress code
35. Friendly, supportive team environment
Our ways of working
We offer hybrid working, with a minimum of 50% of your working time per month spent in the office.
For new starters, there’s an initial period of full-time office working to help you settle in and build relationships.
Inclusion & diversity
We’re committed to creating an inclusive environment where everyone feels respected and able to be themselves at work.
We welcome applications from all backgrounds and make hiring decisions based on skills, experience and potential.