Overview
Join to apply for the Information Security Manager role at Specialist Risk Group (SRG). London.
At Specialist Risk Group (SRG), we specialise in delivering expert risk solutions for complex, high-stakes challenges across a range of sectors. From insurance and professional indemnity to bespoke risk management services, our work demonstrates both precision and adaptability, reflecting our commitment to helping clients navigate even the most demanding scenarios. Guided by our mantra, “Difficult. Done Well.”, we tackle challenges that others shy away from, delivering solutions that are robust and forward-thinking.
About The Role
The IT Risk Manager is responsible for leading the development, implementation, and maintenance of a robust information security programme in alignment with regulatory requirements, industry best practices, and business objectives. The ideal candidate will have deep expertise in risk management, compliance, cybersecurity frameworks, and technology governance in a regulated financial services environment.
Key Responsibilities
* Develop, implement, and maintain security policies, standards, and procedures in line with ISO 27001, NIST, FFIEC, and other relevant frameworks.
* Ensure alignment of security strategies with business goals and regulatory obligations (e.g., FCA, PRA, GDPR, SOX, GLBA).
* Governance, Risk & Compliance: Manage the company’s information security risk register and conduct regular risk assessments.
* Lead internal and external security audits, and ensure timely remediation of findings.
* Monitor and enforce compliance with data protection regulations and cybersecurity laws.
* Incident Management: Lead incident response efforts, including detection, investigation, containment, and recovery.
* Coordinate with legal, compliance, and executive teams during security incidents or data breaches.
* Conduct post-incident reviews and implement lessons learned.
* Third-Party Risk Management: Oversee vendor security assessments and ensure third-party providers meet security requirements.
* Review and negotiate security clauses in contracts and SLAs.
* Security Operations: Oversee daily security operations including vulnerability management, access control, endpoint security, and network monitoring.
* Collaborate with IT and infrastructure teams to implement technical controls and solutions (e.g., SIEM, DLP, EDR, IAM).
* Team Leadership & Training: Build and develop a (new) information security team; manage and mentor security analysts or junior team members; drive security awareness training and phishing simulations.
* Reporting & Metrics: Prepare and deliver regular reports on security posture, incidents, and KPIs to senior leadership and regulatory bodies; advise executives on emerging threats and risk mitigation strategies.
What You’ll Get
* Extensive knowledge of UK insurance broking and MGA operations, ideally spanning Retail, Wholesale, and Underwriting.
* Significant experience in post-acquisition integration, team lift-integration, operating model design, or senior business analysis within financial services.
* Strong understanding of the UK regulatory and operational environment for insurance intermediaries (e.g. FCA requirements, TOBAs, client money, insurer relationships).
* Excellent leadership, stakeholder management, and influencing skills.
* Proven ability to operate at senior level, engaging with executives, workstream leads, and acquired company or team leadership.
* Highly analytical, structured, and comfortable handling complex operational and regulatory detail.
Personal Attributes
* Strategic and commercially astute, with the ability to balance detail with the “big picture.”
* Collaborative, approachable, and able to build trust quickly.
* Resilient and adaptable, with a practical, problem-solving approach.
* Confident in working at pace in a change-driven environment.
What To Expect
At SRG, our colleagues are at the heart of everything we do. We pride ourselves on fostering an inclusive, respectful culture—one where people feel empowered, valued, and equipped for growth. We embrace new ideas, adapt to challenges, and celebrate shared success.
We’re committed to making our recruitment process and workplace accessible to everyone. If you have a disability or require any adjustments—whether during the hiring process or in your day-to-day role—we’ll work with you to ensure you have the support you need. Just let us know how we can help.
#J-18808-Ljbffr