We’re recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting information security risks across Technology Services and the wider business. You'll work closely with stakeholders to ensure appropriate controls, policies, and procedures are in place, aligned to industry best practice and regulatory requirements. You'll also support internal and external audits, as well as due diligence activities with partners and suppliers.
Responsibilities
* Develop and maintain information security policies aligned to recognised frameworks (e.g. ISO27001/2)
* Manage and report on policy exceptions
* Produce management reporting on information security and change programmes
* Partner with business and technology teams to track remediation of risks and issues
* Support the assessment of third‑party security posture
* Undertake risk profiling of information and technology assets
* Support audit activity and supplier due diligence processes
* Ensure all activities support customer protection and regulatory requirements, including Consumer Duty
Qualifications
* Strong knowledge of information security risk management tools and techniques
* Experience with security frameworks and standards
* Understanding of the threat landscape
* Awareness of security technologies (e.g. SIEM, endpoint protection, email/web gateways)
* Knowledge of IT General Controls frameworks
* Awareness of operational risk and RCSA processes; experience working within frameworks such as ISO27001, NIST or similar
* Ideally 5+ years’ experience in an information security role within financial services
* Strong attention to detail and ownership of tasks
* Confident in challenging approaches to improve security outcomes
* Self‑motivated, organised, and able to work independently
* Strong communication skills
* Ability to manage multiple priorities in a fast‑paced environment
* CISM certification (achieved or in progress) preferred
Benefits
* 27 days holiday, increasing with service + buy/sell scheme + bank holidays
* 8% pension with matched contributions
* Discretionary bonus scheme
* Share schemes (including free shares and BAYE)
* Health cash plan and discounted private healthcare
* Free onsite gym
* Enhanced family leave (subject to qualifying criteria)
* Travel and bike loan schemes
* Employee assistance programme
Working Arrangement
We offer hybrid working, with a minimum of 50% of your working time per month spent in the office. For new starters, there’s an initial period of full‑time office working to help you settle in and build relationships.
#J-18808-Ljbffr