Job Description
We’re recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting information security risks across Technology Services and the wider business. You’ll work closely with stakeholders to ensure appropriate controls, policies, and procedures are in place, aligned to industry best practice and regulatory requirements. You’ll also support internal and external audits, as well as due diligence activities with partners and suppliers.
Key responsibilities
- Develop and maintain information security policies aligned to recognised frameworks (e.g. ISO27001/2)
- Manage and report on policy exceptions
- Produce management reporting on information security and change programmes
- Partner with business and technology teams to track remediation of risks and issues
- Support the assessment of third‑party security posture
- Undertake risk profiling of information and technology assets
- Support audit activity and supplier due diligence processes
- Ensure all activities support customer protection and regulatory requirements, including Consumer Duty
Technical skills
- Strong knowledge of information security risk management tools and techniques
- Experience with security frameworks and standards
- Understanding of the threat landscape
- Awareness of security technologies (e.g. SIEM, endpoint protection, email/web gateways)
- Knowledge of IT General Controls frameworks
- Awareness of operational risk and RCSA processes
Skills and Experience
- Experience working within frameworks such as ISO27001, NIST or similar
- Ideally 5+ years’ experience in an information security role within financial services
- Strong attention to detail and ownership of tasks
- Confident challenging approaches to improve security outcomes
- Self‑motivated, organised, and able to work independently
- Strong communication skills
- Ability to manage multiple priorities in a fast‑paced environment
- CISM certification (achieved or in progress) preferred
What We Offer
- 27 days holiday, increasing with service + buy/sell scheme + bank holidays
- 8% Pension with matched contributions
- Discretionary bonus scheme
- Share schemes (including free shares and BAYE)
- Health Cash Plan and discounted private healthcare
- Free onsite gym
- Enhanced family leave (subject to qualifying criteria)
- Travel and bike loan schemes
- Employee Assistance Programme
Our Ways of Working
We offer hybrid working, with a minimum of 50% of your working time per month spent in the office. For new starters, there’s an initial period of full‑time office working to help you settle in and build relationships.
Inclusion & Diversity
We’re committed to creating an inclusive environment where everyone feels respected and able to be themselves at work. We welcome applications from all backgrounds and make hiring decisions based on skills, experience and potential.
#J-18808-Ljbffr