This Global Banking institution are looking for a passionate and driven information security manager to join a team that will ensure they secure all internal systems, data and other information systems assets helping them remain customer focused.

They are at the start of their journey to serve the UK market and transform the way financial products are perceived in the UK market. They have received regulatory approvals and are finalising the product build to launch later in the year. Central to their beliefs is that they create a transparent and interactive relationship with customers, one where the trust is earned as we embark on our journey together.

They recognise that our customers each have unique circumstances and need to make sure that they can offer them the right products on terms that are fair and transparent, with no punitive fees or hidden charges.

The Information Security Manager function will be a core part of the IT team and as the jobholder they will be looking to you to ensure we secure their systems, data and assets in an effective yet user-friendly manner.

You’ll be joining the IT operations team and will report into the Head of IT operations and security, whilst working closely with all colleagues, in the various teams across the company, from data, customer operations to design and risk.

What you’ll be doing (including but not limited to the following):

• The role will support the Head of IT operations and security and assist in meeting the team’s strategic objectives across the global business. This will involve liaising with a wide variety of internal and external stakeholders from across the business and across all levels of seniority.
• Responsibility over the Cyber Security and InfoSec Risk Management process and risk register, working under the global risk management framework.
• Document review including annual reviews of key policies;
• Managing our outsourced InfoSec services (intrusion detection and vulnerability analysis) and ensure that issues arising through the company InfoSec mailbox are appropriately monitored and allocated;
• Identify need for additional services or staff to ensure appropriate sourcing of Infosec services for our needs;
• Assist with completing RFPs and information security assesments from potential partners or customers;
• Assist with external audits of the business
• Work cross-functionally with other teams on BCP/DR policies;
• Assist with ad hoc projects as they arise.
• Experience of working in a fast-paced Information Security or IT environment;
• Strong technical knowledge of systems and firewalls;
• Flexibility in approach, and ability to manage workload with minimal supervision;
• Experience of risk management frameworks and prioritising risk activities;
• Working with a wide variety of stakeholders from across the business, and across various functions;
• Some PCI-DSS experience would be advantageous, but not critical.
• Responsible for information security to all Finance staff in the UK
• Owning and ensuring compliance of the Data Protection Act and GDPR policy and procedure across the organisation
• Lead on regular internal/external audits and penetration testing
• Drive improvements to the Information Security Management System
• Assess and identify risks, ensuring they are mitigated or remediated by working with all relevant parties
• Ensuring achievement of the ISO 27001 certification
• Present updates to the board and executive team detailing current level of security with risk levels and suggested improvements
• Ensure all projects consider the security implications throughout the project lifecycle
• Work with the IT Operations Manager to ensure the highest possible security standards are met and maintained

Experience & Qualifications required:

• Governance, Risk and Compliance (GRC) – Including ISO 27001, GDPR & ITIL.
• Management of information security and cyber risk
• Practical experience of meeting legal compliance requirements
• Experience of working within a Matrix Management environment
• Background in IT
• Exposure of working in a medium to large organisation
• Security Issue expert
• Ability to self-manage and motivate others
• Define, document and implement security policies and processes
• Excellent attention to detail
• Ability to influence, engage and communicate with stakeholders at all levels

You should apply if:

• You care deeply about helping customers make better financial choices
• You’ve been involved in a finance function

Bonus points for experience with the credit card industry, fintech startups and being certified in CISA, CRISC, CISM, CISSP, PCI-ISA or similar.

This Global Banking institution are looking for a passionate and driven information security manager to join a team that will ensure they secure all internal systems, data and other information systems assets helping them remain customer focused.

They are at the start of their journey to serve the UK market and transform the way financial products are perceived in the UK market. They have received regulatory approvals and are finalising the product build to launch later in the year. Central to their beliefs is that they create a transparent and interactive relationship with customers, one where the trust is earned as we embark on our journey together.

They recognise that our customers each have unique circumstances and need to make sure that they can offer them the right products on terms that are fair and transparent, with no punitive fees or hidden charges.

The Information Security Manager function will be a core part of the IT team and as the jobholder they will be looking to you to ensure we secure their systems, data and assets in an effective yet user-friendly manner.

You’ll be joining the IT operations team and will report into the Head of IT operations and security, whilst working closely with all colleagues, in the various teams across the company, from data, customer operations to design and risk.

What you’ll be doing (including but not limited to the following):

• The role will support the Head of IT operations and security and assist in meeting the team’s strategic objectives across the global business. This will involve liaising with a wide variety of internal and external stakeholders from across the business and across all levels of seniority.
• Responsibility over the Cyber Security and InfoSec Risk Management process and risk register, working under the global risk management framework.
• Document review including annual reviews of key policies;
• Managing our outsourced InfoSec services (intrusion detection and vulnerability analysis) and ensure that issues arising through the company InfoSec mailbox are appropriately monitored and allocated;
• Identify need for additional services or staff to ensure appropriate sourcing of Infosec services for our needs;
• Assist with completing RFPs and information security assesments from potential partners or customers;
• Assist with external audits of the business
• Work cross-functionally with other teams on BCP/DR policies;
• Assist with ad hoc projects as they arise.
• Experience of working in a fast-paced Information Security or IT environment;
• Strong technical knowledge of systems and firewalls;
• Flexibility in approach, and ability to manage workload with minimal supervision;
• Experience of risk management frameworks and prioritising risk activities;
• Working with a wide variety of stakeholders from across the business, and across various functions;
• Some PCI-DSS experience would be advantageous, but not critical.
• Responsible for information security to all Finance staff in the UK
• Owning and ensuring compliance of the Data Protection Act and GDPR policy and procedure across the organisation
• Lead on regular internal/external audits and penetration testing
• Drive improvements to the Information Security Management System
• Assess and identify risks, ensuring they are mitigated or remediated by working with all relevant parties
• Ensuring achievement of the ISO 27001 certification
• Present updates to the board and executive team detailing current level of security with risk levels and suggested improvements
• Ensure all projects consider the security implications throughout the project lifecycle
• Work with the IT Operations Manager to ensure the highest possible security standards are met and maintained

Experience & Qualifications required:

• Governance, Risk and Compliance (GRC) – Including ISO 27001, GDPR & ITIL.
• Management of information security and cyber risk
• Practical experience of meeting legal compliance requirements
• Experience of working within a Matrix Management environment
• Background in IT
• Exposure of working in a medium to large organisation
• Security Issue expert
• Ability to self-manage and motivate others
• Define, document and implement security policies and processes
• Excellent attention to detail
• Ability to influence, engage and communicate with stakeholders at all levels

You should apply if:

• You care deeply about helping customers make better financial choices
• You’ve been involved in a finance function

Bonus points for experience with the credit card industry, fintech startups and being certified in CISA, CRISC, CISM, CISSP, PCI-ISA or similar.