Information Security Manager - Financial Services

Information Security Manager - Financial Services

Excellent opportunity opens for an Information Security Manager to join a growing Financial Services' entity's London office in a crucial role. The Information Security Manager will play a crucial role in protecting the confidentiality, integrity, and availability of our systems and data. You'll work across the business to support secure delivery of projects, conduct thorough risk assessments, oversee third-party security engagements, and contribute to shaping our evolving security posture. This is a hands-on role ideal for someone who enjoys both strategic thinking and rolling up their sleeves to get things done.

Responsibilities:

• Security in Projects: Advise and support project teams to embed security best practices throughout the project life cycle.
• Penetration Testing and Vulnerability Management: Scope, manage, and track remediation of penetration testing and vulnerability assessments. Management vulnerability reporting.
• Application Security: Maintain application security processes, standards and guidelines. Translate application security policies into security requirements. Must have good experience in application security.
• Risk Assessments: Conduct and document security risk assessments on changes, threats, vulnerabilities, and new initiatives.
• Third-Party Risk: Perform third-party vendor risk assessments and ongoing security reviews. Solution Due Diligence: Assist in identifying and assessing new security technologies and vendors.
• Incident Management: Lead or support the response to security incidents, including investigation, containment, root cause analysis, and reporting. Work with internal teams to continuously improve incident response processes.
• Security Frameworks: Support compliance and alignment with ISO 27001, Cyber Essentials, SWIFT, NIST and other relevant frameworks. Must have some previous experience in regulatory compliance.
• Stakeholder Communication: Communicate effectively with various stakeholders including engineers, product managers, operations team, senior management, and auditors about the information security posture, risks, and mitigation strategies.

Qualifications

• Minimum of 8 years' experience in information security roles, ideally in the financial sector.
• Bachelor's degree or higher in Computer Science or equivalent industry experience
• CISSP certification required; additional certifications (eg CEH, OSCP, AWS Security) are a plus. Preferred but not essential
• Must have a strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps).
• Must have in depth experience with threat analysis and incident response.
• Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT frameworks.
• Hands-on, pragmatic approach with the ability to operate in a lean, fast-paced environment.
• Excellent communication skills, with the ability to engage both technical and non-technical stakeholders.
• Innovative mindset with a passion for staying current in the ever-evolving cyber landscape.
• Experience working in or with regulated financial institutions is desirable.

Interested? Please Apply!

InfoSec Manager Info Sec Manager Information Security Manager Cyber Security Manager FX Payments Secure Delivery Business Bank Banking Finance Financial Institutions Risk Assessments Systems Data third-part security Security Posture Penetrating Testing Vulnerability Assessments Application Security Security Frameworks Software Development ISO 27001 Cyber Essentials SWIFT NIST Regulatory Compliance Mitigation Strategies CISSP CEH OSCP AWS Security OWASP SDLC DevSecOps SOC 2