TL;DR

Information Security GRC Manager (Cybersecurity): Managing and reporting information security risks, developing policies, and supporting audit and compliance activities with an accent on regulatory adherence and risk mitigation. Focus on coordinating security controls, risk profiling, and third-party security evaluations within a financial services environment.

Location: Hybrid in Manchester or London, United Kingdom

Company

AJ Bell is a FTSE 250 investment platform business headquartered in the UK, offering award-winning financial solutions to over 644,000 customers.

What you will do

  • Develop and deliver information security policies aligned with ISO27001/2 and other frameworks.
  • Manage exception to policy processes and report on information security status and change programs.
  • Partner with business and technology teams to track remediation plans for identified risks.
  • Evaluate security posture of key third parties and undertake risk profiling of information and technology assets.
  • Support coordination and response to internal/external IT audits and due diligence exercises.
  • Ensure protection of customers and support regulatory compliance including consumer duty.

Requirements

  • Location: Must be able to work hybrid from Manchester or London, UK
  • Minimum 5 years’ experience in information security, preferably in financial services.
  • Strong knowledge of information security risk management tools, standards (ISO27001, NIST), and IT general controls.
  • Effective communication skills and ability to work independently and in fast-paced environments.
  • Attained or working towards CISM certification.

Culture & Benefits

  • Competitive salary and discretionary bonus scheme.
  • Generous holiday entitlement with buy/sell scheme.
  • Pension schemes with matched contributions up to 8%.
  • Health cash plan, private healthcare, dental plan, and employee assistance program.
  • Free gym, bike loan scheme, and various social events.
  • Hybrid working model with initial full-time office onboarding period.
  • Personal development programs and casual dress code.