Information Security Manager (Fixed Term Contract)

About the role

Are you an experienced Information Security Manager looking for your next big challenge? Want to lead a talented team and shape the future of security at ARAG?

If you are enthusiastic about combining strategy with hands‑on technical know‑how, this role is for you!

You will take the lead on our information security operations, setting the direction for everything security related. From developing and implementing frameworks that meet ISO27001:2022 and ARAG Group standards to directly managing a high‑performing InfoSec team, you will make sure security‑first thinking is embedded across the business.

Working closely with Digital Services and other teams to keep us resilient, agile, and ahead of emerging threats, your role will cover everything from driving compliance programmes, assessing risk and building scalable frameworks to leading vulnerability testing and incident response across the UK, Canada, and Ireland making this a global opportunity! You will also present strategic insights to senior leadership, champion secure‑by‑design principles, and represent ARAG in technical forums. You will manage the team and other colleagues in keeping ARAG secure, resilient, and ahead of the game when it comes to all aspects of Information Security.

At ARAG, you’ll be part of a welcoming and professional team that values collaboration and continuous development. We invest in our people and embrace innovative technologies, ensuring your skills remain current and your career continues to progress. If you’re seeking an environment where teamwork and forward‑thinking go hand in hand, ARAG is the place for you!

Hear more from our brilliant IT Security Team:

The team at ARAG is incredibly friendly, helpful, and professional. There are plenty of opportunities to develop your skills, and the business genuinely invests in its people. I really enjoy working alongside motivated and driven individuals – ARAG has that in abundance. I love the culture here. ARAG is forward‑thinking and embraces cutting‑edge technologies, which means my skills stay current and I continue to grow as an employee. There’s also a strong emphasis on open dialogue, so we work closely as a team to achieve our goals.

Responsibilities

You will be a proactive leader who thrives at the intersection of tech, governance, and collaboration. You know your stuff when it comes to modern security frameworks and technologies and are confident influencing everyone from engineers to execs changing your tone as needed. You will be able to dive into technical challenges alongside your team and not be afraid to be hands‑on. You will have deep expertise in ISO27001:2022, NIST CSF, Cyber Essentials, and OWASP principles, plus firsthand experience with SIEM, IDS/IPS, IAM, NAC, patch management as well as anti‑malware tools. A strong grasp of incident response, vulnerability management, and Zero Trust architecture is essential, along with familiarity with cloud platforms like Azure and SaaS. Excellent communication skills are a must, you will need to translate complex security topics into clear, actionable insights for both technical and non‑technical colleagues across the business. It’s great if you also have CISSP certification and/or ISO/IEC 27001 Lead Implementer or Auditor credentials as well as a desire to deepen expertise through continuous development. As a team we are passionate and enthusiastic about what we do. Our people are encouraged to think independently and to take ownership of their work.

Qualifications

You will have deep expertise in ISO27001:2022, NIST CSF, Cyber Essentials, and OWASP principles, plus firsthand experience with SIEM, IDS/IPS, IAM, NAC, patch management as well as anti‑malware tools. A strong grasp of incident response, vulnerability management, and Zero Trust architecture is essential, along with familiarity with cloud platforms like Azure and SaaS. Excellent communication skills are a must, you will need to translate complex security topics into clear, actionable insights for both technical and non‑technical colleagues across the business. It’s great if you also have CISSP certification and/or ISO/IEC 27001 Lead Implementer or Auditor credentials as well as a desire to deepen expertise through continuous development.

Benefits

• 27 days holiday with the option to buy up to a further 5 days.
• Private Medical Insurance
• Company pension scheme with the option to increase contributions.
• Group Income Protection for all employees.
• Group legal protection for all levels.
• Motor and Home Emergency Assistance
• Inclusion in our Health cash plan
• Salary sacrifice benefits including cycle to work scheme.
• Membership of our Sports and Social club which includes discounted events such as theatre or shopping trips!

Application

If you think you would be a good match for this role and can demonstrate some transferable experience please apply, regardless of whether you meet all the criteria listed above.