Information Security GRC Manager

Information Security GRC Manager
We\’re now recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting the Information Security Risks faced by Technology Services and Business teams in delivering AJ Bell’s systems and services.

The Information Security GRC Manager works with the business and the wider information security team to ensure appropriate controls, policies and procedures protect AJ Bell in line with industry best practice and regulatory legislation. The role also supports coordination and response to activities affiliated with external/internal IT audits, due diligence exercises requested by our external business partners, and those performed on our suppliers.

Key Responsibilities

• Development and delivery of information security policy aligned to industry recognised frameworks (typically ISO27001/2)
• Exception to policy process management and reporting
• Management reporting on the status of Information Security and the security change programme.
• Partner with Business and Technology teams to develop and track remediation plans for identified risks and issues.
• Support and develop the evaluation of the security posture for key Third Parties to ensure they meet AJ Bell’s desired security posture.
• Undertake risk profiling of AJ Bell’s information and technology assets.
• Ensure all duties protect customers and improve customer experience.
• Enable the business to achieve its regulatory requirements, including consumer duty.

Technical Skills

• Strong understanding of Information Security risk management tools and techniques
• Experience of Information Security standards and frameworks
• Awareness and understanding of the Information Security threat landscape
• Familiarity with Information Security solutions (e.g., email/web gateways, SIEM, Endpoint protection)
• Strong understanding of IT General Controls frameworks
• Awareness of Operational Risk Management and RCSA processes

Competence, Knowledge & Skills

• Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc.
• Minimum 5 years’ experience in an Information Security role gained in a financial services environment is preferred.
• Self‑motivated, professional, tenacious and enthusiastic.
• Strong ownership of tasks, attention to detail and ability to follow through to conclusion.
• Ability to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improved.
• Works independently to plan and communicate effectively with colleagues and customers.
• Structured, self‑starting, flexible and enjoys working in fast‑paced environments.
• Effective communication skills, both written and verbal.
• Ability to plan, organise and follow through on assigned tasks with little or no prompting from management.
• Ability to learn and develop new skills and take on new challenges.
• Excellent attention to detail.
• Attained or working towards CISM certification.

About Us

AJ Bell is one of the fastest‑growing investment platform businesses in the UK, offering an award‑winning range of solutions for professionals and DIY investors alike. We have over 644,000 customers and manage assets totalling more than £103.3 billion. Our London‑based company is a FTSE 250 and headquartered in Manchester with offices in central London and Bristol. AJ Bell is named one of the UK’s Best 100 Companies to Work For for six consecutive years and was named a Great Place to Work® in 2024.

Benefits

• Competitive starting salary
• Starting holiday entitlement of 27 days, increasing up to 31 with length of service, plus a holiday buy‑and‑sell scheme
• Pension schemes with matched contributions up to 8%
• Discretionary bonus scheme
• Annual free share awards scheme
• Buy As You Earn (BAYE) Scheme
• Health Cash Plan (Simply Health)
• Discounted private healthcare and dental plan
• Free gym access
• Employee Assistance Programme
• Bike loan scheme
• Sick pay pledge
• Enhanced maternity, paternity and shared parental leave
• Travel season ticket loans
• Death in service scheme
• Paid time off for volunteer work
• Charitable giving opportunities via salary sacrifice
• Social events calendar (payday drinks, Christmas party, summer party, etc.)
• Personal development programmes and workshops, monthly leadership breakfasts and lunches
• Casual dress code
• Sponsored benefits from partner programmes

Hybrid Working

The role supports a hybrid working model: 3–4 days per week in the office. New team members spend the first three months full‑time in the office to immerse themselves in the business and build relationships.

Equality & Diversity

AJ Bell is committed to a respectful environment where equal employment opportunities are available to all applicants and employees. We do not discriminate on the basis of race, sex, gender identity, sexual orientation, age, pregnancy, religion, disability, marital status or any other protected characteristic. All hiring decisions are based on qualifications, merit and business need.

Apply

If you’re interested, we’d love to speak to you.