Head of Information Security & IT Risk in Manchester

Head of Information Security & IT Risk in Manchester

Manchester Full-Time No working from home possible
B

Head of Information Security & IT Risk - Manchester or London: Up to £90,000pa plus Performance Bonus & Benefits.

Bibby Financial Services are growing, and we’re looking for a Head of Information Security & IT Risk to join our team. The Head of Information Security and IT Risk is responsible for leading the development and execution of the organisation’s information security and IT risk strategy. This includes ensuring the protection of systems, data, and operations against cyber threats and technology-related risks. The role oversees a team of specialists and works across IT, compliance, and business functions to embed robust security and risk practices. It ensures effective governance, continuous improvement, and alignment with regulatory requirements and enterprise risk frameworks.

What you'll be doing:

  • Lead and develop the Information Security & IT Risk team
  • Identify, assess, and manage IT-related risks including security, operational, development, delivery, supplier, compliance, and strategic risks.
  • Perform and support risk assessments for new systems, projects, and third-party vendors.
  • Ensure compliance with relevant standards, regulations, and frameworks.
  • Oversee the deployment and operation of security tools and technologies (e.g., firewalls, SIEM, endpoint protection, zero-trust technologies).
  • Manage penetration testing and other assurance activities, including remediation of findings.
  • Lead incident response planning and investigation of security breaches, ensuring timely resolution and reporting.
  • Act as the primary point of contact for all information security and IT risk matters.
  • Provide regular reporting to senior and executive management on security posture and risk status.
  • Promote a culture of security awareness and compliance across the organisation.
  • Design and deliver security awareness training programmes for staff.

Who are we looking for?

  • Proven experience in information security and IT risk management, preferably within financial services or other regulated industries.
  • Strong leadership background, with experience managing and developing high-performing teams in complex environments.
  • Deep understanding of cyber security principles, IT risk frameworks, and operational resilience practices.
  • Demonstrated ability to design and implement security strategies, policies, and controls aligned with business and regulatory requirements.
  • Hands-on experience with security technologies such as firewalls, SIEM, endpoint protection, and vulnerability management tools.
  • Skilled in conducting risk assessments, managing IT risk registers, and overseeing assurance activities including penetration testing and incident response.
  • Familiarity with relevant standards and frameworks (e.g. ISO 27001, NIST, COBIT, GDPR, DORA).
  • Strong stakeholder engagement skills, with the ability to influence and communicate effectively at C-level.
  • Experience supporting internal and external audits, regulatory reviews, and cross-functional collaboration.
  • Track record of promoting security awareness and embedding best practices across an organisation.

What you’ll get in return:

  • 25 days’ holiday plus bank holidays, increasing with service, with buy/sell options
  • Performance Bonus
  • Hybrid working
  • Private healthcare for you and your family
  • Company pension scheme
  • Flexible benefits (gym membership, tech, health assessments and more)
  • Access to an online wellbeing centre
  • Discounts with a wide range of retailers
  • Plus, much more!

We're absolutely committed to being a truly inclusive place to work, where everyone has an equal opportunity to reach their true potential. Let us know if you need adjustments to support you through any stage of the Recruitment process.

#J-18808-Ljbffr
B

Contact Details:

Bibby Financial Services Ltd Recruitment Team