Information Security Risk Manager

Information Security Risk Manager – London (Hybrid) – FS – Up to £95,000 + Bonus

La Fosse has partnered with a leading global insurance firm to hire an Information Security Risk Manager. This strategic role is focused on identifying, assessing, and mitigating IT and cybersecurity risks across the business.

You will drive key risk management initiatives, working closely with stakeholders to strengthen security controls and ensure organisational resilience in a rapidly evolving threat landscape.

Key Responsibilities:

• Develop and implement IT risk management strategies, identifying vulnerabilities and prioritising risks.
• Lead end-to-end risk remediation, ensuring security enables business operations.
• Conduct risk assessments, monitor threats, and maintain control frameworks (NIST, ISO 27001, Cyber Essentials).
• Produce risk management reports and support board-level reporting.
• Collaborate with auditors, regulators, and vendors to evaluate IT controls.
• Manage vendor risk, maintain information asset registers, and drive incident management.

Requirements:

• Strong experience in Information Security, focusing on Governance, Risk, and Compliance (GRC).
• Expertise in risk frameworks (NIST, ISO 27001, Cyber Essentials) and IT policy development.
• Relevant certifications (CISA, CRISC, CISM) are highly preferred.

For more information, please apply directly