Information Security Delivery Lead - 12 Month FTC

The Information Security Delivery Lead will drive delivery of Nucleus’s Information Security and Data Governance Strategy, which aims to mature the capabilities of the business, ensure that we stay within a balanced risk appetite, improve our internal control environment, and meet our obligations to manage intolerable harm. This ‘hands on’ delivery role will help Nucleus select a few key vendors to provide the following services and then lead the implementation, working with SMEs and vendors to:

• Deploy Content Classification and Data Loss Prevention tooling across all corporate environments, crucial to enable us to manage Data Loss Prevention (DLP), retention, and ensure secure external communication.
• Mature and expand Security Operations Centre (SOC) capabilities through outsourcing, which will both expand the scope of our monitoring and provide 24/7 coverage.
• Integrate threat intelligence to enable proactive controls.

Additionally, a series of internally resourced initiatives will run in parallel, so working with our PM and SMEs to manage dependencies and resources across all initiatives will be essential. The candidate will have vendor selection and commercial negotiation experience, as well as a track record of successfully delivering Information Security change projects. The candidate will work to ensure that we deliver to quality, cost and delivery targets through bringing together cross‑functional teams and working effectively to ensure success. Initially this position is expected to be a 12‑month fixed term contract, but Nucleus is a growth business and if this engagement is successful it could lead to further opportunities.

Responsibilities

• Vendor selection:
  • Scoping services: working with SMEs and the analyst allocated to define our requirements and success criteria for vendor selection.
  • Procurement: leading the vendor selection process for each service, with input from SMEs and our Procurement and Supplier Management function.
  • Commercial negotiation: supporting the Sponsor and Business Owner to procure services effectively and to negotiate commercial agreements that protect us from unforeseen cost implications as the business grows.
• Delivery and implementation:
  • Project management: creating the delivery plan and then managing to it, ensuring a balanced focus across time, budget and quality considerations.
  • Risk, issue and dependency management: risk identification and mitigation; and issue, interdependency and resource management to ensure delivery is successful.
  • Managing third parties: to ensure they deliver to their commitments.
  • Change control: managing project scope and applying change management controls.
  • Day‑to‑day task management: of SMEs and resources allocated to the initiatives.
• Reporting and stakeholder management:
  • Managing and communicating effectively with all stakeholders: at all levels and across the business from supporting project team members to keeping the Sponsor appraised, through to reporting progress to ExCo and Board.
  • Leading Project Governance Meetings: Preparing for and then managing Working Group and Steering Group meetings.
• Budget management:
  • Managing initiatives within budget: tracking spend and forecasting costs to report progress against budget.
  • Business case development: drafting business cases for each of the services when costs are known and helping the Sponsor influence approval.
• Operational readiness and handover to BAU:
  • Ensuring business readiness: defining criteria for business readiness and working with stakeholders to ensure the business is fit and ready to take the services into BAU.
  • Project closure: ensuring a path to project completion, managing the handover to BAU and completing lessons learned and other project closure steps.

As part of working within Nucleus you will:

• Take responsibility in everything you do to deliver good outcomes for our customers.
• Positively demonstrate the Nucleus Smart, Heart and Courage values and behaviours.
• Ensure compliance with Code of Conduct at all times.

About you

An experienced delivery leader with significant change experience and a good track record of delivering Information Security and/or Data Governance change initiatives. You will provide planning, drive and contractual experience to ensure that we select and then implement services with third‑party vendors successfully and with consideration to Nucleus’s growth strategy. Your peers describe you as “A seasoned change‑delivery leader with proven success delivering Information Security initiatives, who combines strategic planning skills with hands‑on execution”. You’re someone who likes to deliver strategic solutions, who can work autonomously to drive delivery, has excellent communication skills and can deal effectively with stakeholders at all levels.

Key Competencies (Knowledge, Skills and Behaviours)

• Proven delivery experience: of large‑scale change programmes and specific experience of outsourcing Information Security and/or Data Governance services.
• Experience of sourcing and then working with outsourced partners and providers.
• Strong leadership and people management skills: with credibility and authentic style to build respect and trust at all levels.
• Project management experience: with good experience of managing interdependencies across multiple complex initiatives.
• Strategic thinking: with the ability to balance strategic thinking with hands‑on problem‑solving and provide solutions that align with business objectives.
• Excellent influencing and negotiation capabilities: capable of exerting personal influence and quickly gaining the confidence of stakeholder groups.
• A team player: able to build strong relationships, collaborate effectively with stakeholders at all levels of the organisation and role‑model Nucleus’s behaviours.
• Excellent communication and interpersonal skills: you will have excellent ability to communicate complex information in a consumable way and motivate others.
• Competent using office software: such as Excel, PowerPoint, Teams and Project.

You will be comfortable:

• Leading remote project teams: who work flexibly and across multiple locations.
• Being flexible and willing to travel as necessary: the role can be largely remote based, but the candidate must be willing to travel as and when meetings in person are considered necessary (perhaps once or twice a month) to Nucleus office locations.

Function overview that the role supports

Nucleus’s vision is to become the ‘best loved platform for advisors’ and the Architecture, Governance and Oversight function sits within Group Technology and plays a crucial role in helping us navigate a major transformation programme and a series of transitional states to achieve this; whilst in parallel ensuring that we continue to support the near‑term business strategy within the constraints of our existing solutions and capabilities. The Architecture, Governance and Oversight function is responsible for:

• Architecting scalable and innovative solutions, that support both the growth and efficiency of our business.
• Setting standards and policy to protect our business and ensure regulatory compliance.
• Ensuring Information & Cyber Security controls, both internally and across our suppliers, are sufficient and effective.
• Providing oversight of Data Governance and with Data Protection Officer responsibility.
• Defining standards for, and testing, our Operational Resilience across the business.
• Informing material decisions and ensuring good governance and oversight both internally and across our suppliers.
• Providing appropriate insight and reporting to the Leadership team and stakeholders including Board.
• Supporting the CTO to define and track progress against our strategy.
• Continuously reviewing our risk profile and effectiveness of mitigating controls.
• Working with our Finance business partner to ensure good control over expenditure, budget setting and driving efficiencies in our cost base.

A little about us

We’re the Nucleus Financial Platforms group and we help make retirement more rewarding. People come first – whether it’s our colleagues, or the advisers and customers we support, we know that working in partnership and collaboration leads to the best outcomes. Together, we’ve shaped the platform to how it is today. We work hard, and we celebrate hard too. Our ambition is to create a platform with a difference, putting the customer centre stage meant tearing up the rule book and starting from scratch. We’ve come a long way since then, but our mission remains just as focused. That’s why our culture, values, and social responsibility are things we keep at the top of our agenda – because we know they matter and have a big impact. Our culture is one of the many things that sets us apart from the pack. We want to have an environment where our people feel that they can make a real difference, know they’ll be rewarded for their efforts and more importantly, enjoy themselves at work.

Inclusion and diversity at Nucleus

As with most things in life, who cares, wins. We really care about inclusion. For us it’s not a tick box exercise; inclusion and diversity are embedded in our culture and everything we do. It’s a commercial imperative. It isn’t about being PC. It’s about being future‑relevant and durable. We owe it to ourselves and the industry to ensure we are playing our part in creating a fair, balanced and transparent financial services sector. More diversity means broader experience, a wider set of perspectives and a better collective ability to problem‑solve. And it means being more representative of customer groups, which supports areas such as product development.

At Nucleus, we offer a generous blend of benefits for the things that really matter to our people, including a non‑contributory pension, bonus, enhanced parental leave, paid time off for emergencies, health and wellbeing initiatives and flexible working options.