Mandarin speaking Information Security Manager (Banking) in London

The Skills You'll Need:

• Fluent in Mandarin and English, with working experience in Information Security / Cyber Security / IT Risk Management

Your New Salary: Competitive depending on experience

Location: Central London

Job Status: Permanent, office based

Summary:

The Information Security Manager is responsible for establishing, maintaining and improving the bank’s information security framework to protect the confidentiality, integrity, and availability of information assets, particularly for the London Branch. The role develops and oversees security policies, strategies, and controls in line with internal governance, UK regulatory requirements, and industry best practices.

Operating as a “1.5 Line of Defence” within the IT function, the role provides independent security risk oversight, challenges the effectiveness of IT security controls, and supports regulatory compliance and operational resilience.

Information Security Manager - What You'll be Doing Each Day:

• Information Security Governance

• Upgrade and maintain the Branch’s information security policies, standards and procedures in line with Head Office policies and regulatory requirements.
• Upgrade and maintain an effective information security governance framework within the Branch.
• Ensure information security policies and procedures are properly implemented and periodically reviewed.

• Identify, assess and monitor information security risks affecting the Branch.
• Maintain the information security risk register and ensure appropriate mitigation measures are implemented.
• Provide information security risk reporting to senior management.

• Provide oversight and challenge to the implementation of information security controls performed by the IT team.
• Monitor the effectiveness of technical and procedural security controls across systems, infrastructure and applications.
• Coordinate periodic security reviews and internal control assessments.

• Oversee cyber security measures including vulnerability management, access control, security monitoring and incident detection.
• Ensure regular vulnerability assessments, security reviews and penetration testing are conducted.

• Establish and maintain procedures for managing information security incidents.
• Coordinate investigation, response and reporting of cyber security incidents.

• Support the Branch’s operational resilience framework from an information security perspective.
• Participate in disaster recovery planning, cyber security exercises and resilience testing.

• Assess information security risks associated with third-party service providers and outsourcing arrangements.
• Ensure information security requirements are incorporated into vendor management and outsourcing governance processes.

• Ensure compliance with applicable UK regulatory expectations relating to information security, cyber risk and operational resilience.
• Support regulatory reviews, internal audit and external audit activities.

• Promote information security awareness across the Branch.
• Organise information security training and awareness programmes for staff.

• Perform any other duties as required by the line manager or Senior Management.

Information Security Manager - The Skills You'll Need to Succeed:

• Excellent verbal and written communication and presentation skills in Mandarin and English.
• Master’s degree or above in Information Security, Computer Science, Information Technology or a related discipline.
• Professional certifications such as CCIE, HCIE, CISSP, CISM, CISA or ISO27001 Lead Implementer are highly desirable.
• Relevant experience in network, information security, cyber security or IT risk management, preferably within the financial services industry.
• Experience in developing and implementing information security governance frameworks.
• Strong understanding of information security standards and frameworks such as ISO 27001, NIST Cybersecurity Framework or CIS Controls.
• Good knowledge of UK regulatory expectations related to cyber security, operational resilience and outsourcing risk.
• Understanding of banking IT environments including networks, applications and infrastructure security.
• Strong analytical and risk assessment skills.
• Ability to communicate effectively with both technical teams and senior management.
• Ability to coordinate incident response and cross-departmental collaboration.
• High level of integrity and professionalism.
• Strong risk awareness and sense of responsibility.
• Ability to work effectively in a regulated banking environment.

We would be grateful if you could send your CV as a Word document. If your application is successful, you will be contacted within 7 days. We regret that due to the high volume of applications we receive we cannot provide feedback on individual CVs. Please note that we can only consider candidates who are eligible to work in the UK and are able to provide relevant supporting documentation.

People First is committed to increasing diversity, and maintaining an inclusive workplace culture. We welcome applications from all qualified candidates regardless of their ethnicity, race, gender, religious beliefs, sexual orientation, age, marital status or whether or not they have a disability.

People First (Recruitment) Limited acts as an employment agency for permanent and fixed term contract recruitment and as an employment business for the supply of temporary workers. Please note that by applying for this job you accept our Terms of Use and Privacy Policy which can be found on our website.