Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and shape the GRC function, ensuring compliance and security across operations.
- Company: Join a global trading platform focused on secure banking operations and ethical leadership.
- Benefits: Enjoy a hybrid work model, training budget, and a 10% bonus.
- Why this job: Be part of impactful projects while mentoring a dynamic InfoSec team in a supportive culture.
- Qualifications: 5 years in InfoSec with certifications like CISSP or CISM; strong knowledge of ISO27001 and SOC2.
- Other info: Opportunity for professional autonomy and involvement in U.S. banking expansion.
The predicted salary is between 60000 - 84000 £ per year.
Job Description
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
- £70–80k base + 10% bonus
- Hybrid in London
- Training budget for certifications + conference attendance
- Strong emphasis on professional autonomy and ethical leadership
A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.
This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.
What you’ll bring:
- 5+ years in InfoSec, IT Security or Ops within a regulated environment
- Certification required: CISSP, CISM, CRISC, or equivalent
- Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
- Confident with security risk assessments, audit responses, and policy governance
- Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
- Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
- Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice
What you’ll be doing:
- GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
- Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
- Security awareness & training: manage phishing simulations and content using Proofpoint
- Security architecture reviews: support technical assessments of new systems and services
- Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
- Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
- Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews
Tech & tools you’ll use:
- Protecht – Enterprise risk and audit management
- Panorays – Third-party risk tooling
- Rapid7 / Armis – Vulnerability management and threat detection
- Proofpoint – Phishing and awareness platform
- Microsoft Purview – Data governance and compliance
- Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
Information Security Manager employer: Prism Digital
Contact Detail:
Prism Digital Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Familiarise yourself with the specific frameworks and standards mentioned in the job description, such as ISO27001 and SOC2. Being able to discuss these in detail during your interview will demonstrate your expertise and readiness for the role.
✨Tip Number 2
Showcase your hands-on experience with cloud security, particularly with Azure. Prepare examples of how you've managed security in cloud environments, as this is a key aspect of the role.
✨Tip Number 3
Highlight your mentorship skills and any experience you have in leading teams or guiding junior analysts. This will be crucial as the role involves mentoring and stepping in for the Head of InfoSec.
✨Tip Number 4
Network with professionals in the InfoSec community, especially those who have experience in GRC roles. Engaging with others can provide insights and potentially lead to referrals, increasing your chances of landing the job.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, particularly focusing on your knowledge of ISO27001, SOC2, and cloud security. Use specific examples that demonstrate your hands-on experience and leadership abilities.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your background aligns with the responsibilities outlined in the job description, especially your experience with GRC ownership and team mentorship.
Highlight Certifications: Clearly list your relevant certifications such as CISSP, CISM, or CRISC in both your CV and cover letter. This will help demonstrate your qualifications and commitment to professional development in the field of Information Security.
Showcase Soft Skills: Emphasise your soft skills, particularly your ability to mentor and lead a team. Provide examples of how you've successfully guided junior analysts or influenced security culture within an organisation, as this is crucial for the role.
How to prepare for a job interview at Prism Digital
✨Showcase Your Technical Knowledge
Be prepared to discuss your experience with ISO27001, SOC2, and cloud security, particularly with Azure. Highlight specific projects where you've implemented these frameworks or technologies, as this will demonstrate your hands-on expertise.
✨Demonstrate Leadership Skills
Since this role involves mentoring analysts and leading the GRC function, be ready to share examples of how you've successfully guided teams in the past. Discuss your approach to ethical leadership and how you foster a strong security culture.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world situations. Think about challenges you've faced in InfoSec, such as managing third-party risks or responding to audits, and how you navigated those scenarios.
✨Understand the Company’s Security Posture
Research the company's current security initiatives and any recent news related to their operations. This knowledge will allow you to tailor your responses and show genuine interest in their mission and values during the interview.
