Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and shape the GRC function, ensuring compliance and security across operations.
- Company: Join a global financial group focused on secure trading and banking operations.
- Benefits: Enjoy a competitive salary, bonus, hybrid work, and a training budget for certifications.
- Why this job: Make a real impact in a collaborative environment while mentoring a growing InfoSec team.
- Qualifications: 5+ years in InfoSec with relevant certifications and strong cloud security knowledge required.
- Other info: Opportunity to influence U.S. banking expansion and enhance security culture.
The predicted salary is between 60000 - 84000 £ per year.
Job Description
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
- £70–80k base + 10% bonus
- Hybrid in London
- Training budget for certifications + conference attendance
- Strong emphasis on professional autonomy and ethical leadership
A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.
This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You'll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.
What you’ll bring:
- 5+ years in InfoSec, IT Security or Ops within a regulated environment
- Certification required: CISSP, CISM, CRISC, or equivalent
- Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
- Confident with security risk assessments, audit responses, and policy governance
- Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
- Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
- Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice
What you’ll be doing:
- GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
- Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
- Security awareness & training: manage phishing simulations and content using Proofpoint
- Security architecture reviews: support technical assessments of new systems and services
- Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
- Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
- Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews
Tech & tools you’ll use:
- Protecht – Enterprise risk and audit management
- Panorays – Third-party risk tooling
- Rapid7 / Armis – Vulnerability management and threat detection
- Proofpoint – Phishing and awareness platform
- Microsoft Purview – Data governance and compliance
- Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
Information Security Manager employer: Prism Digital
Contact Detail:
Prism Digital Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as ISO27001 and SOC2. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and readiness for the role.
✨Tip Number 2
Showcase your hands-on experience with cloud security, particularly with Azure. Prepare examples of how you've managed security risks in cloud environments, as this is a key aspect of the role.
✨Tip Number 3
Highlight your leadership and mentorship skills. Be ready to discuss instances where you've guided junior analysts or led teams, as this will be crucial for the managerial aspect of the position.
✨Tip Number 4
Research the company’s recent projects or initiatives, especially related to U.S. banking operations. This knowledge will allow you to engage in meaningful conversations during interviews and show your genuine interest in their work.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, particularly focusing on your knowledge of ISO27001, SOC2, and cloud security. Use specific examples that demonstrate your hands-on experience and leadership skills.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your background aligns with the responsibilities outlined in the job description, especially your experience with GRC functions and mentoring teams.
Highlight Certifications: Clearly list your relevant certifications such as CISSP, CISM, or CRISC in both your CV and cover letter. This will help demonstrate your qualifications and commitment to the field of Information Security.
Showcase Soft Skills: Mention your ability to mentor and lead teams, as well as your comfort with complexity and communication skills. These soft skills are crucial for the role and should be evident in your application materials.
How to prepare for a job interview at Prism Digital
✨Showcase Your Certifications
Make sure to highlight your relevant certifications like CISSP, CISM, or CRISC during the interview. These qualifications are crucial for the role and demonstrate your commitment to information security.
✨Demonstrate Hands-On Experience
Be prepared to discuss your hands-on experience with cloud security, particularly with Azure. Share specific examples of how you've managed security risk assessments and compliance in previous roles.
✨Prepare for Technical Questions
Expect technical questions related to ISO27001, SOC2, and other compliance frameworks. Brush up on these topics and be ready to explain how you would maintain audit readiness and improve security posture.
✨Emphasise Leadership and Mentorship Skills
Since this role involves mentoring junior analysts, be sure to discuss your leadership style and any previous mentoring experiences. Highlight how you can guide a team while maintaining high-integrity InfoSec practices.
