Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and shape the GRC function, ensuring compliance and security across operations.
- Company: Join a global financial group focused on secure banking operations and ethical leadership.
- Benefits: Enjoy a hybrid work model, training budget for certifications, and a 10% bonus.
- Why this job: Be part of impactful projects in a strong security culture with mentorship opportunities.
- Qualifications: 5+ years in InfoSec with relevant certifications like CISSP or CISM required.
- Other info: Hands-on role with real scope to influence security practices and team development.
The predicted salary is between 56000 - 84000 £ per year.
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
- £70–80k base + 10% bonus
- Hybrid in London
- Training budget for certifications + conference attendance
- Strong emphasis on professional autonomy and ethical leadership
A newly created opportunity to lead and shape the GRC function of a global financial group at a pivotal time, supporting the secure rollout of U.S. banking operations, driving ISO27001 and SOC2 maturity, and mentoring an evolving InfoSec team.
This is a hands-on manager-level role with real scope: oversight of policy, third-party risk, architectural reviews, and cloud compliance. You\’ll work closely with the Head of InfoSec to maintain audit readiness, improve security posture, and influence business-wide awareness and accountability.
What you’ll bring:
- 5+ years in InfoSec, IT Security or Ops within a regulated environment
- Certification required: CISSP, CISM, CRISC, or equivalent
- Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA
- Confident with security risk assessments, audit responses, and policy governance
- Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model
- Comfort with complexity: able to analyze architecture, track metrics, and translate acronyms into actionable plans
- Mentorship ability: ready to step up, guide analysts, and model high-integrity InfoSec practice
What you’ll be doing:
- GRC ownership: maintain ISO27001 and SOC2 certifications, policies, and the Information Security Management System
- Third-party risk management: oversee supplier assessments, support junior analysts, and guide reviews via Panorays
- Security awareness & training: manage phishing simulations and content using Proofpoint
- Security architecture reviews: support technical assessments of new systems and services
- Data protection & cloud security: drive governance for Azure, Purview, and shared responsibility models
- Team leadership: mentor two analysts and deputize for the Head of InfoSec when required
- Project support: direct InfoSec involvement in the U.S. banking expansion and business unit reviews
Tech & tools you’ll use:
- Protecht – Enterprise risk and audit management
- Panorays – Third-party risk tooling
- Rapid7 / Armis – Vulnerability management and threat detection
- Proofpoint – Phishing and awareness platform
- Microsoft Purview – Data governance and compliance
- Azure & AWS – Cloud IAM, encryption, monitoring (Sentinel experience valued)
Why this role?
- High-impact GRC project work tied to new market expansion
- Strong internal security culture: backed by a collaborative team and engaged InfoSec leadership
- A clear opportunity to stretch across awareness, compliance, and operational domains
Information Security GRC Manager | ISO27001, SOC2, Azure Security | Global Trading Platform
Information Technology Governance Manager employer: Prism Digital
Contact Detail:
Prism Digital Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Technology Governance Manager
✨Tip Number 1
Network with professionals in the InfoSec and GRC fields. Attend industry conferences or local meetups to connect with others who may have insights into the role or even know about openings at StudySmarter.
✨Tip Number 2
Familiarise yourself with the specific tools mentioned in the job description, such as Protecht, Panorays, and Proofpoint. Having hands-on experience or knowledge of these platforms can set you apart during discussions.
✨Tip Number 3
Prepare to discuss your experience with ISO27001 and SOC2 in detail. Be ready to share specific examples of how you've maintained certifications or improved security postures in previous roles.
✨Tip Number 4
Showcase your mentorship skills by preparing examples of how you've guided junior team members in the past. This will demonstrate your leadership potential and fit for the role at StudySmarter.
We think you need these skills to ace Information Technology Governance Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in InfoSec, IT Security, and governance. Emphasise your certifications like CISSP, CISM, or CRISC, and detail your hands-on experience with ISO27001 and SOC2.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your background aligns with the responsibilities of GRC ownership and team leadership, and mention specific projects or achievements that demonstrate your capabilities.
Showcase Relevant Skills: Highlight your knowledge of security frameworks such as NIST CSF, PCI DSS, and GDPR. Provide examples of your experience with cloud security, particularly with Azure, and your ability to conduct risk assessments and policy governance.
Prepare for Technical Questions: Anticipate technical questions related to security architecture reviews and third-party risk management. Be ready to discuss your approach to maintaining audit readiness and improving security posture, as well as your mentorship experience with junior analysts.
How to prepare for a job interview at Prism Digital
✨Showcase Your Technical Knowledge
Make sure to brush up on your knowledge of ISO27001, SOC2, and cloud security, particularly with Azure. Be prepared to discuss how you've applied these standards in previous roles and how they relate to the responsibilities of the position.
✨Demonstrate Leadership Skills
Since this role involves mentoring analysts and leading a GRC function, be ready to share examples of how you've successfully led teams or projects in the past. Highlight your ability to guide others and foster a strong security culture.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios, such as handling third-party risk assessments or responding to audit findings. Think of specific situations where you made a significant impact and be ready to explain your thought process.
✨Emphasise Your Ethical Leadership
This role places a strong emphasis on ethical leadership. Be prepared to discuss your approach to maintaining integrity in information security practices and how you would promote accountability within the team and across the organisation.
