Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the implementation of security frameworks and manage cyber risk across the business.
- Company: Join a reputable financial services firm investing in their Information Security team.
- Benefits: Enjoy a fully remote role with a competitive salary and additional benefits.
- Why this job: Be part of a dynamic team focused on enhancing security culture and mitigating risks.
- Qualifications: Proven experience in Information Security, with relevant certifications like CRISC or CISSP.
- Other info: Opportunity to work with cutting-edge technology in a supportive environment.
The predicted salary is between 60000 - 84000 £ per year.
Job Title: Information Security Manager
Location: Manchester – Fully Remote
Salary: £75,000 – £80,000 + benefits
Are you an experienced Information Security Manager with a strong technical security background and a strong GRC focus? If so, this could be the ideal opportunity for you. My client, a specialist financial services business with an excellent reputation, is currently investing within their Information/Cyber Security team. As part of this investment, they are looking to hire a Technical Information Security Manager to join the team.
Reporting into the Group Head of Information Security you will work as part of their Information Security governance and oversight team. This technically focused role includes delivering their Information Security services (such as consultancy, assurance reviews and risk management) and providing governance and oversight across the business to effectively manage Information Security and Cyber risk. The role will suit someone with a strong technical security knowledge who also has a strong focus towards governance, risk and compliance.
Key responsibilities
- You\’ll play a key part in the implementation and maintenance of established control frameworks such as ISO27001 and PCI-DSS and other relevant security frameworks, including the creation of policies standards and other documentation.
- You\’ll lead the governance, oversight and assurance on technical security controls and technical design on both new and existing solutions in the network and application portfolio.
- You\’ll act as an Information Security consultant to the rest of the business and represent Information Security in key forums, e.g. Project teams, Technical Design Authority, Agile Scrum teams, to ensure that technical security standards are met and adhered to.
- You\’ll work with stakeholders to ensure that technical security patterns, standards and sub-standards are developed and maintained.
- You\’ll lead and further develop and mature their extensive Pen testing & other testing programmes.
- You\’ll undertake assurance reviews and assessments, including 3rd Parties, new technical solutions and processes and produce relevant recommendations and reporting.
- You\’ll understand the business and information risk context, proactively work with teams to develop architectures and countermeasures which mitigate risks to an acceptable level.
- You\’ll perform information security risk assessments for change, processes and new solutions, etc, producing recommendations and reporting. Contribute to the running of the Information Security risk processes.
- Ongoing identification of emerging security threats through regular engagement with control and risk owners, coupled with external security trends, horizon scanning and analysis.
- You\’ll contribute to and deliver appropriate security awareness activities and promote good security practice in order to improve Security culture across the business.
Skills and Experience required
- Proven background within a similar Technical Information Security Manager position.
- Extensive Information & IT Cyber Security experience.
- Experience of maturing extensive Pen test & other testing programmes.
- Proficiency in technical security controls and frameworks, including experience and proficiency in cloud security.
- Experience and expertise in Azure environment security, vulnerability management and associated processes.
- Detailed knowledge of Information Security frameworks and standards, in particular PCI-DSS and ISO27001.
- Proven track record of undertaking control assurance reviews against best practice standards and identifying gaps.
- Suitable qualifications, e.g. CRISC, CISM, CISSP.
- Excellent communication and interpersonal skills, both verbal and written.
- Excellent stakeholder management skills.
- Excellent analytical skills.
- Excellent organisational skills.
For more information or to apply please send a copy of your CV to
#J-18808-Ljbffr
Information Security Manager employer: Sanderson Recruitment
Contact Detail:
Sanderson Recruitment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Make sure to highlight your experience with ISO27001 and PCI-DSS in your conversations. These frameworks are crucial for the role, and demonstrating your familiarity with them can set you apart.
✨Tip Number 2
Engage with current trends in information security, especially around cloud security and vulnerability management. Being able to discuss recent developments or case studies can show your proactive approach and expertise.
✨Tip Number 3
Prepare to discuss your experience in leading governance and assurance reviews. Be ready to share specific examples of how you've identified gaps and implemented solutions in previous roles.
✨Tip Number 4
Network with professionals in the financial services sector. Attend relevant webinars or forums where you can connect with others in the field, as this can provide valuable insights and potentially lead to referrals.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in Information Security Management, particularly focusing on technical security knowledge and governance, risk, and compliance (GRC). Use keywords from the job description to align your skills with what the company is looking for.
Craft a Strong Cover Letter: Write a cover letter that emphasizes your relevant experience and how it aligns with the responsibilities of the role. Mention specific frameworks like ISO27001 and PCI-DSS that you have worked with, and express your enthusiasm for contributing to the company's Information Security team.
Showcase Relevant Certifications: Include any relevant certifications such as CRISC, CISM, or CISSP in your application. Highlighting these qualifications can demonstrate your expertise and commitment to the field of Information Security.
Highlight Communication Skills: Since excellent communication and stakeholder management skills are crucial for this role, provide examples in your application that showcase your ability to communicate complex security concepts effectively to various stakeholders.
How to prepare for a job interview at Sanderson Recruitment
✨Showcase Your Technical Expertise
Be prepared to discuss your technical security background in detail. Highlight your experience with frameworks like ISO27001 and PCI-DSS, and be ready to provide examples of how you've implemented these controls in previous roles.
✨Demonstrate Governance and Risk Management Skills
Since the role has a strong GRC focus, emphasize your experience in governance, risk management, and compliance. Discuss specific instances where you've led assurance reviews or developed risk mitigation strategies.
✨Engage with Stakeholders Effectively
Prepare to talk about your stakeholder management skills. Share examples of how you've collaborated with different teams, such as project teams or Agile Scrum teams, to ensure adherence to security standards.
✨Stay Updated on Security Trends
Show your awareness of emerging security threats and trends. Be ready to discuss how you keep yourself informed about the latest developments in information security and how you would apply this knowledge in the role.
