Job title: Technology Information Security Manager
Job type: Permanent
Emp type: Full-time
Salary type: Annual
Salary: Negotiable
Location: Manchester or Sussex or Remote
Job published: 27-03-2025
Job ID: 32862

Job Description

Technical Information Security Manager to own all aspects of Risk, Compliance, Oversight and Controls of Information security.  

The role is working for one of the UK's most success, ambitious, innovative and technology focused Insurers in the UK.  The organisation specialises in Personal Lines Insurance.

This technically focused role includes delivering our Information Security services (such as consultancy, assurance reviews and risk management) and providing governance and oversight across the business to effectively manage Information Security and Cyber risk.

What’s involved:

  • You’ll play a key part in the implementation and maintenance of established control frameworks such as ISO27001 and PCI-DSS and other relevant security frameworks, including the creation of policies standards and other documentation.
  • Lead the governance, oversight and assurance on technical security controls and technical design on both new and existing solutions in FCG’s network and application portfolio.
  • Act as an Information Security consultant to the rest of the business and represent Information Security in key forums, e.g. Project teams, Technical Design Authority, Agile Scrum teams, to ensure that technical security standards are met and adhered to.
  • Work with stakeholders to ensure that technical security patterns, standards and sub standards are developed and maintained.
  • Lead and further develop and mature our extensive Pen testing & other testing programmes.
  • Undertake assurance reviews and assessments, including 3rd Parties, new technical solutions and processes and produce relevant recommendations and reporting.
  • Understand the business and information risk context, proactively work with teams to develop architectures and countermeasures which mitigate risks to an acceptable level.

Experience & knowledge

  • Extensive Information & IT Cyber Security experience.
  • Experience of maturing extensive Pen test & other testing programmes.
  • Proficiency in technical security controls and frameworks, including experience and proficiency in cloud security.
  • Experience and expertise in Azure environment security, vulnerability management and associated processes.
  • Detailed knowledge of Information Security frameworks and standards, in particular PCI DSS, ISO27001 and other cyber frameworks
  • Experience of managing Information Security in an Agile Change Environment