Information Security Manager

Information Security Manager

Application Deadline: 20 June 2025

Department: Operations

Employment Type: Full Time

Location: London, UK

Compensation: £65,000 - £70,000 / year

Description

We are seeking an experienced and highly capable Information Security Manager to lead our day-to-day information security operations, reporting directly to the Director of Information Security. 

This is a hands-on role requiring a deep understanding of security practices particularly for cloud environments. The successful candidate will play a key role in safeguarding our organisation by working collaboratively with internal teams and external partners to manage information security, governance, and cyber risk. 

In this role, you will be responsible for ensuring that our security position aligns with organisational goals, regulatory requirements, and recognised industry standards. This position offers a unique opportunity to influence our security strategy while providing expert guidance and operational oversight across the business.

Key Responsibilities

Working alongside our experienced team of industry experts, you will be responsible for:

• Co -creation of an information security improvement program to ensure the risk profile matures in line with business objectives and the threat landscape, maintaining ongoing compliance with relevant accreditations (e.g. ISO27001, Cyber Essentials, PCI DSS).
• Overseeing the implementation, maintenance and assurance of security controls across the business in line with company objectives, information security strategy and security architectural principles.
• Supporting the business with information security risk identification and treatment within the context of the latest threats, conducting regular risk assessments, threat modelling, overseeing mitigation strategies and preparing management reports detailing the state of the risk.
• Contributing to the development of security policies, standards, and frameworks across the organisation, working with teams to influence embedding them into the business.
• Providing information security requirements to Cifas’ third parties and obtaining assurance that they are protecting company assets, as well providing assurance to members regarding Cifas’ information security.
• Leading the technical response to a security incident and ensuring the information security of BCP, as well as developing response plans that are reviewed and tested regularly.
• Creating and delivering relevant information security training & awareness material as part of a wider program designed to drive a culture of security awareness across the organisation.

Skills, Knowledge and Expertise

To be successful in this role, you will have:

• Exceptional understanding of cloud security architecture principles and emerging threats 
• Experience with major cloud platforms (AWS, GCP, Azure) and cloud-native security tools 
• A strong background in threat modelling and risk assessment across applications and infrastructure 
• Knowledge of Application Security, including secure coding and vulnerability management 
• Proven track record integrating security into DevOps practices and CI/CD pipelines 
• Expertise in corporate security technologies (IAM, EDR, network security) 
• Experience designing and implementing comprehensive security solutions 
• Knowledge of key security frameworks (ISO 27001, NIST CSF, CIS Controls) 
• Excellent communication skills, particularly in translating technical concepts for business stakeholders 
• A recognised security certificate is preferred but not essential (e.g. CISM, CISSP)

Benefits

In return for helping us take the fight to fraud, all our employees receive an impressive benefit package, which includes:

• Remote working with approximately 2 days a month in the London office.
• Generous annual leave allowance plus the bank holidays 
• Private healthcare
• Excellent pension package through salary sacrifice
• Personal and professional growth
• Employee wellbeing services – Wellbeing hub access with resources to various online exercise content, meditation guides, sleep stories and yoga. 

We have introduced agile ways of working, allowing teams to decide how best they work, while ensuring regular opportunities to collaborate and innovate. We create an environment to help you to unleash your potential and perform the most rewarding work of your career, whist keeping your wellbeing at the foremost with initiatives in place to promote the wellness of our people. 

We are committed to building a diverse and inclusive culture and have dedicated inclusion champions across the business to celebrate and promote our uniqueness. We also have a dedicated team of volunteers looking for innovative ways to give back as part of our commitments under our Corporate Social Responsibility. We are delighted to be recognised in the 2021, 2022 and 2024 best companies to work for listings. We have also been awarded the Investors In People Gold accreditation. 
If you are passionate about our purpose and would like an opportunity to make a valuable contribution to fraud prevention, we would like to hear from you.