Information Security Manager

Information Security Manager

Location - London (Hybrid)

An exciting opportunity has arisen to join this banking startup that are currently on a journey building a bank to bring better engagement between Africa and the UK, bringing customers and businesses the cross-border experience they deserve.

Backed by one of the top reinsurers in the world, this new bank applicant requires an Information Security Manager to join the growing team and implement the security strategy including identifying any risks to the business, whilst designing, implementing, and maintaining the security strategy for the bank.

Accountabilities

• Develop and implement a comprehensive information security strategy aligned with business objectives.
• Create and maintain an information security roadmap to address current and future security needs.
• You will implement and manage technical solutions to counter cyber security risks.
• Establish, review, and enforce information security policies and procedures.
• Ensure compliance with relevant laws, regulations, and industry standards.
• Conduct regular security audits and risk assessments.
• Provide training to staff on security policies, procedures, and best practices.
• Develop and maintain an incident response plan for handling security incidents.
• Collaborate with IT teams to implement and maintain security solutions.
• Monitor emerging threats and assess their potential impact on the Bank.
• Regularly update risk assessments based on changes in the threat landscape.
• Prepare and present regular reports on the status of information security to executive leadership.
• Research, design and test processes and technical solutions to counter cyber security risks.
• Manage the implementation of countermeasures to cyber-attacks that exploit identity and privileged escalation attacks occur particularly in Active Directory and Azure-based environments.
• Develop, implement, and manage comprehensive security assurance measures for generative AI usage across the company.

Skills & Experience

• Experience with Money Transmitter License (MTL) regulatory standards and audits and ITGC Control audits
• 5+ years' experience in IT Security and/or IT within a financial services organisation
• Must have fundamental programming/scripting capabilities (e.g. python, powershell, bash, etc.)
• Experience in DevSecOps
• Experience in Cloud Security is a must. AWS preferred.
• Management of at least 10 people
• Degree/diploma/certifications in a technology-related field and/or relevant working experience such as PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON

Technical

• Endpoint security concepts, controls, and best practices for Servers (e.g. Windows and Apple OS)
• General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
• Cryptography fundamentals and data security controls and best practices
• Experience with Mobile App Security
• Forensic investigation techniques
• Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc.
• Deep knowledge of GDPR, FOI, PCI-DSS
• Deep knowledge of cloud security
• Knowledge of Microsoft Security Centre and Microsoft Sentinel
• Deep Understanding of ISO27001:22, NIST, Cloud Security
• Secure software development guidelines
• Demonstrated experience with cyber engineering and operations, which could include DevSecOps.
• Experience with microservices

Behaviours

• Excellent written and verbal communication skills.
• Excellent stakeholder management skills, with the confidence to challenge supportively and effectively where appropriate.
• Excellent time management and delegation skills with proven ability to manage multiple projects effectively.
• Strong leadership skills with the ability to inspire and motivate staff from a variety of backgrounds and experience levels and gain the respect of colleagues at all levels of the business.
• Builder of positive relationships with a collaborative style used to achieve organisational goals.
• Able to create an open environment and inspire others to contribute.

An outstanding opportunity for an Information Security Manager awaits, apply now!