- £70–80k base 10% bonus
- Hybrid in London
Join a growing InfoSec team at a pivotal time for a global financial institution. This is an IT Security Manager role with governance oversight, guiding InfoSec operations, mentoring analysts, and translating security frameworks into practical, actionable steps. You’ll influence policy, architecture, and data governance, all while supporting the secure rollout of new banking operations.
What you’ll bring:
- 5 years’ experience in InfoSec, IT Security, or operational security in a regulated environment
- Certifications: CISSP or SSCP (or equivalent) required
- Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central)
- Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents)
- Understanding of zero trust networks, SSO, and network segregation principles
- Strong communicator: able to advise IT teams on practical security steps, not just theory
- Experience mentoring staff or junior analysts (no direct line management required)
- Adaptability to a medium-sized, SME environment
What you’ll be doing:
- Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation
- Data governance: Drive data protection, labelling, and retention projects using Microsoft Purview
- Third-party risk: Support supplier security assessments and guide analysts’ work (tools like Panorays)
- Cloud & architecture: Advise on Azure security, shared responsibility models, and zero trust principles
- ISO27001 support: Maintain ISMS controls and governance, assist with policy implementation
- Mentoring & guidance: Support analysts with technical and governance expertise, acting as deputy for Head of InfoSec when needed
- Project involvement: Key InfoSec input for new market expansion and business initiatives
Tech & tools you’ll use:
- Microsoft Purview – Data governance and compliance
- Azure (and AWS) – IAM, monitoring, encryption
- Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection
- Panorays – Third-party risk
- Protecht – Enterprise risk & audit management
- Rapid7 / Armis – Vulnerability management and threat detection
Why this role?
- Hands-on, high-impact role in a dynamic SME environment
- Influence across security operations, governance, and data management
- Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice
IT Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company
