A leading Global Investment Manager are currently looking for an outstanding Information Security Manager to join their growing and successful team based in the City of London.

You will be an Information Security SME with strong experience working in a strategic capacity delivering policy and documentation to stakeholders at the highest level both internally and externally. Within this role you will be helping to better define how Information Security Framework improvements are communicated to C-Suite, Senior Management and Regulators whilst helping to develop metrics, thematic reviews, key focus areas and the requisite reporting. You will also be involved in defining approaches to Cyber resilience, audit preparation/delivery and some ad-hoc duties across supplier review etc.

This is an interestingly varied role working closely with the Head of Information Security.

Key duties:

• Help to improve information security governance through the implementation of a hierarchical governance program.
• Work directly with the business units to facilitate risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
• Provide strategic risk guidance for Business and IT projects, including the evaluation and recommendation of technical controls.
• Provide regular reporting on the current status of the information security program to enterprise risk teams and senior business leaders
• Support the development and enhancement of an information security management framework based on International Organization for Standardization (ISO) 27001, ITIL, and National Institute of Standards and Technology (NIST).
• Support the framework with regard to information ownership, classification, accountability and protection.
• Liaise with the enterprise architecture team to ensure alignment between the information security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.
• Coordinate information security and risk management projects with resources from the IT organization and business unit teams.
• Support the management of a flexible control framework to integrate and normalise the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Liaise among the Global InfoSec team and corporate compliance, audit, legal and HR management teams as required.
• Provide input to security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation.
• Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
• Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services, including, but not limited to, privacy, risk management, compliance and business continuity management.
• Perform related duties and fulfil responsibilities as required.

You will be a strong InfoSec all rounder with an interest in developing a wide range of skills alongside your current knowledge.

You will hold a CISSP or similar with a relevant Bachelors level degree.