Information Security Manager (must come from start up/FinTech)

My client, an international FS client of mine based in London, are looking for an Information Security Manager to join their growing team. The must skillset to have is come from a start up/fintech background and hold a CISSP. This role is hybrid, 3 days per week in the office - Tuesdays being their anchor day.

About the Information Security Manager role:

My client is a UK-regulated bank committed to delivering innovative financial solutions while maintaining the highest standards of security and compliance. As part of our continued growth, they are looking for a hands-on and forward-thinking Information Security Manager to join their small but dynamic security and technology team.

Key Responsibilities

• Security in Projects: Advise and support project teams to embed security best practices throughout the project lifecycle.
• Penetration Testing: Scope, manage, and track remediation of penetration testing and vulnerability assessments.
• Application Security: Maintain application security processes, standards and guidelines. Translate application security policies into security requirements.
• Risk Assessments: Conduct and document security risk assessments on changes, threats, vulnerabilities, and new initiatives.
• Third-Party Risk: Perform third-party vendor risk assessments and ongoing security reviews.
• Solution Due Diligence: Assist in identifying and assessing new security technologies and vendors.
• Incident Management: Lead or support the response to security incidents, including investigation, containment, root cause analysis, and reporting. Work with internal teams to continuously improve incident response processes.
• Security Frameworks: Support compliance and alignment with ISO 27001, Cyber Essentials, SWIFT, NIST and other relevant frameworks.
• Stakeholder Communication: Communicate effectively with various stakeholders including engineers, product managers, operations team, senior management, and auditors about the information security posture, risks, and mitigation strategies.

About You

• Minimum of 8 years’ experience in information security roles, ideally in the financial sector.
• Bachelor's degree or higher in Computer Science
• CISSP certification required; additional certifications (e.g. CEH, OSCP, AWS Security) are a plus.
• Experience working with ISO 27001, Cyber Essentials, and preferably NIST CSF, SOC 2, or SWIFT
• Strong understanding of security in the context of software development and application security (OWASP, SDLC, DevSecOps).
• Hands-on, pragmatic approach with the ability to operate in a lean, fast-paced environment.
• Excellent communication skills, with the ability to engage both technical and non-technical stakeholders.
• Innovative mindset with a passion for staying current in the ever-evolving cyber landscape.
• Experience working in or with regulated financial institutions is desirable.

Why Join Us?

• Be part of a small, agile, and collaborative team where your impact is direct and visible.
• Opportunity to work on cutting-edge financial services and security projects.
• Competitive salary and benefits, including training and development support.

Hybrid working arrangements and a culture that values innovation and initiative.

If the above is of interest please apply to this role (or email me your CV to darius.gooodarzi@robertwalters.com) or call me on 0207 5098040 for more information.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates