Banner Default Image
Back to job search

Lead Information Security Risk Manager

  • Location:


  • Sector:

    Governance, Risk & Compliance, Information Security

  • Job type:


  • Job functions:

    Security Risk, Security Analyst, Security Compliance, Security

  • Salary:

    £75000 - £90000 per annum + + bonus + package

  • Contact:

    Liam Watson

  • Contact email:

  • Job ref:


  • Published:

    about 1 month ago

  • Expiry date:


  • Startdate:


Lead Information Security Risk Manager

HQ in City of London (roughly twice per week in office)

Up to £90,000 + bonus + package

La Fosse have partnered with one of the UK's leading Private Banks in the search for a Lead Information Security Risk Manager. The business has a hugely successful heritage with longstanding customer relationships, they provide an extremely personal, values led experience to private banking.

Reporting to the Head of Operational Resilience & GRC, you will be responsible for Information Security Risk Management as the bank look to enhance their maturity. In this 1.5 line of defence role, you will be responsible for assessing & developing security controls against regulatory frameworks. The business has a good foundation in place but are looking to develop their cyber function so that technology controls, risk management processes and security standards are improved & run effectively. This is a standalone role where you will engage with and influence stakeholders to drive standards - you will be able to leverage key resources across the function.

This role was specifically signed off by the board, giving a good insight into the importance of delivery across security GRC for the business.

Requirements include:

  • Prior experience leading security GRC activities, with a strong exposure to implementing security controls, frameworks & standards.
  • Experience in 1st/1.5 or 2nd line of defence preferable, open to experience coming from 3rd line assuming you bring experience in other lines of defence.
  • Strong knowledge of information security controls and regulatory standards (i.e. ISO 27001/2, NIST, etc.).
  • Demonstrate technical knowledge, with an ability to translate technical aspects back to the business.
  • Highly motivated self-starter with an ability to build strong & trusted relationships both internally and externally.
  • Experience in financial services is essential - bringing an understanding of the regulatory environment.