
Information Security Manager
On site
London, United Kingdom
£ 65,000 / year
Full Time
17-01-2025
Job Specifications
Information Security Manager - London Salary Circa £65,000 - National Salary Circa £55,000.
We have a unique opportunity for an Information Security Manager to join our newly formed team. This is a great job for someone with a good understanding of Information Security Manager, or IT risk/audit seeking a new opportunity to apply their skills in an exciting and fast paced role!
A bit about the job:
Working as the subject matter you will provide guidance on remediation activities, ensuring quality outputs and handle the planning and scheduling activities of our annual programme of work to completion, as well as monitoring a project management lead resource. To achieve this, you will collaborate with our external suppliers to propose and manage the lifecycle of remediation activity identified as part of assurance reviews. Additionally, you will provide peer QA reviews and feedback to the assessors, prior to releasing the assessment reports to the market leads. Supervising the successful execution of the third-party contract and internal resources to ensure delivery according to predefined SLAs is also a key part of this role.
Aviva operates a “smart working” policy meaning that we spend approximately half of our time working in an office this role is based in Norwich, or London.
Skills and experience we’re looking for:
An information security background, with experience in leading third-party assurance assessments/IT audits and related remediation activities.
Ability to take ownership of the outputs of information security related assessments for critical suppliers and manage the assessment process end-to-end.
An active interest in educational development within the Information Security space through certifications, training, and self-learning.
Ability to work collaboratively with teams from other subject areas within Aviva and with our suppliers to meet our end goal.
Ability to manage information security related projects within the team.
Proven track record of handling concurrent complex activities to short timescales and delivering good quality assessment reports.
What you’ll get for this role:
Our purpose - with you today, for a better tomorrow – is a promise we make to our colleagues too. And one of the ways we live up to that promise is by investing in you. We have so much to offer when it comes to being an Aviva colleague.
Starting Salary of circa £55,000 (National) and circa £65,000 (London based applicants) depending on location, skills, experience, and qualifications
Bonus opportunity - 10% of annual salary Actual amount depends on your performance and Aviva’s.
Generous pension scheme - Aviva will contribute up to 14%, depending on what you put in.
29 days holiday plus bank holidays, and you can choose to buy or sell up to 5 days
Make your money go further - Up to 40% discount on Aviva products, and other retailer discounts
Up to £1,200 of free Aviva shares per year through our Matching Share Plan and share in the success of Aviva with our Save As You Earn scheme
Brilliantly supportive policies including parental and carer’s leave
Flexible benefits to suit you, including sustainability options such as cycle to work · Make a difference, be part of our Aviva Communities and use your 3 paid volunteering days to help others
We take your wellbeing seriously with lots of support and tools Take a look to learn more. Put a salary into this calculator to see what your total Aviva Reward could be.
Aviva is for everyone:
We’re inclusive and welcome everyone – we want applications from all backgrounds and experiences. Excited but not sure you tick every box? Even if you don’t, we would still encourage you to apply. We also consider all forms of flexible working, including part time and job shares.
We flex locations, hours and working patterns to suit our customers, business, and you. Most of our people are smart working – spending around 50% of their time in our offices every week - combining the benefits of flexibility, with time together with colleagues.
To find out more about working at Aviva take a look here
We interview every disabled applicant who meets the minimum criteria for the job. Once you’ve applied, please send us an email stating that you have a disclosed disability, and we’ll interview you.
We’d love it if you could submit your application online. If you require an alternative method of applying, please give Abigail Aitken a call on +44 7774 789975 or send an email to abigail.aitken@aviva.com
About the Company
We're a leading Insurance, Wealth & Retirement business. Follow for #LifeAtAviva. Aviva is nothing without our people. Living up to our purpose to be with you today for a better tomorrow applies to those we work with just as much as it does to our customers. We want Aviva to be a place where people can be themselves, and we want our workforce to reflect the customers and communities we serve. This means offering market-leading benefits and challenging ourselves to do more to build a workplace – and society – tha... Know more
Related Jobs


- Company Name
- Sword Group
- Job Title
- Senior Cyber Security Engineer
- Job Description
- Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. We are looking for a highly skilled, highly motivated Cyber Security you will be seen as a trusted advisor and help our customers achieve their digital transformation objectives through the design, delivery, and optimisation of secure, high-performing hybrid infrastructure environments. The role will require the Cyber Security Engineer to be/have: Proficient in developing and designing secure solutions and documenting security controls in a Security Design An understanding of cyber security design principles to ensure solutions meet industry standards An understanding of frameworks and compliance The Ability to work with risk management processes and articulate the risks and benefits An understanding of networks and cloud environments is advantageous Comfortable creating design documentation and presenting to clients Requirements Strong understanding of Identity and Access Management Strong understanding of Secure Configuration Proficient in developing and designing secure solutions and documenting security controls in Security Design The Ability to work with risk management processes and articulate the risks and benefits An understanding of networks and cloud environments is advantageous Specialised technical knowledge and experience of cyber security as evidenced by relevant industry qualifications (e.g. GICSP, GCIP, CISSP, CISM) Knowledge in cyber security frameworks and standards as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc. Benefits At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work-life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us. If we can do anything to help make the hiring process more accessible, please let our talent acquisition team know when you apply so we can support any adjustments.


- Company Name
- DGH Recruitment
- Job Title
- Senior Information Security Manager
- Job Description
- Senior Information Security Manager (GRC) DGH Recruitment are currently recruiting on behalf of a leading client in the professional services industry who require an Senior Information Security Manager (GRC) to join the team in London. You will be responsible for designing, implementing and managing a robust information security framework that aligns with the firm's objectives, regulatory, client and insurance requirements. Responsibilities: • Governance Framework and Strategy • Risk Management and Compliance • Stakeholder Engagement & Communication • Continuous Improvement and Incident Response • Supplier Relationship Management Required Skills and Experience: • Professional certifications such as CISSP, CISM or CRISC or similar credentials are preferred. • ISO 27001 Lead Auditor or Implementer • Strong knowledge of information security principles, best practices, and standards (e.g., ISO 27001, NIST). • Deep understanding of ISO 27001, NIST CSF, COBIT and other security and IT governance frameworks. • Experience in conducting vendor risk assessments and project security risk assessments. • Strong analytical, problem solving and decision making skills. • Excellent communication and leadership abilities. • Attention to detail and a commitment to maintaining high-quality standards. • Knowledge of data privacy laws and regulations across multiple jurisdictions a bonus. Senior Information Security Manager (GRC)


- Company Name
- EVIDEN FRANCE
- Job Title
- Cloud Security Architect
- Job Description
- Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come. The Opportunity We are seeking a skilled and experienced Cloud Security Architect to design, implement, and optimize Security within our customers cloud environments. As a Cloud Security Architect, you will be responsible for developing a comprehensive security strategy, defining architecture and policies, integrating, and optimizing threat detection, and enabling advanced security monitoring to ensure our customer’s digital assets remain secure from cyber threats. You’ll work collaboratively with cybersecurity engineers and analysts, IT teams, and other stakeholders to assess the security needs of our clients, configuring cloud controls to address them, and continuously adapt our systems to emerging threats. The candidate must be eligible to obtain a security clearance - SC level. Location: Remote working with flexibility for traveling to client sites as required Role And Responsibilities Develop and implement robust Cloud Security architecture and strategies to safeguard our customers cloud environments Providing advice to clients on technical and operational security measures designed to help defend against cyber threats in cloud environments Lead the design and implementation of Azure Sentinel to build a robust security monitoring and alerting system Ensure scalability and performance by optimizing Sentinel resources, data connectors, and data ingestion pipelines Collaborate with security analysts to implement effective use cases and threat hunting scenarios within Azure Sentinel Develop reference architectures, security frameworks and migration strategies for Cloud Security Authorship, ownership, and peer approval of High-Level Design (HLD) documentation Ensuring technical sign-off of Low-Level Design (LLD) and operational documentation Stay updated on the latest cloud security trends, technologies, and threats, and continuously improve security practices and protocols, sharing across the team Act as mentor and provide support to colleagues across the Architecture and Engineering teams Provide technical input for ongoing development of portfolio and into bids, solutions, and RFP documents for Cloud Security Required Skills And Experience Extensive experience as a Cloud Security Architect with a focus on Azure Sentinel and Microsoft Azure Security Strong understanding of information security requirements and capabilities across different industries Experience in information technology and information security Deep knowledge of Azure Sentinel components, some experience with the Microsoft Defender suite, and related Azure security tools as well as other cloud platforms such as AWS and GCP Proficiency in security information and event management (SIEM) systems, some experience of other cloud security tools and technologies, including firewalls, encryption, identity, and access management (IAM), cloud security posture management (CSPM) Ability to guide engineering teams through the deployment where required Ability to write and review reports, procedures, and standards Relevant certifications, such as Microsoft Certified: Cybersecurity Architect Expert (SC-100), Security, Compliance, and Identity Fundamentals (SC-900), Security Operations Analyst Associate (SC-200), Azure Security Engineer Associate (AZ-500), or equivalent Desirable Skills And Experience Industry recognized security qualification (e.g., CISSP, CISM, CISMP, SSCP, CISA, ISACA, CEH, CompTIA Security+, etc.) Industry recognized technology certification in Cloud (Microsoft, AWS, GCP, CCSP, CCSK) Experience with Architecture methodologies such as SABSA and TOGAF Knowledge and understanding of UK government protective marking standards and industry standards, including PCI-DSS, ISO/IEC 27001, NIST, CIS, etc. Awareness of common exploits and vulnerabilities and how these may be prevented Previous hands-on experience in cloud security operational roles Experience of working in a Consulting capacity or environment Pre-sales experience in IT Security Benefits 25 days of Annual leave + an option to purchase more through our Flexible Benefits Flex benefits system – exciting opportunity to choose your own benefits Retail discounts Pension - matching contribution up to 10% Private Medical Scheme Life Assurance Unlimited opportunities to learn in our Training platforms As a Disability Confident employer, our aim is to ensure that disabled applicants who meet the minimum criteria for this position will be offered an interview. The data is only used for the purpose of providing additional support at interview. If this is applicable to you, please ensure you answer “Yes” to the question regarding disability included in the application form for our awareness. #Eviden If you have any questions, please contact our recruiter Diana Mihaylova | LinkedIn Let’s grow together.


- Company Name
- Digital Skills ltd
- Job Title
- Security Architect
- Job Description
- Lead Security Architect Permanent Up to £108,000 per annum + a fantastic benefits package Remote Digital Skills are working with a data-focused tech company that builds and provides tools and services to a range of end clients. The company specializes in designing, building, and continuously improving data-enabling products. We are currently recruiting for a Lead Security Architect, a recognised subject matter expert in security, risk management, and compliance, with demonstrable experience in highly regulated industries, specifically UK Government and/or Defence. Role Overview As a Lead Security Architect, you will build effective working relationships with delivery team members and customers and operate independently as a security lead across multiple projects and platforms. You will provide security expertise and drive outcomes, ensuring the security and assurance of complex, cloud-centric data and digital services across the entire lifecycle (strategy, design, implementation, and operations). Key Responsibilities Lead security and assurance efforts for highly complex, cloud-centric digital services, ensuring compliance with HMG security architecture and assurance standards. Provide specialist advice on security architecture for public cloud environments (AWS, Azure, GCP). Define and manage external security testing (ITHC, penetration testing) for cloud-native platforms (Docker, Kubernetes, etc.) and SaaS solutions. Formulate HMG Information Assurance Risk Assessments and Risk Treatment Plans. Establish security requirements for cloud-based solutions based on industry standards (ISO 27000 series, NIST, CSF, CSA). Identify and implement appropriate security controls aligned with industry standards (e.g., CCM) to mitigate cloud-native threats. Provide oversight and guidance on government security policies and procedures. Continuously evaluate new cloud security threats and their impact on business and IT environments. Ensure architecture principles, technologies, and security best practices are correctly implemented across all platforms. Core Competencies & Skills Domain Expertise: Extensive experience in public cloud security architecture (AWS/Azure/GCP) and hybrid cloud environments. Deep understanding of cloud security concepts, technologies, and best practices for IaaS, PaaS, SaaS, and serverless architectures. Expertise in Information Security and Privacy Standards (ISO 27000 series, NIST 800-53, CIS, GDPR). Experience leading security working groups and managing external security testing (ITHC, penetration testing) at high HMG classification levels (OFFICIAL required, SECRET desirable). Secure Systems & Tooling Design: Experience working directly with engineering teams to design and review secure architectures. Proficiency in DevOps, DevSecOps, Infrastructure as Code, and Security as Code (Docker, Git, Terraform). Managing technical security assessments, vulnerability analysis, and penetration testing. Risk Management & Compliance: Ability to assess, advise on, and manage high-impact security risks. Strong knowledge of risk assessment methodologies (ISO 27005, NIST). Understanding of security implications across different platforms and ability to implement risk-based security controls. Communication & Stakeholder Management: Ability to translate complex security risks and technical concepts into clear guidance for both technical and non-technical stakeholders. Experience working with C-level executives, delivery teams, and external customers to drive security best practices. Ability to influence and gain consensus on security decisions within multi-stakeholder environments. If this role seems like the right fit for you, please don't hesitate to apply.