Head of InfoSec and Data Services

We have been awarded the “Most Loved Workplace”! At Metro Bank, people come first – our culture is all about bringing the best out in our colleagues, and making sure everyone feels valued, respected, seen and included. We strongly believe in a diverse and inclusive workplace and to find the very best person for the job, we always look across a wide range of diverse communities.

What you will do:

1. Deputise for the CISO, Director of Tech Risk and Data with Board level visibility and reporting to Executive leadership, to define the Bank’s policy and strategy for information security and data governance, take overall responsibility for execution of that strategy and maintain oversight over the protection of all Metro Bank’s information and IT assets.
2. Lead the design of Metro Bank’s information security strategy and data governance strategy, develop the business case for change to achieve the strategy and engage with colleagues to implement these changes.
3. Lead the definition of policies, standards and procedures for information security and data governance, moving Metro Bank towards alignment with industry good practice standards (e.g. ISO 27001, ITIL).
4. Direct day-to-day management of information security and data controls, monitoring and incident response, with support from your team of information security change specialists and enterprise data architects.
5. Maintain effective oversight to ensure overarching compliance with information security and data policies and procedures.
6. Responsible for initiating, facilitating, and promoting activities to create information security and data awareness within the organisation.

And... we are a bank so risk is a part of everything we do. We love people who take responsibility, do the right thing for customers, colleagues and Metro Bank and have the courage to call out any concerns.

What you will need:

1. Understand the risks associated with your job and what that means for you, Metro Bank and all our stakeholders.
2. Strong planning, people and technical skills, allowing you to be an effective leader, champion and manager of the infosec and data functions and related projects.
3. Extensive experience across financial services and detailed understanding of the information security and data governance good practice in Banking and the established approaches to mitigating these.
4. A deep understanding of information and data risk and control frameworks and standards, e.g. ISO27001, PCI DSS, NIST+.
5. Strong leadership skills and proven ability to build, inspire, direct, motivate and performance-manage a multi-disciplinary team.
6. MSc Information Security/MCIISec/CISSP/CISM/ISO27001 Lead Auditor or equivalent.

Our promise to you…

1. We will make sure that you are well-rewarded by providing you with a competitive salary, discretionary annual bonus, and a wide range of benefits, including generous holiday allowance, attractive pension scheme, healthcare, life assurance, and a number of colleague discounts!
2. We will give you the training to ensure you succeed in your role and plenty of internal opportunities to progress your career (around 40% of our recruitment comes from internal promotions!).
3. We are also all about balance so most of our jobs offer the opportunity for hybrid working built around your role and home life, wherever possible.

Diverse teams really are the best teams. We know that candidates (especially women, research tells us) may be put off applying for a job unless they can tick every box. We also know that ‘normal’ office hours aren’t always doable, and while we can’t accommodate every flexible working request we are happy to be asked. So if you are excited about working with us and think you can do much of what we are looking for but aren’t sure if you are 100% there yet… why not give it a whirl? Please note that sometimes we may close a job earlier for applications if we are inundated with amazing candidates.. Good luck!