Information Security Manager

As a member of the Digital Services team, this role will be at the forefront of ARAG UK’s security strategy, ensuring the confidentiality, integrity, and availability of ARAG’s information and information systems. The successful candidate will be responsible for ensuring our ISO27001 accreditation is maintained and renewed, assessing information risks, and facilitating remediation of vulnerabilities within the company’s network, systems, and applications. Additionally, you will lead the strategy, road mapping, and planning of security initiatives, as well as manage the information security team.

This position offers an excellent opportunity to report on findings, apply recommendations for corrective and preventative actions, and identify opportunities to reduce security risks. Key responsibilities include documenting remediation options, managing risk acceptance or mitigation scenarios, and monitoring performance of risk remediation tasks, changes related to risk mitigation, and reporting on findings. The role will help the company understand security threats and develop strategies to protect ARAG’s assets across multiple entities.

This is a strategic and hands-on role where you will manage a small team, support the Security & Governance Manager in driving IT security strategy, lead projects, coordinate team efforts, and mentor staff. You will also collaborate with other teams within Digital Services and the wider organization to ensure proper leadership and accountability in security matters. The role involves engaging with our parent company to ensure our ISMS aligns with their standards, and discussing, analyzing, planning, and implementing necessary changes to our Information Security Systems.

We are looking for candidates with strong technical, organizational, and communication skills. You will contribute to audit responses in the InfoSec area and help improve response processes and standardization.