Enable job alerts via email!

Information Security Manager

Das Group

Bristol

On-site

GBP 60,000 - 80,000

Full time

Today
Be an early applicant

Generate a tailored resume in minutes

Land an interview and earn more. Learn more

Start fresh or import an existing resume

Job summary

A leading company in digital services is seeking an Information Security Manager to enhance their security strategies and oversee a team. This strategic role involves managing security compliance, risk remediation, and developing protective measures against threats. Candidates should possess strong technical and organizational skills, with a solid background in security standards and risk management.

Benefits

27 days holiday with options to buy more
Company pension scheme
Group Income Protection and Legal Protection
Private Medical Insurance
Salary sacrifice benefits including Cycle scheme
Wellbeing programs and employee discounts

Qualifications

  • Strong technical and organizational skills essential.
  • Experience in security frameworks and tools required.
  • Intermediate IT risk management expertise expected.

Responsibilities

  • Drive IT security strategy and manage the information security team.
  • Conduct risk assessments and document remediation options.
  • Engage with parent company for ISMS alignment.

Skills

Information security frameworks
Data protection legislation
Security analysis tools
Security incident management
Authentication technologies
Zero Trust principles
Endpoint security solutions
AWS and cloud platforms
Vulnerability scanning
IT risk management

Job description

We’re excited to announce an opportunity for an Information Security Manager to join our dynamic Digital Services team at ARAG UK.

As a member of the Digital Services team, this role will be at the forefront of ARAG UK’s security strategy, ensuring the confidentiality, integrity, and availability of ARAG’s information and information systems. The successful candidate will be accountable for ensuring our ISO27001 accreditation is adhered to and successfully renewed, as well as assessing information risk and facilitating remediation of identified vulnerabilities within the company’s network, systems, and applications. Additionally, you will lead the strategy, road mapping, and planning of security in the organization, as well as manage the information security team.

This is an excellent opportunity to report on findings, apply recommendations for corrective and preventative actions, and identify opportunities to reduce security risks. Key responsibilities include documenting remediation options regarding acceptance or mitigation of risk scenarios, facilitating and monitoring the performance of risk remediation tasks, and reporting on findings. The role will help the company understand security threats and develop strategies to protect ARAG’s assets and interests across multiple entities.

This is a strategic and hands-on role, where you will manage a small team while supporting the Security & Governance Manager in driving the IT security strategy, leading projects, coordinating the team’s work, and mentoring and developing team members. You will also work with others in Digital Services and the wider organization to ensure appropriate leadership and accountability in security. The role requires engagement with our parent company to ensure our ISMS aligns with their standards and frameworks, and to discuss, analyze, plan, and implement necessary changes and improvements in our Information Security Systems.

We are keen to hear from candidates with strong technical, organizational, and communication skills. You will contribute to audit responses, particularly in the InfoSec area, and help establish improvements in response processes and standardization.

Qualifications and Skills
  • Good understanding of information security frameworks, standards, and best practices (ISO27001, NIST CSF, Cyber Essentials, OWASP).
  • Knowledge of data protection legislation and regulatory requirements (e.g., GDPR, FCA SYSC, PCI DSS).
  • Experience with security analysis tools and technologies (e.g., SIEM, VAS, IDS/IPS, Firewalls, IAM, NAC, patch management, anti-malware).
  • Solid understanding of security incident management and response processes.
  • Knowledge of authentication technologies (e.g., two-factor, multi-factor).
  • Familiarity with Zero Trust principles.
  • Knowledge of endpoint security solutions (e.g., HIDS, anti-malware, DLP).
  • Experience with AWS and cloud platforms (SaaS, IaaS, PaaS).
  • System administration skills across multiple platforms and applications.
  • Ability to conduct vulnerability scans and identify vulnerabilities.
  • Awareness of the current threat landscape and modern malware techniques.
  • Experience delivering presentations to leadership teams.
  • Intermediate expertise in IT risk management or related disciplines.
Benefits
  • 27 days holiday, with options to buy more.
  • Company pension scheme with optional increased contributions.
  • Group Income Protection and Legal Protection.
  • European Motor Assistance and Home Emergency Assistance.
  • Private Medical Insurance.
  • Salary sacrifice benefits including Cycle scheme.
  • Wellbeing programs and employee discounts.
  • Participation in social and sporting events.

If you believe you are a good fit and can demonstrate transferable experience, please apply, even if you do not meet all the criteria listed above.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.