Information Security Manager

ARAG is seeking an enthusiastic Information Security Manager to develop and lead our cyber security strategy across the UK, Canada, and Ireland.

As our Information Security Manager, you will be at the forefront of designing, training, and monitoring robust frameworks that align with our ISO27001:2022 certification. You will lead a talented Information Security Team, guiding their efforts to enhance tools, processes, and security practices across our global operations.

This is a strategic and hands-on role that requires collaboration across departments. You will advise and implement best-practice security protocols within our Digital Services division and the wider business, helping shape a culture of security-first thinking.

• Delivering security programmes aligned with ISO27001:2022 and ARAG Group standards.
• Developing and maintaining effective Information Security frameworks aligned with ISO27001:2022 and implement cyber security strategies to improve awareness and resilience.
• Leading, mentoring, and managing the Information Security Team
• Driving the adoption of security strategies across all relevant business areas
• Collaborating with IT Operations and cross-functional stakeholders to investigate and implement security best practices.
• Contribute to audit responses and continuously improve standardisation and efficiency.
• Monitor emerging threats and drive proactive risk mitigation.
• Lead vulnerability and penetration testing, ensuring documentation is maintained.
• Prepare reports for Board and Executive Management
• Represent ARAG in internal and external security forums, actively participating in technical discussions and decisions
• Lead cyber security incident response across UK, Canada, and Ireland
• Contribute to Information Security due diligence and audit processes.

We are looking for a knowledgeable and proactive Information Security Manager with a strong technical foundation and strategic mindset. The ideal candidate will bring deep expertise in security frameworks, technologies, and risk management, along with the ability to communicate effectively across all levels of the organisation. You will bring:

• Strong understanding of ISO27001, NIST CSF, Cyber Essentials, OWASP
• Experience with SIEM, IDS/IPS, IAM, NAC, patch management, anti-malware
• Solid grasp of incident response and vulnerability management
• Knowledge of Zero Trust principles and cloud platforms (Azure, SaaS, IaaS, PaaS)
• System administration experience across multiple platforms
• Awareness of the current threat landscape and modern malware techniques
• Excellent communication skills-verbal, written, and presentation.
• Excellent understanding and experience using Microsoft 365 applications such as Outlook, Teams and OneDrive
• Experience engaging with leadership teams, clients, and regulators.
• Understanding of Information Security risk management under ISO27001:2022

• CISSP: Certified Information Systems Security Professional
• ISO/IEC 27001 Lead Implementer / Auditor

As a team we are passionate and enthusiastic about what we do. Our people are encouraged to think independently and to take ownership of their work. In return for your commitment, we will offer you generous remuneration and an attractive benefits package, including:

• 27 days holiday with the option to buy up to a further 5 days.
• Private Medical Insurance
• Company pension scheme with the option to increase contributions.
• Group Income Protection for all employees.
• Group legal protection for all levels.
• Motor and Home Emergency Assistance
• Inclusion in our Health cash plan
• Salary sacrifice benefits including cycle to work scheme.
• Membership of our Sports and Social club which includes discounted events such as theatre or shopping trips!

ARAG UK has been helping businesses and individuals gain access to justice for over 40 years. It's our founding principle to enable everybody, not just those who can afford it, to assert their legal rights.

Thousands of businesses and individuals defend or pursue legal action each year safe in the knowledge that ARAG are paying their legal bills. Our businesses include a legal expenses insurance company and a law firm with many opportunities in both areas.

We have always been aware that it's the people that really make it happen; the quality of our people defines the quality of the company, the service we offer and the good outcomes for our customers, so we're committed to creating a great place to work for our employees.

We believe it is an exciting time to join ARAG. You can expect an organisation that will challenge and develop you to progress your career.

By giving you every opportunity to develop yourself professionally and personally, we also pride ourselves on having an open, inclusive and high energy culture that encourages a fun working environment and places our customers at the very heart of everything we do.

If you are keen to become part of our exciting future then we would love to hear from you. In addition to the very genuine development opportunities we provide we also offer a generous reward and benefits package.