Information Security Risk Lead

My client, an International Financial Services client based in London, are looking for an Information Security Risk Lead to join their growing team.

The Information Security Risk Management Lead is a key member of the Risk Management team and is responsible for leading the implementation of the Enterprise and Operational Risk Management frameworks designed by my client to identify, measure, monitor and mitigate information security risks. The successful candidate serves as a second set of eyes to management to provide review and credible challenge of the effectiveness of information security processes and controls. This position is highly engaged with the firm-wide Information Security teams who provide security solutions as well as all corporate departments that own information security risk.

What they are looking for:

• 10+ years of experience specifically related to information security governance, operations, and risk management.
• Broad-based technology experience at substantial scale and complexity in a global, highly regulated, high-volume transaction environment. Experience must include time operating within transaction services environments characterized by the need for continuous availability and the highest levels of security.
• Experience with developing and managing Operational Risk programs, establishing framework and on-going process in accordance with best practices and Basel requirements.
• Comfortable leading in a complex matrixed organization, ideally in a global firm with a dynamic and rapidly changing environment.
• Experience leading within a highly regulated environment, with a preference for experience at the international and federal levels. Deep knowledge of policy frameworks and a strong understanding of policies, procedures, guidelines, and structure.
• Functional expertise, with operational knowledge of and exposure to various current and emerging information security areas such as:

v Cyber resilience

v Identity & privileged access management

v Secure coding practices

v Incident response

v Artificial Intelligence

v Third-party risk management

v Cloud security configuration and control frameworks

v Threat/vulnerability management

v Network security

Professional qualifications / certifications

• B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent).
• Relevant certification is desirable, e.g., CISSP, CISM, CISA, CRISC.
• Working knowledge of Risk Management life cycles based on an established framework: NIST CSF, NIST SP 800-53, ORX, ISO 27001, SANS, CERT, ENISA, CSA, OACA, ISACA.
• Proficiency in MS PowerPoint and Excel.
• Experience in broader MS Office suite, including Project and Visio is a plus
• Experience with enterprise GRC tools, e.g. Archer is a plus

If the above role is of interest please apply to this ad or call me on 0207 509 8040 or email me on darius.goodarzi@robertwalters.com

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

About the job

Contract Type: FULL_TIME

Specialism: Technology & Digital

Focus: Information Security

Industry: Banking

Salary: £120,000 - £140,000 per annum

Workplace Type: Hybrid

Experience Level: Director

Location: London
FULL_TIME
Job Reference: R9TEE5-DABABA25

Date posted: 19 June 2025

Consultant: Darius Goodarzi
london information-technology/information-security 2025-06-19 2025-08-18 banking London London GB GBP 120000 140000 140000 YEAR Robert Walters https://www.robertwalters.co.uk https://www.robertwalters.co.uk/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png true