CrawlJobs Logo

Head of Information Security & IT Risk

United Kingdom, Manchester Employment contract 75000.00 - 90000.00 GBP / Year · Job Posted June 29, 2026
Apply Position
Job Link Share

Job Description

Bibby Financial Services are growing, and we’re looking for a Head of Information Security & IT Risk to join our team. The Head of Information Security and IT Risk is responsible for leading the development and execution of the organisation’s information security and IT risk strategy. This includes ensuring the protection of systems, data, and operations against cyber threats and technology-related risks. The role oversees a team of specialists and works across IT, compliance, and business functions to embed robust security and risk practices. It ensures effective governance, continuous improvement, and alignment with regulatory requirements and enterprise risk frameworks.

Job Responsibility

  • Lead and develop the Information Security & IT Risk team
  • Identify, assess, and manage IT-related risks including security, operational, development, delivery, supplier, compliance, and strategic risks
  • Perform and support risk assessments for new systems, projects, and third-party vendors
  • Ensure compliance with relevant standards, regulations, and frameworks
  • Oversee the deployment and operation of security tools and technologies (e.g., firewalls, SIEM, endpoint protection, zero-trust technologies)
  • Manage penetration testing and other assurance activities, including remediation of findings
  • Lead incident response planning and investigation of security breaches, ensuring timely resolution and reporting
  • Act as the primary point of contact for all information security and IT risk matters
  • Provide regular reporting to senior and executive management on security posture and risk status
  • Promote a culture of security awareness and compliance across the organisation
  • Design and deliver security awareness training programmes for staff

Requirements

  • Proven experience in information security and IT risk management, preferably within financial services or other regulated industries
  • Strong leadership background, with experience managing and developing high-performing teams in complex environments
  • Deep understanding of cyber security principles, IT risk frameworks, and operational resilience practices
  • Demonstrated ability to design and implement security strategies, policies, and controls aligned with business and regulatory requirements
  • Hands-on experience with security technologies such as firewalls, SIEM, endpoint protection, and vulnerability management tools
  • Skilled in conducting risk assessments, managing IT risk registers, and overseeing assurance activities including penetration testing and incident response
  • Familiarity with relevant standards and frameworks (e.g. ISO 27001, NIST, COBIT, GDPR, DORA)
  • Strong stakeholder engagement skills, with the ability to influence and communicate effectively at C-level
  • Experience supporting internal and external audits, regulatory reviews, and cross-functional collaboration
  • Track record of promoting security awareness and embedding best practices across an organisation

What we offer

  • 25 days’ holiday plus bank holidays, increasing with service, with buy/sell options
  • Performance Bonus
  • Hybrid working
  • Private healthcare for you and your family
  • Company pension scheme
  • Flexible benefits (gym membership, tech, health assessments and more)
  • Access to an online wellbeing centre
  • Discounts with a wide range of retailers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Head of Information Security & IT Risk

8 matching positions

Head of Information Security, Risk and Compliance

Senior leadership position within the IT Operations team. The primary mission is...
Location
Location
United Kingdom , Thame
Salary
Salary:
110000.00 GBP / Year
travelodge.co.uk Logo
Travelodge Hotels Limited
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Certifications: CCSP, CISSP-ISSMP, or CISM
  • Methodologies: ITIL v4 Foundation
  • FAIR Risk Modelling
  • experience in Project Management or Business Change
  • Advanced Tech: Experience defining Zero Trust Architecture (ZTA) and implementing security controls within public cloud environments (IaaS/PaaS)
  • pragmatic, hands-on leader
  • master of communication
  • self-starter
  • technical expertise rooted in securing critical B2B and B2C eCommerce platforms, particularly within hosted and SaaS-heavy environments
  • expert-level knowledge of perimeter, cloud, network, and data security
Job Responsibility
Job Responsibility
  • Strategic Leadership: Develop a continuously evolving security roadmap and "defence in depth" strategy
  • manage both internal teams and strategic third-party partners
  • Operational Management: Oversee 24x7x365 security operations, including continuous monitoring, threat assessment, incident response (CIRT)
  • Risk & Compliance: Develop and maintain an industry-standard Risk Management framework
  • ensure compliance with PCI-DSS, GDPR, and NIST frameworks
  • Governance & Policy: Maintain Information Security policies and conduct regular audits of processes and controls
  • Technical Oversight: Coordinate vulnerability management, penetration testing, and code reviews
  • provide "Secure by Design" architectural guidance for all new initiatives
  • Supply Chain & Budget: Manage a portfolio of security vendors to ensure value and responsiveness
  • oversee the OPEX and CAPEX budgets that enable your function to operate and continuously improve
What we offer
What we offer
  • Annualise Bonus
  • Car Allowance
  • Contributory pension scheme
  • 50% personal discount for hotel bookings and great friends and family discounts too
  • 25 days holiday + bank holidays, increasing with length of service
  • A focus on learning and career development
  • Fulltime
Read More
Arrow Right

Head of IT Risk Officer for APAC-ME

The Information Technology Risk Office (ITRO), within Risk Management and Contro...
Location
Location
Singapore , Singapour
Salary
Salary:
Not provided
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master Degree in Computer Science, Information Technology or equivalent
  • Professional certification such as CISA, CISSP, CISM (preferred)
  • 10+ years of experience in operational resilience, business continuity, or risk management within the financial sector
  • Proven leadership experience
  • Deep understanding of regulatory requirements in APAC-ME Region, with experience managing regulatory interactions
  • Strong executive presence with the ability to engage and influence C-suite leaders and board members
  • Proven ability to lead cross-functional teams and drive enterprise-wide resilience initiatives
  • Excellent verbal and written communication skills, with experience presenting to regulators, auditors, and senior stakeholders
  • Ability to thrive in a high-pressure environment, managing crises and business disruptions with a structured and strategic approach
  • Expected to work with stakeholders from different time zone (Asia, NY, London, Paris)
Job Responsibility
Job Responsibility
  • Contribute to Group and Regional ICT risk management by monitoring and reporting ICT risk levels across local and regional information systems and processes
  • Prepare ICT risk reporting for management and governance bodies
  • Provide a local vision for ICT risk deliverables, reflecting regional IT environments and operational realities
  • Support alignment of ICT risks with business strategy and risk appetite
  • Perform and coordinate annual ICT risk assessments and IT Risk Self‑Assessments (IT Radar)
  • Ensure full coverage of all nine ICT risk domains
  • Monitor emerging ICT risks related to technology evolution, operational changes, suppliers, or incidents
  • Identify early indications of material risks or potential risk appetite breaches
  • Perform regulatory watch on ICT‑related regulations and supervisory expectations (e.g. MAS TRM, HKMA)
  • Analyse regulatory requirements and identify gaps against existing ICT risk practices
  • Fulltime
Read More
Arrow Right

Head of Information Security

The Head of Information Security is a senior technical leadership role. The role...
Location
Location
Poland , Kraków
Salary
Salary:
Not provided
content.perkinelmer.com Logo
PerkinElmer
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Engineering, or related field
  • 5+ years of experience in technical cybersecurity roles
  • Proven experience leading enterprise-scale security engineering and operations teams
Job Responsibility
Job Responsibility
  • Own the enterprise security architecture across network, endpoint, cloud, identity, and application domains
  • Define technical security standards, reference architectures, and engineering patterns
  • Lead the selection, deployment, and lifecycle management of security platforms and tooling
  • Embed security-by-design into infrastructure, cloud, and application initiatives
  • Lead Security Operations (SOC / SecOps), including detection, response, and operational resilience
  • Own vulnerability management, threat intelligence, and security telemetry
  • Drive continuous improvement in detection, automation, and response effectiveness
  • Lead the Cybersecurity Incident Response Team (CIRT)
  • Act as technical incident commander during major security incidents
  • Own investigation, containment, eradication, and recovery activities
What we offer
What we offer
  • Private healthcare including dental care
  • Life and long-term disability insurance
  • MyBenefit Cafeteria system
  • Multisport Card
  • Social Fund Subsidies
  • Home Office allowance
  • Tuition reimbursement
  • Referral awards
  • Internal career development opportunities in multiple business areas
  • Day off to celebrate your birthday
Read More
Arrow Right

Head of Information Security

This is a strategic leadership role which is responsible for leading the transfo...
Location
Location
United Kingdom , Milton Keynes or London
Salary
Salary:
Not provided
triarecruitment.com Logo
TRIA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant leadership experience in enterprise information and cyber security roles, ideally within complex or regulated environments
  • Proven success in leading strategic reviews and transformations of security toolsets, platforms, and operating models
  • Deep technical knowledge of security controls across hybrid cloud, infrastructure, endpoint, and user environments
  • Practical experience delivering cyber security best practices across network, infrastructure, BYOD, web, and cloud services
  • Strong working knowledge of governance and compliance frameworks including ISO 27001, NIST CSF, GDPR, and Cyber Essentials+
  • Demonstrable ability to communicate complex security concepts to non-technical audiences, including board-level stakeholders
Job Responsibility
Job Responsibility
  • Lead the transformation and modernisation of the cyber and information security capabilities
  • Shape and execute a security strategy that aligns with the companies' digital ambitions and evolving risk landscape
  • Lead a complete strategic review of the security landscape, including tools, processes, risk postures, and cultural readiness
  • Report to the board and advise on cyber risk, threats, and mitigation strategies
  • Translate security insights into executive-level communications, influencing investment and change roadmaps
  • Fulltime
Read More
Arrow Right

Head of IT

Metropolitan Gaming is about more than the games or the buzz of the venue. It’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in IT, Computer Science, or related field
  • 8–10 years of progressive IT leadership experience
  • 3–5 years in a senior IT management role
  • Experience in regulated or 24/7 operational environments
  • Experience of working with outsource service providers
  • Will be required to either hold or apply to be a PML holder
  • Collaborative, proactive, and customer-focused approach within a fast-paced environment
  • Excellent organisational, problem-solving, analytical, and critical thinking skills with the ability to prioritise and meet deadlines
Job Responsibility
Job Responsibility
  • Develop, communicate, and execute Metropolitan Gaming's technology strategy, ensuring alignment with the organisation's commercial objectives, operational priorities, and growth plans
  • Partner with Executive Leadership and business stakeholders to identify opportunities where technology can improve customer experience, operational efficiency, revenue generation, and regulatory compliance
  • Develop and manage the annual IT operating and capital expenditure budgets, ensuring effective allocation of resources and alignment with business priorities
  • Monitor and control IT expenditure, identifying opportunities for cost optimisation while maintaining service quality and operational resilience
  • Oversee all day-to-day IT operations across gaming venues, corporate offices, and remote locations
  • Ensure critical gaming systems operate within agreed operating levels, minimising downtime and business disruption
  • Establish and monitor service management processes, including Incident, Problem, Change, Configuration, and Asset Management
  • Oversee the management and support of casino gaming systems, gaming management platforms, electronic gaming machines, and related operational technologies
  • Support the implementation and optimisation of data analytics platforms to provide actionable business intelligence and customer insights
  • Develop and maintain a comprehensive cybersecurity strategy that protects business operations, customer information, financial assets, and gaming systems
What we offer
What we offer
  • Discounts and perks across travel, retail, hospitality and wellbeing
  • Company pension scheme and life insurance cover
  • Discount on Food and non-alcoholic beverages across all venues
  • Season ticket loan and cycle to work scheme
  • Refer a friend bonus reward
  • Fulltime
Read More
Arrow Right

Head of IT

We're looking for Head of IT to join our Binariks team. As Head of IT, you will ...
Location
Location
Ukraine , Lviv
Salary
Salary:
Not provided
binariks.com Logo
Binariks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT leadership, IT management, or senior system administration roles
  • Strong communication and organizational skills
  • Strong self-management and ability to prioritize and delegate tasks effectively
  • Hands-on experience with Windows, macOS, and Linux environments
  • Experience with monitoring and observability systems such as Zabbix, Wazuh and Grafana
  • Strong networking knowledge and experience with infrastructure vendors such as Fortinet and Aruba Networks
  • Experience supporting corporate users and office infrastructure
  • Experience working with IT vendors and procurement processes
  • Experience with MDM and endpoint management systems such as ManageEngine Endpoint Central
  • Experience with BitLocker, FileVault, endpoint protection, firewall management and backup systems
Job Responsibility
Job Responsibility
  • Develop and implement the IT strategy aligned with business and engineering needs
  • Define department goals, priorities, and technology roadmaps
  • Ensure high availability, reliability, and security of IT systems and services
  • Oversee office IT infrastructure, networks, end-user devices, cloud services, and internal systems
  • Maintain and improve IT processes, documentation, and operational standards
  • Plan and manage IT budgets, licenses, and technology investments
  • Manage system administrators, support engineers, and infrastructure specialists
  • Organize task planning, delegation, prioritization, and performance evaluation
  • Collaborate closely with engineering, HR, finance, legal, and business teams
  • Manage corporate IT infrastructure, including networking, monitoring, endpoint management, and office systems
What we offer
What we offer
  • 18 days of paid annual leave
  • 10 sick leaves
  • Additional days off for special occasions
  • Medical Care
  • Health check-up
  • Play Room
  • IT Cluster membership
  • Business Trip
  • Tech Talks
  • Training & Conferences
  • Fulltime
Read More
Arrow Right

Head of IT

We're seeking a dynamic Head of IT to join our team. As Head of IT, you will lea...
Location
Location
Ukraine , Lviv
Salary
Salary:
Not provided
binariks.com Logo
Binariks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in IT leadership, IT management, or senior system administration roles
  • Strong communication and organizational skills
  • Experience managing or mentoring technical teams
  • Strong self-management and ability to prioritize and delegate tasks effectively
  • Hands-on experience with Windows, macOS, and Linux environments
  • Experience with monitoring and observability systems such as: Zabbix
  • Wazuh
  • Grafana
  • Strong networking knowledge and experience with infrastructure vendors such as: Fortinet
  • Aruba Networks
Job Responsibility
Job Responsibility
  • IT Strategy & Operations: Develop and implement the IT strategy aligned with business and engineering needs
  • Define department goals, priorities, and technology roadmaps
  • Ensure high availability, reliability, and security of IT systems and services
  • Oversee office IT infrastructure, networks, end-user devices, cloud services, and internal systems
  • Maintain and improve IT processes, documentation, and operational standards
  • Plan and manage IT budgets, licenses, and technology investments
  • Team Leadership & Management: Lead, mentor, and develop the IT team
  • Manage system administrators, support engineers, and infrastructure specialists
  • Organize task planning, delegation, prioritization, and performance evaluation
  • Support team growth, motivation, and knowledge sharing
What we offer
What we offer
  • 18 days of paid annual leave
  • 10 sick leaves
  • Additional days off for special occasions
  • Medical Care
  • Health check-up
  • Play Room
  • IT Cluster membership
  • Business Trip
  • Tech Talks
  • Training & Conferences
  • Fulltime
Read More
Arrow Right

Head of Security Engineering

My client are looking for a senior security engineering leader to shape and scal...
Location
Location
Portugal , Lisbon
Salary
Salary:
100000.00 EUR / Year
signifytechnology.com Logo
Signify Technology
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years’ experience in security engineering or broader information security roles
  • Experience leading and developing technical security teams
  • Strong hands-on background in cloud security (AWS, Azure or GCP)
  • Solid understanding of identity and access management concepts and controls
  • Experience with detection, monitoring, or security operations tooling
  • Knowledge of modern infrastructure (containers, cloud-native environments)
  • Experience working closely with engineering and DevOps teams
  • Ability to design and implement scalable security solutions
  • Strong communication skills in English
Job Responsibility
Job Responsibility
  • Lead, mentor and grow a team of security engineers across multiple domains
  • Set priorities and drive delivery against a defined security engineering roadmap
  • Promote a culture of ownership, pragmatism, and continuous improvement
  • Partner with senior stakeholders to align security initiatives with business risk
  • Own and evolve the organisation’s security architecture and core tooling
  • Design secure, scalable solutions across cloud-native and hybrid environments
  • Evaluate and rationalise security technologies, ensuring effectiveness and simplicity
  • Contribute directly to technical problem-solving and key design decisions
  • Define and enforce security standards across cloud platforms and infrastructure
  • Support secure design of containerised and distributed systems
Read More
Arrow Right