Information Security Manager 

FD Technologies plc is a global leader in consulting, business services and technology. We are the home for diverse thinkers and innovators. We know that our people are vital to our success and we are proud of the diverse and vibrant team we have built across the globe. We are committed to hiring top talent, creating an environment where they can thrive, and recognizing and rewarding their dedication as they progress within the company.

 

Reporting to the CISO, the Information Security Manager’s primary objective will be to manage and support the delivery of the Information and Cybersecurity Roadmap, to highlight and address risks throughout the Group and ensure the safety of the organisation and its staff. The candidate will have strong knowledge across all security domains and will deputise the management of the Information Security Team under oversight from the CISO.

 

Additional responsibilities include participating in the creation and maintenance of policies, standards, and procedures, as well as organising and overseeing security audits and assessments.

 

Responsibilities:

 

Technical 

  • Work with the CISO to develop & implement security standards, processes, procedures, and guidelines for the Group
  • Move FD Technologies towards attaining ISO 27001 certification & assist with other certifications such as CyberEssentials+ and SOC-2
  • Handle security incidents as and when they arise, ensuring the response is robust, thorough, and underlying issues are addressed so that the security posture of the group becomes increasingly resilient over time
  • Monitor and assess ongoing threats and ensure the group is well-positioned to meet them
  • Work on an ongoing basis with key stakeholders, keeping them fully informed and giving them all the information that they need to make good judgements on security-related matters
  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems, and services
  • Provide leadership and management of supplier and third-party compliance audits
  • Develop and enhance an information security management framework
  • Ensure that IT security is implemented, maintained, and tested, for the perimeter and back-office systems

MANAGEMENT

  • Assist in the leadership, growth, and maturity of cyber security with an agenda of continual improvement
  • Ensure business practices and policies are vetted from a security and compliance perspective
  • Be aware of current best practice, cyber security advances and contribute to the IT elements of the company
  • To have a good knowledge of all regulations and frameworks affecting the company – such as GDPR, DPA 2018, CyberEssentials, SOC-2 etc.
  • Communicate technical content in business language with senior management
  • Deputise the management of the Information Security team, and assist in hiring and evaluation
  • To maintain a schedule of work and delegate operational tasks to team members to facilitate smooth and effective service operation
  • Deputise for the CISO as required & authorised
  • Manage the delivery of projects from conception through to delivery
  • To produce reports as required and directed for the CISO
  • Manage and maintain any contractual obligations committed to by the group
  • Ensure all service requests comply with contractual and legal obligations
  • Ensure that the group operates according to lawful and ethical standards set out by the company
  • Develop and maintain staff training and development plans
  • Assist in the specification and recruitment of new / replacement team members
  • To provide and maintain a secure IT working environment

 

Criteria:

  • 5-10 years’ experience in an IT security role, with some managerial experience.
  • Experience with project management, including delivering of ISO 27001 and/or SOC-2 audits.
  • Experience with frameworks such as ISO 27001/2, SOC 1/2, NIST, or COBIT.
  • At least one security-focused industry certification such as CISSP, CISM, SSCP or CISA certifications.
  • Experience of developing and implementing information security policies and procedures.
  • Knowledge and understanding of security technologies and methods including OS hardening, Data Loss Protection, Networking, Endpoint Protection, Zero Trust, MFA/SSO, Web Content filters, Intrusion Prevention/Detection (IPS/IDS), pentesting remediation, InTune/Office 365 security & Cloud security.
  • Excellent written and verbal communication including the ability to exchange information, present ideas, and to report facts (both verbally and in writing) clearly and concisely
  • Strong documentation skills in assessing IT security processes and controls.

Location:

This role will be based in London

Working for FD:

At FD, you will embark upon a career with life-long learning at its core, facilitating rapid professional and personal development and the opportunity to design your own path. We support a variety of external training courses and accreditations and are truly passionate about our Mentor Program, through which our senior colleagues generously set aside personal time to coach and support others in their career progression.
We are delighted to have several active internal networks, social committees, and charity initiatives, designed with the intention of meeting the holistic needs of our employees and giving back to our communities.

Our employees are rewarded with numerous benefits as part of their employment, including:

  • Competitive Salary
  • Extensive Health Care Package
  • Pension plan
  • Employee Assistance Programme
  • Annual leave increasing with service
  • Group Life Protection Benefit
  • Training opportunities
  • FD Internal Network and Sports & Social Calendar
  • Hybrid Working options

 

Who are we?

FD Technologies plc (FD) is a leading software and services company, with world-leading intellectual property in ultra-high-performance analytics (KX) across industries, and extensive domain expertise and capabilities in capital markets systems and technology (managed services and consulting).

KX

KX technology is designed to capture and analyze data to make real-time decisions in a world where data volumes generated by markets and machines are increasing exponentially, and existing technologies fail due to technological or commercial limitations.
KX is widely adopted throughout the financial industry and is poised for accelerated growth across high-tech manufacturing, automotive, oil and gas, utilities, and telecommunications.

First Derivative

First Derivative provides a range of managed services and consulting worldwide to its clients in the capital markets sector, including many of the world’s leading banks, focused on supporting mission-critical systems as well as helping them to achieve and maintain regulatory compliance.

If you meet these requirements and would like to apply for this role.