Information Security Risk Management Lead

🔒 Confidential Employer
Posted 21 March 2026
LOCATION
London
TYPE
Full-time
LEVEL
Mid-Senior level
SALARY
£135,000 / year
CATEGORY
Technology
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

Information Security Governance Risk Management Operational Risk Management Cyber Resilience Cloud Security Incident Response NIST CSF ISO 27001

FULL DESCRIPTION

Information Security Risk Management Lead

London – Hybrid working – 2 Days a week onsite

£100,000 - £135,000 Plus bonus and benefits

Job description

As the Information Security Risk Management Lead, you’ll be a pivotal part of the Risk Management team. You will lead the implementation of Enterprise and Operational Risk Management frameworks designed to identify, measure, monitor, and mitigate information security risks effectively. Acting as a trusted advisor and a critical "second set of eyes", you will provide a credible review and challenge the effectiveness of information security processes and controls across the organisation. This role offers an opportunity to lead and influence critical security risk strategies within a global organisation. You’ll play a vital role in shaping and safeguarding the organisation's security risk posture in an ever-evolving threat landscape.

What We’re Looking For

Experience & Expertise

  • 10 years’ experience in information security governance, operations, and risk management.
  • Expertise in global, high-volume, and highly regulated transaction services environments with a continuous availability mandate.
  • Proven track record of developing and managing Operational Risk Management frameworks in line with Basel and industry best practices.
  • Strong leadership capabilities within matrixed organisations, particularly in dynamic environments.
  • Knowledge of evolving and emerging information security domains such as Cyber Resilience, Cloud Security, Threat Management, Incident Response, and more.
  • Familiarity with policy frameworks and hands-on exposure to frameworks like NIST CSF, ISO 27001, and others.

Educational & Professional Qualifications

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Management, or a related field.
  • Certifications such as CISSP, CISM, CISA, CRISC preferred.
  • Proficiency in MS PowerPoint and Excel; familiarity with broader MS Office tools like Visio and Project is a plus.
  • Knowledge of enterprise GRC tools like Archer is an advantage.

If you are interested and looking or your next role, please apply with a copy of your CV or email – [contact hidden] for more information!

Sign up free — access 45,000+ UK sponsor-licensed jobs