Information Security GRC Manager

Job Description

We’re recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting information security risks across Technology Services and the wider business.

You’ll work closely with stakeholders to ensure appropriate controls, policies, and procedures are in place, aligned to industry best practice and regulatory requirements. You’ll also support internal and external audits, as well as due diligence activities with partners and suppliers.

Key responsibilities

• Develop and maintain information security policies aligned to recognised frameworks (e.g. ISO27001/2)
• Manage and report on policy exceptions
• Produce management reporting on information security and change programmes
• Partner with business and technology teams to track remediation of risks and issues
• Support the assessment of third-party security posture
• Undertake risk profiling of information and technology assets
• Support audit activity and supplier due diligence processes
• Ensure all activities support customer protection and regulatory requirements, including Consumer Duty

Technical skills

• Strong knowledge of information security risk management tools and techniques
• Experience with security frameworks and standards
• Understanding of the threat landscape
• Awareness of security technologies (e.g. SIEM, endpoint protection, email/web gateways)
• Knowledge of IT General Controls frameworks
• Awareness of operational risk and RCSA processes

Skills and experience

• Experience working within frameworks such as ISO27001, NIST or similar
• Ideally 5+ years’ experience in an information security role within financial services
• Strong attention to detail and ownership of tasks
• Confident challenging approaches to improve security outcomes
• Self-motivated, organised, and able to work independently
• Strong communication skills
• Ability to manage multiple priorities in a fast-paced environment
• CISM certification (achieved or in progress) preferred

About AJ Bell

AJ Bell is one of the UK’s fastest-growing investment platform businesses, providing award-winning solutions for everyone, from professional financial advisers to first-time investors.

Today, over 644,000 customers trust us to manage more than £103.3 billion of assets. By continually striving to make investing simpler and more accessible, we’re helping more people take control of their financial futures.

We’re proud to be recognised as one of the UK’s Best 100 Companies to Work For for six consecutive years, and a Great Place to Work® in 2025 and 2026 a reflection of our supportive and collaborative culture.

What we offer

• 27 days holiday, increasing with service + buy/sell scheme + bank holidays
• 8% Pension with matched contributions
• Discretionary bonus scheme
• Share schemes (including free shares and BAYE)
• Health Cash Plan and discounted private healthcare
• Free onsite gym
• Enhanced family leave (subject to qualifying criteria)
• Travel and bike loan schemes
• Employee Assistance Programme

Life at AJ Bell

• Regular social events including summer and Christmas parties
• Learning and development opportunities tailored to you
• Casual dress code
• Friendly, supportive team environment

Our ways of working

We offer hybrid working, with a minimum of 50% of your working time per month spent in the office.

For new starters, there’s an initial period of full-time office working to help you settle in and build relationships.

Inclusion & diversity

We’re committed to creating an inclusive environment where everyone feels respected and able to be themselves at work.

We welcome applications from all backgrounds and make hiring decisions based on skills, experience and potential.