Information Security GRC Manager

Job Description

Information Security GRC Manager

We’re recruiting an Information Security GRC Manager to support the Senior Manager and Chief Information Security Officer in managing and reporting information security risks across Technology Services and the wider business.

You’ll work closely with stakeholders to ensure appropriate controls, policies, and procedures are in place, aligned to industry best practice and regulatory requirements. You’ll also support internal and external audits, as well as due diligence activities with partners and suppliers.

Key responsibilities

• Develop and maintain information security policies aligned to recognised frameworks (e.g. ISO27001/2)
• Manage and report on policy exceptions
• Produce management reporting on information security and change programmes
• Partner with business and technology teams to track remediation of risks and issues
• Support the assessment of third-party security posture
• Undertake risk profiling of information and technology assets
• Support audit activity and supplier due diligence processes
• Ensure all activities support customer protection and regulatory requirements, including Consumer Duty

Technical skills

• Strong knowledge of information security risk management tools and techniques
• Experience with security frameworks and standards
• Understanding of the threat landscape
• Awareness of security technologies (e.g. SIEM, endpoint protection, email/web gateways)
• Knowledge of IT General Controls frameworks
• Awareness of operational risk and RCSA processes

Skills and experience

• Experience working within frameworks such as ISO27001, NIST or similar
• Ideally 5+ years’ experience in an information security role within financial services
• Strong attention to detail and ownership of tasks
• Confident challenging approaches to improve security outcomes
• Self-motivated, organised, and able to work independently
• Strong communication skills
• Ability to manage multiple priorities in a fast-paced environment
• CISM certification (achieved or in progress) preferred

About us

AJ Bell is one of the UK’s fastest-growing investment platforms, serving over 644,000 customers and managing £103.3 billion in assets. Our award-winning platform supports everyone from financial advisers to first-time investors, making it easier to take control of their financial future.

With over 1,500 employees across Manchester, London, and Bristol, we’re a FTSE 250 company and have been recognised as one of the UK’s Best 100 Companies to Work For for six consecutive years, as well as a Great Place to Work® in 2025 and 2026.

What we offer

• Competitive salary
• 27 days’ holiday (rising to 31) + buy/sell scheme
• Pension with matched contributions up to 8%
• Discretionary bonus and annual share awards
• Health cash plan and discounted private healthcare
• Free gym and wellbeing support
• Enhanced family leave and sick pay
• Season ticket loans and bike scheme
• Regular social events and volunteering opportunities
• Personal development programmes tailored to your career goals

Hybrid working

We offer a hybrid model with 50% office-based working each month. New joiners will spend an initial period in the office to support onboarding and relationship building.

AJ Bell is committed to creating an inclusive environment where everyone can thrive. All hiring decisions are based on merit, skills, and business need.

If this sounds like the right opportunity for you, we’d love to hear from you.