Job Details

Job ID
Job Title
Information Security Manager
Position Type
Business Brand
Multiple Brands
GW Technology Operations
About Us
About us
Established in 1880, PFG is one of the UK's leading suppliers of personal credit products to the non-standard lending market. We are a FTSE 250 company that provide a portfolio of credit products designed to meet the particular needs of those who are not well serviced by mainstream lenders.
About the Role

We are looking for an Information Security Manager to work in our Tech Operations department who will be responsible for an effective Information Security consultancy and risk management.

Key Responsibilities

  • Ensure our customers are at the heart of everything we do and our actions enhance our customer relationship
  • Coordinates and interacts with internal and external auditors
  • Responsible for the delivery of team objectives
  • Ensure work is delivered in line with SLAs and agreed targets
  • Ensure Information Security policies are in place, regularly reviewed and fit for purpose.
  • Monitor adherence to policy and raise exceptions to policy through an agreed policy with the correct sign off
  • Identify, assess and provide remediation plans for Information Security Risks.
  • Ensure Information Risks are raised and treated according to the risk management process, including raising these to senior management for acceptance, where applicable.
  • Collaborate with other members of the organisation to identify appropriate and effective information security controls ensure these are implemented.
  • Engage in projects to ensure that Information Security controls are built into any implementation or change.
  • Responsible for risk assessments and gap analysis exercises, while working collaboratively with various business units to implement the required remediation
  • Performs ISO27001 control reviews across the ISO control areas.
  • Prepares risk papers and assessment findings to ensure that adequate documentation exists to support the completed audit and conclusions
  • Performs information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.
  • Performs Due Diligence reviews on new and existing third parties, highlighting any risks to business areas.
  • Defines Security testing requirements in projects and BAU services. Interprets the results and puts into context while feeding back to key stakeholders in IT and the business
  • Helps define and manage Key Risk Indicators. Provides commentary to key stakeholders to ensure risk levels are fully understood.
  • Ensure our customers are at the heart of everything we do and our actions enhance our customer relationship

Skills and Experience
  • Recent experience of working in an FCA regulated business
  • Analytical thinking who is able to interpret MI/BI and use it for sound decision making
  • Excellent communication skills (written and verbal) with the ability to influence, negotiate and constructively challenge at all levels
  • Ability to operate independently and objectively
  • Understanding of corporate governance frameworks
  • PC Literacy to include middle management level MS Office Word, Excel, Power Point
  • Proven ability to effectively plan and organise work effectively and prioritise deadlines whilst working at a fast pace
  • Previous experience as an Information Security Analyst, Consultant or Manager who has worked an in Information Security team within financial services.
This should include;
  • Conducting third party information security reviews
  • Following and championing risk management processes
  • Providing requirements and consultancy to projects
  • Conducting controls assessments against known frameworks
  • Understand the requirements of an FCA regulated business
  • Working knowledge of ISO27001 and ISO27005



At least one from :
  • CISM
  • CISA
Additional requirements:

Experience of IDAM

The Benefits
The satisfaction of working for a successful and ethical business who are here to help people is a big benefit of joining us, but it is not the only one. We will invest in your development, giving you the support and training to become better and better at your job. We take the work/life balance seriously, with plenty of flexible working options. Working in a bright and refreshingly relaxed environment, you will find your opinions are valued and listened to.

We offer an attractive, competitive salary and benefits package for everyone including:
  • Competitive base salary and rewards
  • Discretionary bonus scheme
  • 25 days holiday entitlement (could increase with Length of service)
  • Pension Scheme
  • Extensive opportunities for personal and career development
  • Flexible and dynamic working policies

Inclusion & Diversity Statement
We know that by having a better, more inclusive culture and a diverse group of colleagues, we can support our customers and each other in the best way possible. We also believe this goes a long way to helping us live our purpose and defines why we are here in the first place: to help put people on a path to a better everyday life.

We are an equal opportunities employer and we want people to join us no matter how they identify, their sexual orientation, marital or civil partner status, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.

We want to attract and retain the best people. So, we make sure that, if people need it, they are given all the extra support and reasonable adjustments to take part in any part of our application or interview process. We have also got lots of colleagues who choose to work flexibly, so please feel free to talk to us about how you prefer to work at any time.

We think that if you can Be Yourself in the workplace, you will do your best work and enjoy being part of the team and as a business we get to benefit from that and to celebrate all the wonderful things that diversity brings.