Group Information Security Lead
On site
Edinburgh, United Kingdom
Full Time
03-03-2025
Job Specifications
We are looking for an exceptional and proven Information Security Lead, reporting to the Group Head of Information Security. You will be responsible for the group security GRC services, supporting with information security management and oversight and contributing in the delivery of the Group Cyber & Information Security Strategy. You will have proven technical Information Security subject matter expertise, knowledge of the cybersecurity landscape, knowledge and experience following a variety of industry recognised information security frameworks, experience in interpreting and implementing client and regulatory requirements, coupled with an ability to communicate risk effectively to stakeholders of all levels. You will consult and challenge through a risk lens. You will have prior experience in a complex and evolving environment in regulated financial services across different regions and jurisdictions. Specific Role Responsibilities
Responsible for managing group supply chain security.
Manage security due diligence and assurance of company suppliers.
Identify and track supplier non-compliances to company standards.
Work with procurement and the supplier internal owner to manage and coordinate supplier remediation of non-compliances.
Lead in the management of supply chain Information & Cyber Security risk.
Manage supplier security profiles.
Contribute to and deliver the group supply chain security strategy.
Line manage a group information security team.
Manage centralised global services in support of in-region security teams.
Create new and develop existing controls, services and processes.
Support in the creation and delivery of service security reporting and MI.
Support in the development and delivery of consistent global services that enable delivery of the business goals.
Primary requirements
Strong Information Security experience.
Line management experience.
Good knowledge of the practical implementation of information security and risk frameworks such as NIST CSF, ISO27001, NIST 800-53 and COBIT.
Good knowledge of auditing frameworks such as ISAE3402 and SOC2.
Experienced in managing security risk.
Experience performing supply chain security due diligence and assurance.
Proven ability to manage internal stakeholders through a journey of improving information security maturity.
Good ability to communicate information security and risk concepts to stakeholders at all levels.
Professional Information Security qualifications such as CISSP, CISM, CISA, CRISC.
About FNZ Culture
Our culture is what drives us. It's at the heart of who we are and everything we do. It's what inspires, excites and moves us forward. Our ambition is to create a culture for growth, one that opens up limitless opportunities for our employees, customers and the wider world. At FNZ we know that great impact is only possible with great teamwork. That's why we value the strength and diversity of thought in our global team. The FNZ Way is the cornerstone of what we do. It is comprised of four values that set the standard for how everyone at FNZ interacts with each other, with our customers, and with all our diverse stakeholders around the world. Customer obsessed for the long-term Think big and make an impact Act now and own it all the way Challenge, commit and win together Read more about The FNZ Way and our values: www.fnz.com/culture Opportunities
Right from day one, you will work alongside exceptional, multicultural teams - experts in their respective fields - who will inspire and challenge you to make your greatest impact.
Be part of a highly successful, rapidly growing, global business that is leading the delivery of financial services via cloud computing and partners with some of the world's largest companies;
Working in a flexible and agile way that meets the needs of the business and personal circumstances;
Remuneration, significant financial rewards and career advancement is based on individual contribution and business impact rather than tenure or seniority;
We provide global career opportunities for our best employees at any of our offices in the UK, EU, US, Canada, South Africa and APAC.
Commitment to Equal Opportunities At FNZ, we recognise that diversity, equity and inclusion are important factors contributing to our success. We embrace the unique perspective and capabilities of our current and future employees, which will help us continue to drive innovation and achieve our business goals. Recruitment decisions at FNZ are made in a non-discriminatory manner without regard to gender, ethnicity/race, faith, age, nationality, gender identity, sexual orientation, marital status, socio-economic background, disability or military veteran status where all applicants and employees are valued and respected. In addition, we want to ensure accessibility needs are well supported, if you require specific support please advise us. About FNZ FNZ is committed to opening up wealth so that everyone, everywhere can invest in their future on their terms. We know the foundation to do that already exists in the wealth management industry, but complexity holds firms back. We created wealth's growth platform to help. We provide a global, end-to-end wealth management platform that integrates modern technology with business and investment operations. All in a regulated financial institution. We partner with over 650 financial institutions and 12,000 wealth managers, with US$1.5 trillion in assets under administration (AUA). Together with our customers, we help over 20 million people from all wealth segments to invest in their future.
About the Company
s1jobs is one of the leading recruitment brands under the Newsquest Media Group Ltd, dedicated to connecting talented candidates with employers across Scotland. Based in Glasgow, Scotland, since 2001, we have evolved alongside the ever-changing job market. With over 20 years of experience in Scottish recruitment, s1jobs continues to help recruiters and jobseekers at every stage of their hiring or career journey. Know more
Related Jobs
- Company Name
- Ekco
- Job Title
- Network Security Engineer
- Job Description
- About Ekco Founded in 2016 Ekco is now one of the fastest growing cloud solution providers in Europe! We specialise in enabling companies to progress along the path of cloud maturity, managing transformation and driving better outcomes from our clients’ existing technology investments. In a few words, we take businesses to the cloud and back! We have over 1000 highly talented and supportive colleagues (and counting) across a number of regional offices in the UK, Benelux, South Africa, Malaysia & Ireland. The role We are looking for a Network Security Engineer to design and implement secure network architectures, including firewalls, VPNs, IDS/IPS, and other security measures. The ideal candidate will monitor and analyze network traffic to identify vulnerabilities and potential threats while conducting regular security assessments, penetration testing, and vulnerability scans. This role involves implementing and maintaining security policies, procedures, and best practices to ensure compliance with industry standards such as NIST, ISO 27001, and PCI-DSS. Additionally, you will investigate and respond to security incidents, perform root cause analysis, and develop mitigation strategies. Key Responsibilities Design and implement secure network architectures, including firewalls, VPNs, IDS/IPS, and other security measures. Monitor and analyze network traffic to identify vulnerabilities and potential security threats. Conduct regular security assessments, penetration testing, and vulnerability scans. Implement and maintain security policies, procedures, and best practices to ensure compliance with industry standards (e.g., NIST, ISO 27001, PCI-DSS). Investigate and respond to security incidents, including root cause analysis and mitigation strategies. Work closely with clients, customers, and internal teams to ensure secure configurations and deployment of network devices. Keep up to date with emerging security threats, trends, and technologies. Key Requirements Established Network Engineer with 5+ years’ experience operating at CCNP level (or other vendor equivalent)Strong knowledge of firewalls, VPNs, IDS/IPS, and endpoint security solutions. Experience with security tools such as SIEM, vulnerability scanners, and penetration testing frameworks. Familiarity with network protocols (TCP/IP, DNS, HTTP/S, SSL/TLS, etc.). Understanding of encryption technologies and authentication mechanisms. Knowledge of compliance and regulatory requirements such as GDPR, HIPAA, and SOX. Industry certifications such as CISSP, CEH, CCNP Security, or CISM are preferred. Excellent problem-solving skills and attention to detail. Strong communication skills and ability to work in a collaborative team environment. Cloud networking knowledge – Azure/AWS Zscaler knowledge implementation and support Netscaler knowledge implementation and support. Wi-Fi experience deployment and support (Meraki, Aruba, Forti). Highly experienced in Firewall management, configuration, and implementation. Multiple firewall vendor experience required in at least three of the following: Palo Alto, Cisco TFD/ASA, FortiGate, and Checkpoint, Cloud Firewalls. Experience with Zero Trust security models and modern security frameworks. Benefits/Perks Time off - 25 days leave + public holidays x1 day Birthday leave per year Company Pension Scheme (employer contribution 5%) + flexible salary sacrifice Employee Assistance Programme (EAP) - access to dedicated mental health, emotional wellbeing and general advice EkcOlympics - a global activity for fun! Learning & development - Unlimited access to Pluralsight learning platform A lot of responsibilities & opportunities to grow (also internationally) Why Ekco Microsoft’s 2023 Rising Star Security Partner of the year VMware & Veeam top partner status Ranked as 4th fastest growing technology company in the Deloitte Fast50 Awards Ekco are committed to cultivating an environment that promotes diversity, equality, inclusion and belonging We recognise the value of internal mobility and encourage opportunities for internal development & progression Flexible working with a family friendly focus are at the core of our company values
- Company Name
- Coforge U.K. Ltd
- Job Title
- Cyber Security Specialist
- Job Description
- Title: Cyber Security SME Experience: 6-10 Years Skills: Cybersecurity Risks, Controls, and Threats Location: Milton Keynes We at Coforge are hiring Cyber Security SME with cybersecurity risks, controls, and threats in Milton Keynes. Kindly find below the Job description for your reference. High level: Providing Cyber SME input to Third Party Risk Management and Procurement Managing third-party Cyber Assessments and action plans Supporting the end-to-end third-party onboarding processes Managing initiatives to strengthen security controls across third parties Managing IT Security Schedules with Third Parties Need someone with: A good understanding of cybersecurity risks, controls, and threats within the financial services industry and environment. Proven track record of managing third-party risk. Experience of risk management methodologies and best practices. Excellent stakeholder engagement and communication skills with the ability to convey information to colleagues across all teams and levels, up to the Executive Committee. Working knowledge of industry standards and practices such as ISO 270001, NIST, and Cyber Essentials Professional qualifications such as CISA, CISM, CISSP, or equivalent An understanding of project management, particularly where work is with multiple stakeholders across different teams Coforge is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law.
- Company Name
- Subsea7
- Job Title
- IT Security Engineer
- Job Description
- Subsea7 is seeking an IT Security Engineer to join our team on an initial 12-month contract in our Westhill, Aberdeen office. The Security Specialist role will be responsible for supporting the delivery of a range of cyber security improvements at Subsea7. Working alongside the Subsea7 IT Security team the successful candidate will bring a strong technical background with a sound understanding of cybersecurity. The Security Specialist will be help implement a range of projects affecting our security tooling including CrowdStrike, Delinea Secret Server and SecureWorks Taegis. This will require someone who can communicate with a range of technical and non-technical stakeholders to deliver these improvements. As new threats emerge our Cyber Security tooling needs to adapt to meet these threats. The Security Specialist will play a key role in modernising our existing tools to ensure that it prevents cyber incidents from occurring and ensures it meets the needs of the wider organisation. What will you be doing? Working with the IT Security team to help improve the functionality of our security solutions. Support the implementation of the CrowdStrike Identity module, ensuring that it integrates into our IT tooling. Provide an ongoing review of our Endpoint Detection and Response tooling, ensuring that it meets best practice and provides best coverage for the organisation. Support ongoing efforts to improve our Identity security policies both within Active Directory and EntraID. Support the modernisation of our Privileged Access Management solution. Working with the IT Security team to develop and maintain security policies and procedures across our tools and wider business processes. Provide support during any major cyber security incidents. To take part in post incident reviews and propose engineering resolution to improve results in any future recurrence Identify security risks and provide recommendations for mitigation. Support in any production issues and incidents and participate in the problem and change management forums Stay up to date with the latest threats and vulnerabilities that concern Subsea7 and make recommendations for remediation What do we want you to have? Experience in a Cyber Security role. Deep understanding of cyber security principles, frameworks and best practices as they apply to IT environments. Proven experience with CrowdStrike, Delinea Secret Server, Keeper, SecureWorks Taegis Proven experience within a Windows Server environment. Scripting knowledge with PowerShell. Understanding of the NIST cybersecurity Framework, ISO27001, GDPR Operates with the highest level of confidentiality Clear communicator who can present to both technical and non-technical audiences Good understanding of IT Infrastructure & applications with knowledge of industry standards and current technology trends.
- Company Name
- Palo Alto Networks
- Job Title
- Manager, Network Security Customer Success Engineering
- Job Description
- Our Mission At Palo Alto Networks® everything starts and ends with our mission: Being the cybersecurity partner of choice, protecting our digital way of life. Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are. Who We Are We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included. As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few! At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work full time from our office with flexibility offered where needed. This setup fosters casual conversations, problem-solving, and trusted relationships. Our goal is to create an environment where we all win with precision. Job Description Your Career We are looking for a Manager for our Customer Success Engineering team. You will be responsible for managing a team of Customer Success Engineers (CSE) who enable customer success with our award-winning SASE portfolio. In this high growth business, scaling, optimization, dynamic spirit, and sustained performance are the essentials. As the CSE Manager, you will drive the team to in-depth knowledge of the indicators of success, utilizing data and your analytical aptitudes to guide changes, updates, and improvements. In this role, you will also work closely with the customer CISOs, security architects, security engineers, and development operations teams within mid-to-large enterprises, so you'll need to feel confident presenting implementation plans to all ranges of technical ability. Reporting to the EMEAL Sr Manager, Customer Success for the SASE business, in this role you will lead a team of high performance Customer Success Engineers, distributed across EMEA and LATAM. Your Impact Customer escalation management, triage, prioritize issues, negotiate customer priorities, and manage expectations Develop strong relationships with our sales team, customers, partners and internal teams (TAC, Product Management, Engineering) Build and lead a team of Customer Success Engineers Drive performance metrics - CSAT, renewal rate, upsell/cross-sell identification, reference-ability, adoption, consumption, and customer engagement Ensure customers are maximizing their return on investment by implementing and operationalizing Palo Alto Networks solutions to achieve their objectives Assist customers in implementing custom integrations and workflows into their SOC Directly support customer requests, coordinate, and prioritize timely resolutions Develop a comprehensive understanding of business challenges faced by customers and common objectives to appropriately map features and associated business benefits to address their needs Serve as a customer advocate in influencing product roadmap and improvements Ensure that engineers have the resources and processes necessary to confirm success and sustained performance through release cycles Deliver guidance and direction to the team supporting goals and objectives, maximize engineer opportunity to exceed targets Directly provide appropriate technical and soft skills training along with mentoring Ensure that consistent and standard onboarding training programs are used and delivered effectively Set team and individual goals in-line with overall organizational goals Qualifications Your Experience 10+ years of experience in Customer Success Engineering, Services Delivery, Professional Services, or Consulting 1+ years of experience in people management role Strong consulting and project management skills, with shown results working as a trusted advisor to drive business value for customers, including the ability to work well with client teams at different levels of technical and non-technical depth Technical experience in networking or cyber security Industries Public cloud experience is a plus Consistent success working with customer escalations - assessing and communicating customer expectations and negotiating resolutions Flexibility for travel up to 30% Additional Information The Team Our Customer Success team is critical to our success and mission. As part of this team, you enable customer success by providing support to clients after they have purchased our products. Our dedication to our customers doesn’t stop once they sign – it evolves. As threats and technology change, we stay in step to accomplish our mission. You’ll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised – in fact, you’ll seek them out to ensure our clients are safely supported. We fix and identify technical problems, with a pointed focus of providing the best customer support in the industry. Our Commitment We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com. Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics. All your information will be kept confidential according to EEO guidelines. Our Commitment We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish o...