Policy Expert – Information Security Manager

Are you ready to transform the insurance industry?

Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience.

Having achieved rapid growth since being founded in 2011, we’ve won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK’s No.1-rated home insurer by Review Centre since 2013.

The Information Security Manager will ensure Policy Expert maintains a consistent, robust, and proactive approach to cyber and information security across the group. You will drive alignment and execution of cyber and security initiatives in line with the group security roadmap, ensuring demonstrable improvement in our NIST maturity score and alignment with the Govern and Protect pillars. The role safeguards our operational resilience and investor confidence through strong governance, preparedness, and continual improvement.

Your day to day:

• Lead orchestration and prioritisation of group-wide cyber initiatives in line with the cyber security roadmap.
• Maintain and evidence effective governance through development of up-to-date policies, procedures, and controls. Oversee regular testing and validation, driving continuous improvement based on outcomes.
• Perform Third Party risk assessments and continued procedure development.
• Collaboration and partnering with the Group Head of IT (infrastructure and networking), DevSecOps (cloud and application security), Risk & Compliance, Trinity and other business areas to align on priorities and outcomes.
• Work with the Virtual CISO for strategic guidance, benchmarking and mentorship on broader cybersecurity strategy.
• Maintain the Cyber Security Risk register within Decision Focus – ensuring risks are suitably captured, documented, triaged and recommendations with options are presented to business decision makers. Maintain key performance indicators to measure the success of the cyber security programme.
• The role is a core member of the Cyber Security Incident Response Team (CSIRT) and is expected to form part of a sustainable on‑call rota for Cyber Incident Response.

Who are you:

The Information Security Manager will exemplify curiosity, accountability, be calm under pressure, fostering trust and engagement across technical and non‑technical teams.

We care about people

• Builds trusted relationships by listening, empathising, and supporting colleagues in addressing security challenges.
• Promotes awareness and confidence through clear, respectful communication on risk and compliance.

We work as a team

• Collaborates across IT, DevSecOps, and business functions including Trinity to embed a shared security culture.
• Actively supports others’ success by sharing knowledge and best practice.

We get things done

• Acts with ownership and urgency to close vulnerabilities and deliver measurable security improvements.
• Prioritises effectively, balancing business needs with risk mitigation for proportionate protection.

We act with expertise

• Applies deep knowledge of frameworks (NIST, NCSC) and industry best practice to make informed, pragmatic decisions.
• Continuously develops professional skills and mentors others in secure practices.

We stick to our principles

• Upholds confidentiality, integrity and ethical behaviour in every decision.
• Maintains transparency and accountability, even when facing complex or high‑pressure situations.

This role will be based in our London office in a 50/50 Hybrid mode.

We match your pension contributions up to 7%

Learning budget of £1,000 a year + Study leave (with encouragement to use it)

Enhanced maternity & paternity

Travel season ticket loan

️ Access to a wide selection of London O2 events and use of a Private Lounge

What We Stand for and Next Steps

We pride ourselves on being an equal opportunity employer. We treat all applications equally and recruit based solely on an individual’s skills, knowledge, and experience. The quality and growing diversity of our team is a testament to this commitment.

At Policy Expert, we are committed to fostering an inclusive and supportive environment for all candidates. If you require any reasonable adjustments during the interview process to accommodate your needs, please do not hesitate to let us know. We are dedicated to ensuring every candidate has an equal opportunity to succeed and will work with you to provide the necessary support.

We aim to be in touch within 14 working days of your application – you will be notified if successful or unsuccessful. Please be encouraged to apply even if you do not meet all the requirements.

Interested in building your career at Policy Expert? Get future opportunities sent straight to your email.