Base pay range

Direct message the job poster from Prism Digital

Information Technology Security Manager | Zero Trust, Azure Security, ISO27001 | Global Payments Company

• Hybrid in London

Join a growing InfoSec team at a pivotal time for a global financial institution. This is a Security Manager role with governance oversight, guiding InfoSec operations, mentoring analysts, and translating security frameworks into practical, actionable steps. You’ll influence policy, architecture, and data governance, all while supporting the secure rollout of new banking operations.

What you’ll bring:

• 5+ years’ experience in InfoSec, IT Security, or operational security in a regulated environment
• Certifications: CISSP or SSCP (or equivalent) required
• Hands-on knowledge of ISO27001 and supporting an ISMS (audit experience useful but not central)
• Familiarity with security tools: Azure security, cloud IAM, Defender, web proxy, endpoint detection (CrowdStrike or equivalents)
• Understanding of zero trust networks, SSO, and network segregation principles
• Strong communicator: able to advise IT teams on practical security steps, not just theory
• Adaptability to a medium-sized, SME environment

What you’ll be doing:

• Security oversight: Guide InfoSec operations with practical, hands-on input on incidents and risk mitigation
• Data governance: Drive data protection, labelling, and retention projects using Microsoft Purview
• Third-party risk: Support supplier security assessments and guide analysts’ work (tools like Panorays)
• Cloud & architecture: Advise on Azure security, shared responsibility models, and zero trust principles
• ISO27001 support: Maintain ISMS controls and governance, assist with policy implementation
• Mentoring & guidance: Support analysts with technical and governance expertise, acting as deputy for Head of InfoSec when needed
• Project involvement: Key InfoSec input for new market expansion and business initiatives
• Microsoft Purview – Data governance and compliance
• Defender, web proxy, CrowdStrike-equivalent – Endpoint & email protection
• Panorays – Third-party risk
• Rapid7 / Armis – Vulnerability management and threat detection

Why this role?

• Hands-on, high-impact role in a dynamic SME environment
• Influence across security operations, governance, and data management
• Work alongside experienced InfoSec leadership in a culture that values mentoring, collaboration, and ethical practice

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Project Management, Analyst, and Management

Industries

• Financial Services and Banking