Information Security Officer

Cameron Kennedy
London
4 days ago
Create job alert

Information Security Officer - Banking

London

Permanent


MUST HAVE PREVIOUS BANKING EXPERIENCE TO BE CONSIDERED


Job purpose

The Information Security Officer works within the Information Security Office of the Bank to ensure all information and cyber risks are identified, analysed, mitigated, and monitored, ensuring the smooth operation of the Bank. Where improvements are needed, the ISO will contribute to the Information/Cyber Security Strategy and Roadmap, enabling both defence-in-depth and, where appropriate, defence-in- breadth to safeguard normal banking operations.

The ISO will collaborate closely with Security Engineering, Security Operations, and Business Resilience Teams across the bank

The ISO addresses external attacks, mitigates zero-day vulnerabilities, and identifies security operating flaws. It ensures that Executive Management's risk targets are met and contributes to the continual improvement of the Bank's Cyber Assurance Framework, enhancing the control measures that defend the Bank.


Key Responsibilities

  • Collaborate with Information SecurityEngineering and Operations Teams to integrate security measures into business processes.
  • Advise business units on security-related issuesand initiatives.
  • Oversee Second Line projectactivities to evaluateinformation security risksfor new projects, products, systems, and other significant changes within the bank.
  • Supervise the resolution of risks and issues identified during audits or external assessments.
  • Develop, review, and maintaininformation security governance documents, including policies, standards, frameworks, and procedures.
  • Create and deliver Information/Cyber Security Awareness training, educating NBKI staff on best practices.
  • Maintain comprehensive records and documentation of ISO activities.
  • Provide regular updates and reports to the Information Security Management System (ISMS) governance committee.
  • Manage internal and externalinformation security requirements, liaising with relevant parties.
  • Support the ISO in annual budgetingand planning.
  • Participate in Cyber IncidentResponse as part of the ISO Team.
  • Coordinate with vendors to evaluate new technologies and lead Proof of Conceptevaluations as needed.

Evaluate, recommend, and implement cloud security controlsin line with emerging technologies and practices across group entities.


Qualifications,Experience

Essential

  • Experience in Information Assurance and/or working withina highly regulatedUK sector for at least five years.
  • Relevant Information Security qualification (degree, CISSP, or CISM) obtainedor in progress.
  • Strong technical acumen with broad knowledgeacross Information/Cyber Security, Software Development, and IT systems.
  • Working knowledge of NIST CSF.
  • Willingness to learn and expand skillsin both Information Security and Financial Services.
  • Ability to work autonomously and flexibly withina team, contributing to an improved Bank security posture.
  • Analytical skillsto interpret data and provideinsights into threatsfacing the bank.
  • Awareness of common Cyber Incidents and Security breaches(OWASP).

Desirable

  • Knowledge or experience in SOC2, ISO 27K, PCI DSS and GDPR.
  • Previous experience working withinan organisations Cyber Incident Responsefunction.

Hands on experience with Information Securitytools.


Please contact me if you would like to discuss the role. or

Related Jobs

View all jobs

Information Security Officer

Information Security Officer

Information Security Officer – Assurance - Cybersecurity - Banking

Information Security Officer

Information Security Officer

Business Information Security Officer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Education Careers

Top 10 Best UK Universities for Cyber Security Degrees (2025 Guide)

Discover ten of the strongest UK universities for Cyber Security degrees in 2025. Compare entry requirements, course content, research strength and industry links to choose the right programme for you. Cyber Security has moved from IT back-room concern to critical national infrastructure. With growing threats from ransomware, state-sponsored attacks and supply-chain compromise, demand for well-trained cyber professionals has never been higher. The UK is home to a clutch of universities recognised globally for excellence in this field. Below, we profile ten institutions offering robust undergraduate or postgraduate cyber-security pathways. While league tables shift year on year, these universities have a consistent record of first-class teaching, research and industry collaboration.

Jobs

How to Write a Winning Cover Letter for Cyber Security Jobs: Proven 4-Paragraph Structure

Learn how to craft the perfect cover letter for cyber security jobs with this proven 4-paragraph structure. Ideal for entry-level candidates, career switchers, and professionals looking to advance in the cyber security sector. When applying for a cyber security job, your cover letter is an essential component of your application. The cyber security industry is continuously evolving, and organisations are always seeking professionals who can protect their networks, systems, and data. Your cover letter provides an opportunity to demonstrate your technical expertise, your enthusiasm for cyber security, and your ability to contribute to the protection of sensitive information. Whether you're just entering the field, transitioning from another career, or looking to advance in cyber security, this article will guide you through a proven four-paragraph structure to create a compelling cover letter. We’ll provide sample lines and tips to help you stand out in the competitive cyber security job market.

Jobs

Quantum-Enhanced AI in Cyber Security: Guarding the Digital Frontier

The cyber security landscape has evolved dramatically over the past decade. Long gone are the days when businesses primarily worried about simplistic phishing or basic website defacements. Today’s threats include nation-state attacks, sophisticated ransomware, AI-generated phishing campaigns, and a wide array of stealthy intrusion methods. Organisations must defend vast digital ecosystems that include cloud infrastructure, IoT devices, and critical operational technology—any of which can become high-value targets for malicious actors. Amid these escalating challenges, a new technological wave is emerging: quantum computing. Although still in its infancy, quantum computing promises capabilities that could surpass even the most advanced classical supercomputers for specific tasks. Simultaneously, in the world of Artificial Intelligence (AI)—where data volumes and model complexity are exploding—quantum’s parallelism could significantly boost analysis, training, and decision-making. What unfolds when quantum computing and AI converge in the realm of cyber security? On one hand, quantum technologies could introduce stronger encryption and faster threat detection. On the other, adversaries armed with quantum power might break today’s cryptographic protocols or develop more potent attacks at unimaginable speeds. This article explores the phenomenon of quantum-enhanced AI for cyber security: the possibilities it unlocks, the challenges it poses, and the reasons it could reshape both defensive and offensive operations in the digital world.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.