Cyber Security Business Partner (Information Security Manager)PEXA UK • Thame, England, United Kingdom
Cyber Security Business Partner (Information Security Manager)
PEXA UK
- Thame, England, United Kingdom
- Thame, England, United Kingdom
Über
You will have experience managing customer cyber assurance activities, supporting external audits (e.g., ISO 27001, Cyber Essentials Plus), and maintaining regulatory compliance, particularly with Financial Conduct Authority (FCA) cyber‑related controls. Proficiency in cloud security controls and an ability to translate cyber risk into business context are essential.
Key Accountabilities Cyber Security Partnership & Advisory
Act as the security point of contact for UK business units, aligning cyber security goals with business priorities
Provide guidance on secure‑by‑design principles during project planning, procurement, and solution development
Build strong relationships across technical and non‑technical stakeholders to promote security best practices
Ensure that the business’ information security posture is continuously improved through proactive security measures, monitoring, and reporting
Customer Cyber Assurance & Regulatory Compliance
Lead and manage customer cyber security assurance activities, including due diligence and technical assurance engagements
Support the development and maintenance of materials that evidence the organisation’s cyber maturity and compliance posture
Liaise with internal audit and risk functions to ensure cyber and information security controls align with FCA expectations and industry standards
External Audit & Certification Support
Lead preparation and support for external audits, including ISO 27001, Cyber Essentials and Cyber Essentials Plus, Customer and regulatory assessments
Collaborate with compliance, risk, and IT teams to ensure audit readiness and implement improvements
Cloud Security & Technology Risk
Provide expertise on cloud security controls (e.g., identity and access management, encryption, logging, secure configuration) across AWS and Azure environments
Ensure secure adoption of cloud‑native services in accordance with recognised frameworks (e.g., CIS Benchmarks, NIST, OWASP)
Risk Management & Governance
Identify and assess cyber risks within business processes and technology environments
Support risk mitigation planning, tracking, and reporting in line with enterprise risk frameworks
Awareness, Culture & Reporting
Contribute to business‑targeted cyber security awareness and education initiatives
Promote a culture of shared accountability for security and resilience
Produce and maintain reporting information as required
Skills & Experience Required
5+ years’ experience in a cyber security, risk, or assurance role, with strong stakeholder‑facing exposure
Demonstrable experience with customer cyber assurance activities, external audit preparation (ISO 27001, Cyber Essentials Plus), proficient in cloud security (AWS, Azure, or GCP) and risk assessment
Working knowledge of NIST, ISO 27001, FCA Handbook (SYSC), and relevant NCSC guidance
Excellent verbal and written communication skills, with the ability to engage effectively at all business levels
Desirable
Background in financial services or regulated industries
Experience in third‑party/vendor risk assessment and assurance
Relevant Cyber Security or IT degree level education
ISO 27001 Lead Implementer / Auditor
CISSP, CISM, CRISC
AWS/Azure security certifications
Sounds like you? We at PEXA are ready so if this role sounds like you apply today.
The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found at https://pexa.co.uk/applicant-policy/.
Seniority level: Not Applicable
Employment type: Full-time
Job function: Business Development and Sales
Industries: Information Services, Financial Services, and IT Services and IT Consulting
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.