Job Title

Job Opportunity: Information Security Manager at ARAG UK We’re excited to announce an opportunity for anInformation Security Managerto join our dynamic Digital Services team at ARAG UK on a 12-month fixed-term contract basis.As a member of the Digital Services team, this role will be at the forefront of ARAG UK’s security strategy, ensuring the confidentiality, integrity, and availability of ARAG’s information and information systems. The successful candidate will be responsible for maintaining our ISO27001 accreditation, assessing information risks, and facilitating the remediation of vulnerabilities within the company’s network, systems, and applications. You will lead the strategy, road mapping, and planning of security initiatives, as well as manage the information security team.This role offers an excellent opportunity to report findings, apply recommendations for corrective and preventative actions, and identify opportunities to reduce security risks. Key responsibilities include documenting remediation options, facilitating risk mitigation tasks, and monitoring their performance. The role will also involve understanding security threats and developing strategies to protect ARAG’s assets across multiple entities.This is a strategic, hands-on role where you will manage a small team, support the Security & Governance Manager in driving IT security strategies, lead projects, coordinate team efforts, and mentor staff. Collaboration with other departments and engagement with our parent company to ensure ISMS alignment with standards and frameworks are also key aspects of this role.Candidate RequirementsHigh level of technical, organizational, and communication skills.Experience contributing to audit responses and improving security response processes.Good understanding of security frameworks and standards (ISO27001, NIST CSF, Cyber Essentials, OWASP).Knowledge of data protection legislation (GDPR, FCA SYSC, PCI DSS).Experience with security analysis tools and technologies (SIEM, IDS/IPS, Firewalls, IAM, etc.).Understanding of incident management, authentication technologies, Zero Trust principles, endpoint security, and cloud platforms like AWS.Ability to conduct vulnerability scans, understand the threat landscape, and deliver presentations to leadership.Minimum intermediate expertise in IT risk management or related disciplines.Benefits26 days holiday plus option to buy 5 more.Company pension scheme with optional increased contributions.Group Income Protection and Legal Protection.Additional benefits including private medical insurance, cycle scheme, wellbeing programs, and employee discounts.Opportunities to participate in social events and activities.If you believe you are a good fit and have transferable experience, we encourage you to apply, even if you do not meet every criterion listed.#J-18808-Ljbffr