£54,000 - £60,000/annum
Financial Services


Northreach have partnered with a leading Financial services provider in the consumer loans sector. They are bringing new products to the market place and are looking to scale their teams within information security and are looking for a Team Lead. They operate a hybrid working model and this person would need to be in the office approximately 40% of the time.

This individual will be responsible for information security and will have a solid knowledge of Information security but also risk management practices and methodology.



  • Responsible for ensuring colleagues have a clear understanding of the business objectives and how their role contributes to them
  • Lead, engage and motivate the team to deliver an effective Information Security consultancy and risk management framework
  • Build capability of team by supporting and coaching through effective performance management practices
  • Effectively communicate with Head of Function to provide feedback on potential succession plans and team performance
  • Ensure the right people are in the right roles and that skills are being utilised effectively in order to build high quality teams
  • Provide regular and timely feedback to team members through performance reviews
  • Reward and celebrate team achievements and great performance
  • Effectively manage the team in all other aspects of their role including attendance and behaviours and have regular wellbeing discussions
  • Create an inclusive culture which promotes diversity and Blueprint behaviours
  • Consults with and advises administrators, staff and management on various operational issues related to information systems, and on general business operations as needed.
  • Coordinates and interacts with internal and external auditors
  • Ensure work is delivered in line with SLAs and agreed targets
  • Responsible for managing costs within budget parameters
  • Ensure business policy and processes reflect current practices and are adhered to
  • Identify risks and provide proposals for potential solutions, balancing risk with business needs
  • Assessment of required controls and testing of adherence to required policies, processes and monitoring
  • Performs information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.
  • Assists the build and continuous development of the Information Security toolkit
  • Defines Security testing requirements in projects and BAU services. Interprets the results and puts into context while feeding back to key stakeholders in IT and the business
  • Provides commentary to key stakeholders to ensure risk levels are fully understood.



  • Third parties including vendors and C-level executives, e.g. CISO, CIO, CTO
  • Directors, Head of Functions and Senior Management across all areas of the business
  • Auditors: internal & external (e.g. QSAs) 2
  • IT and other teams within IT Services and Operations for the support of effective process



  • Previous experience of working in the non-standard Consumer Credit Industry
  • Recent experience of working in an FCA regulated business
  • Able to delegate responsibility
  • Analytical thinking who is able to interpret MI/BI and use it for sound decision making
  • Excellent communication skills (written and verbal) with the ability to influence, negotiate and constructively challenge at all levels
  • Ability to operate independently and objectively
  • Understanding of corporate governance frameworks
  • PC Literacy to include middle management level MS Office Word, Excel, Power Point
  • Proven ability to effectively plan and organise work effectively and prioritise deadlines whilst working at a fast pace
  • Previous experience as an Information Security Analyst, Consultant or Manager who has worked an in Information Security team within financial services.


This should include;

  • Conducting third party information security reviews
  • Following and championing risk management processes
  • Providing requirements and consultancy to projects
  • Conducting controls assessments against known frameworks Desirable
  • Understand the requirements of an FCA regulated business 5
  • Working knowledge of ISO27001 and ISO27005




At least one from – CISSP, CISM or CISA

Desirable – CRISC

Additional requirements – Experience of IDAM



  • Be positive and self-motivated
  • Natural thirst for self-development and development of the team
  • Leads from the front
  • Flexible and has a “can do” attitude
  • Understands the importance of great team dynamics
  • Be a team player
  • Be a change and continuous improvement champion