More jobs:
Information Security Manager - Fintech - Hybrid
Job in
Greater London, London, Greater London, W1B, England, UK
Listed on 2026-07-19
Listing for:
Wealth Dynamix
Full Time
position Listed on 2026-07-19
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, Data Security
Job Description & How to Apply Below
Information Security Manager
- Fintech
- Hybrid
Calling highly motivated, bright candidates who are looking for a career at an exciting award winning Fin Tech firm!
Company:
Wealth Dynamix
Role:
Information Security Manager
Location:
London
Start Date:
August 2026
Would you like to join one of the fastest growing Fin Tech firms in Europe? We are looking for an analytical self starter with experience in product focused software delivery. If you are passionate about digital transformation and keen to learn about delivering the market leading Client Lifecycle Managing solution to the Wealth Management industry,? apply now!
Who are we?- Wealth Dynamix helps to relieve the burden client management issues for wealth management and private banking firms with innovative technology.
- We provide Relationship Managers with a multi-award winning digital Client Lifecycle Management (CLM) platform, offering 360-degree access to their client.
- We are a global leader in end-to-end CLM, Wealth Dynamix has offices and clients in three continents with headquarters in the UK.
- The role is accountable for defining, operating and evidencing the information security governance framework. Technology and Engineering teams remain responsible for implementing and operating technical controls, subject to oversight, assurance and challenge from the Information Security function.
- The Information Security Manager owns the company's information security governance, risk and compliance programme, including the ISMS, client security assurance, security policy framework, incident governance, supplier security assurance, and security reporting. The role works closely with Technology, Product, Operations, Legal and senior leadership to ensure the company's products, services and operations meet internal, regulatory, contractual and client security expectations.
- The role provides security input into privacy compliance activities and works with the DPO on UK GDPR and EU GDPR obligations, DPIAs, data protection by design and incident response. The role is not the statutory DPO unless separately appointed.
- The role reports to the COO and ultimately to the WDX Board.
- Maintain and continuously improve the Information Security Management System, firmwide information security programme, security policies, certifications and control framework, aligned to ISO 27001, SOC 2, DORA‑related customer obligations, applicable financial services expectations and Crédit Agricole Group requirements.
- Partner with Product, Engineering and Technology teams to embed security into the software development lifecycle, including secure design reviews, threat modelling, secure coding standards, dependency scanning, SAST/DAST tooling, secrets management, application/API penetration testing, vulnerability remediation tracking and release security governance.
- Support DORA‑related client and contractual obligations for EU financial services customers, including ICT risk management evidence, incident response and notification processes, resilience testing, ICT third‑party risk controls, subcontractor oversight, exit planning and audit evidence.
- Provide security governance over cloud and SaaS environments, including identity and access management, logging and monitoring, encryption, key management, backup, tenant segregation, environment segregation, secure configuration and cloud security posture management.
- Own and test the security incident response framework, including severity classification, escalation, communications, evidence preservation, lessons learned and remediation tracking.
- Support Legal and Sales teams in reviewing client and supplier contract clauses relating to information security, privacy, audit rights, incident notification, resilience, subcontracting and data protection.
- Coordinate internal, external, client and certification audits, including audit planning, evidence collection, stakeholder coordination, finding remediation and management reporting.
- Manage the information security budget, including security tooling, external assurance, certifications, training and specialist advisory support, in line with agreed financial controls.
- Operate a risk‑based third‑party security assurance framework covering supplier onboarding, periodic reassessment, critical supplier classification, contractual security controls, subcontractor/sub‑processor oversight, supplier incident monitoring and exit arrangements.
- Own the client security assurance process, including security questionnaires, RFP/RFI responses, client audits, evidence packs, ISO 27001/SOC 2 artefacts, penetration test summaries, contractual security schedules and remediation tracking.
- Plan and maintain the annual security roadmap for the company.
- Determine whether emerging technology or market trends pose a security risk to the company.
- Provide quarterly security updates to the Board, including risk posture, material…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×