Security Controls Manager

Responsibilities

• Maintain and continuously improve the Information Security control framework, ensuring effective management of information risk and audit readiness.
• Document, implement and monitor security controls, identifying gaps and driving risk-based improvements.
• Develop and maintain Information Security policies, standards and procedures, ensuring alignment with regulatory requirements and industry standards.
• Support the delivery and ongoing compliance of frameworks such as ISO 27001 and Cyber Essentials+, and coordinate responses for internal and external audits.
• Collaborate with internal stakeholders, third-party suppliers and service providers to embed consistent and effective security controls across the business.
• Work closely with senior stakeholders across the business, including Information Security, Investment Systems, and IT Infrastructure leadership, to agree, embed, and maintain effective security controls.
• Support the implementation and optimisation of security tooling, promoting continuous improvement and ensuring compliance with internal policies, regulatory requirements and change processes.
• This role would suit someone with:
• Proven experience working in control environments
• Experience maintaining and owning IT / Information Security controls
• Experience supporting Internal and External Audits, including evidence preparation and audit engagement
• Experience of Vulnerability Management processes and control integration
• Hands-on experience configuring or operating Data Loss Prevention tooling e.g.: Varonis, Microsoft Purview
• Strong Microsoft office skills (MS Project, Excel, PowerPoint and Visio).
• Experience in managing third party suppliers to implement controls and object documented evidence
• Demonstratable desire for self-improvement, with skills and knowledge acquisition.
• Desirable:
• Information Security Training such as Security+
• Experience in investment management, pensions, or another regulated financial services environment
• Strong organisational, analytical and problem-solving skills
• Be adaptable and comfortable operating in an ever-changing environment
• Strong organisational, analytical and problem-solving skills
• Effective communication skills with the ability to build effective stakeholder and business relationships
• Ability to draft and present documentation in a clear and concise manner and adapt to various target audiences
• High attention to detail with a proactive, professional and "can-do" attitude
• Why Brightwell?
• As a Brightwell colleague, you will enjoy a competitive salary, hybrid work practices, professional development, career development, and a great benefits package including:
• Annual performance bonus
• 25 days holiday (increasing to 30 with service) plus bank holidays.
• A pension with 15-17% employer contributions (depending on age).
• 8 x salary Life Insurance.
• Generous family friendly policies, including up to 26 weeks full pay (maternity, adoption and paternity leave)
• Free health assessments.
• Health cash plan.
• Professional study support.
• Employee Assistance Programme and free Wellhub wellness network platform access.
• Building an inclusive work environment:

Additional Information

Join Our Team as a Security Controls Manager Location: Chesterfield An exciting opportunity has arisen for a Security Controls Manager to take ownership of Brightwell's information security control environment. This role is responsible for overseeing, managing, and continuously improving security controls, ensuring they remain effective and aligned with internal policies, regulatory requirements, and industry standards. You will play a key role in supporting audits and driving continuous improvement across security processes. The position operates across all UK Brightwell locations, with occasional travel to London, Derby, and Bristol as required.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Brightwell? Share your experience