Chief Information Security Officer

Job description

We are seeking a Chief Information Security Officer (CISO) to take full responsibility for information security and identity and access management at Man Group. This role is of critical importance, as it lies at the heart of our business. The CISO will lead our security function, set standards, influence behavior, embed security into business processes, and collaborate with departments across the organization to drive risk management, transformation, innovation, and growth at Man Group.

Tasks

- Strategy & Standards: Develop and implement the information security strategy; align security investments with the company’s risk profile - Promote a culture of security and security awareness throughout the company through targeted communication - Develop and update security standards in the areas of technology, operations, and business - Collaborate with teams across the organization to integrate security risks into their workflows - Promote the secure adoption of AI and new technologies - Responsibility for identifying, prioritizing, and monitoring security risks and controls

Identity and Access Management

- Develop and implement the IAM strategy and transformation roadmap, and facilitate the migration from a legacy deployment model to a modern, automated identity platform - Design, maintain, and monitor identity management, including application onboarding, lifecycle automation, and access controls - Monitor IAM activities related to identity and access management

Governance & Reporting

- Chairing the Information Security Steering Committee - Presenting security status reports, risk assessments, and program updates to the Executive Board and the Risk and Finance Committee - Overseeing third-party risk management in coordination with the dedicated TPRM team - Assisting with SOC 2 audit processes

Requirements

• A credible leader who is able to balance competing priorities
• Proven experience in a similar role, ideally with a full CISO mandate
• Technical expertise in information security, with the ability to work at the architectural and strategic levels to minimize cyber risks
• Demonstrated ability to drive change outside of a direct reporting line and to influence technology, operations, and business leaders to adopt security standards
• Strong communication skills, the ability to present to executive boards, and the ability to feel comfortable in technical design reviews

Further requirements

• CISSP Certification
• Experience with identity management platforms and large-scale IAM transformation programs
• Familiarity with Infrastructure-as-Code environments (Terraform, GitOps workflows)
• Experience in security engineering (application, identity, and access management)
• Experience leading security teams in the development of new technologies
• Background in a regulated industry, with an understanding of governance, operational, and compliance requirements
• Skills that are helpful for our technology stack (Docker, Kubernetes)

We offer

A work environment that offers opportunities