Information Security Governance Specialist
abrdn
abrdn is a global investment company and asset manager committed to helping our customers achieve their financial goals.
At abrdn, we empower our clients to plan, save, and invest for their futures. Through the expertise, insight, and innovation of our team, we aim to help clients create more ways for money to make an impact.
Security, Resilience & Protection (SRP) are at the heart of ensuring that everything we do as a business aligns with keeping our people and data safe. We put our clients and customers at the heart of this mission and use this as a guiding star to shape our approach.
About the Department
The Security & Resilience team is dedicated to safeguarding abrdn's operations, ensuring the highest standards of information and cyber security. As part of this team, the Information Security Governance Specialist will help build and maintain a robust security governance framework that keeps abrdn ahead of emerging threats while ensuring compliance with global standards and regulatory expectations.
About the Role
As an Information Security Governance Specialist at abrdn, you will work with the Information Security Governance Manager and the wider team to develop and implement abrdn’s Security & Resilience Governance framework. Your responsibilities will include supporting teams in line with global security standards, maintaining policies, ensuring compliance, and driving continuous improvement across our security practices.
You will operate with recognised professional practices to support external reviews and requests from clients, regulators, and auditors, ensuring we maintain the highest standards of protection for our customers. By driving insightful reporting and risk-based reviews, you’ll contribute to the ongoing effectiveness of our security controls and resilience initiatives.
Key Responsibilities
1. Develop and implement abrdn’s Security & Resilience Governance framework, ensuring alignment with global standards (e.g., NIST).
2. Maintain and develop the Information and Cyber Security (ICS) and Technology (IT) policies as part of the Enterprise Risk Management Framework.
3. Provide guidance and support to ensure compliance with regulatory requirements, industry best practices, and evolving risk landscapes.
4. Review third-party assurance returns for Information Security and support our extensive supply chain.
5. Design and deliver insightful Security & Resilience reporting to measure the effectiveness of security controls, providing regular reports and actionable insights for senior management.
6. Support governance initiatives to drive continuous improvement and reduce security risks across the organisation.
Knowledge, Skills and Experience
The ideal candidate will possess the following:
1. Proven experience working with information security controls and regulatory standards (e.g., NIST, ISO 27001/2, COBIT).
2. Experience in developing and maintaining Information Security policies and standards that support an improvement in security culture.
3. A passion for driving improvements in security compliance and controls.
4. A balanced understanding of technical and non-technical aspects of information & cyber security.
5. Experience in implementing risk management processes and producing insightful reporting for key stakeholders.
6. Strong relationship-building skills with both internal teams and external partners.
We are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to one of our UK roles under the Disability Confident Scheme, please notify us by completing the relevant section in our candidate questionnaire. One of our team will reach out to support you through your application process.
When you join us, your reward will be one of the best around. This includes 40 days’ annual leave, a 16% employer pension contribution, a discretionary performance based bonus (where applicable), private healthcare and a range of flexible benefits – including gym discounts, season ticket loans and access to an employee discount portal.
Our business is structured around three distinct areas – our vectors of growth – focused on our clients’ changing needs.
At abrdn we’ve adopted a ‘blended working’ approach. This approach combines the benefits of face-to-face collaboration, coaching and connecting in our offices with the flexibility of working from home.
An inclusive culture, where diverse perspectives drive our actions, is at the core of who we are and what we do.
If you need assistance with your application, or a reasonable adjustment to your interview arrangements – please let us know and we’ll be happy to help.
#J-18808-Ljbffr