Information Security Manager

Join our growing team of dedicated professionals at Gallagher Bassett, who guide those in need to the best possible outcomes for their health and wellbeing. You'll be part of a resilient team that works together to redefine the boundaries of excellence. At our organization, we value collaboration and making a positive impact in the lives of our clients and claimants, offering you the opportunity to join a team where your skills and dedication can truly make a difference. GUIDE. GUARD. GO BEYOND.

We believe that every candidate brings something special to the table, including you! So, even if you feel that you're close but not an exact match, we encourage you to apply.

We are currently seeking an Information Security Manager who will report to our Chief Information Officer in the UK and work closely with both Gallagher Bassett Information Technology (GBIT) and Global Cyber Information Security (GCIS) Divisions.

This role will join our UK IT Services Team and will be based in Ipswich with consideration around flexibility to work from home for the right candidate. This role will also work from other locations as required.

This is a fantastic opportunity to join a growing business and be the main point of contact for Information Security.

• Client Facing:
  • Manage client IT and Information security questionnaires and due diligence processes, utilizing evidence libraries and liaising with business operations, GBIT and GCIS as required.
  • Reference and verify information against the Global IT Security Policy Manual, Gallagher Bassett policies and those specific to EMEA and/or UK.
  • Facilitate secure, accurate and professional information sharing and collaboration with clients.
• Contract Review:
  • Review contracts to ensure compliance with current operational process and procedure.
  • Advocate for questionnaire-based audits over in-person audits where possible.
• Third-Party Due Diligence:
  • Oversee third-party assessments using Gallagher tools i.e. Process Unity in collaboration with GBIT and GCIS.
  • Utilize Gallagher tooling i.e. Security Scorecard for continuous monitoring of third-party security posture.
• Risk Management:
  • Capture and manage risks utilizing Gallagher tooling such as Cross-Comply/Audit Board, developing mitigation plans, as necessary.
• Meetings and Forums:
  • Chair and minute the Change Advisory Board.
  • Minute and be Co-Chair with GB BISO, participating in Division Cyber Committee meetings.
  • Participate in Application Security, user onboarding/off boarding governance, user segregation of duties, IT Services Forum, and EMEA Security meetings as required.
• Mergers & Acquisitions (M&A):
  • Review information through the DD process and participate in integration activities owning tasks such as application inventory and vendor assessment.
• Policy Management:
  • Maintain and review local and global information security policies, ensuring alignment with organizational standards.
• Industry Accreditations:
  • Ensure ongoing compliance with ISO 27001 standards, engaging stakeholders and managing audit processes.
  • Monitor and maintain policy compliance and standards to ensure adherence to Cyber Essentials PLUS.
• Miscellaneous:
  • Manage and contribute to continuous hardening of company security posture in areas such as vulnerability management, AV protection, DLP, patch management, DR and data sovereignty and retention projects.

• Flexibility to work out of core hours to collaborate with the Global Gallagher Team.
• Good attention to detail; ability to maintain a high-level of accuracy in all outputs.
• Awareness of current technologies and security challenges and risks.
• Ability to quickly change context and handle multiple issues or projects simultaneously.
• Ability to prioritise and organise own workload to ensure that deadlines are adhered to.
• Ability to liaise with colleagues and stakeholders, both domestic and global.
• Ability to work under pressure and without supervision.
• Able to collaborate and have fantastic communication skills.
• Engage and negotiate with people, and develop and maintain effective relationships.
• Proven experience in information security management, preferably within a large organization.
• An excellent understanding of information security policies, risk management, and compliance standards.
• Experience with ISO 27001 certification and maintenance.
• Experience with Cyber Essentials PLUS certification and maintenance.
• Studying or qualified in the Information Security field i.e. CISM by ISACA.
• Insurance/Claims Management experience.
• Experience of process documentation (product skills i.e. ProMapp).

On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you'll get, depending on your job level these benefits may improve:

• Minimum of 25 days holiday, plus bank holidays, and the option to 'buy' extra days.
• Defined contribution pension scheme, which Gallagher will also contribute to.
• Life insurance, which will pay 4x your basic annual salary, which you can top-up to 10x.
• Income protection, we'll cover up to 50% of your annual income, with options to top up.
• Health cash plan or Private medical insurance.

Other benefits include:

• Three fully paid volunteering days per year.
• Employee Stock Purchase plan, offering company shares at a discount.
• Share incentive plan, HMRC approved, tax effective, stock purchase plan.
• Critical illness cover.
• Discounted gym membership, with over 3,000 gyms nationally.
• Season ticket loan.
• Access to a discounted voucher portal to save money on your weekly shop or next big purchase.
• Emergency back-up family care.
• And many more

We value inclusion and diversity

Inclusion and diversity (I&D) is a core part of our business, and it's embedded into the fabric of our organisation. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees' diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher is Disability Confident Committed. We have pledged to make sure our recruitment process is inclusive and accessible, in addition to supporting our existing employees with any long-term health conditions or disabilities.

We understand that applicants may have disabilities, if you do, you may find some parts of the recruitment process more challenging than others. Don't worry, we're here to help, however, we can only do this if you let us know.

Should you require reasonable adjustments to your application, please get in touch with . If you'd prefer to speak on the phone, please request a call back, leaving details, so we get in touch.

Our employing entity, Arthur J. Gallagher Services (UK) Limited, is proud to be accredited as a Living Wage employer with the Living Wage Foundation. We are committed to diversity and opportunity for all and are opposed to any form of less favourable treatment on the grounds of gender or gender identity, marital status, civil partnership status, parental status, race, ethnicity, colour, nationality, disability, sexual orientation, religion/ belief, age and those with caring responsibilities.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as "protected characteristics") by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.