Information Security Engineer (Governance)

TL;DR

Information Security Engineer (Governance): Managing security oversight and regulatory compliance for a UK insurance company transformation programme with an accent on vendor governance and security integration. Focus on ensuring GDPR and DORA compliance, performing risk assessments, and preparing for audit readiness.

Location: Mostly remote with occasional office attendance (1-2 meetings per month) in the UK (Birmingham/London)

Salary: £35,000 pro rata

Company

A UK-based insurance company undergoing a major transformation programme.

What you will do

• Provide security governance and controls across architecture, delivery, and compliance.
• Ensure regulatory compliance with GDPR and DORA.
• Manage vendor governance and third-party security oversight.
• Conduct risk assessments and oversee API/integration security.
• Support audit processes and ensure go-live readiness.

Requirements

• Essential: Deep experience in the London insurance market (claims, underwriting, delegated authority, policy admin).
• Proven expertise in security governance and regulatory compliance.
• Understanding of regulated data flows within insurance environments.
• Strong communication skills for collaborating across multiple teams.
• Ability to attend occasional on-site meetings in the UK.

Nice to have

• Exposure to Azure environments.

Culture & Benefits

• Flexible work arrangement with a mostly remote setup.
• Opportunity to contribute to a high-impact transformation programme.
• Part-time contract (2 days per week) for better work-life balance.

Hiring process

• 3-stage interview process.