Information Security Manager

CMC Markets is seeking an experienced Information Security Manager to play a pivotal role in shaping and strengthening our global security governance and risk framework.

Operating across multiple regulatory jurisdictions, CMC develops and delivers its own retail and B2B trading and investment platforms. This role sits at the heart of our Group-wide security strategy — ensuring robust governance, effective risk management, and regulatory alignment across the business.

This is a senior, governance-focused position. It is not a hands-on cyber operations role, but one that requires strategic oversight, regulatory confidence, and the ability to influence across distributed international teams.

You’ll take ownership of security governance within your remit, working closely with Technology, Risk, Compliance and the wider Group Security function to deliver pragmatic, right-sized solutions that enable the business while protecting it.

What You’ll Be Responsible For

Security Governance & Risk

• Embed and maintain the Group Information Security framework across all regions

• Ensure alignment with global regulatory regimes (FCA, ESMA, ASIC, MAS and others) and recognised standards such as ISO 27001

• Lead and support security risk assessments across business units, platforms and third parties

• Maintain and enhance the Information Security Management System (ISMS)

• Track, report and drive remediation of key security risks and metrics at senior stakeholder level

Regulatory & Compliance

• Act as a primary security contact for audits, supervisory reviews and regulatory engagement

• Ensure policies, standards and controls meet global regulatory expectations

• Support regulatory submissions, security attestations and client due diligence

• Interpret new regulatory developments and work cross-functionally to embed practical solutions

Third-Party & Supplier Risk

• Oversee security risk assessments of technology vendors and service providers

• Support supplier due diligence and ongoing risk monitoring

• Ensure appropriate controls are embedded across outsourced and offshore operations

Leadership & Collaboration

• Partner with security and technology stakeholders across Europe and APAC

• Promote a consistent Group security posture while accommodating local regulatory requirements

• Contribute to global security initiatives and transformation programmes

• Provide security leadership to business projects, balancing risk management with commercial priorities

• Act as a recognised security authority within relevant jurisdictions (e.g. IAM, data protection oversight)

What We’re Looking For

• Degree-qualified (or equivalent) in Business, Technology, Information Security or a related discipline

• 7+ years’ experience in Information Security, including 3+ years in a senior advisory or managerial capacity

• Strong grounding in governance, risk and regulatory security requirements within financial services

• Experience developing policies, standards and security documentation

• Proven experience in third-party risk assessment and supplier security oversight

• Confident stakeholder engagement skills with the ability to influence across functions and regions

CMC Markets is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.