Information Security Manager

AN IT SYSTEM IS ONLY AS GOOD AS ITS SECURITY.

SHARE YOUR PASSION.

Networking of ideas and skills is the prerequisite for redefining mobility. This is only possible with an IT infrastructure that meets the highest demands. Especially in the area of IT security. The more complex a system becomes, the greater the risk of cyber-attacks. In order to develop adequate protection measures, we need IT security experts who understand the requirements of demanding users as well as the various functionalities of innovative IT systems. They have to live and breathe all-embracing IT security to develop counter-measures using innovative solutions with passion, personal responsibility, team spirit and attention to detail.

BMW Group Financial Services UK is looking for an Information Security Manager. This role is based at the Summit ONE Campus in Farnborough.

What awaits you?

Responsible to drive the maturity of existing security controls across multiple teams and in collaboration with others across business.

• Responsible to drive the maturity of existing security controls across multiple teams and in collaboration with others across business.
• Provide specialist advice and guidance to the business on information security issues.
• Analyse metrics, implement assurance reviews, and closely monitor the businesses information risk exposure.
• Advice and balance security risks against the other needs of the business and support IT colleagues in the removal and management of information security risks.
• Recommend appropriate technical designs and support the appraisal of technical solutions ensuring alignment to the principles of 'security by design'.
• Identifying, developing, implementing and maintaining processes to reduce risks across the organisation through awareness training and communications campaigns.
• Engage all areas of the business to ensure an end-to-end Information Security strategy.
• Advise on and, where required, manage the transformation and improvement of BMW Financial Services UK and BMW Financial Services Ireland Information Security programmes.

What should you bring along?

• Bachelor’s Degree in Information Technology, Business Administration, Engineering or related field or suitable relevant experience.
• Hands-on experience of information security functions in a fast-paced global organisation, mitigating critical security risks and implementation of security technologies, education and policies.
• The role holder will have demonstrable project management experience preferably in an international environment.
• Proven stakeholder Management skills and an ability to influence individuals and teams in areas where knowledge and understanding may be minimal.
• Familiarity with Information Security industry standards/best practices and relevant regulations such as ISO27000, NIST and PCI.
• Demonstrated expertise in Information Security and Third-Party Risk.
• A broad understanding of the terminology, core principles, IT controls and best practices across key risk domains, including risk assessment methodology, identity and access management, network and infrastructure security, application security, data loss prevention, and incident management.
• Information security industry certification (e.g. CISSP or CISM) is desirable.

Closing date: 22nd June 2026

At BMW Group, we are committed to offering our employees the right balance between work and personal life. We pride ourselves on being a flexible employer, so please discuss your individual requirements as part of the application process to help us agree on a suitable arrangement.

We place great importance on equal treatment and equal opportunities. Our recruiting decisions are based on the personality, experience, and skills of the applicants. 

Learn more here. 

We are proud to be part of the Disability Confident scheme, which supports employers in making the most of the talents disabled people bring to the workplace. 

Successful candidates will be required to complete background screening checks, and the offer of employment will be subject to satisfactory results. These checks include references, right to work, IT system Compliance Integrity Check (COIN), CV, and relevant qualifications. Additional checks may include criminal records, adverse financial (credit), directorships, address verification, internet research, and/or driving licence. If you have any queries about these checks, please discuss them with us, and we will be happy to provide further details.