Information Security Governance Specialist

Job Description

At abrdn, we empower our clients to plan, save, and invest for their futures. Through the expertise, insight, and innovation of our team, we aim to help clients create more ways for money to make an impact. We focus on delivering outcomes that are more than just financial, by investing sustainably to build a better world.

Security, Resilience & Protection (SRP) are at the heart of ensuring that everything we do as a business aligns with keeping our people and data safe. We put our clients and customers at the heart of this mission and use this as a guiding star to shape our approach.

About the Department

The Security & Resilience team is dedicated to safeguarding abrdn's operations, ensuring the highest standards of information and cyber security. As part of this team, the Information Security Governance Specialist will help build and maintain a robust security governance framework that keeps abrdn ahead of emerging threats while ensuring compliance with global standards and regulatory expectations.

About the Role

As an Information Security Governance Specialist at abrdn, you will work with the Information Security Governance Manager and the wider team to develop and implement abrdn’s Security & Resilience Governance framework. Your responsibilities will include supporting teams in line with global security standards, maintaining policies, ensuring compliance, and driving continuous improvement across our security practices.

You will operate with recognised professional practices to support external reviews and requests from clients, regulators, and auditors, ensuring we maintain the highest standards of protection for our customers. By driving insightful reporting and risk-based reviews, you’ll contribute to the ongoing effectiveness of our security controls and resilience initiatives.

Key Responsibilities

• Develop and implement abrdn’s Security & Resilience Governance framework, ensuring alignment with global standards (e.g., NIST).

• Maintain and develop the Information and Cyber Security (ICS) and Technology (IT) policies as part of the Enterprise Risk Management Framework.

• Provide guidance and support to ensure compliance with regulatory requirements, industry best practices, and evolving risk landscapes.

• Review third-party assurance returns for Information Security and support our extensive supply chain.

• Design and deliver insightful Security & Resilience reporting to measure the effectiveness of security controls, providing regular reports and actionable insights for senior management.

• Support governance initiatives to drive continuous improvement and reduce security risks across the organisation.

Knowledge, Skills and Experience

The ideal candidate will possess the following:

• Proven experience working with information security controls and regulatory standards (e.g., NIST, ISO 27001/2, COBIT).

• Experience in developing and maintaining Information Security policies and standards that support an improvement in security culture.

• A passion for driving improvements in security compliance and controls.

• A balanced understanding of technical and non-technical aspects of information & cyber security.

• Experience in implementing risk management processes and producing insightful reporting for key stakeholders.

• Strong relationship-building skills with both internal teams and external partners.

We are proud to be a Disability Confident Committed employer. If you have a disability and would like to apply to one of our UK roles under the Disability Confident Scheme, please notify us by completing the relevant section in our candidate questionnaire. One of our team will reach out to support you through your application process.

Our benefits

There's more to working life than coming home with a good salary. We have an environment where you can learn, get involved and be supported.

When you join us, your reward will be one of the best around. This includes 40 days’ annual leave, a 16% employer pension contribution, a discretionary performance based bonus (where applicable), private healthcare and a range of flexible benefits – including gym discounts, season ticket loans and access to an employee discount portal. You can read more about our benefits here.

Our business

Enabling our clients to be better investors drives everything we do. Our business is structured around three distinct areas – our vectors of growth – focused on our clients’ changing needs. You can find out more about what we do here.

An inclusive way of working

Whatever way you like to work, if you have the talent and commitment to join our team, we’d like to hear from you.

At abrdn we’ve adopted a ‘blended working’ approach. This approach combines the benefits of face-to-face collaboration, coaching and connecting in our offices with the flexibility of working from home. It enables colleagues to find a balance that works for their roles, their teams, our clients and our business.

An inclusive culture, where diverse perspectives drive our actions, is at the core of who we are and what we do. If you need assistance with your application, or a reasonable adjustment to your interview arrangements – for example, because you are neurodivergent, or have a physical, sensory, cognitive, mental, visible or invisible disability – please let us know and we’ll be happy to help.

We’re committed to providing an inclusive workplace where all forms of difference are valued and which is free from any form of unfair or unlawful treatment.  We define diversity in its broadest sense – this includes but is not limited to our diversity of educational and professional backgrounds, experience, cognitive and neurodiversity, age, gender, gender identity, sexual orientation, disability, religion or belief and ethnicity and geographical provenance.  We support a culture that values meritocracy, fairness and transparency and welcomes enquiries from everyone.

If you need assistance or an adjustment due to a disability please let us know as part of your application and we will assist.