Head of Information Security- Management Services

at  Miller Insurance Services

As a leading specialist (re)insurance broking partnership, Miller is a recognised leader in our specialist fields. With offices in London, Ipswich, Bermuda, Brussels, Paris, Singapore and Switzerland, our network has increased to more than 950 colleagues.
We always act with integrity, make principled decisions, and give clients clear, honest and unbiased advice. We are extremely proud that by acting with integrity and making principled decisions, we have earned a reputation for keeping our promises to clients, markets and each other.

Work with senior management to develop security programs and projects that address identified risks and business security requirements:

• Manage the process of gathering, analysing and assessing the current and future threat landscape. Provide a pragmatic overview of risks and threats in the enterprise environment and wider financial services landscape.
• Monitor and report on compliance with security policies across the organisation. Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
• Foster a culture of security awareness by providing security communication, awareness and training to a variety of audiences, from senior leadership through to operational staff

Other experience we are looking for:

• Strong knowledge of information security frameworks, standards, and legislation (ISO27001, GDPR, DORA, local data privacy laws)
• Previous management experience and strong leadership abilities, including the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
• Skilled in producing documents or reports, including internal audits, assessments, vulnerability remediation plans and gap analysis
• Strong analytical skills to analyse security requirements and relate them to appropriate security controls
• Knowledge of application technology security testing (SAST and DAST)
• Experience in risk management and knowledge of risk management framework

Work with senior management to develop security programs and projects that address identified risks and business security requirements:

• Manage the process of gathering, analysing and assessing the current and future threat landscape. Provide a pragmatic overview of risks and threats in the enterprise environment and wider financial services landscape.
• Monitor and report on compliance with security policies across the organisation. Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance

• Foster a culture of security awareness by providing security communication, awareness and training to a variety of audiences, from senior leadership through to operational staff.

  Own the overall Miller strategy for Information Security:

• As Miller continues to grow and scale, we will continue to strengthen and evolve our Security.

• Develop Miller’s current 2025-2028 security strategy, and execute initiatives that enhance our security while aligning with and supporting the business objectives.

• This includes management of our outsourced Security Operations Center (SOC), additional deployment of threat monitoring, deployment of a DLP solution, and enhanced security awareness training

  Assist resource owners and IT staff in understanding and responding to security audit failures:

• Manage relevant production issues and incidents, and participate in problem and change management

• Serve as an engaged and consistent participant in the security governance process

• Where appropriate, work with stakeholders to identify information owners in order to classify data and systems

  Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and investigate its impact on the existing environment, providing technical expertise for the administration of security tools:

• Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements

• Manage and coordinate operational components of security incident management, including detection, response and reporting
• Provide expert guidance on security matters for IT projects.
• Design, coordinate and oversee security-testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Qualifications, Experience and Knowledge:

CISSP/CISM certification or equivalent

• Must have:
• experience in the broader Financial Services industry or within a regulated industry
• experience working with management commitees (e.g. Risk and Compliance)
• Nice to have:
• specific experience with Insurance Brokers
• experience in International/Multilocation environments
• experience in PE-backed environments
• Must have:
• experience in the broader Financial Services industry or within a regulated industry
• experience working with management commitees (e.g. Risk and Compliance)
• Nice to have:
• specific experience with Insurance Brokers
• experience in International/Multilocation environments

• experience in PE-backed environments

  Other experience we are looking for:

• Strong knowledge of information security frameworks, standards, and legislation (ISO27001, GDPR, DORA, local data privacy laws)

• Previous management experience and strong leadership abilities, including the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
• Skilled in producing documents or reports, including internal audits, assessments, vulnerability remediation plans and gap analysis
• Strong analytical skills to analyse security requirements and relate them to appropriate security controls
• Knowledge of application technology security testing (SAST and DAST)
• Experience in risk management and knowledge of risk management frameworks