Senior Information Security Officer

Location: Bournemouth
Working Pattern: Hybrid – 2 days per week in the Vitality Bournemouth Office. Full time, 35 hours per week.

About The Role
As our Senior Information Security Officer, you’ll drive a business-wide security agenda, shaping how we identify, assess and manage risk while keeping pace with evolving threats and regulations. Working closely with the CISO, you’ll turn strategy into action, lead our Security Governance team, and ensure our security posture not only protects but enables the business to thrive.

Key Actions

• Lead the continuous improvement of Vitality’s ISO27001 framework and Information Security Management System (ISMS), ensuring ongoing compliance
• Deliver key security initiatives that bring the Information Security Strategy to life and drive measurable impact
• Own and mature Information Risk management in alignment with the Enterprise Risk Framework
• Act as a trusted advisor on regulatory requirements and best-practice frameworks (ISO27001, GDPR, NIST, ITIL), protecting the confidentiality, integrity and availability of systems
• Lead security governance forums and manage the Information Security Governance team, including the Information Risk function
• Embed security across projects and development lifecycles, ensuring risks are identified, assessed (including DPIAs), and effectively mitigated
• Oversee supplier and third-party security risk, working closely with Cyber Security Operations to protect Vitality’s wider ecosystem
• Drive a strong security culture by maintaining policies, delivering compliance reviews, and rolling out engaging awareness and training programmes

What do you need to thrive?

• Minimum 5 years’ experience working in an Information Security Environment
• Proven experience in assessing and managing supplier and third-party security risk
• Strong communication skills, with the ability to translate technical concepts into clear, business-friendly messaging and produce high-quality documentation (policies, standards, project artefacts)
• Demonstrated experience working across projects and development lifecycles (SDLC), including Agile environments
• Hands-on experience implementing and maintaining ISO27001 and broader security governance frameworks (e.g. ISO27001/2, NIST, PCI DSS)
• Solid understanding of data protection and regulatory requirements (e.g. FCA, ICO, PRA, GDPR) and how to apply them in practice
• Ability to balance risk, compliance and business objectives in a fast-paced, evolving environment

So, what’s in it for you?

• Bonus Schemes – A bonus that regularly rewards you for your performance
• A pension of up to 12%– We will match your contributions up to 6% of your salary
• Our award-winning Vitality health insurance – With its own set of rewards and benefits
• Life Assurance – Four times annual salary

If you are successful in your application and join us at Vitality, this is our promise to you, we will:

• Help you to be the healthiest you’ve ever been
• Create an environment that embraces you as you are and enables you to be your best self
• Give you flexibility on how, where and when you work
• Help you advance your career by playing you to your strengths
• Give you a voice to help our business grow and make Vitality a great place to be
• Give you the space to try, fail and learn
• Provide a healthy balance of challenge and support
• Recognise and reward you with a competitive salary and amazing benefits
• Be there for you when you need us
• Provide opportunities for you to be a force for good in society

About Us
We’re incredibly proud to be recognised for the culture we've created — recently being named one of Glassdoor’s Best Places to Work 2026, and in 2024 we were delighted to be awarded Top 10 Places to Work in the Sunday Times Awards.

Vitality is a multi-award-winning UK insurance brand, here to make the world a healthier, happier place. We’ve been a purpose and values-driven business from day 1- long before it became fashionable. Our core purpose is to make people healthier and enhance protect their lives. Vitality pioneered shared-value insurance. We incentivise people to live healthier longer lives – they benefit, our business benefits, and society benefits. We’re successful because we attract, develop, and retain the best people – and because we care.

At Vitality, we’re committed to diversity and inclusion because it’s good for our employees, for our business, and for society. We welcome applications from individuals of all backgrounds, experiences, and perspectives.