Information Security Manager

Are you ready for an exciting new challenge in your cyber security career? Our client is looking for a Information Security Manager to join their Information Security governance and oversight team.

This technically focused role involves delivering Information Security services such as consultancy, assurance reviews, and risk management while providing governance and oversight across the business to manage security risks effectively.

• Implement and maintain security control frameworks such as ISO27001 and PCI-DSS.
• Lead governance, oversight, and assurance on technical security controls and design.
• Act as an Information Security consultant, ensuring security standards are met in key business projects.
• Develop and maintain technical security patterns and standards.
• Lead and mature penetration testing and other security testing programmes.
• Conduct assurance reviews and assessments, including third-party evaluations and new solutions.
• Assess security risks, proactively developing countermeasures.
• Perform security risk assessments for change management, processes, and new solutions.
• Monitor emerging security threats through external research and internal engagement.
• Enhance information and cyber security maturity across the organisation.
• Deliver security awareness initiatives and promote best practices.
• Support the Information Security Incident Response team when required.
• Ensure compliance with relevant standards and regulations.

• Need to have experience of Azure and containerised platforms
• Policy and compliance tooling
• Strong background in cyber and IT security.
• Proficiency with network security, system administration, and general technical security tools and services
• Experience of implementing a modern security and compliance posture in a fast-paced continuous integration environment, with exposure to Product lifecycle, SRE and DevOps ways of working
• Experience with Microsoft security technologies, including endpoint security and Azure.
• Proficiency in security controls and frameworks, particularly in cloud security.
• Hands-on experience with vulnerability management.
• Ability to translate security frameworks and standards into detailed control requirements.
• Experience conducting assurance reviews and identifying security gaps.
• In-depth understanding of ISO27001, PCI-DSS, and other security frameworks.

• Extensive experience in Information & IT Cyber Security.
• Proven track record in managing and improving penetration testing programmes.
• Experience working in an Agile change environment.
• Recognised security certifications such as CRISC, CISM, or CISSP.

• Flexible home or office-based working.
• Be part of a forward-thinking organisation that values innovation and security excellence.
• Opportunity to make a real impact.
• Supportive and collaborative work environment.

If you’re looking to apply your technical expertise in a dynamic environment and shape a strong security culture, we’d love to hear from you!