×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Information Security Manager

Job in Edinburgh, City of Edinburgh Area, EH1, Scotland, UK
Listing for: Sword Group
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help them achieve their goals.

We are excited to announce that we are looking for an experienced Information Security Manager to join the security team. Reporting directly to the CISO and working directly with the IT Team, you will be responsible for the implementation and delivery of Sword's cyber security strategy and program.

Key Responsibilities

The Information Security Manager is primarily a technical role and will be required to operate with high levels of autonomy, effectively translating business objectives and risk management strategies into specific IT security processes enabled by security technologies and services.

Requirements
  • Security Operations – Implement and oversee the day‑to‑day running of security including M365 Security (Sentinel, Defender, Conditional Access) and Azure security protocols.
  • Vulnerability Management – Proactive and risk‑based vulnerability management including attack surface management, system hardening, and cloud security posture management.
  • Service Management – Ability to deliver security as a cohesive service through a combination of internal resources and external service providers.
  • Incident Response – Oversee security incident management and drive enhancements to risk mitigation strategies through ongoing assessments.
  • Security Culture – Drive improvements in the internal security culture through ongoing awareness, training, simulated phishing campaigns and a security champion network.
  • Security Governance – Develop and refine security policies, frameworks, and procedures, maintaining alignment and accreditation with ISO 27001 and Cyber Essentials Plus.
  • Risk Management – Support security risk assessments across vendors, projects, and internal teams, identifying areas of concern and driving remediation efforts.
  • Regulatory & Client Requirements – Ensure Sword remains technically compliant with relevant legal, client and regulatory obligations, keeping pace with evolving security landscapes.
  • Third‑Party & Supply Chain Security – Assess and manage technical security risks related to suppliers and partners, ensuring robust security measures are maintained.
  • Continuous Improvement – Deliver the security program through a series of continuous and incremental improvements.

This is a challenging and rewarding role that offers the opportunity to work with a talented team and help our clients as they continue their Digital Transformation journey. If you have a passion for technology and enjoy leading and mentoring technical teams, we encourage you to apply for this role.

Requirements

Here are the key skills and experience relevant to this role:

  • Microsoft security architecture and technologies including EDR, Firewalls, SIEM, Microsoft Purview (including Data Labels, Protection, and DLP), IAM and Email Security.
  • Managing IT security infrastructure (e.g. firewalls, intrusion prevention systems, web application firewalls, endpoint protection, SIEM, vulnerability management, Data Loss Prevention, Email Security, Identity and Access Management).
  • Cyber Security Frameworks (NIST), regulations such as GDPR and NIS2, and industry standards such as ISO 27001.
  • Experience designing the IT security requirements related to the deployment of applications and infrastructure.
  • Running security awareness campaigns including regular business updates, simulated phishing campaigns and security training.
  • Significant experience in a similar role, preferably in an international organisation, including working with a range of IT and IT security specialist suppliers.
Qualifications and Personal Skills
  • Major industry certification such as CISSP, CISM or CRISC.
  • Certification in relevant Microsoft security technologies.
  • Take ownership and accountability with a positive, can‑do attitude including an…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search