Information Security Manager; Technical

Salary: £78,000 - £88,000 DOE

Contract Type: Permanent, full time

Work Life Balance: Hybrid with travel to Northampton when required (likely once per week)

Candidate Journey: Our goal is to reply to applications within 3 working days. Additionally, we make sure to acknowledge, evaluate, and respond to all applications as a way of showing our appreciation for your time and effort in applying to us.

We are looking for an experienced Information Security Manager to play a key role in protecting our organisation’s information systems, networks, and data from cyber threats and security breaches. Reporting directly to the Director of Information Security, this role is responsible for supporting and delivering the organisation’s information security programme while ensuring strong technical controls, governance, and compliance across the business.

This is a fantastic opportunity for a security professional who enjoys working across both technical security operations and strategic governance
, helping to strengthen our security posture and build a strong security culture.

• Manage and oversee technical security controls to ensure compliance with ISO 27001:2022
• Coordinate and manage penetration testing activities across the business
• Support and manage security audits, assessments, and testing from a technical security perspective
• Develop, implement, and maintain information security policies, procedures, and standards
• Monitor threat intelligence and ensure the business is informed of emerging threats and appropriate remediation actions are taken
• Analyse potential security threats and vulnerabilities, ensuring processes are in place to effectively manage incidents
• Develop and test incident management procedures
• Review existing security tools and technologies, recommending improvements where necessary
• Identify, assess, and report on information security risks
• Build a strong understanding of how the organisation operates in order to effectively support security initiatives
• Build and maintain strong relationships with internal stakeholders, helping to promote and embed a strong security culture across the business

• Relevant security certification such as CISSP, CISM, or CRISC
• ISO 27001 Lead Implementor/Auditor certification or at least 3 years’ experience supporting an ISO 27001 accredited organisation
• Strong knowledge of security risk and control frameworks, including ISO 27001, PCI DSS, and ITIL
• Proven experience developing and implementing information security policies and procedures
• Deep understanding of security technologies and controls
• Experience reviewing security control effectiveness, assessing maturity, and recommending improvements
• Experience managing security incidents, service improvements, and IT security risks
  
  Understanding of the benefits and risks associated with AI
• Knowledge of Data Protection Act 2018 and GDPR
• Understanding of Disaster Recovery and Business Continuity planning
• Experience working with cloud technologies
• Strong stakeholder management skills
• Excellent communication and presentation skills, with the ability to influence and engage stakeholders at all levels

We’re assembling a diverse team, where skills, not check boxes, reign supreme, regardless of race, religion, sex, sexual orientation, gender identity or disability.

Staysure Group welcomes all new starters with open arms, providing training, development opportunities, and great benefits.