2,957 Cism jobs in the United Kingdom

Information Security Manager - Rail Sector, URGENT HIRE

Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager.

The Role:

• Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management.
• Working alongside the DPO and Head of Technology to support on areas of data protection.
• Lead collaboration with key partners for train onboard systems cyber security assessments and risk management
• Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices
• Manage the information security incident response program
• Manage implementation and deployment of Information Security Management System (ISMS).
• Line management of the internal InfoSec specialists.

Requirements

• Extensive experience working with PCI-DSS and ISO27001
• Strong understanding on security tools such as IDS/IPS.
• Demonstrable experience of leading Information Security, Governance, Compliance teams.
• Ideally a form of cybersecurity qualification such as CISM or CISSP

Benefits:

• Salary between £55,000 - £70,000
• Hybrid working 3 days on site, 2 days at home.
• Working in Euston or Birmingham office.
• & more.

Sponsorship is not available for this position and the successful candidate will be subject to toxicology screening as standard for the rail industry.

We are looking for this hire ASAP so those will short (1 month or less) notice periods are encouraged to apply.

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now

Our client, a prominent organization in the technology sector, is seeking an experienced and strategic Information Security Manager to lead their security initiatives in Bristol, South West England, UK . This is a critical leadership role responsible for developing, implementing, and managing comprehensive information security programs to protect the organization's data, systems, and infrastructure from evolving cyber threats. The ideal candidate will possess a deep understanding of security frameworks, risk management, and compliance, coupled with strong leadership and strategic planning abilities.

Key Responsibilities:

• Develop, implement, and maintain the organization's information security strategy and policies.
• Oversee the identification, assessment, and mitigation of information security risks.
• Manage the incident response process, including investigation, containment, and remediation of security breaches.
• Lead and mentor the information security team, fostering a culture of security awareness and best practices.
• Ensure compliance with relevant regulations and industry standards (e.g., GDPR, ISO 27001, NIST).
• Develop and execute security awareness training programs for all employees.
• Manage security technologies, including firewalls, intrusion detection/prevention systems, SIEM, and endpoint security solutions.
• Conduct regular security audits and vulnerability assessments.
• Collaborate with IT, legal, and business units to integrate security into all aspects of the organization.
• Stay abreast of emerging security threats, vulnerabilities, and technologies.
• Manage third-party risk and ensure vendor compliance with security requirements.
• Prepare and present security reports to senior management and stakeholders.
• Oversee disaster recovery and business continuity planning from a security perspective.

Qualifications and Experience:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree or relevant professional certifications (e.g., CISSP, CISM, CISA) are highly desirable.
• Extensive experience in information security management, with a proven track record of developing and implementing security programs.
• In-depth knowledge of cybersecurity principles, frameworks, and best practices.
• Experience with risk management, compliance, and regulatory requirements.
• Strong leadership, team management, and strategic planning skills.
• Excellent analytical, problem-solving, and decision-making abilities.
• Proficiency in security technologies and tools.
• Exceptional communication and interpersonal skills, with the ability to engage effectively with all levels of the organization.
• Experience in incident response and crisis management.
• Familiarity with cloud security concepts is a significant advantage.

This is a challenging and rewarding opportunity for a seasoned security professional to make a significant impact and lead the charge in protecting a leading organization's digital assets. Join a forward-thinking team committed to maintaining the highest standards of security.

Our client, a rapidly growing technology firm, is seeking an experienced Information Security Manager to lead their security initiatives in **Sunderland, Tyne and Wear, UK**. This critical role will be responsible for developing, implementing, and maintaining comprehensive information security policies, procedures, and controls to protect company assets and data. The ideal candidate will possess a deep understanding of cybersecurity threats, vulnerabilities, and mitigation strategies. Key responsibilities include conducting risk assessments, managing security incident response, overseeing vulnerability management programs, and ensuring compliance with relevant regulations (e.g., GDPR, ISO 27001). You will also be responsible for managing the security awareness training program for all employees and staying abreast of the latest security technologies and trends. This role requires strong leadership skills to manage a small security team and collaborate effectively with IT, legal, and business units across the organisation. Excellent communication and presentation skills are essential for conveying complex security information to diverse audiences. A proven track record in developing and executing security strategies, coupled with hands-on experience in security operations and incident handling, is required. Relevant certifications such as CISSP, CISM, or CISA are highly desirable. If you are a seasoned security professional passionate about safeguarding digital assets and driving robust security practices, we invite you to apply.

Our client, a dynamic and rapidly growing technology company, is seeking an experienced and strategic Information Security Manager to lead their security initiatives. This role offers a hybrid working arrangement, blending office-based collaboration in Reading, Berkshire, UK , with remote flexibility.

As the Information Security Manager, you will be responsible for developing, implementing, and overseeing the organization's comprehensive information security program. This includes defining security policies, standards, and procedures, and ensuring their effective enforcement across all business units. You will lead risk assessments, vulnerability management, and incident response planning, working proactively to identify and mitigate potential threats.

Key responsibilities involve managing security awareness training programs, fostering a strong security culture within the company. You will oversee the selection and implementation of security technologies and solutions, ensuring they align with business objectives and regulatory requirements. Collaboration with IT, legal, and compliance teams will be crucial to maintain a robust and compliant security posture.

The ideal candidate will possess a Bachelor's degree in Computer Science, Information Security, or a related field, with at least 6 years of progressive experience in information security management. Demonstrable experience in developing and managing security frameworks such as ISO 27001, NIST, or SOC 2 is essential. Strong knowledge of security best practices, including network security, data protection, identity and access management, and cloud security, is required. Excellent leadership, communication, and interpersonal skills are crucial for effectively managing a team and liaising with stakeholders at all levels.

This is an excellent opportunity to take a leadership role in information security within a forward-thinking organization. If you are a seasoned security professional looking for a challenging and rewarding position in Reading , we encourage you to apply.

Our client, a well-established financial services organization, is seeking an experienced Information Security Manager to oversee their security program in Norwich, Norfolk, UK . This role involves a hybrid working arrangement, combining office presence with remote work flexibility. You will be responsible for developing, implementing, and managing comprehensive information security strategies, policies, and procedures to protect the organization's assets and data. Key responsibilities include conducting risk assessments, managing security awareness training programs, overseeing incident response activities, and ensuring compliance with relevant regulations and standards (e.g., GDPR, ISO 27001). You will also lead and mentor the information security team, manage security technologies, and collaborate with IT and business units to integrate security into all aspects of operations. The ideal candidate will have a strong understanding of cybersecurity frameworks, threat landscapes, and common security vulnerabilities. Experience in managing security budgets, vendor relationships, and security projects is essential. Excellent leadership, communication, and interpersonal skills are required to effectively influence stakeholders at all levels. A relevant professional certification such as CISSP, CISM, or CISA is highly desirable. You should be adept at balancing security requirements with business objectives and fostering a security-conscious culture throughout the organization. This is a critical role in safeguarding sensitive information and maintaining the trust of our clients.

Our client is a leading financial services firm seeking a strategic and experienced Information Security Manager to lead their security operations and strategy. This is a critical, fully remote role, responsible for protecting the organisation's information assets and ensuring robust cybersecurity measures are in place. You will be tasked with developing and implementing comprehensive information security policies, procedures, and programs that align with business objectives and regulatory requirements. Key responsibilities include overseeing risk assessments, vulnerability management, incident response, business continuity planning, and security awareness training. You will manage a team of security professionals, providing leadership, guidance, and fostering a culture of security excellence. A deep understanding of cybersecurity best practices, threat landscapes, and compliance frameworks (e.g., GDPR, PCI DSS, ISO 27001) is essential. You will work closely with IT, legal, and business units to ensure a cohesive and effective security posture across the entire organisation. The ability to develop and implement strategic security initiatives, manage security budgets, and report on security performance to senior leadership is paramount. This role demands exceptional leadership, communication, and problem-solving skills, with a proven track record of managing complex security challenges in a remote or hybrid environment. You will be instrumental in safeguarding sensitive data, maintaining customer trust, and ensuring the resilience of the company's IT infrastructure against evolving cyber threats.

Responsibilities:

• Develop and implement the organisation's information security strategy and roadmap.
• Establish and maintain information security policies, standards, and procedures.
• Oversee risk management, vulnerability assessment, and penetration testing programs.
• Lead and manage the incident response process for security breaches.
• Develop and manage business continuity and disaster recovery plans.
• Implement and maintain security awareness training programs for all employees.
• Manage a team of information security professionals.
• Ensure compliance with relevant data protection and privacy regulations.
• Collaborate with IT, legal, and business stakeholders on security matters.
• Monitor and report on the effectiveness of security controls to senior management.
• Evaluate and recommend new security technologies and solutions.
• Foster a strong security culture throughout the organisation.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 7 years of progressive experience in information security management.
• Proven track record of developing and implementing successful security programs.
• In-depth knowledge of cybersecurity principles, best practices, and frameworks (e.g., NIST, ISO 27001).
• Experience with security technologies such as firewalls, IDS/IPS, SIEM, EDR, and DLP.
• Strong understanding of risk management, incident response, and business continuity planning.
• Excellent leadership, team management, and communication skills.
• Proficiency in regulatory compliance (e.g., GDPR, PCI DSS).
• Ability to think strategically and translate complex security issues into actionable plans.
• Relevant security certifications (e.g., CISSP, CISM, CISA) are highly desirable.
• Experience working in a remote-first or hybrid environment is beneficial.

Our client, a leading firm in the financial services sector, requires an experienced Information Security Manager to lead their security operations from Reading, Berkshire, UK . This role offers full remote work flexibility, allowing you to shape security strategy from anywhere. You will be responsible for developing and implementing robust information security programs, protecting sensitive data, and ensuring compliance with industry regulations. The ideal candidate possesses a strategic mindset, deep technical knowledge, and exceptional leadership capabilities.

Responsibilities:

• Develop, implement, and manage the organisation's information security strategy and policies.
• Oversee the design and implementation of security controls and technologies to protect information assets.
• Lead and manage the information security team, providing guidance and mentorship.
• Conduct risk assessments and develop mitigation plans to address identified vulnerabilities.
• Manage incident response activities, ensuring timely and effective resolution of security breaches.
• Ensure compliance with relevant data protection regulations (e.g., GDPR, PCI DSS).
• Develop and deliver security awareness training programs for all employees.
• Oversee security audits and penetration testing, coordinating with external vendors as necessary.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Collaborate with IT and business units to integrate security into all aspects of the organisation's operations.
• Manage third-party risk and ensure vendor compliance with security requirements.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• Minimum of 7 years of progressive experience in information security management.
• Proven experience in developing and implementing comprehensive security programs.
• Strong knowledge of security frameworks (e.g., NIST CSF, ISO 27001), risk management, and compliance.
• Experience with various security technologies (e.g., SIEM, EDR, firewalls, IDS/IPS).
• Excellent leadership, team management, and communication skills.
• Demonstrated ability to manage complex security projects and initiatives.
• Experience in the financial services industry is a significant advantage.
• Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.

This is a pivotal opportunity to lead security efforts for a major organisation, working remotely and making a significant impact. Join us in protecting our client's digital future from Reading, Berkshire, UK .

Our client, a leading financial technology firm, is seeking an experienced and proactive Information Security Manager to oversee their security operations based in Belfast, Northern Ireland, UK . This vital role is responsible for developing, implementing, and managing comprehensive information security programs to protect the company's data, systems, and intellectual property. The ideal candidate will possess a strong understanding of information security principles, risk management frameworks, and regulatory compliance requirements. Responsibilities include conducting risk assessments, developing and enforcing security policies and procedures, managing security awareness training for employees, and overseeing incident response activities. You will also be responsible for evaluating and implementing security technologies, working closely with IT teams to ensure secure infrastructure, and staying abreast of emerging threats and vulnerabilities. The role requires excellent leadership and communication skills, with the ability to build strong relationships across departments and effectively communicate security risks and recommendations to senior management. Experience with security governance, compliance standards (e.g., ISO 27001, GDPR), and security audits is essential. This is a hands-on role requiring a strategic thinker with a pragmatic approach to security challenges. A passion for safeguarding sensitive information and a commitment to maintaining the highest security standards are crucial for success in this position. Experience in the fintech sector is a significant advantage.