2,810 Information Security Manager jobs in the United Kingdom

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now

Our client is looking for a seasoned and strategic Information Security Manager to lead their security initiatives from their offices in **Nottingham, Nottinghamshire, UK**. This pivotal role demands a deep understanding of information security principles, risk management, and regulatory compliance. You will be responsible for developing and executing the company's information security strategy, ensuring the protection of sensitive data and critical infrastructure against cyber threats. Key duties include establishing and maintaining robust security policies, standards, and procedures. You will oversee the implementation and management of security technologies, such as firewalls, intrusion detection systems, and data loss prevention tools. Conducting regular security audits, risk assessments, and business impact analyses will be a core part of your responsibilities, along with developing and managing effective incident response plans. Collaboration with IT, legal, and business units to integrate security into all operational processes is essential. You will lead and mentor a team of security professionals, fostering a culture of security awareness throughout the organization. Staying current with evolving threats, vulnerabilities, and regulatory landscapes (e.g., GDPR, ISO 27001) is crucial. The ideal candidate will possess a proven track record in information security management, strong leadership capabilities, and excellent communication and influencing skills. A Bachelor's or Master's degree in a relevant field and professional certifications such as CISSP, CISM, or CISA are highly preferred. Experience in developing and managing security budgets and vendor relationships is also important. This is an exceptional opportunity to shape and drive the security posture of a significant organization and protect its most valuable assets.

Our client is seeking an experienced Information Security Manager to lead their security operations and strategy within their Sunderland, Tyne and Wear, UK office. This hybrid role requires a proactive and knowledgeable professional to protect the organization's digital assets and ensure compliance with relevant security standards. You will be responsible for developing and implementing comprehensive information security policies, procedures, and controls. Key duties include conducting risk assessments, managing security incidents, overseeing vulnerability management programs, and promoting security awareness across the company. The ideal candidate will possess a strong understanding of cybersecurity frameworks such as ISO 27001, NIST, and GDPR. Experience with security technologies including firewalls, IDS/IPS, SIEM, and endpoint protection is essential. You should have a proven ability to manage security projects and lead a small team of security professionals. This position offers a blend of in-office collaboration and remote flexibility, allowing for effective team integration and personal work-life balance. You will report to the Head of IT and work closely with other departments to embed security best practices into all business operations. Demonstrable experience in threat intelligence, penetration testing coordination, and business continuity planning is highly desirable. Relevant certifications such as CISSP, CISM, or CRISC are strongly preferred. This is an excellent opportunity to make a significant impact on the security posture of a growing organization and contribute to shaping its future security roadmap.

Our client is seeking a strategic and experienced Information Security Manager to lead their security initiatives. This role is based in Bradford, West Yorkshire, UK , and offers a hybrid working model, blending essential on-site collaboration with the flexibility of remote work. You will be responsible for developing, implementing, and maintaining robust security strategies to protect sensitive company data and systems.

Responsibilities:

• Develop and execute comprehensive information security strategies and policies aligned with business objectives.
• Oversee the implementation and management of security controls, including firewalls, intrusion detection/prevention systems, and access management solutions.
• Conduct regular risk assessments, vulnerability scans, and penetration testing to identify and mitigate security threats.
• Manage security incident response activities, including investigation, containment, eradication, and recovery.
• Ensure compliance with relevant data protection regulations (e.g., GDPR) and industry standards.
• Lead and mentor the information security team, fostering a culture of security awareness throughout the organisation.
• Stay abreast of evolving cybersecurity threats, vulnerabilities, and technologies, and recommend appropriate countermeasures.
• Manage security awareness training programs for all employees.
• Collaborate with IT teams to ensure security is integrated into system design and development lifecycles.
• Develop and maintain disaster recovery and business continuity plans.
• Liaise with external auditors and regulatory bodies as required.
• Prepare and present security reports to senior management.

Qualifications:

• Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Minimum of 8 years of progressive experience in information security, with at least 3 years in a management or leadership role.
• Strong understanding of security frameworks (e.g., ISO 27001, NIST CSF), risk management, and compliance requirements.
• Expertise in various security technologies and solutions (SIEM, EDR, DLP, IAM, encryption).
• Proven experience in developing and implementing security policies and procedures.
• Demonstrated experience in managing security incidents and conducting forensic investigations.
• Excellent leadership, team management, and communication skills.
• Ability to communicate complex security concepts to both technical and non-technical stakeholders.
• Experience with cloud security principles (AWS, Azure, GCP) is highly desirable.
• Relevant professional certifications such as CISSP, CISM, or CISA are a significant advantage.
• Strong analytical and problem-solving skills.
• A proactive approach to cybersecurity and risk mitigation.

This hybrid role offers a fantastic opportunity to shape the security landscape for our client in Bradford, West Yorkshire, UK .

We are seeking a dynamic and experienced Information Security Manager to lead our security initiatives, based out of our Aberdeen, Scotland, UK office, with a hybrid work arrangement. This critical role involves developing, implementing, and managing comprehensive security strategies to protect our organization's information assets. You will be responsible for overseeing all aspects of information security, including risk management, incident response, compliance, and security awareness.

Key Responsibilities:

• Develop and execute a robust information security strategy aligned with business objectives.
• Oversee the implementation and management of security controls, policies, and procedures.
• Lead and manage the information security team, providing guidance and mentorship.
• Conduct regular risk assessments, vulnerability assessments, and penetration testing.
• Develop and maintain an effective incident response plan, leading response efforts during security incidents.
• Ensure compliance with relevant regulations and industry standards (e.g., GDPR, ISO 27001).
• Manage security awareness training programs for all employees.
• Oversee the selection and implementation of security technologies and solutions.
• Liaise with internal and external stakeholders, including auditors and regulatory bodies.
• Stay abreast of the latest cybersecurity threats, trends, and best practices.
• Manage security budgets and vendor relationships.
• Promote a strong security culture throughout the organization.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field. Master's degree or equivalent experience preferred.
• 7+ years of progressive experience in information security, with at least 3 years in a management or leadership role.
• In-depth knowledge of security frameworks, risk management, and compliance.
• Proven experience in developing and implementing security policies and procedures.
• Strong understanding of network security, cloud security, and data protection.
• Experience with SIEM, vulnerability management, and incident response tools.
• Excellent leadership, communication, and interpersonal skills.
• Ability to think strategically and execute tactically.
• Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
• Experience with hybrid work models and managing remote security aspects.

This role offers a fantastic opportunity to shape the security posture of our organization. We provide a competitive salary, comprehensive benefits, and a supportive environment that values professional growth.

Our client is seeking a strategic and experienced Information Security Manager to lead their cybersecurity initiatives in Portsmouth, Hampshire, UK . This senior role requires a proactive leader to develop, implement, and manage comprehensive security programs designed to protect the organization's assets, data, and reputation. You will be responsible for establishing and enforcing security policies, procedures, and best practices across all levels of the organization. Key responsibilities include conducting risk assessments, developing incident response plans, managing security awareness training, and overseeing the deployment and management of security technologies. The Information Security Manager will work closely with IT, legal, and business units to ensure alignment with regulatory requirements and business objectives. You will also manage a team of security professionals, providing mentorship and guidance. The ideal candidate possesses strong leadership qualities, a deep understanding of information security principles and frameworks (e.g., ISO 27001, NIST), and a proven ability to manage security risks effectively. Excellent communication and stakeholder management skills are paramount, as you will be reporting to executive leadership and interacting with various departments. This role is based full-time in our Portsmouth, Hampshire, UK office, offering a stable and collaborative environment within a forward-thinking organization.

Responsibilities:

• Develop, implement, and maintain the organization's information security strategy and policies.
• Oversee the implementation and management of security controls and technologies.
• Conduct regular risk assessments and vulnerability analyses to identify potential threats.
• Develop and manage the incident response plan, leading the response to security breaches.
• Establish and deliver security awareness training programs for all employees.
• Ensure compliance with relevant data protection regulations (e.g., GDPR).
• Manage and mentor a team of information security professionals.
• Liaise with internal and external stakeholders, including IT, legal, and auditors.
• Monitor the security landscape for emerging threats and vulnerabilities.
• Report on the organization's security posture to executive management.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Master's degree and/or advanced security certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
• Minimum of 7 years of progressive experience in information security, with at least 3 years in a management or leadership role.
• Proven experience in developing and implementing information security programs.
• In-depth knowledge of security frameworks, standards, and best practices (ISO 27001, NIST).
• Strong understanding of cybersecurity technologies, including firewalls, IDS/IPS, SIEM, DLP, and endpoint protection.
• Excellent leadership, communication, and interpersonal skills.
• Proven ability to manage projects, budgets, and teams.
• Strong risk management and analytical skills.
• Experience with incident response and disaster recovery planning.

Our client is seeking a strategic and experienced Information Security Manager to lead their security initiatives from a remote position. This role is crucial for defining and implementing the organization's overall information security strategy and ensuring the protection of its critical assets. You will be responsible for developing, maintaining, and enforcing security policies and procedures, managing risk assessments, and overseeing incident response activities. The ideal candidate will have extensive experience in cybersecurity leadership, including developing and managing security programs, compliance with relevant regulations (e.g., GDPR), and managing security budgets. You will lead a team of security professionals, fostering a high-performance culture and driving continuous improvement in security operations. Responsibilities include selecting and implementing security technologies, conducting penetration testing oversight, and working closely with IT and business stakeholders to ensure security is aligned with business objectives. A deep understanding of cloud security, network security, application security, and data privacy is essential. We are looking for a candidate with a proven track record of successfully managing information security in a complex environment, strong leadership and communication skills, and the ability to influence at all levels of the organization. A Master's degree in Information Security, Computer Science, or a related field, along with recognized security certifications (e.g., CISSP, CISM), is highly desirable. This role is fully remote, allowing you to contribute to our global security posture from your home office. If you are a visionary security leader ready to make a significant impact, apply today.

Overview

Purpose of the job To ensure that the organization's information is held, used, and shared securely by implementing robust policy, organizational, and technical security regimes.nKey job outcomes / responsibilities

Responsible for policies and measures covering all information held and used by the organization in all formats.nSupport the overall Information Governance Service.nDevelop policies, standards, and procedures to support sound security in service delivery/operations and ensure compliance with relevant regulations, standards, and codes of good practice.nEnsure the organization's technical architecture is appropriately secure.nMaintain effective internal and external checks and challenges to security arrangements such as audits and penetration tests.nEnsure the organization's staff understand and act on their security responsibilities.nThis job description sets out the key outcomes required. It does not specify in detail the activities required to achieve these outcomes.nGeneral Accountabilities

A. So far as is reasonably practicable, the post holder must ensure that safe working practices are adopted by employees and in premises/work areas for which the post holder is responsible to maintain a safe working environment for employees and service users. These are defined in the Corporate Health, Safety and Welfare Policy, departmental policies, and codes of practice.nB. Work in compliance with the Codes of Conduct, Regulations, and policies of the organization.nC. To model and promote good equalities practice and value diversity across the service.nD. Ensure that output and quality of work are of a high standard and comply with current legislation/standards.

#J-18808-Ljbffrn