2,178 Information Security Manager jobs in the United Kingdom

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

• Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
• Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
• Actively contribute to ISO processes, strategies and problem-solving
• Use prior ISO experience to support certification readiness
• Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
• Handle varied and complex security challenges, from system reviews to high-level risk assessments
• Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

• Experience with ISO 27001 is essential
• Strong background in cyber security management
• Proven experience in identifying and mitigating security risks#
• Ability to make actionable recommendations for security improvements
• Experience with GDPR and data protection, together with knowledge of IS standards
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

Information Security Manager

Location: London, Hybrid
Salary: Up to 75,000

Reports to: Head of Cyber Security

A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.

The successful candidate will have a proven background within an MSP or MSSP environment, hold CISSP certification, and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Experience acting as a virtual Chief Information Security Officer (vCISO) is essential.

This business has made significant investment into its SOC-as-a-Service offering, positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.

Key Responsibilities:

• Serve as a vCISO for clients, providing strategic guidance on security posture and compliance
• Lead the development and implementation of security policies, procedures, and controls
• Manage ISO27001 compliance, including internal and external audits
• Conduct risk assessments and oversee incident response planning
• Collaborate with technical teams to ensure security is embedded across services
• Advise on regulatory requirements and emerging threats

Candidate Profile:

• Extensive experience in information security within an MSP or MSSP
• CISSP certified
• Strong working knowledge of GRC frameworks, including ISO27001
• Demonstrated experience in a vCISO capacity
• Excellent stakeholder engagement and communication skills
• Ability to lead complex security programmes across multiple environments

This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.

Only candidates with the right to work in the UK will be considered .

London - Hybrid

Paying up to 75,000, depending on experience.

Information Security Manager

70,000- 75,000 PA

Central London

Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming years.

The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise with assessors and internal teams, drive ISO-related strategies and use prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements.

Responsibilities:

• Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the business
• Liaise with external ISO27001 assessors and internal teams to ensure smooth assessments
• Actively contribute to ISO processes, strategies and problem-solving
• Use prior ISO experience to support certification readiness
• Working closely with stakeholders across the business in relation to Information Security Strategy and the creation, delivery and maintenance of a robust Cyber Security roadmap
• Handle varied and complex security challenges, from system reviews to high-level risk assessments
• Work closely with third-party suppliers in relation to audits, forensic analysis and pen testing

Requirements:

• Experience with ISO 27001 is essential
• Strong background in cyber security management
• Proven experience in identifying and mitigating security risks#
• Ability to make actionable recommendations for security improvements
• Experience with GDPR and data protection, together with knowledge of IS standards
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Relevant qualifications; CISSP, CISM or similar would be beneficial.

Based in Central London, 4 days per week onsite initially dropping to 3 once passed probation.

INFORMATION SECURITY MANAGER

Our client is one of the largest owner-operator of rapid electric vehicle charging stations across the UK and Europe. They are award winners and are currently short listed for " The Best Place to Work" .

They are growing and expanding at pace, are you up for the ride.

They are seeking a highly skilled and experienced Information Security Manager to join our team.

You will work closely with the clients international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business.

Key Responsibilities :

• Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards.
• Establish, maintain and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities.
• Conduct regular risk assessments and vulnerability assessments to identify potential threats and weaknesses in our information security infrastructure.
• Collaborate with internal stakeholders to ensure that information security requirements are integrated into business processes and systems.
• Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement.
• Define and enforce information security policies, standards, and guidelines across the organisation and Monitor compliance with all information security policies, procedures, and standards.
• Management of tabletop/red team exercises and incident response playbooks.
• Assist the incident response process and lead investigations into information security breaches or incidents.
• Provide guidance and support to employees on information security matters and promote a culture of security awareness throughout.
• Stay up to date with the latest information security trends, threats, and best practices, and make recommendations for enhancing the organisation’s security posture.
• Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews, documentation checks, and evidence of compliance (e.g., ISO, SOC 2, pen test results).
• Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contract processes.
• Prepare and deliver reports on information security metrics, incidents, and compliance to senior management and relevant stakeholders.

Qualifications and Skills;

• Professional certifications in information security, such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent.
• Extensive experience (5+ years) in information security management, with a focus on ISO 27001 compliance.
• In-depth knowledge of ISO 27001 standards and best practices , as well as other relevant security frameworks (e.g., NIST, COBIT).
• Strong technical understanding of modern IT and cloud environments, including the ability to assess third-party platforms, suppliers, and software for security risks.
• Proven experience in developing and implementing information security policies, procedures, and controls.
• Familiarity with risk assessment methodologies and tools.
• Experience in managing information security incidents and conducting investigations.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organisation.
• Strong analytical and problem-solving abilities.
• Demonstrated ability to manage multiple priorities and meet deadlines in a fast-paced environment.
• High level of integrity and a commitment to maintaining confidentiality.
• Join our dynamic team and contribute to the protection and security of our organisation’s information assets. Apply your expertise as an ISO 27001 Information Security Manager and help us maintain a robust information security program.

Equal Opportunity Statement :

They an equal opportunity employer. We are committed to equality and diversity, and all applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, or disability status.

**The team you'll be working with:**
**Job Title:** Information Security Manager
**Location:** London, UK or Birmingham hybrid Variable
**Department:** Information Security
**About Us:**
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
**What you'll be doing:**
**What you will be doing;**
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
**Core responsibilities;**
+ Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
+ Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
+ Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
+ Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client's business operations.
+ Collaborate with the client's IT and business teams to integrate security solutions and processes that align with their goals.
+ Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
+ Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
+ Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
+ Manage security awareness training programs for the client's staff, fostering a culture of cybersecurity awareness.
+ Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
+ Ensure that the client's information security posture is continuously improved through proactive security measures, monitoring, and reporting.
**What experience you'll bring:**
**What you will bring;**
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
+ Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
+ Experience managing and leading security operations, incident response, and risk assessments.
+ Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
+ Experience working in a service delivery or consultancy capacity with external clients.
+ Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
+ Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
**Desirable Attributes:**
+ Strong stakeholder engagement experiences.
+ Ability to work independently, take initiative, and work in a dynamic environment.
+ Proactive approach to identifying and solving problems before they escalate.
+ Strong leadership and mentoring skills to support junior staff and teams.
+ Ability to translate business needs into security solutions.
**Who we are:**
We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA ( we'll offer you:**
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.
Back to search Email to a friend Apply now

Our client is looking for a strategic and experienced Information Security Manager to lead their security initiatives from a remote location. This is a fully remote position, offering a unique opportunity to shape and implement robust cybersecurity strategies across the organisation. The Information Security Manager will be responsible for developing, implementing, and maintaining a comprehensive information security program that protects sensitive data and systems. This includes overseeing risk management, ensuring compliance with regulations, managing security awareness programs, and directing incident response activities. You will lead a team of security professionals, foster a security-conscious culture, and collaborate with executive leadership to align security objectives with business goals. The ideal candidate possesses a deep understanding of current cybersecurity threats, vulnerabilities, and mitigation techniques, along with strong leadership and communication skills necessary for managing a distributed team and influencing stakeholders remotely.

Responsibilities:

• Develop and implement the organisation's information security strategy.
• Oversee risk assessments and vulnerability management programs.
• Ensure compliance with relevant data protection regulations and industry standards.
• Manage security incident response planning and execution.
• Lead and mentor the information security team.
• Develop and deliver security awareness training.
• Collaborate with IT and business units to integrate security into all aspects of operations.
• Report on security posture and risks to executive management.

Qualifications:

• Master's degree in Information Security, Computer Science, or a related field.
• Extensive experience in information security management and cybersecurity operations.
• Demonstrated experience in developing and implementing security frameworks.
• Strong understanding of risk management, compliance, and governance.
• Experience with incident response and disaster recovery planning.
• Excellent leadership, communication, and stakeholder management skills.
• Proficiency in security technologies and best practices.
• Relevant certifications such as CISSP, CISM, or CRISC are essential.

Our client is actively recruiting a proactive and strategic Information Security Manager to lead their security initiatives from a remote capacity. This senior position requires a seasoned professional to develop, implement, and maintain a robust information security program across the organisation. You will be responsible for establishing security policies, standards, and procedures, ensuring alignment with business objectives and regulatory requirements. Key duties include managing risk assessments, vulnerability management, and incident response planning. You will oversee the security infrastructure, including firewalls, intrusion detection systems, and endpoint protection solutions. The Manager will lead and mentor a team of security professionals, fostering a culture of continuous improvement and professional development. Experience in developing and managing security awareness training programs is essential. You will collaborate closely with IT leadership and other departments to integrate security considerations into all aspects of the business. Staying abreast of the latest threat landscapes, security technologies, and compliance mandates is critical. The role demands strong leadership, exceptional analytical skills, and the ability to effectively communicate complex security concepts to executive management and technical staff. Proven experience in managing security budgets and vendor relationships is also required. This is a fully remote role, offering the opportunity to shape the security future of our client from anywhere in the UK.

Our client is seeking an experienced and strategic Information Security Manager to lead their security initiatives. This is a pivotal, fully remote role responsible for developing, implementing, and overseeing the organisation's information security strategy, policies, and procedures. You will be instrumental in protecting sensitive data, managing cybersecurity risks, and ensuring compliance with relevant regulations. The ideal candidate will have a strong understanding of cybersecurity frameworks, risk management, and a proven ability to lead and mentor a team. This position requires a proactive approach to identifying and mitigating threats in a constantly evolving digital landscape.

Key Responsibilities:

• Develop, implement, and maintain a comprehensive information security program.
• Establish and enforce security policies, standards, and procedures across the organisation.
• Oversee risk assessments, vulnerability management, and penetration testing activities.
• Lead incident response efforts, including the investigation and remediation of security breaches.
• Manage security awareness training programs for all employees.
• Ensure compliance with relevant data protection regulations (e.g., GDPR) and industry standards.
• Evaluate and recommend security technologies and solutions.
• Manage the information security budget and vendor relationships.
• Lead and mentor a team of information security professionals.
• Stay current with emerging threats, vulnerabilities, and security best practices.

Qualifications and Experience:

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• 8+ years of experience in information security, with at least 3 years in a management or leadership role.
• In-depth knowledge of cybersecurity principles, frameworks (e.g., ISO 27001, NIST), and best practices.
• Proven experience in risk management, incident response, and security architecture.
• Strong understanding of network security, endpoint security, cloud security, and application security.
• Excellent leadership, communication, and stakeholder management skills.
• Professional certifications such as CISSP, CISM, or CISA are highly desirable.
• Ability to develop and execute strategic security plans.
• Experience with compliance and audit processes.

This remote leadership role offers a significant opportunity to shape the security culture and strategy of a growing organisation. If you are a seasoned security professional with a passion for protecting digital assets and driving security excellence, we encourage you to apply.

Our client is seeking a strategic and experienced Information Security Manager to lead their security initiatives in **Sunderland, Tyne and Wear**. This senior role is responsible for developing, implementing, and maintaining a comprehensive information security program designed to protect the organization's assets, data, and systems from cyber threats. You will be tasked with defining security policies, standards, and procedures, conducting risk assessments, and overseeing the implementation of security controls. The ideal candidate will have a deep understanding of current cybersecurity threats, vulnerabilities, and best practices, as well as experience in managing security operations and incident response. This role requires strong leadership skills, excellent communication abilities, and the capacity to collaborate effectively with all levels of the organization, including senior management, IT teams, and legal counsel. You will be responsible for ensuring compliance with relevant regulations and standards (e.g., ISO 27001, GDPR) and for promoting a culture of security awareness throughout the company. A significant aspect of this role involves managing and mentoring a team of security professionals. We are looking for a proactive and results-oriented individual who can drive continuous improvement in our security posture. This position requires your presence at our **Sunderland** office to effectively manage and direct the security operations and teams. Key responsibilities include:

• Developing and executing the organization's information security strategy.
• Establishing and maintaining security policies, standards, and procedures.
• Conducting regular risk assessments and threat modeling.
• Overseeing the implementation and management of security technologies.
• Leading the incident response team and managing security breaches.
• Ensuring compliance with data protection regulations and industry standards.
• Developing and delivering security awareness training programs.
• Managing the information security budget and vendor relationships.
• Leading, mentoring, and developing the information security team.
• Reporting on security posture and incidents to senior management.

This is a pivotal leadership role within our organization, offering a significant opportunity to shape and protect our digital future in **Sunderland**. If you are a seasoned cybersecurity leader, we encourage you to apply.