369 Information Security Manager jobs in the United Kingdom

Hi,

I'm excited to share that one of our clients is hiring for an Information Security Lead in London! Below are the job details. If you're interested, please send your CV to apply.

Title: Information Security Lead

Location: London

Duration: Permanent, fulltime

Job Type: Hybrid (3-4 days per week onsite)

Purpose :

The Information Security Lead will be responsible for ensuring the confidentiality, integrity, and availability of client's information and IT systems. The ideal candidate will have experience in information security within the energy, mining, chemicals, or process manufacturing sectors and will apply that expertise to enhance client's security posture. This role will involve developing and executing the information security strategy, leading security initiatives, assessing vulnerabilities, and ensuring compliance with relevant industry regulations while adapting security practices to the unique needs of the soda and chemicals industries.

Key Responsibilities:

1. Develop and implement client's information security strategy, ensuring alignment with business objectives, regulatory requirements, and industry best practices.
2. Lead the creation, review, and enforcement of information security policies, procedures, and guidelines tailored to the soda production and chemicals sectors.
3. Conduct regular risk assessments and vulnerability analyses to identify and address potential security risks, ensuring proactive measures to protect sensitive data and operational systems.
4. Stay updated on the latest security threats, trends, and regulatory changes, and ensure the organization’s security measures evolve accordingly.
5. Design and implement a robust cybersecurity framework to safeguard critical operational systems, production data, and intellectual property.
6. Oversee the security measures for IT infrastructure, industrial control systems (ICS), and operational technology (OT), ensuring they meet the security needs of client's operations.
7. Manage Microsoft Office 365 security and compliance administration panels to enhance data protection, regulatory compliance, and security monitoring.
8. Administer security software solutions, including Endpoint Detection and Response (EDR) and email security tools, to proactively defend against cyber threats and vulnerabilities.
9. Ensure integration of security protocols across various departments, including IT, HR, finance, and operations, promoting a unified and cohesive security strategy.
10. Establish and manage incident response protocols to quickly identify, assess, and mitigate security incidents or breaches.
11. Lead investigations into security incidents, identifying root causes, and coordinating corrective actions to prevent future occurrences.
12. Collaborate with external security vendors and government agencies to manage large-scale security incidents, when necessary.
13. Lead information security awareness programs and provide training to employees on security best practices, regulatory compliance, and emerging threats.
14. Ensure compliance with industry-specific regulations (e.g., GDPR, ISO 27001, industry standards) and client's internal policies.
15. Oversee audits and inspections to verify adherence to internal security policies and ensure that compliance requirements are met.
16. Serve as the primary point of contact for all information security-related matters, collaborating with internal teams, senior management, and external stakeholders to ensure effective communication and risk management.
17. Provide regular reports to senior leadership on security posture, incidents, and security performance metrics.
18. Continuously monitor and improve security controls and processes to stay ahead of emerging threats and enhance organizational resilience

Key Qualifications & Experience:

• Bachelor’s or master’s degree in Information Security, Cybersecurity, IT, or a related field.
• Proven experience in information security roles within the energy, mining, chemicals, or process manufacturing sectors, with a strong understanding of industry-specific risks and challenges.
• In-depth knowledge of cybersecurity frameworks, risk management practices, and regulatory requirements (e.g., NIST, ISO 27001, GDPR).
• Experience with industrial control systems (ICS) and operational technology (OT) security in manufacturing or production environments.
• Strong expertise in network security, encryption, identity and access management, and endpoint protection.
• Experience managing Microsoft Office 365 security & compliance administration panels.
• Experience managing security software solutions (EDR, email security, etc.).
• Proven experience in developing and executing incident response plans, including coordination with external parties like vendors and government agencies.

Hi,

I'm excited to share that one of our clients is hiring for an Information Security Lead in London! Below are the job details. If you're interested, please send your CV to apply.

Title: Information Security Lead

Location: London

Duration: Permanent, fulltime

Job Type: Hybrid (3-4 days per week onsite)

Purpose :

The Information Security Lead will be responsible for ensuring the confidentiality, integrity, and availability of client's information and IT systems. The ideal candidate will have experience in information security within the energy, mining, chemicals, or process manufacturing sectors and will apply that expertise to enhance client's security posture. This role will involve developing and executing the information security strategy, leading security initiatives, assessing vulnerabilities, and ensuring compliance with relevant industry regulations while adapting security practices to the unique needs of the soda and chemicals industries.

Key Responsibilities:

1. Develop and implement client's information security strategy, ensuring alignment with business objectives, regulatory requirements, and industry best practices.
2. Lead the creation, review, and enforcement of information security policies, procedures, and guidelines tailored to the soda production and chemicals sectors.
3. Conduct regular risk assessments and vulnerability analyses to identify and address potential security risks, ensuring proactive measures to protect sensitive data and operational systems.
4. Stay updated on the latest security threats, trends, and regulatory changes, and ensure the organization’s security measures evolve accordingly.
5. Design and implement a robust cybersecurity framework to safeguard critical operational systems, production data, and intellectual property.
6. Oversee the security measures for IT infrastructure, industrial control systems (ICS), and operational technology (OT), ensuring they meet the security needs of client's operations.
7. Manage Microsoft Office 365 security and compliance administration panels to enhance data protection, regulatory compliance, and security monitoring.
8. Administer security software solutions, including Endpoint Detection and Response (EDR) and email security tools, to proactively defend against cyber threats and vulnerabilities.
9. Ensure integration of security protocols across various departments, including IT, HR, finance, and operations, promoting a unified and cohesive security strategy.
10. Establish and manage incident response protocols to quickly identify, assess, and mitigate security incidents or breaches.
11. Lead investigations into security incidents, identifying root causes, and coordinating corrective actions to prevent future occurrences.
12. Collaborate with external security vendors and government agencies to manage large-scale security incidents, when necessary.
13. Lead information security awareness programs and provide training to employees on security best practices, regulatory compliance, and emerging threats.
14. Ensure compliance with industry-specific regulations (e.g., GDPR, ISO 27001, industry standards) and client's internal policies.
15. Oversee audits and inspections to verify adherence to internal security policies and ensure that compliance requirements are met.
16. Serve as the primary point of contact for all information security-related matters, collaborating with internal teams, senior management, and external stakeholders to ensure effective communication and risk management.
17. Provide regular reports to senior leadership on security posture, incidents, and security performance metrics.
18. Continuously monitor and improve security controls and processes to stay ahead of emerging threats and enhance organizational resilience

Key Qualifications & Experience:

• Bachelor’s or master’s degree in Information Security, Cybersecurity, IT, or a related field.
• Proven experience in information security roles within the energy, mining, chemicals, or process manufacturing sectors, with a strong understanding of industry-specific risks and challenges.
• In-depth knowledge of cybersecurity frameworks, risk management practices, and regulatory requirements (e.g., NIST, ISO 27001, GDPR).
• Experience with industrial control systems (ICS) and operational technology (OT) security in manufacturing or production environments.
• Strong expertise in network security, encryption, identity and access management, and endpoint protection.
• Experience managing Microsoft Office 365 security & compliance administration panels.
• Experience managing security software solutions (EDR, email security, etc.).
• Proven experience in developing and executing incident response plans, including coordination with external parties like vendors and government agencies.

Information Security Manager

Location: Newport
Job Type: Full-time, Hybrid (1 day per week)
Salary: 60 - 70K plus 10% bonus

We are seeking an Information Security Manager to join our client's IT team. This role is crucial in ensuring IT risks are identified, measured, and actively managed to protect the organisation from potential impacts. You will develop and implement IT policies, conduct risk ass.

WHJS1_UKTJ

INSTANDA - pushing the boundaries of Insurance Technology.

About us:

INSTANDA is the world’s first no-code cloud-based platform, we are changing the way Insurers can design and deliver insurance products to market, allowing them to configure new products at speed completely disrupting the legacy norms in the industry.
INSTANDA has grown significantly in recent years, and we are now a team of 180+ employees primarily based in the UK and US, with partnerships that operate worldwide. We're continuing to grow our business, and Client Delivery is at the forefront of our growth plans, with partnerships that operate worldwide.  

Our company was built by looking at the world through a different lens and our culture today reflects that by encouraging you to be yourself, speak your mind, and share your opinions. We want people who want to push themselves, be part of something great, and be prepared to challenge themselves if they think there is a better way. Collaboration sits at the heart of how we operate, it has fuelled our growth enormously and our aim to be ‘world class’. People at INSTANDA not only have a real sense of shared ownership but are granted share options to benefit from our long-term success making everyone an owner of the business.

So if this sounds like the place you can thrive in and grow your career, please keep reading!

Follow us to learn more: Instanda.com  | LinkedIn  | Twitter  | YouTube

About the role:

We’re looking for an experienced Information Security Manager who will lead, plan and execute our InfoSec strategy.  You will play a key role in assuring the activities of INSTANDA and a number of our 3rd Party partners. Competent around technology, security frameworks and the cyber threat environment, you will own assurance processes, contribute to a multitude of projects and be involved in decision making.

Your input will be critical to the maintenance and development of Information Security compliance and assurance across the INSTANDA estate and across 3rd parties. A self-starter, you will be comfortable with ambiguity and a lack of detail and be someone who can develop concepts and work with a broad array of individuals and problems. Playing a leading role within InfoSec, with your reach and activity enabling security as a principal consideration across INSTANDA.

Responsibilities will include:

• Overseeing the INSTANDA information security management system (ISMS) including the implementation and maintenance of the ISMS across the business;
• Be a key member of the ISO27001 Steering Committee;
• Engage with external security service providers to ensure support is at the required standards and in line with our business needs;
• Create and maintain security documentation to support the sales process with our clients, and responding to their questions as a respected SME;
• Design and implement the internal security education and awareness programmes;
• Drive the maturity of existing security controls across multiple teams, and in collaboration with colleagues across INSTANDA;
• Proactively identify opportunities to mentor and develop colleagues on all aspect of InfoSec, and;
• Collaborate effectively within internal colleagues in security critical roles to ensure InfoSec is embedded and understood.

Requirements

You’ll have demonstrable, proven experience within the following areas:

You’ll be a proactive self-starter, with a proven track record of building and owning an InfoSec strategy; running your own projects. You’ll effectively manage stakeholders, demonstrating high levels of resilience as you seek to influence at all levels within our business whilst managing multiple simultaneous workstreams.

Accreditation in at least one of the following:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)

Security Frameworks: you’ll have experience delivering and/or maintaining the following key frameworks: ISO 27001, Cyber Essentials, PCI DSS and SOC2. You'll have an excellent understanding of InfoSec best practice in these areas.

Audits: You have experience of working with internal and external auditors during audits for relevant frameworks and client audits;

Assurance Principles: y ou will play a central role in the maintenance of 3rd party assurance, providing InfoSec guidance to Project Managers; Account Managers and individuals who are looking to work with external firms to drive INSTANDA business operations forward.

Stakeholder Management: your ability to influence and educate others on InfoSec principals and best practice is fundamental to this role. You’ll be engaging laterally and vertically with multiple internal stakeholders within INSTANDA to Executive level.

Cyber Threats: you will have proven knowledge around industry developments and adjustments to the nature and character of cyber threats.  

Networking Principles: at times, you’ll need to influence decisions on the design and implementation of changes to the INSTANDA networks, based on your understanding of data flows and network principles, as well as your grasp of security frameworks and controls in place.

Benefits

• Competitive salary
• Generous 28 days holiday allowance, in addition to public holidays.
• For every year of service you complete, we’ll give you an additional days holiday (max. 5 days)
• One Dynamic Day per month on top of your holiday allowance to spend time doing the things you want to do or simply catching up with life admin.
• Remote & Hybrid approach varying with the nature of your role.
• Life cover; income protection and participation in the company pension scheme
• £100 per month to put towards wellness activities.
• Annual learning & development allowance of £1,250
• Free access to LinkedIn learning and Microsoft ESI learning platforms

Additional Information:

This is a UK based role, you must be eligible to live and work in the UK without restriction. We are unable to offer sponsorship.

Please apply directly online

We are not working with any agencies or staffing firms for this role - please do not contact us.

At Clarion, our people are at the absolute heart of what we do. We’re proud that our core values of PASSION , CARE , IMAGINATION , and TRUST define the way we carry out our work across all of our exhibitions and conferences.

If you share our values and want to be a part of a successful, dynamic, and creative global business then we want to hear from you.

The Opportunity:

We have an exciting new role for an Information Security Manager who will be responsible for implementing operational cyber security throughout a dynamic, global, commercial organisation. The role will involve collaboration with numerous internal departments and businesses across the Group organisation.

We are looking for a highly experienced Information Security Manager with extensive technical security knowledge and expertise.

Key Responsibilities:

• Lead a team monitoring and responding to cyber incidents.
• Being a subject matter expert on all aspects of operational information security and cyber risk.
• Define, develop, and implement operational information security processes.
• Identify, assess, and make recommendations on emerging security threats and vulnerabilities.
• Develop and oversee Security Operations Centre (SOC) activities, SIEM, IDS/IPS, threat and incident responses.
• Manage the cyber security vulnerability programme.
• Manage and oversee security penetration testing activities.
• Implement information security policies, processes, governance standards and frameworks.
• Advise departments on security requirements and controls, providing information security guidance across IT operations and new projects.
• Coordinate and manage information security activities, implementing solutions to improve information security, IT infrastructure and cyber security.
• Identify breaches in information security architecture, standards, and best practice.
• Manage and complete information security reviews, including due diligence of third parties.
• Monitor the development of relevant industry standards and best practices (NIST CSF, CIS, ISO etc.), assess and advise on compliance with these standards.

Requirements

Knowledge, Skills & Behaviours:

• Expertise and proficiency on information security management.
• A degree in cyber risk would be advantageous.
• Recognised security qualifications such as CISSP/CISM are desirable.
• Track record of achievement and delivery within various operational information security roles.
• Previous experience of SOC operations and management.
• Extensive knowledge of technical security issues and solutions.
• Extensive knowledge of cyber threats, penetration testing and vulnerability assessments.
• Experience of Cyber Essentials, ISO27001 compliance and leveraging NIST CSF and CIS benchmarks.
• Excellent communication skills both verbal and written, articulate, organised and diligent.
• Willing to join a shift-based call-out rota (this will incur an additional bonus payment).

About Clarion Events

Clarion Events is one of the world’s leading event organisers, producing and delivering innovative and market-leading events since 1947. ( )

Clarion Events embrace diversity and equal opportunities in all that we do. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

Clarion is private equity backed and owned by Blackstone. Blackstone is one of the world’s leading global investment funds, investing capital for the long term in order to build successful, resilient businesses. ( )

Our purpose is to deliver exceptional customer outcomes and experiences, by making every connection count.

Our vision is we want every one of our products to be a market leader in customer satisfaction and delight.

Benefits

• 25 days’ holiday plus bank holidays
• End of year wellbeing shutdown (closed for the last week of the year)
• Celebration day off (e.g. birthday, Diwali, Eid, etc)
• Summer Hours in August (3pm finish on Fridays)
• Helping Our World (HOW) Days – one paid day per quarter to carry out charity work
• Pension Scheme
• Private Medical Insurance
• Health Cash Plan
• Wellbeing Library (MYNDUP)
• Mentoring Programme
• Subsidised Café
• Season Ticket Loan
• Cycle to Work Schemes
• Free on-site gym and shower facilities
• Free eyesight tests
• Free flu vaccination – offered on site once a year for all employees

The Information Security Manager will oversee and enhance the organisation's information security framework, ensuring compliance with industry standards and safeguarding sensitive data. This role offers an exciting opportunity to make a meaningful contribution within the not-for-profit sector.

Client Details

My client is a housing group, it is committed to leveraging technology to support its mission while maintaining a secure and reliable digital environment.

Description

• Develop and maintain the organisation's information security policies and procedures.
• Ensure compliance with relevant regulatory and industry standards.
• Conduct risk assessments to identify and address potential security threats.
• Collaborate with the Technology team to implement security controls and solutions.
• Provide training and guidance on security best practices to employees.
• Monitor and report on the effectiveness of security measures and systems.
• Work with external partners to carry out audits and maintain certifications.

Profile

• A strong understanding of information security frameworks and standards such as ISO 27001, NIST, PCI-DSS
• Demonstrated experience in risk management includes developing related strategies, action plans
• Proven ability to work collaboratively across departments.
• Relevant certifications in information security or equivalent professional qualifications

Job Offer

• Yearly bonus
• Generous pension scheme.
• Life assurance coverage
• Support for professional development.
• Primarily remote working with occasional commuting to London

The Information Security Manager will oversee and enhance the organisation's information security framework, ensuring compliance with industry standards and safeguarding sensitive data. This role offers an exciting opportunity to make a meaningful contribution within the not-for-profit sector.

Client Details

My client is a housing group, it is committed to leveraging technology to support its mission while maintaining a secure and reliable digital environment.

Description

• Develop and maintain the organisation's information security policies and procedures.
• Ensure compliance with relevant regulatory and industry standards.
• Conduct risk assessments to identify and address potential security threats.
• Collaborate with the Technology team to implement security controls and solutions.
• Provide training and guidance on security best practices to employees.
• Monitor and report on the effectiveness of security measures and systems.
• Work with external partners to carry out audits and maintain certifications.

Profile

• A strong understanding of information security frameworks and standards such as ISO 27001, NIST, PCI-DSS
• Demonstrated experience in risk management includes developing related strategies, action plans
• Proven ability to work collaboratively across departments.
• Relevant certifications in information security or equivalent professional qualifications

Job Offer

• Yearly bonus
• Generous pension scheme.
• Life assurance coverage
• Support for professional development.
• Primarily remote working with occasional commuting to London

Role Title: Information Security Delivery Manager

Duration: contract to run until 31/12/2025

Location: London, Hybrid 2 days per week onsite

Rate: up to £491.40 p/d Umbrella inside IR35

Role purpose / summary

The Information Security Delivery Manager is responsible for overseeing all facets of program delivery, including the development of business cases, budget planning and submission, financial monitoring, resource forecasting, project scheduling, and stage gate management. These activities must be executed in alignment with the client’s established methodologies, standards, and policies.

By working collaboratively with peers across the Information Security team and the broader organization, the role ensures that resources are effectively allocated and managed to meet both project objectives and evolving business demands.

• Lead the delivery of Security Maturity and IAM projects across the organization.
• Directly project manage both of these projects.
• Manage project budgets, resource allocation, and financial tracking.
• Conduct requirements analysis and ensure alignment with business objectives.
• Oversee third-party contributions and vendor engagements.
• Identify and manage project risks, issues, and dependencies.
• Maintain effective communication with stakeholders and senior leadership.
• Interface with PMO, Finance, and Portfolio Management teams.
• Support the development and submission of the Annual Operating Plan (AOP).
• Ensure adherence to the client’s project management methodologies and governance standards

Key Skills/ requirements

Must Have:

• 5+ years of experience in delivering complex, multi-workstream projects.
• Proven track record in the financial sector or other regulated industries.
• Strong understanding of Information Security practices and tools.
• Experience with both Agile and Waterfall delivery methodologies.
• Background in delivering RFPs/RFIs and managing vendor relationships.
• Experience managing teams and working in matrix environments.

Nice to Have:

• Experience with critical national infrastructure.
• Familiarity with financial market infrastructure or financial services environments.

Skills Required :

• Strong relationship management and stakeholder engagement skills.
• Excellent organizational and prioritization abilities.
• Effective communicator and confident facilitator.
• Financial acumen in managing project budgets and forecasts.
• Ability to manage multiple priorities in a high-pressure environment.
• Collaborative mindset with a proactive, delivery-focused approach.
• Skilled in navigating complex organizational structures and cross-functional teams.

Qualifications Required:

• Must have a relevant University degree / professional certification in Computer Science,
• Information Management, or related field, or equivalent experience.
• Prince 2 / MSP / APM / PMP qualified.
• CISM / CRISC and ITIL is an advantage.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Role Title: Information Security Delivery Manager

Duration: contract to run until 31/12/2025

Location: London, Hybrid 2 days per week onsite

Rate: up to £491.40 p/d Umbrella inside IR35

Role purpose / summary

The Information Security Delivery Manager is responsible for overseeing all facets of program delivery, including the development of business cases, budget planning and submission, financial monitoring, resource forecasting, project scheduling, and stage gate management. These activities must be executed in alignment with the client’s established methodologies, standards, and policies.

By working collaboratively with peers across the Information Security team and the broader organization, the role ensures that resources are effectively allocated and managed to meet both project objectives and evolving business demands.

• Lead the delivery of Security Maturity and IAM projects across the organization.
• Directly project manage both of these projects.
• Manage project budgets, resource allocation, and financial tracking.
• Conduct requirements analysis and ensure alignment with business objectives.
• Oversee third-party contributions and vendor engagements.
• Identify and manage project risks, issues, and dependencies.
• Maintain effective communication with stakeholders and senior leadership.
• Interface with PMO, Finance, and Portfolio Management teams.
• Support the development and submission of the Annual Operating Plan (AOP).
• Ensure adherence to the client’s project management methodologies and governance standards

Key Skills/ requirements

Must Have:

• 5+ years of experience in delivering complex, multi-workstream projects.
• Proven track record in the financial sector or other regulated industries.
• Strong understanding of Information Security practices and tools.
• Experience with both Agile and Waterfall delivery methodologies.
• Background in delivering RFPs/RFIs and managing vendor relationships.
• Experience managing teams and working in matrix environments.

Nice to Have:

• Experience with critical national infrastructure.
• Familiarity with financial market infrastructure or financial services environments.

Skills Required :

• Strong relationship management and stakeholder engagement skills.
• Excellent organizational and prioritization abilities.
• Effective communicator and confident facilitator.
• Financial acumen in managing project budgets and forecasts.
• Ability to manage multiple priorities in a high-pressure environment.
• Collaborative mindset with a proactive, delivery-focused approach.
• Skilled in navigating complex organizational structures and cross-functional teams.

Qualifications Required:

• Must have a relevant University degree / professional certification in Computer Science,
• Information Management, or related field, or equivalent experience.
• Prince 2 / MSP / APM / PMP qualified.
• CISM / CRISC and ITIL is an advantage.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!