1 to 25 of 29 Information Security Management Jobs in the UK excluding London

Overview Join Chambers and Partners as our next Cyber Security Analyst/Lead, a pivotal role at the heart of our commitment to safeguarding information and maintaining trust. You’ll lead the development and delivery of our information security programme, protecting our systems, data, and digital assets from evolving threats. This is an exciting opportunity to … drive key security initiatives, oversee cutting-edge technologies, and ensure compliance with leading industry frameworks within a globally respected organisation. Main Duties and Responsibilities 1. Security Strategy & Governance: Develop, implement, and maintain the organization's information security strategy, policies, standards, and procedures in alignment with business objectives and regulatory requirements. Lead the development and implementation of … an Information Security Management System (ISMS), based on ISO 27001 Conduct regular security risk assessments, identify vulnerabilities, and recommend appropriate mitigation strategies. Stay up-to-date with the latest cybersecurity threats, trends, technologies, and best practices. Provide expert advice and guidance on information security matters to various stakeholders across the organization. 2. Security More ❯

worldwide. The main office is based near Liverpool Street station, London. We have offices in Bermuda, Brazil, Cyprus, Greece, Hong Kong, Japan, and Singapore. Overall Job Purpose: The Junior Information Security Officer (JISO) will assist the Information Security team in implementing and maintaining the information security management system with the objective of managing … risks to information assets to an acceptable level. The JISO will develop a good understanding of the information security policies, standards and procedures and will assist InfoSec in implementing, managing and monitoring the relevant controls. It is imperative that the JISO develops a strong understanding of the organisation's technology landscape to help identify potential threats and … vulnerabilities. Requirements Key Responsibilities: Assist in maintaining the information security standards, procedures and guidelines. Participate in the information security risk management process to identify, assess, treat and monitor risks. Manage information security incidents and events to protect information assets. Help develop and implement incident response plans and procedures to ensure that information More ❯

Your new role - Permanent - ON SITE 5 Days per week. You will be required to obtain security clearance and undergo vigorous onboarding checks - UK Only. Sponsorship NOT available.The main purpose of this job mainly focusses on information security, cybersecurity, and data security, including a wide scope, such as physical security of computer rooms, operating system … level security of Windows and Linux, network security of firewall and other security devices, application security both development and testing phrases, terminal security, backup security, third party and supply chain security of IT service provider.Liaison with the Head Office, Security Operation Centre or Data Centre for implementing security policies, projects and … security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations.The ideal candidate will be responsible for managing information security systems, ensuring compliance with regulatory requirements, and conducting thorough security audits.You will be part More ❯

Information Security Manager NCC Location: Bristol based with Hybrid working 2 days on site, 3 days home Salary: £54,102 to £67,056 per annum (experience dependent) Government Security Clearance: You will be required to undertake government security clearance if successful securing this role. Please only apply if willing to undertake clearance process. Closing Date … advert early if required. Summary; NCC is the UKs innovation partner! Were supporting a range of interesting new projects in the defence sector and are hiring for an additional Information Security Manager to join our expanding secure operations team. Your role as Information Security Manager is to ensure the effective protection of secure information and … Youll report into the Head of Secure Operations and work with a wide range of internal stakeholders including secure operations teams, the board members & senior leadership, HR business partners, security & networking managers. External relationship management will also be large part of your role including our defence sector clients and government bodies. What youll be doing; Reviewing new Security More ❯

Information Security Compliance & Risk Specialist Maritime and Coastguard Agency Apply before 11:55pm on Friday 30th November 2025 Reference number (phone number removed) Salary £44,241 This role is part of the Government Digital and Data Profession, and the role attracts a Digital and Data allowance of up to £14,756, subject to an assessment of your skills … and experience during the interview process A Civil Service Pension with an employer contribution of 28.97% Job grade Senior Executive Officer Contract type Permanent Business area MCA - Information Technology Type of role Information Technology Knowledge and Information Management Risk Management Security Working pattern Flexible working, Full-time, Job share, Part-time Number of jobs … available 1 Contents Location About the job Benefits Things you need to know Apply and further information Location Southampton About the job Job description The Information Security Compliance and Risk Specialist will: Develop & maintain the MCA's Information Security Management System (ISMS) and all underpinning documentation, including stakeholder engagement & compliance checks. Be responsible for More ❯

our tomorrow. So, ready to dive in? Your journey begins with that application - and who knows where it could take you in our vibrant team! Position The Role The Information Security Manager will be responsible for developing, implementing, and managing best practices in information security across M247. This role requires a deep understanding of data management, information security frameworks, and regulatory compliance. The ideal candidate will have a proven track record in creating efficient security processes and play a key role in fostering a culture of security awareness throughout the organisation. Security Strategy Development: Design and implement a comprehensive information security strategy that aligns with business objectives and … complies with ISO 27001 standards. Microsoft 365 Expertise: Leverage Microsoft 365 tools to enhance security measures, ensuring optimal configuration and deployment to protect data and information assets. Data and Information Management: Oversee data governance policies and practices to ensure the integrity, confidentiality, and availability of sensitive information. Operational Efficiency: Identify opportunities to consolidate security processes More ❯

Information Security Analyst | Hybrid | Contract | Northampton My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. The successful candidate will play a pivotal role in ensuring compliance with data protection regulations, supporting the Information Security Management System ISMS, and maintaining robust … governance, risk, and compliance GRC processes. Key Responsibilities on the Information Security Analyst: Manage and respond to Subject Access Requests SARs in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in data protection and risk management activities. Help maintain the Information Security Management System ISMS Provide expert advice on GDPR compliance and data subject rights. Provide expert guidance on data classification, retention, and information governance best practices. Information Security Analyst Experience/Technology: Proven experience in GRC and Information security. Extensive expertise of GDPR, SAR, and Right to More ❯

Role: IT Information Security Manager Salary: £65,000 - £75,000 Per Annum, Plus Benefits Package Location: Hereford with a hybrid working arrangement Must have: The right to work in the UK Full UK driving licence Be able to gain BPSS (Baseline Personnel Security Standard) clearance Be able to gain SC (Security Check) clearance as standard along … with any specific security clearances that may be required Our leading services client requires an accomplished Information Security Manager to be responsible for protecting the Group's data and information systems from cyber threats and unauthorised access. This includes developing and implementing security policies, assessing risks, providing reports and managing security incidents. You will … also oversee security awareness training, security compliance, security accreditation and collaborate with various stakeholders to foster a security-conscious culture. Key Deliverables: Align the business' security stance to comply with ISO 27001and Cyber Essentials Plus, or in accordance with the Cyber Assessment Framework Improve the Cyber Awareness within the company via communications, Cyber Awareness training More ❯

Information Security Manager £70,000- £75,000 PA Central London Well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a critical time where they are expanding their technical team with an ambitious growth plan with multiple acquisitions planned over the coming … years. The Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business. This role is responsible for ensuring robust cyber security controls with a strong emphasis on ISO 27001 readiness. You'll liaise … prior experience to ensure certification plans stay on track. Working with external teams to align processes, you'll also oversee InfoSec/Cyber services, conduct risk assessments and recommend security improvements. Responsibilities: Ownership and maintenance of all security related policies and procedures, implementing Security by Design and driving a culture of cyber security awareness in the More ❯

Information Security Manager Location: Oxfordshire Salary: £48,000 – £57,000 Contract: Permanent, Full-Time Hybrid Working: 50/50 split Team size: 1 direct report (Junior InfoSec Analyst) Ready to lead the charge in safeguarding cutting-edge science? Join my client , a world-renowned research organisation, as their Information Security Manager . This is your chance … enabling groundbreaking environmental research. Why this role matters Cybersecurity isn’t just about defence – it’s about empowering innovation. In this hands-on leadership role, you’ll shape the security strategy, mentor a talented team, and embed a culture of security across the organisation. Reporting to the Head of IT, you’ll combine strategic vision with technical expertise … to keep my client resilient and future-ready. What you’ll do Lead my client’s Information Security programme with creativity and cost-effectiveness Manage a small, dedicated team and oversee budgets Develop and maintain security policies, standards, and procedures Drive risk assessments, incident response, and internal reporting Champion security awareness through training for all staff More ❯

We’re recruiting on behalf of a leading legal firm for an Information Security Manager to lead and strengthen their information security function. This is a hands-on, strategic role where you’ll manage a small team, oversee ISO 27001 and Cyber Essentials Plus compliance, and drive continuous improvement across the business. What You’ll Do … Develop and deliver the firm’s information security strategy. Lead and mentor a small team of IT security professionals. Own ISO 27001 implementation and Cyber Essentials Plus certification. Manage operational security: endpoint protection, M365 security, SIEM/SOC, vulnerability management, and incident response. Lead security projects. Build strong relationships with stakeholders and deliver … security awareness training. What We’re Looking For: Proven experience in information security management, ideally in professional services. Hands-on experience with ISO 27001 and Cyber Essentials Plus. Strong technical knowledge: endpoint security, M365/Entra ID, SIEM, network security, encryption, backup/recovery. Certifications highly desirable: CISM, CISSP, ISO 27001 Lead Implementer . More ❯

Information Security Officer - International Law Firm (London-Based) Permanent | Hybrid Working | Competitive Salary I am working with a leading international law firm to support their search for an experienced and proactive Information Security Officer (ISO) to lead their global information and data security programme. This senior-level role offers the opportunity to shape the … firm's long-term security strategy, drive ISO 27001 certification, and ensure the resilience of systems and data across offices in the UK, US, and Europe. The position reports to the Director of IT and works closely with regional IT teams and external partners. Key Responsibilities: Lead the firm's information security governance framework across all offices … and platforms Maintain and enhance the ISO 27001-aligned Information Security Management System (ISMS) Ensure compliance with frameworks including CIS Controls, NIST, ISO 27701, and GDPR Oversee incident response, threat detection, and access governance across systems such as iManage, Intapp, Aderant, Microsoft 365, and Azure Drive firm-wide security awareness and training initiatives Monitor regulatory changes More ❯

timely and accurate fashion and provide user assistance where required. Support all Helpdesk enquiries and filter to the relevant member of the ICT Department. Support the Business Systems where management, configuration and administration falls under the scope of ICT, such as Themis, HART and other bespoke software. Support all Systems and its users in daily usage and training. Setup … maintain and troubleshoot user accounts and security, on all systems and hardware, ensuring they follow Information Management and Information Security Management systems. Carry out administrative tasks, maintenance, and update user profiles for Business Systems and other ICT management tools, using change management procedures where necessary. Provide a first point of service for … secure handling and storing of ICT assets. Document instances of asset failure, repair, installation and removal. Follow ICT procedures and provide support in their conception and review changes. Monitor information security in-line with the Information Security Management System and Report any suspected misuse and incidents to the ISMS Representatives. Ensure all assets are being More ❯

Job Description IT & Information Security Lead Location: Bristol - Hybrid Full time Job Description At Rolls-Royce we are proud to be a business that has truly helped to shape the modern world and are committed to always being a force for progress; powering, protecting and connecting people everywhere. By … high-performance culture. You will be responsible for ensuring timely and accurate distribution of hardware and peripherals to end user, supporting onboarding and day to day queries, ensuring contractual security requirements are assessed and implemented into day-to-day processes, and reviewing supply chain security. What you will be doing: Security Aspect Letters (SAL) Respond to … SALs from Customers Assess SAL & Create Compliance Matrix Manage Project Confidentiality List (PCL) Issue SALs to Supply Chain Conduct Supplier Security Audits IT Account Management & Support Request Account Creation Approve Issue of Laptops Request Folder Access Order and Issue More ❯

wellness and employee assistance programmes, gymflex, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture Role Purpose Design and implement changes to information security governance & risk management, to ensure that the organisation's security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals. … by identifying and recommending changes to Infosec policies, processes, control frameworks Ensure that we are consistently compliant with customer, regulatory, and shareholder obligations. Implement and continuously improve a risk management process across the organisation. Maintain and assess the effectiveness of the security controls catalogue; recommend improvements. Own the Information Security Management System (ISMS) to ensure … compliance with internal and external requirements. Provide assurance that security controls are operating effectively and aligned with defined frameworks. Maintain company risk portfolio and actively review and risk finding Conduct internal assessments against regulatory and customer obligations, compliance assessments, and gap analyses. Develop and implement governance frameworks aligned with business and regulatory requirements. Skills Cyber Risk Oversight - Strategic understanding More ❯

Salary/package: £100,000 - £110,000 per annum Contract type: Permanent Hours: Full time, 37 hours per week We are looking for an experienced and forward-thinking cyber security leader to join our Corporate Services division as Head of Cyber Security. This is a senior strategic role with organisation-wide visibility and impact. If you have the vision … expertise and influence to embed robust cyber security across a complex and fast-growing business, we want to hear from you. Who we are Commercial Services Group is one of the UK's largest local authority-owned trading organisations, comprising 33 diverse businesses that operate across education, local government, the NHS and beyond. We provide services in recruitment, energy … procurement, legal, IT, HR, education supplies, facilities management and more. With more than 1,800 employees and a global footprint, we combine commercial excellence with social impact, reinvesting a significant proportion of our profits into public services. Corporate Services underpins the success of all Commercial Services Group trading divisions by providing the infrastructure, expertise and governance needed to enable More ❯

IT Security and Governance Manager, ISO27001, c £ 50000 - 60000+ benefits, nr Cheltenham, Gloucestershire. 3 days in the office, 2 days WFH Growing company are looking for an IT Security and Governance Manager who will co-ordinate all the governance and compliance including Certifications such ISO 27001, Cyber Essentials and NIST. You will support the ongoing production and publication … of Policies, Awareness and Risk across the business. These controls are provided in the Information Security Management system. Main responsibilities include - Manage the compliance Portal/Information Security Management System. Manage supplier engagements based on IT Security Certifications and to drive improvements where required. Manage the relevant Certifications. Primarily ISO 27001, Cyber Essentials … and NIST 800-171 (ISO 27001 critical, training available for NIST). Contribute to awareness activities. Supporting the management of Risk. Supporting the daily maintenance activities and response where necessary. Policies, Awareness and Risk across the business Experience Required - Previous knowledge and responsibility for ISO 27001. Good knowledge of Cyber Essentials (NIST an advantage). Data Protection or similar More ❯

About SPS: Special Projects and Services Limited (SPS) is a UK-based security and risk management company founded in 1991. Operating globally, SPS provides crisis response, risk assessment, medical operations support, and project management in high-risk or complex environments. Known for its expertise in global assistance and specialist security operations, SPS was acquired by Concentric … in 2025, strengthening its position as a trusted provider of integrated risk and crisis management solutions. Overview: You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. This role provides structured, hands-on training in IT systems administration, cyber security, and compliance, contributing to … access permissions, and documenting asset inventory. Support the purchase, setup, and installation of IT equipment as required. Maintain an accurate inventory of all technology assets, ensuring updates to asset management systems. Assist in developing, documenting, and managing processes for supporting the IT environment holistically, including but not limited to: workstation deployment, system access management, software patching/upgrades More ❯

You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. Role Provide Tier 1 and supervised Tier 2 IT systems support for the company’s users, devices, and internal network services, escalating complex issues as required Assist with employee onboarding and offboarding, including provisioning equipment, configuring … access permissions, and documenting asset inventory Support the purchase, setup, and installation of IT equipment as required Maintain an accurate inventory of all technology assets, ensuring updates to asset management systems Assist in developing, documenting, and managing processes for supporting the IT environment holistically, including but not limited to workstation deployment, system access management, software patching/upgrades … and management of cloud services Help manage service accounts and vendor contracts (e.g. internet, phone, printer) Contribute to maintaining documentation of the company’s technology architecture Research and suggest service enhancements to improve efficiency and user experience Support the implementation and maintenance of the company’s ISO 27001 Information Security Management System and ISO 27701 Privacy More ❯

Information Security Manager (Remote, UK) Salary: up to £60,000 DOE + Training Budget + Bonus Scheme Join a fast-growing cybersecurity consultancy that partners with enterprise-scale clients across finance, healthcare, technology, and energy helping them build resilience, meet compliance goals, and stay ahead of evolving threats. Youll be part of a collaborative, award-winning team that … frameworks into clear, actionable strategies. Mentor and guide junior consultants, contributing to team development and quality assurance. Work closely with technical teams to align governance and compliance with operational security practices Operate autonomously while helping refine and enhance consultancy methodologies. Desired Experience: Proven experience in GRC consulting, audit, or information security management within large or regulated … knowledge of ISO 27001 and SOC 2 (experience with PCI-DSS, NIST, DORA, or NIS2 advantageous). Excellent communication and presentation skills, confident in C-level workshops and stakeholder management . Organised, self-motivated, and experienced managing multiple enterprise projects simultaneously. Certifications such as CISM, CISA, CISSP, or ISO Lead Auditor desirable. Why Join: Work with some of the More ❯

in working in projects, preferably with larger companies (e.g. FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness … of common Information Security management frameworks such as ISO 27001, COBIT, Information Security Forum and NIST. Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy. More ❯

in working in projects, preferably with larger companies (eg FTSE 100) Exposure to infrastructure and multi-platform environments; preferably within the energy or utility sector. Ability to demonstrate stakeholder management at most levels, including management, Information Technology colleagues and business representatives. Explaining to and communicating with both non-technical and very technical audiences You should have awareness … of common Information Security management frameworks such as ISO 27001, COBIT, Information Security Forum and NIST. The successful applicant should be able to commit to starting ASAP. The role will hybrid, with up to two days per week in the nearest office (Reading or Havant) The role will be umbrella based working. Direct applicants only More ❯

Infrastructure Security Engineer- Spanish speaking We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days) They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. They are also looking for a candidate … who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks for off … the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft Exchange online Azure and on-premises Active More ❯

work closely with clients to understand their business needs, develop tailored solutions, and ensure that projects are executed efficiently, on time, and within budget. Your technical expertise and project management skills will be critical in delivering high-quality results that meet or exceed client expectations. Responsibilities: Collaborate with Project Management Office to ensure successful delivery of projects, meeting … updates and reporting. Ensure that all project milestones, tasks, and issues are documented and actioned promptly to maintain clear visibility for all team members Uphold the highest standards of information security by strictly following the company's policies and procedures, ensuring compliance with industry regulation and data protection guidelines to protect client and company data Prepare and deliver … comprehensive client documentation, ensuring that all necessary technical details, configurations and system information are included, and shared with the Service Desk to ensure smooth ongoing support Take ownership of the client onboarding and offboarding process, ensuring a smooth and efficient transition for new and departing clients. For onboarding, manage the integration of client systems, provide training, and ensure all More ❯

confidence. Your impact is visible: safeguarding revenue, supporting market expansion, and enhancing company reputation for digital trust. My client is a leading Telecoms provider, looking for an experienced Lead Security Compliance Manager - responsible for leading the ongoing management, improvement, and compliance of the Information Security Management System (ISMS) across a complex technology environment. Acting as … the go-to person for security certifications (ISO27001, PCI, Cyber Essentials, Telecoms Security Act (TSA), you'll provide assurance to customers, regulatory bodies, and internal teams that robust standards and controls are met every day. Key Responsibilities Manage and maintain compliance with all required security certifications (ISO27001, PCI, TSA, Cyber Essentials). Oversee responses to incoming customer … security questionnaires and RFPs, supporting audits and regulatory engagements. Drive security awareness and training activities across the business. Foster strong relationships with Technology, IT, Security, and Internal Audit teams. Continually improve the ISMS and compliance regime, including mergers/acquisitions. Analyse and interpret emerging compliance standards; bridge any gaps to maintain alignment. Lead preparation and coordination of More ❯