22 of 22 Information Security Management Jobs in the UK excluding London

Job summary We are seeking a highly skilled and motivated Information Security Analyst to join our Digital Data & Technology (DDaT) team. This is a pivotal role supporting the Chief Information Security Officer (CISO) in delivering cyber security services across the Trust and wider health and care system. The role will support the CISO in delivering … digital safety, security and overall improvement, adhering to the Target Operating Model. The Information Security Analyst will manage the delivery of all cyber security related services. This will include cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber relatedassertions, policy and procedure lifecycle management, and ensuring theTrust's information compliance … adheres to the Cyber Assurance Framework (CAF) and ISO27001. Main duties of the job Provide expert guidance on the selection, design, justification,implementation and operation of Cyber Security strategies, technologies,processes, procedures and standards. Support the development of controlsand management approaches to maintain the safety, confidentiality,integrity, availability and security of the Trust's digital infrastructure andsystems More ❯

Information Security Manager NCC Location: Bristol based with Hybrid working 2 days on site, 3 days home Salary: £54,102 to £67,056 per annum (experience dependent) Government Security Clearance: You will be required to undertake government security clearance if successful securing this role. Please only apply if willing to undertake clearance process. Closing Date … advert early if required. Summary; NCC is the UKs innovation partner! Were supporting a range of interesting new projects in the defence sector and are hiring for an additional Information Security Manager to join our expanding secure operations team. Your role as Information Security Manager is to ensure the effective protection of secure information and … Youll report into the Head of Secure Operations and work with a wide range of internal stakeholders including secure operations teams, the board members & senior leadership, HR business partners, security & networking managers. External relationship management will also be large part of your role including our defence sector clients and government bodies. What youll be doing; Reviewing new Security More ❯

Information Security Analyst | Hybrid | Contract | Northampton My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. The successful candidate will play a pivotal role in ensuring compliance with data protection regulations, supporting the Information Security Management System ISMS, and maintaining robust … governance, risk, and compliance GRC processes. Key Responsibilities on the Information Security Analyst: Manage and respond to Subject Access Requests SARs in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in data protection and risk management activities. Help maintain the Information Security Management System ISMS Provide expert advice on GDPR compliance and data subject rights. Provide expert guidance on data classification, retention, and information governance best practices. Information Security Analyst Experience/Technology: Proven experience in GRC and Information security. Extensive expertise of GDPR, SAR, and Right to More ❯

Role: Information Security and Risk Manager Location: Aberford Leeds Contract: Permanent Working: Hybrid 3 days in the office As MICHELIN Connected Fleet, a division of the Michelin Group, leader in sustainable mobility for 130 years, we specialise in connected fleet management services and solutions. We are a market leader with over 30 years expertise in a high … talent of our people. We nurture our team's growth with several company wide development programs - including our Diversity, Mentoring and Sustainability programs. THE ROLE IN SHORT: As the Information Security and Risk Manager, you are the central leader responsible for the company's overall security and compliance posture. You will manage the entire Information Security Management System (ISMS), ensuring the continuous maintenance of the ISO 27001 standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end More ❯

Role: Information Security and Risk Manager Location: Aberford Leeds Contract: Permanent Working: Hybrid 3 days in the office As MICHELIN Connected Fleet, a division of the Michelin Group, leader in sustainable mobility for 130 years, we specialise in connected fleet management services and solutions. We are a market leader with over 30 years expertise in a high … talent of our people. We nurture our team's growth with several company wide development programs - including our Diversity, Mentoring and Sustainability programs. THE ROLE IN SHORT: As the Information Security and Risk Manager, you are the central leader responsible for the company's overall security and compliance posture. You will manage the entire Information Security Management System (ISMS), ensuring the continuous maintenance of the ISO 27001 standard and leading the comprehensive risk management program. Your duties include coordinating internal and external audits, ensuring effective tracking of strategic security objectives and KPIs, and overseeing all security incident response and resolution efforts. WHAT WILL I BE DOING: Lead and manage the end More ❯

Information Security Manager - Rail Sector, URGENT HIRE Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside … the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems cyber security assessments and risk management Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices Manage the information security incident response program Manage implementation and deployment of … Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification such as CISM or CISSP Benefits More ❯

Information Security Manager - Rail Sector, URGENT HIRE Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside … the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems cyber security assessments and risk management Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices Manage the information security incident response program Manage implementation and deployment of … Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification such as CISM or CISSP Benefits More ❯

Information Security Manager - Rail Sector, URGENT HIRE Lawrence Harvey is delighted to be exclusively supporting a leading rail client once again to support with the growth of their exceptional technology team for their Information Security Manager. The Role: Leading management of information security which includes ISO27001, PCI-DSS, and vulnerability management. Working alongside … the DPO and Head of Technology to support on areas of data protection. Lead collaboration with key partners for train onboard systems cyber security assessments and risk management Establish and maintain appropriate policies, procedures, and practices in relations to cyber, data and governance practices Manage the information security incident response program Manage implementation and deployment of … Information Security Management System (ISMS). Line management of the internal InfoSec specialists. Requirements Extensive experience working with PCI-DSS and ISO27001 Strong understanding on security tools such as IDS/IPS. Demonstrable experience of leading Information Security, Governance, Compliance teams. Ideally a form of cybersecurity qualification such as CISM or CISSP Benefits More ❯

Information Security Analyst Contract Northampton Hybrid My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. Policy and process is already in place, so you ll play a key role in managing Subject Access Requests (SARs), Right to Be Forgotten (RTBF) requests, and ensuring … the organisation maintains the highest standards of data privacy and governance. Key Responsibilities on the Information Security Analyst: Manage and respond to Subject Access Requests (SARs) in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in … data protection and risk management activities. Help maintain the Information Security Management System (ISMS). Maintain accurate records of all data protection requests and actions taken. Provide expert advice on GDPR compliance and data subject rights. Liaise with internal teams and stakeholders to ensure consistent adherence to data protection principles. Information Security Analyst Experience More ❯

Information Security Analyst | Contract | Northampton | Hybrid My client is looking for an Information Security Analyst/GRC Analyst to be a part of their growing security team. Policy and process is already in place, so you’ll play a key role in managing Subject Access Requests (SARs), Right to Be Forgotten (RTBF) requests, and ensuring … the organisation maintains the highest standards of data privacy and governance. Key Responsibilities on the Information Security Analyst: Manage and respond to Subject Access Requests (SARs) in accordance with GDPR timelines and procedures. Oversee Right to Be Forgotten and data deletion requests, ensuring complete and compliant execution. Support the wider GRC and Information Security team in … data protection and risk management activities. Help maintain the Information Security Management System (ISMS). Maintain accurate records of all data protection requests and actions taken. Provide expert advice on GDPR compliance and data subject rights. Liaise with internal teams and stakeholders to ensure consistent adherence to data protection principles. Information Security Analyst Experience More ❯

energy and creativity to make a positive difference, then this is the job for you. We have an exciting opportunity for a PCI and Compliance Lead to join our Information Security team for a fixed term of 18 months. The Benefits Salary - up to £64,898 p.a. – depending on skills and experience. Holidays - 25 days holiday plus public … Cycle to Work scheme. Community Day - We offer our people an extra paid day off every year to help local charities and community organisations. The Role Reporting to our Information Security Assurance Manager, you’ll be responsible for oversight, management and continuous compliance of the Payment Card Industry Data Security Standard (PCI DSS) requirements across the … Society within the Information Security Assurance Team. You’ll assist in the oversight and control of all aspects of the Information Security Management System, ensuring controls and assurance audits are in place to prevent/minimise threats such as security breaches, computer viruses or attacks by cyber criminals as well as carrying out audits More ❯

Information Security Analyst Up to £50,000 + benefits Hereford | Hybrid Permanent | Full-time We are looking for an experienced Information Security Analyst to join our client who will play a key role in driving compliance, governance, and continual improvement across key security frameworks including ISO 27001, PCI DSS, and Cyber Essentials Plus. Key Responsibilities … Lead on the operation and continual improvement of the Information Security Management System (ISMS) * Coordinate internal and external audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus * Draft and update information security policies, procedures, and technical standards * Work with procurement and commercial teams to support supplier assurance and risk assessment * Contribute to tender … responses and bid processes, ensuring security and compliance requirements are met * Promote good security practices and raise awareness across departments * Act as an escalation point and day-to-day contact for other team members * Stay up to date with changes in legislation and standards relating to information and cyber security Key Skills & Experience: Essential: * Background in More ❯

ISO27001, IT Risk, IT Compliance, IT Controls, IT Audit, Policy. Governance, Security, Surrey area Your new company A specialist organisation in the Health/Medical sector offers hybrid working in this role based in North Surrey area. Your new role You will be working in the Risk team and will design, implement & maintain the Information Security Management … plans to address these risks, including the compilation of business continuity plans (BCP). You will work closely with colleagues in IT to enhance the technology & control frameworks regarding information security compliance & cyber threat security. Risk & Compliance You will lead the development, implementation, and continuous improvement of our Information Security Management System (ISMS) in line … with ISO 27001 and other regulatory standards. Assessing security posture, identifying vulnerabilities, and developing mitigation strategies to manage enterprise-wide information security risks. Maintaining and enhancing the organisation's risk register and heat map, ensuring risks are scored, tracked, and treated effectively. Overseeing the implementation and management of systems, including firewalls, encryption, and data protection controls. More ❯

wellness and employee assistance programmes, gymflex, travel and dental insurance Work. Life. Smarter. Our commitment to a flexible and hybrid working culture Role Purpose Design and implement changes to information security governance & risk management, to ensure that the organisation's security posture is robust, compliant, and adaptable to emerging threats while aligning with strategic business goals. … by identifying and recommending changes to Infosec policies, processes, control frameworks Ensure that we are consistently compliant with customer, regulatory, and shareholder obligations. Implement and continuously improve a risk management process across the organisation. Maintain and assess the effectiveness of the security controls catalogue; recommend improvements. Own the Information Security Management System (ISMS) to ensure … compliance with internal and external requirements. Provide assurance that security controls are operating effectively and aligned with defined frameworks. Maintain company risk portfolio and actively review and risk finding Conduct internal assessments against regulatory and customer obligations, compliance assessments, and gap analyses. Develop and implement governance frameworks aligned with business and regulatory requirements. Skills Cyber Risk Oversight - Strategic understanding More ❯

An opportunity has arisen to join an expanding BS&I Cyber Security team in the Procurement & Supply Chain domain and will act as the Cyber Security Officer and respond to the needs of MBDA UK, MBDA Group and Customer requirements. Salary : Circa £45,000 - £50,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site … due to workload classification Security Clearance : British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the … MBDA Personnel Security Team. What we can offer you: Company bonus : Up to £2,500 (based on company performance and will vary year to year) Pension : maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working More ❯

About SPS: Special Projects and Services Limited (SPS) is a UK-based security and risk management company founded in 1991. Operating globally, SPS provides crisis response, risk assessment, medical operations support, and project management in high-risk or complex environments. Known for its expertise in global assistance and specialist security operations, SPS was acquired by Concentric … in 2025, strengthening its position as a trusted provider of integrated risk and crisis management solutions. Overview: You will support the delivery of IT services across the UK business, assisting with technical support, device management, and ongoing tech ops projects. This role provides structured, hands-on training in IT systems administration, cyber security, and compliance, contributing to … access permissions, and documenting asset inventory. Support the purchase, setup, and installation of IT equipment as required. Maintain an accurate inventory of all technology assets, ensuring updates to asset management systems. Assist in developing, documenting, and managing processes for supporting the IT environment holistically, including but not limited to: workstation deployment, system access management, software patching/upgrades More ❯

their team. This role focuses on two critical areas: operational support for GDPR compliance , particularly handling Data Subject Access Requests (DSARs ), and ensuring day-to-day adherence to their Information Security Management System (ISMS). Key Responsibilities of the Data Protection Officer: 1. GDPR Compliance & DSAR Handling Act as the main point of contact for receiving, investigating … and audit requirements. Provide input on GDPR matters where necessary, without being responsible for policy creation or process design. 2. ISMS Oversight & Compliance Support the ongoing maintenance of the Information Security Management System (ISMS) . Conduct regular checks and reviews to confirm that existing security policies and processes are being followed. Identify gaps in compliance and … ISO 27001). Skills from the Data Protection Officer: Proven experience managing GDPR-related activities, especially actioning Subject Access Requests . Familiarity with data protection regulations and handling sensitive information securely. Hands-on experience working within an ISMS framework , ideally in environments aligned to ISO 27001. A methodical and structured approach to compliance verification and policy adherence. Excellent communication More ❯

their team. This role focuses on two critical areas: operational support for GDPR compliance , particularly handling Data Subject Access Requests (DSARs ), and ensuring day-to-day adherence to their Information Security Management System (ISMS). Key Responsibilities of the Data Protection Officer: 1. GDPR Compliance & DSAR Handling Act as the main point of contact for receiving, investigating … and audit requirements. Provide input on GDPR matters where necessary, without being responsible for policy creation or process design. 2. ISMS Oversight & Compliance Support the ongoing maintenance of the Information Security Management System (ISMS) . Conduct regular checks and reviews to confirm that existing security policies and processes are being followed. Identify gaps in compliance and … ISO 27001). Skills from the Data Protection Officer: Proven experience managing GDPR-related activities, especially actioning Subject Access Requests . Familiarity with data protection regulations and handling sensitive information securely. Hands-on experience working within an ISMS framework , ideally in environments aligned to ISO 27001. A methodical and structured approach to compliance verification and policy adherence. Excellent communication More ❯

Infrastructure Security Engineer We are currently recruiting for a Infrastructure Security Engineer on a 6 month initial contract. Hybrid basis (2-3 days), office location being London. They are looking for a candidate to take responsibility for leading, guiding, supporting and delivering secure architectural design for the group cyber security maturity programme. They are also looking for … a candidate who is able to provide advice and recommendations for the programme. Key Skills Support the integration of new cyber security technologies that meets the next generation threats and can be adopted by the group globally You will be required to travel to the local sites, data centre or multiple offices location in order to complete your tasks … for off the network countries. Support global cyber security team to ensure open Continuous Security Improvement Programme (CSIP's) are managed effectively up to closure Information Security Management System (Infrastructure Security Operations). Azure cloud infrastructure and configuration. System Centre Configuration Manager, Operations Manager and Virtual Machine Manager. Microsoft Exchange online Azure and on More ❯

work closely with clients to understand their business needs, develop tailored solutions, and ensure that projects are executed efficiently, on time, and within budget. Your technical expertise and project management skills will be critical in delivering high-quality results that meet or exceed client expectations. Responsibilities: Collaborate with Project Management Office to ensure successful delivery of projects, meeting … updates and reporting. Ensure that all project milestones, tasks, and issues are documented and actioned promptly to maintain clear visibility for all team members Uphold the highest standards of information security by strictly following the company's policies and procedures, ensuring compliance with industry regulation and data protection guidelines to protect client and company data Prepare and deliver … comprehensive client documentation, ensuring that all necessary technical details, configurations and system information are included, and shared with the Service Desk to ensure smooth ongoing support Take ownership of the client onboarding and offboarding process, ensuring a smooth and efficient transition for new and departing clients. For onboarding, manage the integration of client systems, provide training, and ensure all More ❯

project procurement Monitor and act on daily and weekly project board governance Accurately document project progress, including updating Autotask workplans Liaise and coordinate with 3rd parties Contribute to Risk Management Reviews Plan project handover calls with internal teams and project closure calls with client Take meeting notes and document them for future reference Ensure that all documents, trackers, and … related materials are kept up to date and stored appropriately in the correct drives Assist with any additional tasks or responsibilities as needed Maintain information security by complying with the company's Information Security Management System (ISMS) and all relevant policies About you: Experience: Project scheduling and coordination experience is an absolute must, ideally within … communication and customer service skills High attention to detail Highly organised with the ability to multitask Previous experience within an MSP environment is desirable Autotask experience is desirable Project management certification would be advantageous Personal Attributes: Possesses good written and verbal communication skills and the ability to communicate complex technical issues to non-technical clients. Keen to research new More ❯

setting the cadence, communication flow, and rituals that make execution smooth and transparent. Governance, Compliance & Risk Maintain Trudenty's SOC 2 and ISO 27001 frameworks, keeping our compliance and security posture strong as we scale. Manage the compliance calendar, coordinate audits, and ensure cross-functional accountability for controls and evidence. Collaborate closely with engineering, legal, and external auditors to … uphold data privacy and protection standards. Lead company-wide security training and annual policy refreshes — keeping security woven into daily operations. Track compliance KPIs and drive continuous improvement of our Information Security Management System (ISMS). Partner with leadership on GDPR readiness and client-specific compliance requirements. Finance, Legal & Vendor Operations Partner with the founder … calm, clarity, and focus to complexity, and know how to get things done when priorities shift and new opportunities emerge. 5–8 years' experience in operations, strategy, or business management, ideally within fintech, SaaS, or payments. Proven ability to build structure from the ground up — designing systems, processes, and rhythms that create clarity and enable scale in dynamic environments. More ❯