Group IS Manager

We’re looking for an experienced Information Security professional to help unify and mature security governance across a complex multi-entity organisation following a major merger.

This isn’t a strategy-from-scratch role — the roadmap already exists. We need a hands-on, delivery-focused Player-Manager who can bring structure, clarity and momentum to Group-wide Information Security operations.

The role:

• Merging two existing ISMS frameworks into a single Group-wide model

• Driving ISO 27001, Cyber Essentials & CE+ compliance activity

• Coordinating audits, remediation and certification readiness

• Embedding practical security controls into day-to-day operations

• Managing risk registers, policies, corrective actions & incident response

• Working closely with IT, Architecture, Legal, Finance and senior stakeholders

• Supporting Security Forums, governance reporting and resilience planning

We're looking for:

• Strong experience in Information Security Governance, Risk & Compliance

• Deep knowledge of ISO 27001 (ideally 2022 version)

• Experience with audits, ISMS delivery and continuous improvement

• Excellent stakeholder management and communication skills

• Ability to influence across multiple entities and teams

• Experience aligning or merging ISMS frameworks highly desirable

• CISM and/or NIST exposure advantageous