Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client riskregister and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the … to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and riskregister updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers … for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance More ❯
security excellence. Salary - £65,000 per annum Location - South East Key Responsibilities - Act as the primary security advisor to clients or stakeholders - Lead regular security reviews and maintain the riskregister and exception process - Ensure services align with relevant security frameworks and demonstrate compliance through clear reporting and metrics - Own the organisation's security posture ensuring tools, processes More ❯
compliance with leading frameworks (Cyber Essentials, ISO27001, NIST), and maintain a strong internal security posture across our systems and services. You'll lead Quarterly Security Reviews (QSRs), manage client risk registers, and act as a trusted advisor translating complex risks into clear business outcomes. Internally, you'll own our security frameworks, guide improvement across tools and teams, and ensure … compliance through measurable posture metrics and ongoing development. Key Responsibilities Lead client Quarterly Security Reviews (QSRs) covering vulnerabilities, incidents, compliance, and risk registers. Translate technical risks into meaningful business impacts and recommendations. Manage internal and client risk registers and exception processes. Oversee security compliance across frameworks such as Cyber Essentials+, ISO27001, and NIST . Ensure secure deployment and … shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent certifications. Experience More ❯
