IT Security and Compliance Manager

We're seeking a forward-thinking IT Security and Compliance Manager to play a key role in protecting and shaping our technology environment while supporting our continued business growth. Reporting to the Chief Information Officer, you will lead the security, governance and operational delivery of our IT services, ensuring systems remain secure, compliant and resilient. This is a highly visible role where you'll partner with internal teams, customers and third-party providers to strengthen cyber security, drive certification and audit readiness, and support the development of scalable, reliable IT services. If you enjoy combining strategic security leadership with hands-on operational oversight in a collaborative and evolving environment, this is an exciting opportunity to make a genuine impact., Policy & Standards: Develop and maintain cyber security policies, standards and procedures

ISMS Management: Own and continuously improve the Information Security Management System

Certification & Frameworks: Lead Cyber Essentials Plus and maintain alignment with recognised security frameworks

Audit Leadership: Manage customer and external cyber security audits and evidence preparation

Governance Alignment: Partner with Contracts, Compliance and Quality teams to meet governance and contractual requirements

Risk & Assurance: Conduct internal audits of systems, suppliers and contractors to identify and manage risk

Incident Management: Lead security incident response, remediation and lessons learned

Threat & Regulatory Monitoring: Track emerging threats, regulatory changes and industry best practice

Customer & Bid Support: Provide cyber security expertise for bids, customer engagements and contract negotiations

Access & Data Protection: Oversee governance of system usage, access controls and data protection

IT Service Delivery and Operational Management

Service Performance: Oversee reliable and effective day-to-day IT service delivery

Escalation Management: Act as the primary escalation point for IT service issues

Supplier Management: Manage and optimise Managed Service Provider performance

Infrastructure Growth: Support scalable and resilient IT infrastructure development

Microsoft 365 Management: Oversee Microsoft 365 and collaboration platforms

Project Delivery: Support IT projects, ensuring security and resilience are embedded

Stakeholder Support: Provide technical guidance to promote secure and effective system use

Do you have experience in NIST standards?, IT Security Leadership: Experience in an IT Security, Information Security or IT Management role with responsibility for secure service delivery

Governance & Compliance: Strong understanding of cyber security frameworks, policy development, audits and certification, ideally in regulated industries such as defence or aerospace

ISMS & Risk Management: Proven experience implementing or managing cyber security management systems, risk assessments, and security assurance programmes

Microsoft 365 & Cloud Security: Experience managing or supporting Microsoft 365 environments and associated security controls

Stakeholder & Communication Skills: Ability to engage stakeholders and clearly translate technical risks into business impact

Strategic & Operational Balance: Comfortable balancing hands-on IT operational delivery with longer-term security and governance objectives

Problem Solving & Adaptability: Strong analytical skills, proactive and self-motivated, able to thrive in a growing and evolving organisation, Relevant degree or equivalent professional experience in IT, Cyber Security or Information Security

OR

Qualified through significant experience in an IT Security role, demonstrating achievement of recognised accredited standards

Desirable

Cyber Essentials / Cyber Essentials Plus training or certification

Experience implementing and maintaining DCC and NIST cyber security accreditations in partnership with external consultants

Competitive remuneration package, with performance-related bonuses and clear progression opportunities.

25 days' holiday + public holidays, with long-service rewards and the option to buy up to 5 additional days.

Free breakfast and freshly cooked lunches every day, courtesy of Chef Mark and his team.

Private healthcare through Aviva, keeping you feeling your best.

Life assurance for peace of mind.

Salary sacrifice schemes - including EV car and Cycle to Work options for easy, sustainable travel.

Paid team socials - from quiz nights and football to board games and more; we love to have fun together.

OpenWorks is a rapidly growing business operating globally with a passion for exceptional engineering and building on a legacy of defence innovation in the North East of England. Our products provide ultra-high performance, real-time detection, tracking, identification and targeting of dynamic aerial threats. They have been deployed internationally to protect high profile military and civilian assets, and contribute towards the defeat of nuisance, misguided and maliciously deployed drones during operations. We are very proud to have supported a wide range of law enforcement and military operators, protecting many of the most high profile sites and individuals around the world. The amazing things we do are only possible because of a dedicated and passionate team., As a small, fast growing company with over 70 people which is continually expanding, we offer the opportunity for a professional to have autonomy and responsibility. You'll directly see the impact of your efforts., Be a world-leading provider of autonomous technology for Surveillance applications and Defence