Information Security Manager

• Security Framework Development: Lead the design and evolution of the LSF to cover all operational and technical domains, including data classification, protection, governance, and lifecycle management.
• Policy & Governance: Develop and maintain security policies, ensuring supporting standards, procedures, and guidelines are created by relevant teams and aligned to regulatory and business needs.
• Operational Assurance: Establish and oversee security compliance mechanisms across the business, ensuring secure-by-default practices in architecture, deployment, and operations.
• Security Compliance & Testing: Lead ongoing compliance assessments and internal audits and provide reporting at client and business unit levels.
• Client-Facing Advisory: Act as a subject matter expert and advisor on security and risk management, supporting pre-sales engagements, Monthly Service Reviews (MSRs), and Quarterly Business Reviews (QBRs).
• Cross-Functional Engagement: Partner with Architecture, DevOps, SAP, and AI teams to ensure that security is built-in, not bolted on.
• Security Awareness & Culture: Promote a strong security culture through internal guidance, awareness campaigns, and training.
• Continuous Learning and Development: Stay updated on the latest cloud security trends, technologies, and regulatory changes. Participate in ongoing professional development and certification.
• Promote automation: Work with our Security Engineers to ensure that our controls are applied and governed through automated means wherever possible.

Supervisory Responsibilities:

• No direct line management, but strong influence across Architecture, Product, Operations, and Customer Success teams.
• May lead virtual security working groups and mentor staff in security-related responsibilities

Do you have experience in NIST standards?, * Security Governance & Frameworks: Deep knowledge of ISO 27001, NIST, CIS, CSA CCM, SOC2 and secure development lifecycle principles.

• Cloud Security: Strong understanding of cloud-native security across AWS, Azure, and GCP.
• SAP & AI Security: Awareness of security requirements for SAP on Cloud and modern AI/ML platforms.
• Data Security & Governance: Experience with data classification models, data loss prevention (DLP), encryption, and compliance frameworks (e.g., GDPR, HIPAA, CCPA).
• Risk & Compliance: Ability to lead risk assessments, develop mitigation strategies, and map controls to compliance standards.
• Communication & Influence: Strong skills in translating technical controls into business language and influencing at all organisational levels.
• Documentation & Reporting: Skilled in producing comprehensive policy documents, compliance reports, and security dashboards.

Pay: £44,048.73-£87,077.01 per year