Information Security Manager

wider business and IT objectives.Design, implement, and manage security controls, processes, and technologies that protect the confidentiality, integrity, and availability of information assets.Own the Information Security Management System (ISMS), ensuring compliance with relevant frameworks as deemed appropriate.Oversee incident response and threat management, leading investigations and coordinating with IT and external partners to contain, resolve, and learn from security incidents.Maintain proactive awareness of the external threat landscape, staying informed on emerging risks, vulnerabilities, and trends. Translate this intelligence into actionable improvements to strengthen Yeo Valley's defences.Monitor and report on security posture, using metrics and dashboards to inform the business and executive team of risk levels, improvements, and vulnerabilities.Define and own the vulnerability management process, ensuring regular assessments, patching, and remediation of security weaknesses across the estate.Lead supplier assurance and third-party risk management, ensuring external partners meet Yeo Valley's security requirements.Work closely with IT infrastructure and delivery teams to ensure new systems, applications, and solutions are secure by design.Create and embed a culture of security awareness, running training, communications, and engagement programmes to upskill colleagues.Support business continuity and disaster recovery planning, ensuring security requirements are embedded in wider IT resilience activities. Coach and enable the Cyber Security Engineer to contribute to develop the business continuity plan for cyber incidents.Sounds interesting, what do I need? Essential:Proven experience in leading or managing information and cyber security operations.Strong knowledge of information security standards, frameworks, and regulations (e.g. ISO27001, NIST, Cyber Essentials Plus, GDPR).Experience developing and implementing security strategies, policies, and controls across hybrid IT environments.Demonstrated ability to manage incidents, risks, and vulnerabilities effectively.Excellent communication and influencing skills, capable of engaging both technical and non-technical stakeholders.Experience managing security suppliers, SOC providers, or MSSPs.Desirable:Experience in manufacturing, FMCG, or supply chain environments.Hands-on knowledge of modern cloud and on-premises security tooling (Microsoft 365 Defender, Sentinel, Azure, Fortinet, etc.).Security certifications (e.g. CISSP, CISM, CompTIA Security+, ISO27001 Lead Implementer).Understanding of disaster recovery, business continuity, and risk management.Why should I join the family? We're independent, British and proud to be making the highest quality yogurts, desserts and ice cream under the Yeo Valley brand and for many of the UK's major retailers. Operating from four dairies and two logistics centres in Somerset and Devon, we employ over 1900 staff and produce more than 25% of the UK's packaged yogurt.BenefitsCompetitive holiday allowancenon-contributory pension schemelife coverhealthcare cash back plancycle to work schemesubsidised Yeo Valley products and servicespreferential rates with our partnerslearning and development opportunities; we're committed to ensuring all of our employees have the chance to growOur closing dates are a guide for when the application window should close, although we may close the advert sooner if we can. So, we recommend you get your application in straight away - and don't miss the opportunity to join us!Unfortunately, we're not able to provide employment sponsorship to candidates at this moment in time.Please note that Yeo Valley does not accept speculative agency applications; we will only accept applications from preferred suppliers that have been submitted to us via our recruitment portal at the point of instruction.#J-18808-Ljbffr Similar jobs, A leading organisation in the financial services sector seeks an Information Security Manager to safeguard systems and data. This pivotal, hands-on leadership role requires implementation of information security strategies, compliance with regulations like Cyber Essentials..., Senior Cyber Security Governance Manager required to lead and evolve enterprise-wide cyber governance within a large global organisation in Glasgow.This is a senior role with responsibility for strengthening governance, risk oversight and control frameworks across a..., CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID)KEY POINTSSenior operational security leadership roleLead Security Operations, Incident Response & Vulnerability ManagementHybrid working - minimum 2 days per week onsite in the Chester AreaCompetitive salaryABOUT THE...

A leading cloud infrastructure company is seeking a Head of Information Security to define enterprise security vision and protect data integrity. This role requires at least 10 years of experience in information security coupled with strong leadership skills. You will...

What will I be doing? At Yeo Valley, we're about more than just making great food - we're here to Nurture & Nourish People & Planet by Making Great Food the Right Way. Forever. As a co-owned business, we invest in our people, encourage growth, and believe in doing things properly.To lead Yeo Valley's Cyber and Information Security function - ensuring our systems, data, and people remain secure while enabling the business to operate efficiently and confidently.You'll own and deliver the organisation's cyber and information security strategy, manage the protection and monitoring of our technology estate, and embed a strong culture of security awareness across all teams. Working closely with IT, data, and operational leaders, you'll ensure our defences are robust, risks are managed proactively, and Yeo Valley remains compliant with all relevant standards and regulations.Your responsibilities:Design, own and lead the Cyber and Information Security strategy, aligning it to Yeo Valley's, Crown Agents Bank is a vastly growing and regulated UK bank that connects emerging and frontier markets to the rest of the world, using FX and payments technology. We are transforming the way payments and FX move through emerging markets, reducing friction so that more..., Job Description About Us ISTARI is a strategic cybersecurity advisory company with a bold vision: to curate the defining cybersecurity ecosystem of our time -uniting enterprise, academia, government, and innovators to build collective resilience. At the heart of this..., DWP. Digital with Purpose. Join DWP as a Senior Cyber Security Risk Manager and help shape how we protect and secure some of the UK's largest digital services.Our DWP Digital teams use fresh ideas and leading-edge tech to build and maintain digital solutions that will be..., Information Security Manager £70,000 - £80,000 London - hybrid working A well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a key time as the organisation expands...