Information Security Manager

Job Description

INFORMATION SECURITY MANAGER

Our client is one of the largest owner-operator of rapid electric vehicle charging stations across the UK and Europe. They are award winners and are currently shortlisted for "The Best Place to Work".

They are growing and expanding rapidly. Are you ready to join the ride?

They are seeking a highly skilled and experienced Information Security Manager to join their team.

You will work closely with the client’s international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business.

Key Responsibilities:

• Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards.
• Establish, maintain, and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities.
• Conduct regular risk and vulnerability assessments to identify potential threats and weaknesses in information security infrastructure.
• Collaborate with internal stakeholders to ensure information security requirements are integrated into business processes and systems.
• Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement.
• Define and enforce information security policies, standards, and guidelines across the organisation and monitor compliance.
• Manage tabletop/red team exercises and incident response playbooks.
• Assist in the incident response process and lead investigations into security breaches or incidents.
• Provide guidance and promote security awareness among employees.
• Stay updated with the latest security trends, threats, and best practices, and recommend improvements.
• Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews and compliance checks.
• Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contracts.
• Prepare and deliver reports on security metrics, incidents, and compliance to senior management and stakeholders.

Qualifications and Skills:

• Professional certifications such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent.
• Extensive experience (5+ years) in information security management, focusing on ISO 27001 compliance.
• Deep knowledge of ISO 27001 standards and other frameworks like NIST, COBIT.
• Strong technical understanding of modern IT and cloud environments, including third-party risk assessments.
• Experience in developing and implementing security policies, procedures, and controls.
• Familiarity with risk assessment methodologies and tools.
• Experience managing security incidents and investigations.
• Excellent communication and stakeholder collaboration skills.
• Strong analytical and problem-solving abilities.
• Ability to manage multiple priorities in a fast-paced environment.
• High integrity and confidentiality commitment.

Equal Opportunity Statement:

They are an equal opportunity employer. We are committed to equality, and all applicants will be considered without regard to race, gender, age, religion, disability, or status.