Information Security Manager

Join TwinStream a dynamic, engineering-led consultancy born from real-world problem solvers within UK government organisations. We bring technical excellence to complex missions, and now we re looking for someone who can elevate our security posture as we continue to grow.

If you want a role where you're trusted, empowered, and hands-on with real impact this is it.

In 2019, our founders united their expertise to build a business that delivers exceptional service and cutting-edge solutions across government, defence, and highly regulated sectors.

Today, TwinStream teams operate both on-site with clients and remotely nationwide, supporting high-stakes, high-impact work. We're scaling rapidly and your voice will matter.

We re searching for a practical, proactive, mid-to-senior InfoSec practitioner who thrives on doing not just advising.

This is a delivery-focused role, perfect for someone who enjoys:

• Crafting and updating policies
• Driving governance, risk, and compliance
• Embedding secure-by-design practices
• Boosting security awareness and culture
• Being the go-to security expert within the business

You ll work independently, without line management duties, owning day-to-day information security operations. Our IT teams handle the tooling your mission is governance, risk, compliance, and enabling secure delivery.

• Own and manage all information security incidents & organisational risks
• Maintain and evolve our Information Security Management System (ISMS)
• Lead policy creation, updates, and compliance tracking
• Drive continuous improvement of security practices and behaviours
• Ensure compliance with ISO 27001, Cyber Essentials Plus, UK GDPR, and MOD CSM v3/v4
• Plan, coordinate, and support internal/external audits and pen tests
• Embed security into projects, cloud services, and software delivery
• Deliver engaging security training and awareness sessions
• Contribute to Business Continuity, Disaster Recovery, and internal audit
• Act as TwinStream s primary point of contact for all things InfoSec

• Proven experience as an Information Security Manager or similar
• Strong experience in incident management, risk governance, and practical InfoSec delivery
• Ability to embed security into modern software development and cloud environments
• Strong knowledge of ISO 27001, Cyber Essentials Plus, and requirements
• Excellent communication skills confident translating security for all audiences
• Comfortable working remotely in a flexible, fast-paced environment
• Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer/Auditor)
• Eligible for UK Security Clearance (minimum SC)

• 8% employer pension contribution
• Private medical cover including dental & optical (for you and your family)
• Learning & development autonomy you drive your growth
• Flexible remote working that actually supports your life
• Electric vehicle salary sacrifice scheme
• Cycle to Work + Life Assurance
• 28 days holiday + bank holidays
• Quarterly meet-ups, summer party & Christmas celebrations
• We re building something special and you ll be at the heart of it.

Join a team where your expertise shapes how we protect people, systems, and missions that matter.