Information Security Manager

Information Security Manager
£70,000 - £80,000 plus bonus

Nigel Wright are delighted to be partnering with the Institute of Directors in the search for an Information Security Manager.

The Institute of Directors (IoD) is a thriving membership community for Directors in the UK and beyond, where you can connect with other leaders, develop your skills and be heard. The IoD offers professional development, valuable connections and influence. With over 20,000 members across the UK and globally, the IoD has exciting plans for growth and the success of their strategy is underpinned by technology.

The Information Security Manager will play a central role in maintaining and strengthening the IoD’s information and cyber security posture during a period of significant technology transformation. This is an exciting opportunity to work within a small and highly supportive team, where you will be involved in all aspects of information and cyber security, spanning governance, risk, assurance, incident response, supplier oversight, culture and strategic change.

You will be employed on a remote contract with occasional travel to their HQ in London. Unfortunately, the IoD is unable to sponsor visas, so candidates must have a permanent right to work in the UK.

In this new role, you will lead in delivering and refining the organisation’s information security, providing day-to-day leadership in security governance, policy management, assurance reporting and internal incident coordination. Specifically you will :

• Ensure compliance with frameworks (NIST) and achieve Cyber Essentials accreditation.
• Oversee policies, risk management, supplier assurance and incident response coordination.
• Implement and maintain security policies and controls.
• Manage third-party security services (e.g., SOC provider).
• Provide contextual awareness during incidents and prioritise recovery actions.
• Conduct supplier contract reviews for security compliance.
• Support security awareness and training across the organisation.

With experience of implementing or managing an information security strategy, you will possess a strong understanding of information security governance, risk management, policy development, incident management and organisational controls. Ideally with a professional Information / Cyber Security certification such as CISM or CISSP, you will also have :

• Experience engaging with incident response teams, SOC providers and external assurance bodies.
• The ability to work confidently with a wide range of stakeholders, from operational teams to senior executives, often explaining technical concepts to non-technical audiences.
• The aptitude to translate strategic security goals into operational deliverables and measurable outcomes.

Most importantly you will possess excellent communication, analytical, prioritisation, problem solving and influencing skills, be self-motivated and possess the ability to thrive in a remote-first setting.