IT & Security Manager

We are searching for an experienced IT & Security Manager

We are seeking an experienced IT & Security Manager to oversee IT infrastructure and security for approximately 200 users. You will act as the primary liaison with our external managed service provider while providing hands‑on support for staff when required. In addition to operational IT responsibilities, you will lead the development and implementation of security policies, manage risk assessments, and ensure compliance with regulatory requirements. You will work closely with our software development managers to ensure that risks relating to our in‑house developed SaaS solutions are managed effectively. You will be responsible for completing responses to security questionnaires received from our clients and providing technical / security responses in RFPs. This role reports to the Technology Director and requires strong technical expertise, leadership, and stakeholder engagement skills.

• Oversee day‑to‑day IT operations for 200 users across multiple sites.
• Manage relationships with external IT service providers to ensure service quality and performance.
• Support hardware and software lifecycle management, including procurement and deployment.
• Ensure network stability, system availability, and timely resolution of technical issues.
• Coordinate upgrades; monitor patching and maintenance of IT systems and resolve non‑compliance issues.

• Develop and maintain the organisation’s information security strategy, policies, and procedures.
• Ensure compliance with ISO 27001, GDPR, Cyber Essentials, and other relevant standards.
• Conduct regular risk assessments, vulnerability scans, and security audits.
• Lead disaster recovery planning and business continuity exercises.

• Manage incident response processes, including investigation and remediation of security breaches.
• Monitor emerging threats and recommend proactive measures to strengthen security posture.

• Delivery of security awareness training across the organisation.
• Collaborate with IT and business teams to embed security into projects and operations.

• Provide regular reporting on IT performance, security metrics, and risk posture to senior management.
• Stay current with technology and security trends, driving continuous improvement initiatives.

• You will proactively manage communications relating to emerging cybersecurity threats.
• You will respond to security questions raised by our clients.
• You will provide technical and security related answers in RFPs.

• Degree in Computer Science, Information Security, or related field (or equivalent experience).
• Minimum 5 years in IT management and security, ideally within an SME environment.
• Strong knowledge of IT infrastructure, networking, and security frameworks (ISO 27001, NIST).
• Experience managing external service providers and delivering IT projects.
• Professional certifications such as CISSP, CISM, or ITIL are desirable.
• Excellent communication and leadership skills.