Salary: £35,000 - 35,000 per year Requirements: Experience in an information security role (Security Manager, Security Analyst, GRC lead or similar), ideally within a technology or e-commerce environment. Working knowledge of AWS security services such as Security Hub, GuardDuty, IAM, CloudTrail and KMS. Practical understanding of UK GDPR, DPA 2018 and PCI-DSS compliance requirements. Experience building or maturing security governance policies, risk registers, incident response procedures. Ability to communicate security risk and posture clearly to both technical teams and senior leadership. Hands-on comfort with security tooling, log analysis and vulnerability triage. Responsibilities: Own and continuously strengthen our cloud security posture across AWS, with oversight of our Azure and GCP environments. Manage and optimise our WAF, bot management and DDoS protection to keep our platform secure and performant. Drive vulnerability management across cloud infrastructure and application code, ensuring timely prioritisation and resolution. Lead incident response, coordinating detection, investigation, containment and post-incident reviews. Maintain and evolve security monitoring, alerting and operational runbooks to ensure consistent coverage. Own and evolve the companys information security policy framework, ensuring policies are current, practical and enforced. Drive UK GDPR, DPA 2018 and PCI-DSS compliance in partnership with the Technology Director and development team. Lead the security dimension of vendor and third-party risk assessments. Deliver clear, confident security reporting to senior leadership and due diligence audiences. Maintain and develop the technology risk register, running regular risk assessments aligned to business continuity planning. Champion security awareness across the business through training programmes, phishing simulations and practical guidance. Evaluate the security implications of new tools, integrations and emerging technologies including AI-assisted development. Contribute to architecture and design reviews, ensuring security is built in from the start. Technologies: AI AWS Azure Cloud GCP IAM Security WAF More: We are looking for an Information Security Manager to take ownership of information security across our business. You will be the go-to authority on cybersecurity, managing security tooling, driving compliance programmes, leading risk assessments, and communicating security posture to senior leadership. Located in our fast-growing e-commerce environment, we treat security as a priority, not an afterthought, and seek someone to embed security into our organizations way of working. We offer a collaborative team culture and are committed to supporting your growth in this pivotal role. last updated 16 week of 2026