Senior Security Information Manager – UK (Hybrid)
Location: UK (Remote with occasional travel across European data-centre sites)
Clearance: Must be eligible for UK government security clearance (up to DV)
A rapidly growing European infrastructure organisation is seeking a Senior Security Information Manager to support the development and operation of security across physical environments, technical systems, and organisational processes. This role is hands-on and suited to someone who can work confidently in complex, multi-site environments involving high-performance compute and large-scale data-centre operations.
You will work closely with senior leadership to strengthen the company’s security posture, maintain ongoing compliance programmes, and improve operational maturity across all sites.
Key Responsibilities
• Support certification and compliance efforts across ISO 27001, ISO 27017/27018, SOC 2 Type II, Cyber Essentials Plus, and ISO 22301.
• Maintain the ISMS, risk register, and evidence required for internal and external audits.
• Manage security operations processes including vulnerability management, endpoint protection, incident response workflows, and access reviews.
• Oversee physical security requirements across multiple data-centre locations and ensure alignment with relevant standards.
• Manage asset inventories, patch cycles, and configuration compliance across servers, workstations, and Kubernetes workloads.
• Support security awareness initiatives, training materials, and reporting.
• Contribute to change-control processes, project assessments, and operational improvements.
Required Experience and Skills
• Minimum 5 years in information or physical security within a data-centre, cloud, MSP, or similar environment.
• CISSP certification (mandatory).
• Strong understanding of ISO 27001, SOC 2, NIST CSF, and Cyber Essentials Plus.
• Experience working with audits, incident management, and vulnerability workflows.
• Strong documentation, communication, and stakeholder management skills.
• Hands-on experience with GRC tooling.
Desirable
• Experience working within large compute clusters, HPC, or complex distributed platforms.
• Knowledge of Kubernetes security and secure configuration practices.
• Understanding of EU regulatory requirements such as GDPR, NIS2 and DORA.
• Familiarity with physical security systems such as access control and CCTV.
• Experience working with SOC/MSSP services and SIEM tooling.
• Scripting or automation experience (Python, Bash, PowerShell).
• Additional security certifications such as CISM, ISO 27001 Lead Auditor, CEH, or GIAC.
If you would like more information or wish to discuss the role, please get in touch.