The Vacancy
Information Security Specialist
What you’ll be doing
1. Own and improve our ISMS: Develop, implement and maintain our ISO 27001‑aligned ISMS, report on control effectiveness and drive continuous improvement.
2. Assess and reduce risk: Run regular security risk assessments and gap analyses to identify vulnerabilities in policies, procedures and configurations, and track remediation.
3. Set clear standards: Create and maintain security policies, procedures and controls tailored to construction and government‑related projects.
4. Be the go‑to partner: Act as the primary liaison to project teams, Built Asset Security Managers and Information Controllers—especially on UK government contracts.
5. Verify and assure: Lead audits and reviews to confirm conformance with Wates Professional Standards.
6. Raise capability: Deliver guidance and training on security best practice and supply‑chain compliance across teams and functions.
7. Secure our supply chain: Conduct supplier due‑diligence and security assessments, ensuring appropriate third‑party controls.
8. Keep risk visible: Provide monthly Key Risk Indicator (KRI) reporting to the IT Security Manager.
What we’re looking for
Essential certifications & knowledge
9. ISO 27001 Lead Implementer or Lead Auditor (mandatory).
10. Strong GRC background with proven delivery of ISO 27001‑compliant ISMS.
11. Experience with UK government security requirements and procurement processes.
12. Understanding of construction‑industry security risks and regulation.
13. Broad knowledge of security frameworks and best practice.
Qualifications
14. Bachelor's degree in computer science (or related discipline).
15. One of CISSP / CISM (preferred) / CISA.
16. Experience with Power BI is an advantage.
Skills & behaviours
17. Analytical, detail‑driven problem solver with solid risk‑management skills.
18. Effective collaborator with strong stakeholder management and communication—able to translate complex technical topics for diverse audiences.
19. Resilient, adaptable, discreet and professional; high integrity and respect for confidentiality.
20. Self‑motivated, emotionally intelligent and comfortable managing competing priorities.
Given the nature of this position, you will need to undergo a Baseline Personnel Security Standard Check (BPSS) at offer stage, and subsequent Security Check (SC) clearance. Applicants with criminal convictions will be assessed individually, and we assure you that we do not discriminate based on an applicant's criminal record or the details of any disclosed offenses. Additionally, certain roles may be subject to additional pre-employment checks.
Work for Wates
Wates is one of the UK’s leading family-owned development, building and property maintenance companies. Founded over 125 years ago, we have a proud legacy in the built environment.
We are driven by our purpose, ‘reimagining places for people to thrive’ and our three promises:
Thriving places – working with customers, partners and communities to create places that are more sustainable, inclusive, and full of opportunity.
Thriving planet – protecting nature and taking action on climate change by collaborating and innovating with our partners.
Thriving people – creating opportunities and relationships so that everyone who works for and with us feels included, invested in, and treated with care.
We are proud to be recognised as Gold Investors in People and as a Disability Confident employer. We also ensure that our recruitment processes do not treat anyone less favourably due to an offending background.
Awards
BEST PROJECT
Inside Housing Development Awards
WINNER
2022 Construction News Awards Winner
GOLD AWARD
Investors in People 2022
GOLD AWARD
Considerate Constructors Schemes (CCS) National Site Awards
TOP 50 EMPLOYERS
2022 Top 50 Employers for Women
WINNER
2022 Working Families Best Practice Awards