Information Security Specialist
We’re looking for an experienced Information Security Specialist to strengthen our governance, risk and compliance (GRC) capability and help us continually improve our ISO 27001 Information Security Management System (ISMS). You’ll apply hands‑on expertise across both public and private sector programmes—particularly UK government and construction—so that our people, data and projects remain secure, compliant and resilient.
What You’ll Be Doing
* Own and improve our ISMS: Develop, implement and maintain our ISO 27001‑aligned ISMS, report on control effectiveness and drive continuous improvement.
* Assess and reduce risk: Run regular security risk assessments and gap analyses to identify vulnerabilities in policies, procedures and configurations, and track remediation.
* Set clear standards: Create and maintain security policies, procedures and controls tailored to construction and government‑related projects.
* Be the go‑to partner: Act as the primary liaison to project teams, Built Asset Security Managers and Information Controllers—especially on UK government contracts.
* Verify and assure: Lead audits and reviews to confirm conformance with Wates Professional Standards.
* Raise capability: Deliver guidance and training on security best practice and supply‑chain compliance across teams and functions.
* Secure our supply chain: Conduct supplier due‑diligence and security assessments, ensuring appropriate third‑party controls.
* Keep risk visible: Provide monthly Key Risk Indicator (KRI) reporting to the IT Security Manager.
Essential Certifications & Knowledge
* ISO 27001 Lead Implementer or Lead Auditor (mandatory).
* Strong GRC background with proven delivery of ISO 27001‑compliant ISMS.
* Experience with UK government security requirements and procurement processes.
* Understanding of construction‑industry security risks and regulation.
* Broad knowledge of security frameworks and best practice.
Qualifications
* Bachelor's degree in computer science (or related discipline).
* One of CISSP / CISM (preferred) / CISA.
* Experience with Power BI is an advantage.
Skills & Behaviours
* Analytical, detail‑driven problem solver with solid risk‑management skills.
* Effective collaborator with strong stakeholder management and communication—able to translate complex technical topics for diverse audiences.
* Resilient, adaptable, discreet and professional; high integrity and respect for confidentiality.
* Self‑motivated, emotionally intelligent and comfortable managing competing priorities.
Given the nature of this position, you will need to undergo a Baseline Personnel Security Standard Check (BPSS) at offer stage, and subsequent Security Check (SC) clearance. Applicants with criminal convictions will be assessed individually, and we assure you that we do not discriminate based on an applicant’s criminal record or the details of any disclosed offenses. Certain roles may be subject to additional pre‑employment checks.
To learn more about the checks included in this process, please click on the following link: National Security Vetting.
Wates is one of the UK’s leading family‑owned development, building and property maintenance companies, with a proud legacy spanning over 125 years. We are driven by our purpose, ‘reimagining places for people to thrive,’ and our three promises: thriving places, thriving planet, and thriving people. We are recognised as a Gold Investor in People and a Disability Confident employer, and we ensure that our recruitment processes do not treat anyone less favourably due to an offending background.
As a responsible and inclusive employer, we are committed to equality and diversity, supporting inclusion, sustainability and environmental targets such as zero waste and zero carbon.
#J-18808-Ljbffr