Salary:£70,000 to £80,000
Location:Remote
Security Clearance: Eligible forSC/DVclearance
About the role
We are looking for a cybersecurity subject matter expert to provide technical advice to internal staff on cybersecurity best practices, risk management, and incident management.
This hands-on role focuses on governance, risk, and compliance, including developing and updating security policies, delivering training, and providing clear, practical security guidance acrossTwinStream.
You will work independently, driving day-to-day security activities and helping build a strong security culture, while enabling teams to deliver securely.
Key Responsibilities
* Provide technical information security expertise to projects, services, and business initiatives, including developing or contributing to Security Management Plans
* Manage information security incidents and security risks across the organisation
* Own andmaintainthe Information Security Management System (ISMS), including creating and updating policies, procedures, and guidance
* Ensure adherence to information security policies and standards
* Drive a programme of continuous information security improvement
* Embed and promote a positive security culture across the business
* Ensure compliance with relevant certifications and regulatory requirements, including ISO 27001, Cyber Essentials Plus, UK GDPR/Data Protection Act, and MOD CSM v3 and v4
* Assist withsecurityaudits (internal, external, customer, and penetration testing), managing evidence collection and tracking findings through to resolution
* Design and deliver information security training and awareness activities
* Contribute to Business Continuity, Disaster Recovery, and internalauditactivities
* Act as the primary point of contact for information security acrossTwinStream
Key Skills
* Proven experience in an Information Security Manager or similar role, including security incident management, risk management, security governance, andprovidingpractical information security guidance
* Experience embedding information security into the design, development, and delivery of software-based solutions, including secure development practices, cloud services, and integrated platforms
* Previousexperience in asoftware development or defence environment
* Understanding of recognised information security frameworks and certifications, particularly ISO 27001 and Cyber Essentials Plus
* Good knowledge of relevant UK legislation and regulatory requirements
* Comfortable working remotely (within the UK) in a flexible, fast-paced environment
* Strong organisational skills with the ability to manage priorities effectively
* Excellent written and verbal communication skills, with the ability to tailor messaging for different audiences
* Relevant professional certifications such as CISSP (highly desirable), CISM, or ISO 27001 Lead Implementer/Auditor
* Ability and willingness to undergo UK Security Clearance (minimumSC level)
Desired Skills
* Experience in information security roles within the UK defence sector, national security sector, or other highly regulated industries
* Existing UK Security Clearance (SC)
* Familiarity with MOD security frameworks, including CSM v3 and v4, IPSA, and FSC
* Experience using the Atlassian suite, particularly Jira
* Demonstrated experience in managing security incidents and leading incident response teams.
* Ability to present and be the focal point for security matters across the business.
* Experience in supporting the security controller role in various security frameworks.
* Understanding of insider threat operational and governance requirements, and experience in applying them.
#J-18808-Ljbffr