Salary: £75,000 - 85,000 per year Requirements: Strong experience in policy and standards development Cyber incident response expertise Security architecture knowledge In-depth understanding of ISO27001 controls Experience with Cyber Essentials Plus certification Strong risk management capability Proven ability to communicate with and influence senior stakeholders Degree-level education preferred but not essential Minimum 5 years experience in an information security role CISSP or equivalent required C|CISO certification desirable Responsibilities: Manage and maintain our Information Security Management System (ISMS) aligned to ISO27001 Oversee external certification processes and manage external audit programmes Deliver our internal information security audit programme Own monthly and quarterly information security governance forums Define and continuously evolve our information security strategy Act as security architecture SME to support system development and change initiatives Advise operational teams on the implementation and improvement of security controls Develop and deliver a company-wide information security training and awareness programme Serve as the primary incident response manager for information security incidents Manage and review information security risks across the organisation Lead information security improvement initiatives Oversee supply chain information security risks and vendor assessments Technologies: Embedded Support Security More: We are seeking an experienced Information Security Officer to strengthen our clients security posture and play a pivotal role in managing information security risks, governance, and operations. Working closely with our IT leadership team, you will help ensure the right security controls are embedded into the systems we design, build, and operate. You will also act as a company-wide champion for information security, supporting teams, raising awareness, and ensuring compliance with legal, regulatory, and contractual obligations while helping us maintain our ISO27001 and Cyber Essentials Plus certifications. last updated 24 week of 2026