Information Security Manager
£75,000 PA
London - hybrid working
A well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You'll be joining at a key time as the organisation expands its technical capability, with ambitious growth plans and multiple mergers and acquisitions planned.
The Information Security Manager will own the organisation's information security and data governance frameworks, ensuring data is secure, accurate and compliant across its full lifecycle. The role will maintain ISO27001 documentation and controls, support ongoing audit readiness and enforce robust governance policies for data quality, access and usage.
Responsibilities:
* Maintain ISO27001 documentation, controls and audit readiness (ISMS)
* Own and improve the data governance framework (policies, standards, procedures)
* Oversee the full data lifecycle from source to end client, ensuring integrity and compliance
* Ensure GDPR and wider regulatory compliance (including NIS2)
* Own data governance tools such as Microsoft Purview and Varonis (or similar)
* Identify and manage data operational and regulatory risks
* Collaborate across IT, Legal, HR, Operations, Onboarding/Bidding and Compliance
* Process DSARs, SAQs and PQQs
* Develop reporting/metrics and provide progress updates to senior stakeholders
* Deliver cyber security and data governance awareness training
Requirements:
* Strong experience maintaining ISO27001 controls, documentation and audit readiness
* Strong background in information security and data governance
* Deep understanding of GDPR and data protection requirements
* Experience with Microsoft Purview and Varonis (or similar)
* Strong stakeholder management and communication skills
* Power BI and ServiceNow familiarity (desirable)
* Certifications such as CISSP/CISM/CIPP-E (highly advantageous)
Based in Central London, with 4 days per week onsite initially, dropping to 3 once probation is passed.
JBRP1_UKTJ