Information Security Manager We are seeking an experienced and driven Information Security Manager to join ROC. This role is pivotal in strengthening both our internal security posture and enhancing the security maturity of our customers. You’ll work at the intersection of strategy, governance, and hands-on security delivery, supporting clients while shaping ROC’s own security capability. Key Responsibilities Deliver security assessments, gap analyses, and improvement plans Support compliance (Cyber Essentials / Plus, ISO 27001) Provide GRC and vCISO advisory services Support incident response planning and deliver workshops Maintain ROC’s ISMS and support internal compliance Conduct risk assessments and drive security awareness Contribute to cyber security strategy and third-party risk management About You 5 years in information security, risk, or governance Strong experience in security assessments, frameworks, and compliance Confident communicator with both technical and business stakeholders Able to work strategically and operationally Desirable: Consultancy, MSSP, or MSP background ISO 27001 experience, vCISO exposure Certifications (CISSP, CISM)