Join to apply for the Information Security Manager role at Onetrace
Join to apply for the Information Security Manager role at Onetrace
Get AI-powered advice on this job and more exclusive features.
Direct message the job poster from Onetrace
Job Title: Information Security Manager
Basis: Full-time, permanent
Location: Canary Wharf, London - WeWork
Reporting to: Co-founder
Great products start with great people.
Our relentless focus on user experience has been the cornerstone of our growth, helping us become the market leading software for fire protection subcontractors across the UK.
We’ve grown by staying obsessed with building software that actually works for the subcontractors on the ground; fast, intuitive, and simple to use.
We’re now gearing up for our next chapter: expanding into new trades and taking Onetrace global. We’re bootstrapped, profitable and driven by a clear mission - to lead the digital transformation for subcontractors, one trade at a time.
Come be part of a team that’s smart, ambitious, and comfortable in the chaos of growth - where your ideas matter, and your work shapes what comes next.
Want to learn more about our journey? Check out our LinkedIn page.
About the Role
We’re looking for an Information Security Manager to lead the systems, practices, and frameworks that protect Onetrace’s data, people and infrastructure as we grow.
This is a cross-functional, hands-on role with a strong strategic lens - you’ll own our information security posture end-to-end, ensuring we maintain our ISO 27001 accreditation, while preparing for other relevant accreditations (such as SOC2 and Cyber Essentials). You’ll proactively manage risks and help create a secure environment where teams can move fast without compromising on trust or safety.
You’ll also guide how we approach data protection, tooling configuration and technical policy, embedding scalable and secure practices across our operations.
This is an opportunity to build on strong foundations and shape the future of InfoSec in a scaling B2B SaaS business that takes its security responsibilities seriously.
What You’ll Do
Information Security Leadership
* Own and evolve our ISMS (Information Security Management System), ensuring it remains fit for purpose as we scale.
* Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCI DSS, AI governance), ensuring we are audit-ready.
* Identify, assess, and mitigate security risks across infrastructure, systems, and vendors - flagging and resolving vulnerabilities before they become problems.
* Own security documentation, policies and access protocols, ensuring regular audits and updates.
* Lead on GDPR compliance (or arrange the appropriate support and tools) to manage data privacy obligations, including DSARs, DPIAs and risk assessments.
* Maintain a clear and up-to-date sub-processor list and lead on third-party risk management.
* Act as primary contact for external audits and third-party security assessments (e.g. via Vanta).
* Drive awareness and promote best practices across the team around security, compliance, and data handling.
Secure Tooling and IT Ops Oversight
* Guide secure configuration and ongoing management of tools like Kandji, Twingate, and 1Password.
* Oversee secure onboarding and offboarding workflows from a systems/access perspective, reducing risk during personnel changes.
* Partner with internal stakeholders to manage vendor selection and SaaS procurement, balancing usability, security and cost.
* Proactively monitor access controls, audit trails, and incident response procedures and lead or escalate where needed.
* Champion scalable solutions, including the use of AI or automation for security monitoring, access reviews and alerting.
Governance and Process Clarity
* Ensure security policies are clearly documented, visible, and adopted company-wide.
* Support the business in navigating legal and regulatory change (e.g. GDPR, international expansion, AI etc).
* Run awareness sessions, training and security onboarding to embed a culture of ownership and care.
* Partner with leadership to ensure policies align with the day-to-day needs of each team and avoid unnecessary friction.
What we're looking for
* Experience as an InfoSec expert - ideally within a high-growth SaaS or B2B tech environment.
* Strong working knowledge of compliance frameworks (e.g. ISO 27001, SOC2Cyber Essentials) and ideally PCI DSS.
* Working knowledge of GDPR, with experience supporting or overseeing data protection practices.
* Hands-on experience with security tooling and SaaS security systems.
* Confident in managing compliance audits, access reviews, internal risk assessments and policy updates.
* Comfortable owning security strategy and technical documentation.
* Excellent project and stakeholder management skills - especially across tech, people and ops.
* Able to communicate clearly with both technical and non-technical audiences, translating policy into practice.
* Pragmatic, detail-oriented, and proactive in identifying gaps and driving improvements.
* Organised and comfortable managing multiple systems and vendors.
* Ability to work independently and collaboratively in a fast-paced environment, managing multiple priorities and deadlines effectively
* Technically curious and excited about how emerging technologies (particularly AI) - can be used to streamline and automate security operations, compliance workflows, and internal processes.
* Experience in compliance operations management within payments, or financial services is a bonus.
* Experience acting as a Data Protection Officer (DPO) or supporting DPO responsibilities is a plus - especially around managing DSARs, privacy impact assessments, and data governance.
* Extra points if you have experience in data protection for international markets e.g. AU, NZ
* Degree (or equivalent experience) in a relevant field (computer science, cyber security etc.) - what matters more is demonstrated technical and operational experience
What We Offer
* Private medical insurance with Bupa
* Season ticket loan scheme
* Employee assistance programme
Ways of Working
* Hybrid working options
* Remote work abroad opportunities
Equipment
* We’ll set you up with an Apple MacBook and all the necessary software
* Standing desk (when based in the office)
* Tech accessories and Onetrace merch
Socials
* Annual team offsite and regular socials
Your Growth
* Joining our agile team means you’ll gain hands-on experience, working closely with talented colleagues, and develop your skills in a supportive environment focused on growth
Diversity
Onetrace is committed to diversity in the workplace and proud to be an equal opportunity employer. If you require a reasonable adjustment, please contact us. All information will be kept confidential and will only be used for applying a reasonable adjustment.
For an informal discussion about the role, please contact dina.lagou@onetrace.app.
Please note that our office is a dog-friendly environment. Candidates should be aware that dogs are present in the workplace, which may include shared spaces. If you have allergies or concerns, please let us know in advance.
Seniority level
* Seniority level
Mid-Senior level
Employment type
* Employment type
Full-time
Job function
* Job function
Information Technology and Strategy/Planning
* Industries
Software Development
Referrals increase your chances of interviewing at Onetrace by 2x
Sign in to set job alerts for “Information Security Manager” roles.
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 3 weeks ago
Information Security Manager with 2nd and 3rd Line Support
London, England, United Kingdom £65,000.00-£80,000.00 6 hours ago
IT Data Protection Security Engineer - Senior Manager
London, England, United Kingdom 2 days ago
Manager, Security Governance Risk and Compliance (GRC)
EMEA Senior Manager Compliance (Certifications)
London, England, United Kingdom 8 hours ago
IT Procurement Software and Security Category Manager
Watford, England, United Kingdom 1 week ago
London, England, United Kingdom 4 days ago
London, England, United Kingdom 2 weeks ago
London, England, United Kingdom 2 days ago
Program Manager, Regional Risk and Compliance
London, England, United Kingdom 1 week ago
Head of Programme - Justice and Emergency Services and Fraud, Bluetownonline
London, England, United Kingdom 1 week ago
Guest Experience Front Office Supervisor Grosvenor Square
London, England, United Kingdom 1 week ago
London, England, United Kingdom 4 days ago
Associate/Vice President, Relationship Manager - Commodity Finance (Metals & Agri Team)
London, England, United Kingdom 3 weeks ago
Software Engineering Manager, SRE, Cloud Incident Response
London, England, United Kingdom 3 days ago
London, England, United Kingdom 1 week ago
London, England, United Kingdom 1 month ago
Uxbridge, England, United Kingdom 1 week ago
Bromley, England, United Kingdom 1 month ago
London, England, United Kingdom 3 weeks ago
London, England, United Kingdom 3 days ago
Business Information Security Officer, Europe
London, England, United Kingdom 1 day ago
Cyber Security Assistant Manager/Manager
London, England, United Kingdom 1 week ago
London, England, United Kingdom 3 days ago
London, England, United Kingdom 10 hours ago
Information Security Manager - Corporation
London, England, United Kingdom 12 hours ago
London, England, United Kingdom 2 weeks ago
Information Technology Senior Security Manager
London, England, United Kingdom 4 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr