Information Security Manager – Media Entertainment
Location: Bristol – Hybrid (2 days on site, 3 days home)
Salary: £54,102 – £67,056 per annum (experience dependent)
Government Security Clearance: Required – applicants must be willing to undergo the clearance process.
Closing Date: 25 November 2025
Summary
NCC is the UK’s innovation partner, supporting defence sector projects. We are hiring an Information Security Manager to safeguard secure information and assets. You will report to the Head of Secure Operations and collaborate with internal stakeholders and external defence clients.
Responsibilities
* Review new Security Aspect Letters (SALs) and assess organisational compliance.
* Ensure policies, processes, and procedures meet SAL requirements and enable secure operations.
* Verify that SAL conditions, including security clearance and nationality constraints, are satisfied.
* Collaborate with IT to enforce Secure By Design principles and governance.
* Work with Engineering and Operations to secure technical and operational activities.
* Provide education, training, and briefings to NCC personnel, contractors, and visitors.
* Document and manage security risks and mitigations.
* Manage security incidents and near‑misses, implementing corrective controls.
* Extend information‑security conditions to contractors and subcontractors.
* Act as Deputy Facility Security Controller and Deputy Personnel Security Controller, reporting breaches per government requirements.
* Assist the Security Controller with accreditation, visits, and inspections by government or contracting authorities.
* Record and manage classified assets in line with established procedures and asset registers.
* Integrate security considerations from project inception through to business‑as‑usual with Delivery, Sector, and Capability teams.
Qualifications
* Experience as an Information Security Manager or equivalent.
* Existing UK Government security clearance or willingness to obtain one; MOD standards knowledge.
* Experience at UKG classification levels.
* Strong knowledge of Secure By Design principles and methodology.
* Sound information‑security risk‑management expertise and familiarity with cyber‑security technologies.
* Knowledge of ISO/IEC 27001 and NIST frameworks (800‑53, Cybersecurity Framework).
* Preferable accreditations: Cyber Essentials, Cyber Assured, etc.
* High personal integrity and confidentiality handling; excellent communication, analytical, and teamwork skills.
Benefits
Hybrid and flexible working patterns, annual salary reviews, company‑paid private medical insurance, up to 12.5 % employer pension contribution, honorary staff status at the University of Bristol, and a strong focus on wellbeing, EDI, and continuous learning and development.
#J-18808-Ljbffr