Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance, risk management, and compliance for a global retail organisation.
- Company: Join a dynamic global retail company based near Manchester, embracing innovation and security.
- Benefits: Enjoy a hybrid work model with flexible hours and opportunities for professional growth.
- Why this job: Make a real impact on global security practices while collaborating with diverse teams.
- Qualifications: 5+ years in cybersecurity or risk management; knowledge of ISO 27001 and NIST required.
- Other info: This is a permanent role with a focus on hands-on security management.
The predicted salary is between 48000 - 72000 £ per year.
We are seeking an Information Security Manager for a global retail organisation based near Manchester or Midlands (hybrid position) on a permanent basis. This is a hands-on security management role responsible for overseeing governance, risk, compliance, and security operations across global regions. The role focuses on embedding robust security frameworks, maintaining compliance, and supporting effective operational security across the business.
Key Responsibilities
- Security Governance & Compliance: Develop and implement information security policies, standards, and procedures across global operations. Ensure compliance with recognised frameworks such as ISO 27001, NIST, and others as required. Lead annual security audits and maintain continuous compliance across regional entities.
- Enterprise Risk Management & Supply Chain Security: Maintain and improve the global information security risk management framework. Conduct regular security risk assessments and support mitigation planning. Manage supply chain security, including vendor risk assessments and responses to customer due diligence.
- Incident Response Policy & Preparedness: Develop and maintain cybersecurity incident response policies and playbooks. Work with regional IT teams to ensure incident response processes are well understood and consistently applied. Promote awareness and preparedness through guidance and documentation.
- Security Operations & Third-Party Oversight: Collaborate with the Security Operations Centre (SOC) to enhance operational security practices. Manage relationships with third-party security providers, ensuring coverage of regional threats and vulnerabilities. Oversee third-party risk management, including onboarding and ongoing assessments.
- Stakeholder Engagement & Support: Build strong relationships with internal stakeholders across global IT and business functions. Align security practices with operational needs and provide support to regional teams as required.
Experience & Qualifications
- 5+ years of experience in cybersecurity, IT governance, or risk management roles.
- Solid understanding of compliance standards such as ISO 27001, NIST, and related frameworks.
- Proven experience in developing and maintaining security policies, audit readiness, and risk frameworks.
- Familiarity with global operational environments and cross-regional collaboration.
- Experience of managing within less regulated industries and small cyber functions.
- Strong communication and documentation skills to support policy rollout and stakeholder engagement.
Please contact me for details and a further discussion. Thanks.
Information Security Manager (Perm - Hybrid) employer: CODA Technology Services
Contact Detail:
CODA Technology Services Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager (Perm - Hybrid)
✨Tip Number 1
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as ISO 27001 and NIST. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and readiness for the role.
✨Tip Number 2
Prepare examples of how you've successfully implemented security policies or managed risk assessments in previous roles. Real-life scenarios can showcase your hands-on experience and problem-solving skills, which are crucial for this position.
✨Tip Number 3
Network with professionals in the cybersecurity field, especially those who have experience in retail or global operations. Engaging with industry peers can provide insights and potentially lead to referrals that could strengthen your application.
✨Tip Number 4
Demonstrate your communication skills by preparing to discuss how you would engage with various stakeholders across different regions. Highlighting your ability to align security practices with operational needs will show that you understand the importance of collaboration in this role.
We think you need these skills to ace Information Security Manager (Perm - Hybrid)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, IT governance, and risk management. Emphasise your familiarity with compliance standards like ISO 27001 and NIST, as well as any hands-on experience you have in developing security policies.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about information security and how your background aligns with the responsibilities of the role. Mention specific examples of your experience in incident response, stakeholder engagement, and managing third-party security.
Showcase Your Communication Skills: Since strong communication is key for this role, ensure that your application reflects your ability to convey complex security concepts clearly. Use concise language and structure your documents logically to demonstrate your documentation skills.
Highlight Relevant Certifications: If you have any certifications related to cybersecurity or risk management, such as CISSP or CISM, be sure to include them in your application. This will strengthen your profile and show your commitment to the field.
How to prepare for a job interview at CODA Technology Services
✨Know Your Frameworks
Familiarise yourself with ISO 27001, NIST, and other relevant compliance frameworks. Be prepared to discuss how you've implemented these standards in previous roles and how they can be applied in the new position.
✨Demonstrate Incident Response Knowledge
Prepare to talk about your experience with incident response policies and playbooks. Share specific examples of how you've handled security incidents and what processes you put in place to ensure preparedness.
✨Showcase Stakeholder Engagement Skills
Highlight your ability to build relationships with internal stakeholders. Discuss how you've aligned security practices with operational needs and provided support to various teams in your past roles.
✨Discuss Risk Management Experience
Be ready to explain your approach to enterprise risk management and supply chain security. Provide examples of risk assessments you've conducted and how you've managed vendor risks effectively.
