Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance S-RM's information security across all offices.
- Company: Join S-RM, a global leader in intelligence and cyber security consultancy since 2005.
- Benefits: Enjoy 25 days holiday, hybrid working, life insurance, and health perks.
- Why this job: Be part of a dynamic team that values your growth and well-being.
- Qualifications: Extensive experience in Information Security and relevant certifications like CISSP required.
- Other info: Flexible working arrangements available; based in London.
The predicted salary is between 60000 - 84000 £ per year.
SENIOR INFORMATION SECURITY MANAGER:
S-RM TECHNOLOGY TEAM
WHO WE ARE
S-RM is a global intelligence and cyber security consultancy. Since 2005, we\’ve helped some of the most sophisticated clients in the world solve some of their toughest strategic challenges.
We\’ve been able to do this because of our outstanding people. We\’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.
But we also know that work isn\’t everything. It\’s about the lives and careers it helps us build. We\’re immensely proud of this culture and we invest in our people\’s wellbeing, learning, and ideas every day.
We\’re excited you\’re thinking about joining us.
THE ROLE
As the Information Security Manager , you\’ll play a vital role in the ongoing improvement of S-RM\’s security posture. This role will be a joining the broader technology function in supporting S-RM through all nine offices and all functions. This role will provide the opportunity for candidates wanting to get exposure to the full breadth of information security including the GRC and technical aspects.
The successful candidate will report to our Head of IT Service & Operations and work across the full spectrum of information security at S-RM. Their skills should include but not be limited to:
- Building and delivering KPIs presentations to senior leadership and heads of departments.
- Working with Technology Operations to deploy companywide phishing tests , track and report on the results.
- Deploy company-wide security awareness training using company approved training platform and contribute to the evaluation of effectiveness of the selected training platform.
- Coordinate team effort in the investigation and containment activities in the internal incident response team.
- Maintaining and monitoring SOPs.
- Manage exceptions to organisation-wide security policies .
- Lead and complete assurance on technical security controls and technical design on both new and existing solutions in the application portfolio. Subsequently work with the business to close out identified gaps identified as part of the assurance process.
- Consult the rest of the business and represent Information Security in key forums, e.g. Project teams, Executive Committee, DevOps, IT Operations, Risk and Compliance and Legal to ensure that security standards are met and adhered to.
- Manage the supplier evaluation process and action findings identified from the process for RFP/RFIs requested from the business and internal supplier evaluation requirements.
- Coordinate the delivery of companies Incident Response and Disaster Recovery tabletop exercises and planned failover tests.
- Provide input to organisational risk registers, based on knowledge of current and emerging information security risk and known vulnerabilities within existing controls.
- Build and maintain positive stakeholder relationships at all levels of the organisation as well as with key external stakeholders (including clients, certification bodies and external consultants).
- Develop the roadmap of InfoSec projects, drive the delivery of the roadmap and track completion progress.
- Provide input in InfoSec budget planning, covering investment in BAU as well as InfoSec project work
- Compliance
- Develop and implement and support in the maintenance of organisation-wide security policies and processes that are aligned with ISO27001:2022, CIS and NIST frameworks.
- Managing internal and external audit programmes and maintenance of established frameworks such as ISO27001 and Cyber Essentials and other frameworks where required.
- Manage remediation process following external audits and internal security assessments. Includes coordination of pentest findings, vuln scan findings and CIS benchmark reviews but does not involve implementation of the fixes.
- The role will be based in our London office; however we have flexible working arrangements available.
The role will be based in our London offices, however we have flexible working arrangements available.
WHAT WE\’RE LOOKING FOR
We think candidates with the following attributes and qualifications are likely to succeed as a Corporate Intelligence senior analyst. That said, if you don\’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box-we\’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.
The ideal candidates will possess:
- Extensive experience in Information Security leadership roles;
- Experience interacting with a varied level of internal stakeholders
- This would include our entry llevel staff to board/exec level
- The ideal candidate will have the ability to clearly translate technical language for the business
- Experience with Governance frameworks
- ISO 270001 is a minimum requirement for this position
- SOC2 exposure would be beneficial
- CISSP or similar security qualification will be a requirement for this position
S-RM is still growing and developing and any candidates with experience maturing information security departments/teams will be beneficial.
Candidates must have permission to work in the UK by the start of their employment.
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
- 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days in total);
- Hybrid working and flexible working hours;
- Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
- Life Insurance 4X annual salary.
Parental Support:
- Fertility treatment leave – 5 days of leave per cycle of treatment per year;
- Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
- Paternity leave – 6 weeks of full pay.
Various Health and Medical Benefits including:
- Private dental and medical insurance (taxable benefit) for you and your family;
- Virtual GP for you and your family members that live in the same household;
- Various gym discounts for you and your partner;
- EAP programme for you and your immediate family;
- Free access to the world-famous mindfulness app Headspace.
THE APPLICATION PROCESS
To apply for this role, please submit your CV directly to this LinkedIn ad.
The application process will include:
- An interview with the technical team
- A second interview with the broader information technology team
- A final interview with Senior management at S-RM
#J-18808-Ljbffr
Information Security Manager employer: S-RM
Contact Detail:
S-RM Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Familiarise yourself with the specific governance frameworks mentioned in the job description, such as ISO 27001 and SOC2. Being able to discuss these frameworks in detail during your interviews will demonstrate your expertise and alignment with S-RM's needs.
✨Tip Number 2
Prepare to showcase your experience in building and maintaining stakeholder relationships. Think of examples where you've successfully communicated complex security concepts to non-technical audiences, as this is crucial for the role.
✨Tip Number 3
Research S-RM's current security posture and any recent news related to their operations. This knowledge will not only help you understand their challenges but also allow you to propose relevant ideas during your interviews.
✨Tip Number 4
Be ready to discuss your experience with incident response and disaster recovery exercises. Highlight any specific instances where you led or contributed to these efforts, as this aligns directly with the responsibilities of the Information Security Manager role.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your extensive experience in Information Security leadership roles. Emphasise your ability to interact with various internal stakeholders and translate technical language for the business.
Showcase Relevant Qualifications: Clearly list your qualifications, such as ISO 27001 certification and any other relevant security qualifications like CISSP. Mention any experience you have with governance frameworks and how you've contributed to maturing information security departments.
Craft a Compelling Cover Letter: Write a cover letter that reflects your passion for information security and your understanding of S-RM's culture. Discuss how your skills align with the role and how you can contribute to improving their security posture.
Prepare for Interviews: Research common interview questions for Information Security Manager roles and prepare your answers. Be ready to discuss your past experiences, particularly those that demonstrate your leadership and technical skills in information security.
How to prepare for a job interview at S-RM
✨Understand the Role and Responsibilities
Before the interview, make sure you thoroughly understand the job description and the specific responsibilities of the Information Security Manager role. Familiarise yourself with key terms like GRC, KPIs, and incident response to demonstrate your knowledge during the conversation.
✨Prepare for Technical Questions
Expect to be asked about your experience with information security frameworks such as ISO 27001 and SOC2. Brush up on your technical knowledge and be ready to discuss how you've applied these frameworks in previous roles, including any challenges you faced and how you overcame them.
✨Showcase Your Leadership Skills
As this role involves interacting with various stakeholders, be prepared to share examples of how you've successfully led teams or projects in the past. Highlight your ability to communicate complex technical concepts to non-technical audiences, which is crucial for this position.
✨Ask Insightful Questions
At the end of the interview, take the opportunity to ask thoughtful questions about S-RM's current security posture, ongoing projects, or team dynamics. This shows your genuine interest in the company and helps you assess if it's the right fit for you.
