Senior Manager Information Security

Senior Security Information Manager – UK (Hybrid) Location: UK (Remote with occasional travel across European data-centre sites) Clearance: Must be eligible for UK government security clearance (up to DV) A rapidly growing European infrastructure organisation is seeking a Senior Security Information Manager to support the development and operation of security across physical environments, technical systems, and organisational processes. This role is hands-on and suited to someone who can work confidently in complex, multi-site environments involving high-performance compute and large-scale data-centre operations. You will work closely with senior leadership to strengthen the company’s security posture, maintain ongoing compliance programmes, and improve operational maturity across all sites. Key Responsibilities • Support certification and compliance efforts across ISO 27001, ISO 27017/27018, SOC 2 Type II, Cyber Essentials Plus, and ISO 22301. • Maintain the ISMS, risk register, and evidence required for internal and external audits. • Manage security operations processes including vulnerability management, endpoint protection, incident response workflows, and access reviews. • Oversee physical security requirements across multiple data-centre locations and ensure alignment with relevant standards. • Manage asset inventories, patch cycles, and configuration compliance across servers, workstations, and Kubernetes workloads. • Support security awareness initiatives, training materials, and reporting. • Contribute to change-control processes, project assessments, and operational improvements. Required Experience and Skills • Minimum 5 years in information or physical security within a data-centre, cloud, MSP, or similar environment. • CISSP certification (mandatory). • Strong understanding of ISO 27001, SOC 2, NIST CSF, and Cyber Essentials Plus. • Experience working with audits, incident management, and vulnerability workflows. • Strong documentation, communication, and stakeholder management skills. • Hands-on experience with GRC tooling. Desirable • Experience working within large compute clusters, HPC, or complex distributed platforms. • Knowledge of Kubernetes security and secure configuration practices. • Understanding of EU regulatory requirements such as GDPR, NIS2 and DORA. • Familiarity with physical security systems such as access control and CCTV. • Experience working with SOC/MSSP services and SIEM tooling. • Scripting or automation experience (Python, Bash, PowerShell). • Additional security certifications such as CISM, ISO 27001 Lead Auditor, CEH, or GIAC. If you would like more information or wish to discuss the role, please get in touch.