Information Security Officer in Newcastle upon Tyne

As an Information Security Officer, you will play a key role in supporting and strengthening Bede's security posture. Working closely with our Information Security and Enterprise IT teams, you will help implement and maintain security controls across our Microsoft ecosystem (including Microsoft 365 and Azure), monitor threats, respond to security alerts, and contribute to the ongoing delivery of our Information Security Strategy. This is a hands‑on role with the opportunity to evolve into a broader assurance and advisory position, helping to protect Bede's systems, data and customers while ensuring compliance with industry security standards and regulatory requirements.

What you'll be doing

• Support the development and implementation of the Information Security Strategy.
• Work alongside business units to assist in implementing appropriate corporate controls in line with the ISO/IEC 27001:2013, PCI, SOC standards.
• Contribute to the creation and maintenance of the Information Security Policies.
• Contribute to the security review of Contracts, Terms and Conditions and Non-Disclosure Agreements.
• Assist with regular security issues and incidents investigations reported to the team.
• Contribute to the creation and maintenance of a cyber incident management plan which is tested twice yearly.
• Take part in an on‑call rota, ensuring prompt investigation and resolution of client incidents.
• Assist with the identification of security risks and treatment plans.
• Conduct security impact assessments to understand the level of risk Bede information systems are being exposed to.
• Support due‑diligence activities on 3rd parties as part of Vendor Risk Management.
• Support the development, maintenance and communication of our security awareness programme.
• Take an active role in the management of security systems including Vulnerability Management, DLP, IDS/IPS, AV, SIEM, Firewalls and other network security systems, Endpoint Protection and Device Control systems.
• Measure the effectiveness of security controls through metrics and KPIs.
• Providing technical reporting to Head of Information on control performance.

What we are looking for

Essential

• Extensive experience in Information Security or a related security‑focused IT position.
• Excellent understanding of technical security controls, processes and cloud services.
• Information Security Impact Assessments.
• Effective written and verbal communication (procedure documentation and management reporting).
• Self motivated and able to work independently.
• Collaboration (effective team player).

Desirable

• Knowledge of industry standards: ISO 27001, NIST 800-53/CSF, PCI-DSS, Cyber Essentials, Mitre ATT&CK.
• Experience running Cyber Incident Management Programmes.
• Experience running security investigations.
• One or more of the following qualifications: CISSP, CEH, CCSP, CSX, ISO 27001 Lead Implementer or equivalent.

What we can offer you

Here at Bede, we offer a competitive salary and a strong benefits package, but what really matters to us is creating an environment where people feel trusted, supported and able to do their best work. We're a people‑centric business and we regularly review our benefits based on colleague feedback, so what we offer continues to reflect what matters most to our teams.

• A friendly, flexible and trust‑based approach to working.
• 25 days annual leave, plus 8 bank holidays and usually a generous Christmas break.
• Fully matched private pension scheme (up to 8%).
• Bupa private healthcare from day one, including cash plan benefits, dental and optical cover (covers all pre-existing conditions).
• Life assurance cover of 4x your annual salary.
• Employee Assistance Programme (via Bupa), providing confidential support and practical advice whenever you might need it.
• Access to Calm – the #1 app for meditation and sleep.
• Innovation and learning – space to develop skills, try new ideas and experiment, with an annual hackathon where some ideas make it into real work.
• A work‑owned mobile phone or tablet of your choice, with the monthly contract covered by us.
• A great office setup – free snacks and drinks every day, plus regular food vans from some of the best places in Newcastle.
• Bede Bucks – exclusive colleague discounts and access to a wellbeing platform.
• Lots of social events – both in and outside of working hours.
• Referral programme – help us grow the team and receive a referral bonus of up to GBP 3,000 (pre‑tax, subject to scheme terms).
• Bede swag – including hoodies, t-shirts and our much‑loved Bede socks.
• Bede Holidays – extra discretionary days off through the year as a thank‑you for the great work our teams do.