Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance, compliance, and risk management for a global retail organisation.
- Company: Join a dynamic global retail company based near Manchester or East Midlands.
- Benefits: Enjoy a hybrid work model with flexible options and competitive perks.
- Other info: This is a permanent role with opportunities for professional growth and development.
- Why this job: Make a real impact on global security practices while collaborating with diverse teams.
- Qualifications: 5+ years in cybersecurity or risk management; knowledge of ISO 27001 and NIST required.
The predicted salary is between 48000 - 72000 £ per year.
We are seeking a Senior Information Security Manager for a global retail organisation based near Manchester or East Midlands (hybrid position) on a permanent basis. This is a hands-on security management role responsible for overseeing governance, risk, compliance, and security operations across global regions. The role focuses on embedding robust security frameworks, maintaining compliance, and supporting effective operational security across the business.
Key Responsibilities
- Security Governance & Compliance
- Develop and implement information security policies, standards, and procedures across global operations.
- Ensure compliance with recognised frameworks such as ISO 27001, NIST, and others as required.
- Lead annual security audits and maintain continuous compliance across regional entities.
- Enterprise Risk Management & Supply Chain Security
- Maintain and improve the global information security risk management framework.
- Conduct regular security risk assessments and support mitigation planning.
- Manage supply chain security, including vendor risk assessments and responses to customer due diligence.
- Incident Response Policy & Preparedness
- Develop and maintain cybersecurity incident response policies and playbooks.
- Work with regional IT teams to ensure incident response processes are well understood and consistently applied.
- Promote awareness and preparedness through guidance and documentation.
- Security Operations & Third-Party Oversight
- Collaborate with the Security Operations Centre (SOC) to enhance operational security practices.
- Manage relationships with third-party security providers, ensuring coverage of regional threats and vulnerabilities.
- Oversee third-party risk management, including onboarding and ongoing assessments.
- Stakeholder Engagement & Support
- Build strong relationships with internal stakeholders across global IT and business functions.
- Align security practices with operational needs and provide support to regional teams as required.
Experience & Qualifications
- 5+ years of experience in cybersecurity, IT governance, or risk management roles.
- Solid understanding of compliance standards such as ISO 27001, NIST, and related frameworks.
- Proven experience in developing and maintaining security policies, audit readiness, and risk frameworks.
- Familiarity with global operational environments and cross-regional collaboration.
- Experience of managing within less regulated industries and small cyber functions.
- Strong communication and documentation skills to support policy rollout and stakeholder engagement.
Please contact me for details and a further discussion.
Contact Detail:
CODA Technology Services Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Information Security Manager (Perm - Hybrid)
✨Tip Number 1
Network with professionals in the cybersecurity field, especially those who have experience in governance and compliance. Attend industry events or webinars to connect with potential colleagues and learn about the latest trends in security management.
✨Tip Number 2
Familiarise yourself with the specific compliance frameworks mentioned in the job description, such as ISO 27001 and NIST. Consider obtaining certifications related to these standards to demonstrate your commitment and expertise in security governance.
✨Tip Number 3
Prepare to discuss your hands-on experience with incident response and risk management during interviews. Be ready to share specific examples of how you've developed policies or led audits in previous roles, showcasing your ability to handle real-world security challenges.
✨Tip Number 4
Research the company’s current security posture and any recent news related to their cybersecurity efforts. This knowledge will not only help you tailor your discussions but also demonstrate your genuine interest in the role and the organisation.
We think you need these skills to ace Senior Information Security Manager (Perm - Hybrid)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, IT governance, and risk management. Emphasise your familiarity with compliance standards like ISO 27001 and NIST, as well as any hands-on experience you have in developing security policies.
Craft a Compelling Cover Letter: In your cover letter, explain why you're the perfect fit for the Senior Information Security Manager role. Discuss your experience with security governance, incident response, and stakeholder engagement, and how these align with the company's needs.
Showcase Your Achievements: When detailing your past roles, focus on specific achievements that demonstrate your ability to manage security operations and compliance effectively. Use metrics where possible to quantify your impact, such as successful audits or improved security frameworks.
Proofread and Edit: Before submitting your application, take the time to proofread your documents. Check for spelling and grammatical errors, and ensure that your writing is clear and professional. A polished application reflects your attention to detail, which is crucial in security management.
How to prepare for a job interview at CODA Technology Services
✨Know Your Frameworks
Make sure you have a solid understanding of compliance standards like ISO 27001 and NIST. Be prepared to discuss how you've implemented these frameworks in previous roles, as this will demonstrate your expertise and relevance to the position.
✨Showcase Your Incident Response Skills
Be ready to talk about your experience with developing incident response policies and how you've handled cybersecurity incidents in the past. Providing specific examples will help illustrate your hands-on approach and preparedness for the role.
✨Highlight Stakeholder Engagement
Since building relationships with internal stakeholders is crucial, think of examples where you've successfully aligned security practices with operational needs. This will show that you can effectively communicate and collaborate across different teams.
✨Demonstrate Risk Management Experience
Prepare to discuss your experience in enterprise risk management and supply chain security. Highlight any risk assessments you've conducted and how you've managed vendor risks, as this is a key responsibility in the role.