ISMS & IT Operations Manager (ISO 27001) in Hedge End

Connect it Utility Services is a leading provider of utility consultancy, delivery, and infrastructure solutions across the UK. We work in partnership with developers, contractors, and local authorities to deliver safe, compliant, and efficient utility connections. Our success is driven by strong governance, innovation, and a commitment to maintaining high operational and security standards as we continue to grow.

We are now looking for an experienced IT Manager to take ownership of our day-to-day IT operations, infrastructure, and support services across the organisation, ensuring that systems are secure, resilient, and aligned with business needs. A core accountability of the role is ownership of ISO 27001 and the Information Security Management System (ISMS), ensuring ongoing compliance, audit readiness, and continual improvement in information security and operational maturity.

• Manage the daily delivery of IT support services, ensuring incidents, service requests, and problems are resolved efficiently and effectively.
• Act as the senior escalation point for complex or high-impact IT incidents, ensuring root cause analysis and preventative actions are completed.
• Oversee the availability, performance, and reliability of IT systems, networks, cloud platforms, and end-user technology.
• Ensure appropriate monitoring, patching, backup, and disaster recovery controls are in place and regularly tested.
• Maintain accurate and up-to-date system, configuration, and operational documentation.

• Oversee servers, networks, endpoints, and SaaS platforms to ensure secure and efficient operation.
• Manage user access and role-based permissions within Salesforce, applying least-privilege access principles.
• Support system upgrades, implementations, and integrations in line with business and change management requirements.
• Ensure IT assets are effectively managed throughout their lifecycle.

• Act as the ISO 27001 and ISMS Owner for the organisation.
• Lead information security risk assessments, risk treatment plans, and control effectiveness reviews.
• Coordinate internal audits, external certification audits, surveillance audits, and management reviews.
• Ensure audit findings, non-conformities, and improvement actions are tracked, managed, and closed effectively.
• Own and maintain information security policies, standards, and procedures, ensuring staff awareness and compliance.

• Support IT-related Business Continuity Plans (BCPs) and Disaster Recovery arrangements, including testing and ongoing review.
• Ensure compliance with relevant legal, regulatory, and contractual obligations related to IT and data security.
• Produce regular reports on IT performance, information security risks, and compliance status for senior stakeholders.

• Manage relationships with IT suppliers, managed service providers, and third-party vendors.
• Ensure suppliers meet service levels, security expectations, and contractual obligations.
• Work closely with internal teams to ensure IT services effectively support operational and strategic objectives.

• Strong understanding of IT operations, infrastructure management, and service delivery best practices.
• Experience supporting internal and external audits, including evidence preparation and audit remediation.
• Knowledge of information security risk management and governance frameworks.
• Proven experience managing and maintaining secure IT environments aligned with frameworks such as Cyber Essentials and/or Cyber Essentials Plus.
• Strong knowledge of IT Asset Management (ITAM), including lifecycle management, asset tracking, licensing compliance, and auditing.
• Hands-on administration of Microsoft 365 (O365), including user management, security policies, Exchange Online, SharePoint, and Teams.
• Strong stakeholder management skills, with the ability to communicate technical topics clearly to non-technical audiences.

• Degree or equivalent professional qualification in Information Technology, Computer Science, Cyber Security, or a related discipline.
• Professional certifications such as ISO 27001 Lead Implementer or Lead Auditor, ITIL, or relevant security certifications are desirable.

Connect it is an equal opportunities employer, and we value diversity and promote equality across our business. We welcome applications from all sections of society and are always happy to discuss reasonable adjustments and/or additional arrangements as required to support your application.