Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the charge in managing cyber security and information security for a growing engineering firm.
- Company: Join a well-established construction engineering business with ambitious growth plans and multiple acquisitions ahead.
- Benefits: Enjoy a competitive salary, potential remote work options, and a dynamic team environment.
- Why this job: Be part of a critical expansion phase, driving ISO 27001 readiness and fostering a culture of security awareness.
- Qualifications: Experience with ISO 27001 and a strong background in cyber security management are essential.
- Other info: Work in Central London, starting with 4 days onsite, reducing to 3 after probation.
Information Security Manager
Are you ready to apply Make sure you understand all the responsibilities and tasks associated with this role before proceeding.
£75,000 PA
London – hybrid working
A well-established construction engineering business is seeking an experienced Information Security Manager to join them on a permanent basis. You\’ll be joining at a key time as the organisation expands its technical capability, with ambitious growth plans and multiple mergers and acquisitions planned.
The Information Security Manager will own the organisation\’s information security and data governance frameworks, ensuring data is secure, accurate and compliant across its full lifecycle. The role will maintain ISO27001 documentation and controls, support ongoing audit readiness and enforce robust governance policies for data quality, access and usage.
Responsibilities:
* Maintain ISO27001 documentation, controls and audit readiness (ISMS)
* Own and improve the data governance framework (policies, standards, procedures)
* Oversee the full data lifecycle from source to end client, ensuring integrity and compliance
* Ensure GDPR and wider regulatory compliance (including NIS2)
* Own data governance tools such as Microsoft Purview and Varonis (or similar)
* Identify and manage data operational and regulatory risks
* Collaborate across IT, Legal, HR, Operations, Onboarding/Bidding and Compliance
* Process DSARs, SAQs and PQQs
* Develop reporting/metrics and provide progress updates to senior stakeholders
* Deliver cyber security and data governance awareness training
Requirements:
* Strong experience maintaining ISO27001 controls, xiskglj documentation and audit readiness
* Strong background in information security and data governance
* Deep understanding of GDPR and data protection requirements
* Experience with Microsoft Purview and Varonis (or similar)
* Strong stakeholder management and communication skills
* Power BI and ServiceNow familiarity (desirable)
* Certifications such as CISSP/CISM/CIPP-E (highly advantageous)
Based in Central London, with 4 days per week onsite initially, dropping to 3 once probation is passed
Information Security Manager employer: Context Recruitment
Contact Detail:
Context Recruitment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Network with professionals in the information security field, especially those who have experience with ISO 27001. Attend industry events or webinars to connect with potential colleagues and learn about their experiences.
✨Tip Number 2
Familiarise yourself with the specific challenges faced by construction engineering businesses regarding information security. Tailor your discussions to demonstrate how your skills can address these unique challenges.
✨Tip Number 3
Prepare to discuss your previous experiences with ISO 27001 and how you successfully managed certification processes. Be ready to share specific examples of how you drove security improvements in past roles.
✨Tip Number 4
Research the company’s recent acquisitions and growth plans. Understanding their strategic direction will help you align your skills and experiences with their goals during discussions.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with ISO 27001 and cyber security management. Use specific examples that demonstrate your ability to identify and mitigate security risks, as well as any relevant qualifications like CISSP or CISM.
Craft a Strong Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your background aligns with their needs, particularly in relation to driving ISO-related strategies and managing security policies.
Showcase Relevant Experience: When detailing your work history, focus on your achievements in previous roles related to information security. Highlight any successful projects involving risk assessments, security improvements, or collaboration with external assessors.
Proofread Your Application: Before submitting, carefully proofread your CV and cover letter for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in the field of information security.
How to prepare for a job interview at Context Recruitment
✨Showcase Your ISO 27001 Knowledge
Make sure to highlight your experience with ISO 27001 during the interview. Be prepared to discuss specific strategies you've implemented in the past and how they contributed to certification readiness.
✨Demonstrate Cyber Security Awareness
Since the role emphasises a culture of cyber security awareness, share examples of how you've fostered this in previous positions. Discuss any training programmes or initiatives you've led to enhance security practices within a team.
✨Prepare for Technical Questions
Expect technical questions related to cyber security management and risk assessments. Brush up on relevant frameworks and be ready to explain how you've applied them in real-world scenarios.
✨Engage with Stakeholders
The role involves liaising with various stakeholders, so be prepared to discuss your communication style. Share examples of how you've successfully collaborated with different teams to achieve information security goals.
