Security Manager (14298)

As a partner to businesses and governments, Crane Authentication offers expertise and cutting-edge innovations that protect and enhance products, secure identities, safeguard revenues and enforce compliance. Customers from different business sectors and levels of government trust our team of 1,250 people for their expertise in R&D, security design, engineering and data-driven insights. We are an integral part of Crane NXT, a c$2 billion dollar business with over 5,000 associates.

As part of our growth we are looking for an ISO 14298 Site Security Manager, where you will be part of a global best in class Operations team.

The ISO 14298 Security Manager is responsible for establishing, implementing, maintaining, and continually improving the site’s Security Printing Management System (SPMS) compliant with ISO 14298:2021. The role ensures that security controls across people, processes, technology, and facilities effectively protect high-value products and sensitive information throughout design, production, storage, and distribution. This position leads risk assessment, control design, certification readiness (including Intergraf certification where applicable), internal auditing, corrective and preventive actions, and stakeholder engagement to meet customer, regulatory, and company requirements. This role covers both Crane Authentications Washington manufacturing facility and an R&D laboratory in Leicester.

• Lead the site security program in alignment with ISO 14298 and company policies.
• Chair Security Management Reviews; track actions, KPIs, and improvements.
• Partner with Operations, Quality, EHS, IT, Legal/Compliance, and R&D to embed security into daily activity and change initiatives.
• Own SPMS documentation (policies, procedures, risks, records, secure forms) and ensure proper document control.
• Maintain all customer related security requirements.
• Lead periodic and project-based risk assessments across physical, information, personnel, product, and supply-chain domains.
• Complete internal inspections and drive corrective actions in line with the requirements of security standards.
• Provide support for Security Operations Centre personnel.
• Define and implement proportionate preventive, detective, and corrective controls.
• Manage perimeter, building, and access controls, visitor processes, CCTV, intrusion detection, and key/lock systems.
• Oversee personnel vetting, confidentiality requirements, and need-to-know permissions.
• Ensure end-to-end secure material handling (receiving, storage, WIP, reconciliation, destruction, dispatch).
• Oversee validated processes, change control, and documented approvals.
• Coordinate with IT/InfoSec to secure digital assets (design files, data, keys) via encryption, access control, backups, and controlled transfers; align with ISO 27001 where relevant.
• Plan and execute internal audits; manage external audits for ISO 14298 and customer requirements.
• Lead corrective/preventive actions and maintain certification evidence.
• Deliver training on security procedures and incident response; maintain competency records.
• Lead incident response, investigations, root-cause analysis, reporting, and corrective/preventive actions.
• Assess and monitor security-critical suppliers; ensure contractual and audit controls.
• Serve as primary contact for customer security requirements and audits.
• Manage security elements of business continuity and disaster recovery; ensure protection of assets and rapid recovery.
• Track KPIs and report performance to leadership; manage the security budget.

Education: Professional certifications (e.g., ISO Management Systems, ISO 27001 Lead Implementer/Lead Auditor, ASIS CPP/PSP) advantageous.

Experience: Significant experience in security management within security printing, identity documents, banknote or product authentication industries, or highly regulated manufacturing. Proven track record implementing and maintaining management systems (ISO 14298, ISO 27001/9001) and leading audits/certifications. Demonstrated ability to design and operate end-to-end controls for secure materials, data, and processes.

Deep understanding of ISO 14298 requirements and practical implementation in a production environment. Strong knowledge of physical security, information security, supply-chain security, and risk management techniques. Excellent leadership, coaching, communication, and stakeholder management skills; able to influence across functions. Analytical, data-driven, and proficient with Microsoft 365 tools and security/incident management systems.

Regular travel to Leicester (10%) & limited travel to group sites for project support and knowledge sharing.

Competitive Salary. Annual Bonus scheme. 25 days’ annual leave plus national holidays. Life Insurance Company Pension Scheme.

We value diversity at our company. Everyone who applies with the qualifications will receive consideration for employment without regard to: age, colour, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by law. We receive a high number of applications, so apologies if we are unable to provide specific feedback. If we feel you are a fit for the role, we’ll be in contact.