Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and manage our Information Security Management System (ISMS) and ensure compliance with key frameworks.
- Company: Join Creative ITC, a global leader in cloud services and innovative IT solutions.
- Benefits: Enjoy competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact on security while working with cutting-edge technologies in a dynamic environment.
- Qualifications: Experience in information security and familiarity with ISO 27001 and Cyber Essentials Plus.
- Other info: Be part of a diverse team committed to creating an inclusive workplace.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Creative ITC is a leading infrastructure and global cloud service provider, renowned for designing and delivering exceptional managed services and cloud solutions across five continents. Our mission is to help customers realize the full potential of their investments and achieve business objectives faster. We specialize in developing financially-sound cloud roadmaps, simplifying adoption, minimizing disruption, and enhancing the performance of applications, data, and virtual desktops. Clients choose Creative ITC because we work tirelessly to fully understand their infrastructure needs, from current state to desired architecture. We excel in navigating the complexities of private, public, and hybrid cloud environments, ensuring seamless transitions and avoiding common pitfalls. Our commitment to client success is evident in our ability to speed up and de-risk the innovation process, align IT costs with actual usage, and master disruptive technologies.
Founded in 2006, Creative ITC has grown from a small consultancy into a global player in the IT infrastructure and cloud services industry. Headquartered in London, United Kingdom, we have expanded our reach to 11 Data Centers across the globe, consistently delivering innovative solutions and exceptional service to our clients 24/7.
POSITION SUMMARY
Creative are seeking an individual who is eager and hungry to step into an IS Manager position for the first time.
- Own and run an ISO/IEC 27001:2022‑aligned ISMS, including the Statement of Applicability and internal audit programme.
- Lead Cyber Essentials Plus readiness for our organisation and client engagements.
- Map and report security posture using NIST CSF 2.0.
- Drive a practical control baseline with CIS Controls v8.1.
- Run Third‑Party Risk Management (TPRM) with Procurement using Panorays.
- Ensure security/compliance alignment with UK GDPR and the Data Protection Act 2018.
Lead and Own:
- Audit performance: Reduction in ISO 27001/CE+ non‑conformities; timely closure of audit actions; clean certification outcomes.
- Risk transparency: Executive‑ready dashboards across ISO/NIST/CIS; clear SoA rationale; measurable control coverage and effectiveness.
- Supplier assurance: Increased supplier coverage in TPRM, faster onboarding cycle times, reduced high‑risk findings through Panorays‑guided remediation plans.
- Compliance alignment: Evidenced alignment to UK GDPR/DPA 2018 for security safeguards, retention, and supplier processing controls.
About the frameworks you’ll use:
- ISO/IEC 27001:2022 – Operate and audit an ISMS using 93 Annex A controls.
- Cyber Essentials Plus (CE+) – Prepare for verified technical testing across the scheme’s five themes.
- NIST CSF 2.0 – Use the Govern function alongside Identify/Protect/Detect/Respond/Recover.
- CIS Controls v8.1 – Start with IG1 (essential cyber hygiene) and evolve to IG2/IG3.
- Panorays – Automate supplier discovery, risk rating, questionnaires, continuous monitoring, and vendor remediation plans.
EDUCATION AND EXPERIENCE
- Strong experience in an information security junior/senior analyst role, with demonstrable hands on delivery and stakeholder engagement.
- Certifications: Already has or is actively working towards CISM, CRISC, CGEIT; ISO 27001 Lead Implementer/Lead Auditor.
- Framework fluency: Confident operating an ISO/IEC 27001:2022 ISMS and preparing for Cyber Essentials Plus technical verification.
- TPRM know how: Practical experience running or contributing to a TPRM programme.
- Communication: Exceptional English report writing; able to present confidently at executive level.
- Mindset: Self‑starter, hands on, outcome oriented, comfortable with ownership.
- Experience with cloud/SaaS risk and common enterprise tooling.
- Knowledge of UK specific assurance approaches.
KEY JOB ELEMENTS - Responsibilities and Accountabilities
- ISMS ownership: Establish, operate, and continuously improve our ISO/IEC 27001:2022 ISMS.
- Internal audit & certification readiness: Plan and deliver internal audits for ISO 27001, Cyber Essentials Plus, NIST CSF, and CIS Controls.
- Control baselining: Define and maintain a control baseline that harmonises ISO 27001 Annex A with CE+, NIST CSF 2.0 categories/functions and CIS IGs.
- Third Party Risk Management: Operate the Panorays enabled TPRM lifecycle.
- Security reporting: Produce concise, high quality English reports and executive packs.
- Policy & awareness: Draft, publish, and maintain clear policies/standards.
- Operational assurance: Support vulnerability management, incident response readiness, change control, and secure configuration baselines.
- Privacy & regulatory alignment: Embed security controls supporting UK GDPR/DPA 2018.
PERSON SPECIFICATION
- Articulate and confident.
- Highly organised with a focus on high quality documentation and change management.
- Good interpersonal skills, friendly and approachable.
- Can‑do approach and innovative by nature.
We are an equal opportunity employer and value diversity in our workforce. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, age, disability, veteran status, or any other protected characteristic under applicable law. We are committed to creating an inclusive environment where everyone can thrive.
Information Security Manager in Milton Keynes employer: Creative ITC
Contact Detail:
Creative ITC Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager in Milton Keynes
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their mission and values, especially how they align with your experience in information security. This will help you stand out as a candidate who truly gets them.
✨Tip Number 3
Practice your responses to common interview questions, but keep it natural. Use the STAR method (Situation, Task, Action, Result) to structure your answers, especially when discussing your hands-on experience in security roles.
✨Tip Number 4
Don’t forget to follow up after your interview! A simple thank-you email can go a long way in showing your enthusiasm for the role. And remember, apply through our website for the best chance at landing that dream job!
We think you need these skills to ace Information Security Manager in Milton Keynes
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Manager role. Highlight relevant experience, especially in ISO/IEC 27001 and Cyber Essentials Plus, and don’t forget to showcase your hands-on delivery skills!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your background aligns with our mission at Creative ITC. Keep it engaging and personal!
Showcase Your Communication Skills: Since this role involves presenting to executives, make sure to demonstrate your exceptional English report writing and communication skills in your application. We want to see how you can translate complex concepts into clear, understandable language.
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Creative ITC!
How to prepare for a job interview at Creative ITC
✨Know Your Frameworks
Familiarise yourself with ISO/IEC 27001:2022, NIST CSF 2.0, and CIS Controls v8.1. Be ready to discuss how you've applied these frameworks in your previous roles, especially in relation to risk management and compliance.
✨Showcase Your Communication Skills
Prepare to demonstrate your ability to translate complex security concepts into simple terms. Practice explaining technical topics as if you're talking to someone without a tech background, as this will be crucial when presenting to executives.
✨Highlight Your Hands-On Experience
Be ready to share specific examples of your hands-on experience in information security. Discuss any projects where you’ve implemented or improved ISMS, conducted audits, or managed third-party risks, particularly using tools like Panorays.
✨Demonstrate Your Problem-Solving Mindset
Prepare to discuss challenges you've faced in previous roles and how you overcame them. Show that you're a self-starter who can take ownership of tasks and drive results, especially in high-pressure situations.
