Platforms & Products Security Manager

At Digital Catapult, we are accelerating the practical application of deep technologies to equip the UK to be future-ready. From AI and advanced media to digital twins, quantum research and next-generation mobile networking, we work at the cutting edge of what is possible. We need an enthusiastic Platforms & Products Security Manager who can bring dedicated security expertise into these innovation domains.

You will assess security posture across our emerging tech platforms, design governance frameworks that enable innovation, and extend our ISO 27001 ISMS into research, experimental, and proof-of-concept environments. You will partner with product teams to standardise security practices, mentor teams toward secure innovation, and help emerging technologies move safely toward production.

What you’ll do:

• Assess security risk and maturity across AI systems, advanced media production, mobile networking test labs, digital twins, quantum research, and other emerging tech initiatives to understand their security posture, complexity and readiness for production.
• Prioritise security hardening efforts based on genuine risk, not compliance checklists.
• Design and implement security governance frameworks and decision-making processes that embed security without creating bureaucratic friction.
• Partner with product teams to improve and standardise security practices, sharing guidance and providing support, training and mentorship without direct authority.
• Extend and tailor our ISMS to cover emerging tech domains, balancing compliance with the unique constraints of experimental environments.
• Maintain security posture as experimental systems mature toward production.

You will bring strong and demonstrable security experience in complex, fast-moving technical environments, with a genuine track record of:

• Risk judgment in experimental contexts: You assess maturity and identify gaps in complex environments; you are comfortable with proportionate, context-aware decisions where textbook solutions do not exist.
• Previous experience conducting or leading ISO 27001 risk assessments and translating findings into actionable recommendations.
• Familiarity with other security standards/guidance such as Cyber Essentials Plus would be highly beneficial.
• ISMS design and governance: You have designed, extended, or tailored security frameworks for diverse organisational contexts; you know how to adapt requirements for research vs. production and established decision-making processes.
• Influence without authority: You have shaped security practices in teams where you had no direct reporting relationship; you will have strong stakeholder management, interpersonal and communication skills and experience of translating technical concepts into understandable business language and build credibility and trust through expertise.
• Emerging tech exposure: You have worked with AI/ML, cloud, advanced media production, IoT, digital twins, quantum, mobile networking, or similar emerging domains; you are comfortable learning/understanding new technical spaces rapidly.
• Pragmatism: You distinguish genuine risks from box-ticking; you support innovation while holding the line where it matters; you are resilient in the face of pushback.

You hold CISSP, CISM, or equivalent professional security certification demonstrating advanced security knowledge and commitment to the field. An ISO 27001 Lead Auditor qualification is desirable, and emerging tech security certifications (AI security, quantum-safe cryptography, etc.) would be an advantage. Ideally, you have worked in innovation-driven, research-focused, or deep-tech organisations where balancing security with pace is critical.

Deadline for Applications: 22nd February 2026

Commitment to Equality, Diversity and Inclusion: We recognise and value the advantages and opportunities that come with having people from diverse backgrounds working with us and it is our ambition to build an organisation which is representative and reflective of UK society. We welcome applications from neurodivergent candidates, candidates from minority and underrepresented groups and from candidates with more or less experience, provided the requisite skills can be demonstrated. As members of the Disability Confident Scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancy. Please do speak with us about adjustments that could support you through our interview process. Digital Catapult is an equal opportunities employer.

We are in the UK’s Top 100 Best Workplaces and placed in the UK’s Best Workplaces in Tech and Large Organisations. Digital Catapult is a Disability Confident Committed Level 1 Employer.

Excellent holiday package: 25 days annual leave, Bank Holidays and 3 days between Christmas and New Year; Double-matched pension up to 10% of your salary; Discretionary company bonus 4% of your salary to use towards selecting benefits that work for you, including health cash plan, Private Medical Insurance; buying holiday, topping up your pension; E-Vehicle Scheme; Cycle2Work; Tech Scheme; Gym Discounts; Give As you Earn; PerkPal; Life insurance 4x salary; Free to access EAP & Financial Wellbeing advice; Enhanced maternity and paternity leave; Hybrid working - with great offices to work from 2 days per week with some roles needing to be onsite more regularly to ensure the successful delivery of our work; Investment in your ongoing learning and development with us; Company social events throughout the year and free office snacks!

We have a vibrant and engaging culture where all voices are heard and a variety of employee led affinity groups who champion initiatives and provide opportunities for feedback to be shared. We use moments in the year to educate everyone at Digital Catapult on different aspects of Equity, Diversity and Inclusion and to raise awareness. We also enjoy socialising and having fun together through a variety of company-wide events held throughout the year including our football team, running and climbing groups and volunteering activities.