Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance and compliance efforts while ensuring audit readiness across the organisation.
- Company: Join a forward-thinking company prioritising security and innovation.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact on security practices in a dynamic, tech-driven environment.
- Qualifications: 7+ years in information security with strong ISO 27001 experience.
- Other info: Collaborate with diverse teams and contribute to continuous improvement initiatives.
The predicted salary is between 36000 - 60000 £ per year.
My client is seeking an experienced Information Security Manager to take strategic ownership of security governance, risk oversight, and audit readiness across the organisation. This role is accountable for maintaining continuous compliance while enabling teams to deliver quickly and securely within a regulated environment. The successful candidate will guide and mature the information security function, partnering closely with technical and operational teams to embed practical, outcome-driven security practices.
Key Responsibilities
- Own information security governance and the ISMS lifecycle end-to-end, including risk registers, policies, internal audits, management reviews, and external certification audits.
- Lead compliance efforts across recognised security standards (including ISO 27001) and expand governance into additional frameworks as needed.
- Build and maintain a robust, audit-ready evidence pipeline with clear accountability.
- Maintain an accurate, decision-focused risk register with defined mitigation actions and responsible owners.
- Run pragmatic policy lifecycle, exception management, and governance processes.
- Define assurance and evidence expectations for technical security controls.
- Validate control effectiveness and ensure constant audit readiness.
- Support vendor and customer security assessments and due diligence requests.
- Participate in incident response activities, ensuring corrective actions are tracked and resolved.
- Design and deliver organisation-wide security awareness and education programmes.
- Maintain clear, accessible security guidance and best-practice materials for all teams.
- Lead and develop the information security function, collaborating with engineering, IT, operations, and governance stakeholders.
- Contribute to resilience, reliability, and continuous improvement initiatives from a risk and compliance perspective.
Qualifications and Experience
- 7+ years experience in information security, GRC, or ISMS leadership roles.
- Proven experience owning ISO 27001 end-to-end, including internal and external audit cycles.
- Strong background in managing evidence, documentation, and compliance artefacts.
- Ability to translate technical security controls into audit-ready, defensible compliance evidence.
- Demonstrated ability to influence and collaborate effectively across the organisation.
- Preferred Exposure to additional frameworks such as SOC 2, ISO 27701, CIS Controls, or similar.
- Professional security certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor/Implementer).
- Experience partnering with security engineering, platform, or cloud teams.
- Background working in fast-paced, scaling, or tech-driven environments.
Information Security Manager Governance, Risk & Compliance (United Kingdom) employer: GCS
Contact Detail:
GCS Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager Governance, Risk & Compliance (United Kingdom)
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or conferences related to information security. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a personal project or contribute to open-source initiatives that showcase your expertise in governance, risk, and compliance. This not only builds your portfolio but also gives you something tangible to discuss during interviews.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to ISO 27001 and other frameworks. Be ready to share specific examples of how you've managed risk registers or led compliance efforts in past roles. Confidence is key!
✨Tip Number 4
Don’t forget to apply through our website! We’ve got some fantastic opportunities waiting for you. Plus, applying directly shows your enthusiasm and commitment to joining our team. Let’s get you that dream job!
We think you need these skills to ace Information Security Manager Governance, Risk & Compliance (United Kingdom)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of Information Security Manager. Highlight your experience with ISO 27001 and any relevant frameworks, as well as your ability to manage risk registers and compliance efforts. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your past experiences have prepared you for this role. Don’t forget to mention your collaborative approach and how you can help us embed practical security practices.
Showcase Your Achievements: When detailing your experience, focus on specific achievements that demonstrate your impact in previous roles. Whether it's leading successful audits or developing security awareness programmes, we love to see quantifiable results that show how you’ve made a difference.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates. Plus, we’re excited to see what you bring to the table!
How to prepare for a job interview at GCS
✨Know Your Stuff
Make sure you’re well-versed in information security governance, risk management, and compliance frameworks like ISO 27001. Brush up on your knowledge of audit processes and be ready to discuss how you've handled these in past roles.
✨Showcase Your Experience
Prepare specific examples from your 7+ years in the field that highlight your leadership in GRC or ISMS roles. Be ready to explain how you’ve successfully managed compliance artefacts and documentation, as well as your approach to maintaining an audit-ready state.
✨Collaboration is Key
This role requires working closely with various teams. Think of instances where you’ve influenced or collaborated effectively across departments. Highlight your ability to translate technical security controls into practical, actionable steps for different stakeholders.
✨Be Ready for Scenario Questions
Expect questions that assess your problem-solving skills in real-world situations. Prepare to discuss how you would handle vendor assessments, incident responses, or policy lifecycle management. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
