IT Security and Compliance Manager

The Opportunity

We’re seeking a forward-thinking IT Security and Compliance Manager to play a key role in protecting and shaping our technology environment while supporting our continued business growth. Reporting to the Chief Information Officer, you will lead the security, governance and operational delivery of our IT services, ensuring systems remain secure, compliant and resilient. This is a highly visible role where you’ll partner with internal teams, customers and third-party providers to strengthen cyber security, drive certification and audit readiness, and support the development of scalable, reliable IT services. If you enjoy combining strategic security leadership with hands-on operational oversight in a collaborative and evolving environment, this is an exciting opportunity to make a genuine impact.

Who We Are

OpenWorks is a rapidly growing business operating globally with a passion for exceptional engineering and building on a legacy of defence innovation in the North East of England. Our products provide ultra-high performance, real-time detection, tracking, identification and targeting of dynamic aerial threats. They have been deployed internationally to protect high profile military and civilian assets, and contribute towards the defeat of nuisance, misguided and maliciously deployed drones during operations. We are very proud to have supported a wide range of law enforcement and military operators, protecting many of the most high profile sites and individuals around the world. The amazing things we do are only possible because of a dedicated and passionate team.

Why You’ll Love Working With Us

• Competitive remuneration package, with performance-related bonuses and clear progression opportunities.
• 25 days’ holiday + public holidays, with long-service rewards and the option to buy up to 5 additional days.
• Free breakfast and freshly cooked lunches every day, courtesy of Chef Mark and his team.
• Private healthcare through Aviva, keeping you feeling your best.
• Life assurance for peace of mind.
• Salary sacrifice schemes – including EV car and Cycle to Work options for easy, sustainable travel.
• Paid team socials – from quiz nights and football to board games and more; we love to have fun together.
• Pension plan with up to 4% employer-matched contributions to help you plan for the future.
• A culture that empowers – we enable change, encourage challenge, and celebrate personal growth.

What you’ll be doing:

• Cyber Security and Compliance

• Policy & Standards: Develop and maintain cyber security policies, standards and procedures.
• ISMS Management: Own and continuously improve the Information Security Management System.
• Certification & Frameworks: Lead Cyber Essentials Plus and maintain alignment with recognised security frameworks.
• Audit Leadership: Manage customer and external cyber security audits and evidence preparation.
• Governance Alignment: Partner with Contracts, Compliance and Quality teams to meet governance and contractual requirements.
• Risk & Assurance: Conduct internal audits of systems, suppliers and contractors to identify and manage risk.
• Incident Management: Lead security incident response, remediation and lessons learned.
• Threat & Regulatory Monitoring: Track emerging threats, regulatory changes and industry best practice.
• Customer & Bid Support: Provide cyber security expertise for bids, customer engagements and contract negotiations.
• Access & Data Protection: Oversee governance of system usage, access controls and data protection.

• Service Performance: Oversee reliable and effective day-to-day IT service delivery.
• Escalation Management: Act as the primary escalation point for IT service issues.
• Supplier Management: Manage and optimise Managed Service Provider performance.
• Infrastructure Growth: Support scalable and resilient IT infrastructure development.
• Microsoft 365 Management: Oversee Microsoft 365 and collaboration platforms.
• Project Delivery: Support IT projects, ensuring security and resilience are embedded.
• Stakeholder Support: Provide technical guidance to promote secure and effective system use.

What we’re looking for:

• IT Security Leadership: Experience in an IT Security, Information Security or IT Management role with responsibility for secure service delivery.
• Governance & Compliance: Strong understanding of cyber security frameworks, policy development, audits and certification, ideally in regulated industries such as defence or aerospace.
• ISMS & Risk Management: Proven experience implementing or managing cyber security management systems, risk assessments, and security assurance programmes.
• Microsoft 365 & Cloud Security: Experience managing or supporting Microsoft 365 environments and associated security controls.
• Stakeholder & Communication Skills: Ability to engage stakeholders and clearly translate technical risks into business impact.
• Strategic & Operational Balance: Comfortable balancing hands-on IT operational delivery with longer-term security and governance objectives.
• Problem Solving & Adaptability: Strong analytical skills, proactive and self-motivated, able to thrive in a growing and evolving organisation.

Qualifications and Certifications

• Essential: Relevant degree or equivalent professional experience in IT, Cyber Security or Information Security.
• Desirable: Cyber Essentials / Cyber Essentials Plus training or certification. Experience implementing and maintaining DCC and NIST cyber security accreditations in partnership with external consultants.

What you’ll get:

As a small, fast growing company with over 70 people which is continually expanding, we offer the opportunity for a professional to have autonomy and responsibility. You’ll directly see the impact of your efforts.

More about us:

• Vision: Help protect the territory and airspace of NATO countries and their allies.
• Mission: Be a world-leading provider of autonomous technology for Surveillance applications and Defence.
• Values:

• Be a Good Egg: Earn respect, have mutual trust and be honest.
• Do cool stuff: We develop cool tech with an awesome team, and we get stuff done.
• Be empowered: We are autonomous, reliable and take personal responsibility.
• We are one team: Look out for each other and the team.
• Things go wrong: Fail fast, learn and move on.
• Have fun: We’re doing amazing things with passionate people.