Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the creation and management of a comprehensive security framework across multiple domains.
- Company: Join Lemongrass, a global leader in SAP consulting and cloud solutions.
- Benefits: Enjoy competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact by safeguarding client environments and promoting a proactive security culture.
- Qualifications: 5+ years in Information Security with expertise in governance, risk, and compliance.
- Other info: Collaborate with top talent in a dynamic environment focused on innovation.
The predicted salary is between 36000 - 60000 ÂŁ per year.
The Information Security Manager (ISM) at Lemongrass is responsible for the creation, implementation, and ongoing management of the Lemongrass Security Framework (LSF). This framework spans all critical security domains including Cloud (AWS, Azure, GCP), Identity and Access Management (IAM), Operations, Data, Artificial Intelligence (AI), SAP on Cloud, and Product Development.
The ISM ensures that security is embedded by design, by default, and by operation, guiding the business and technical teams to align with industry best practices and compliance standards. This role is crucial in safeguarding Lemongrass and its client environments by promoting a proactive security culture, ensuring that policies, standards, procedures, and guidelines are comprehensive, current, and operationally enforced.
Responsibilities:
- Security Framework Development: Lead the design and evolution of the LSF to cover all operational and technical domains, including data classification, protection, governance, and lifecycle management.
- Policy & Governance: Develop and maintain security policies, ensuring supporting standards, procedures, and guidelines are created by relevant teams and aligned to regulatory and business needs.
- Operational Assurance: Establish and oversee security compliance mechanisms across the business, ensuring secure‑by‑default practices in architecture, deployment, and operations.
- Security Compliance & Testing: Lead ongoing compliance assessments and internal audits and provide reporting at client and business unit levels.
- Client‑Facing Advisory: Act as a subject‑matter expert and advisor on security and risk management, supporting pre‑sales engagements, Monthly Service Reviews (MSRs), and Quarterly Business Reviews (QBRs).
- Cross‑Functional Engagement: Partner with Architecture, DevOps, SAP, and AI teams to ensure that security is built‑in, not bolted on.
- Security Awareness & Culture: Promote a strong security culture through internal guidance, awareness campaigns, and training.
- Continuous Learning and Development: Stay updated on the latest cloud security trends, technologies, and regulatory changes. Participate in ongoing professional development and certification.
- Promote automation: Work with our Security Engineers to ensure that our controls are applied and governed through automated means wherever possible.
Supervisory Responsibilities: No direct line management, but strong influence across Architecture, Product, Operations, and Customer Success teams. May lead virtual security working groups and mentor staff in security‑related responsibilities.
Qualifications Required Skills/Abilities:
- Security Governance & Frameworks: Deep knowledge of ISO 27001, NIST, CIS, CSA CCM, SOC2 and secure development lifecycle principles.
- Cloud Security: Strong understanding of cloud‑native security across AWS, Azure, and GCP.
- SAP & AI Security: Awareness of security requirements for SAP on Cloud and modern AI/ML platforms.
- Data Security & Governance: Experience with data classification models, data loss prevention (DLP), encryption, and compliance frameworks (e.g., GDPR, HIPAA, CCPA).
- Risk & Compliance: Ability to lead risk assessments, develop mitigation strategies, and map controls to compliance standards.
- Communication & Influence: Strong skills in translating technical controls into business language and influencing at all organisational levels.
- Documentation & Reporting: Skilled in producing comprehensive policy documents, compliance reports, and security dashboards.
Education and Experience:
- Minimum of 5 years of experience in Information Security, including governance, risk, and compliance (GRC) functions.
- Experience designing and implementing enterprise security frameworks in a cloud‑native or hybrid environment.
- Relevant maintained professional certifications such as CISM, ISO 27001 Lead Implementer.
Additional Requirements: Occasional travel may be required. The selected applicant will be subject to a background investigation, which will be conducted and the results of which will be used in compliance with applicable law.
Information Security Manager in London employer: Lemongrass Consulting
Contact Detail:
Lemongrass Consulting Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Prepare for interviews by researching the company and its security practices. Familiarise yourself with their tech stack and be ready to discuss how your experience aligns with their needs. Show them you’re not just another candidate, but someone who truly understands their business.
✨Tip Number 3
Practice your pitch! Be clear about your skills and how they relate to the role of Information Security Manager. A confident, concise introduction can set the tone for the rest of the conversation and make you memorable.
✨Tip Number 4
Don’t forget to follow up after interviews! A quick thank-you email reiterating your interest in the position and highlighting a key point from your discussion can keep you top of mind. Plus, it shows your enthusiasm for the role!
We think you need these skills to ace Information Security Manager in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Information Security Manager role. Highlight your experience with security frameworks and cloud security, as these are key areas for us at Lemongrass.
Showcase Your Skills: Don’t just list your qualifications; demonstrate how your skills align with our needs. Talk about your experience with ISO 27001, NIST, and any relevant certifications you hold. We want to see how you can contribute to our security culture!
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language and avoid jargon where possible. We appreciate a well-structured application that gets straight to the point, showing us why you're the right fit.
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Lemongrass Consulting
✨Know Your Security Frameworks
Make sure you brush up on your knowledge of security frameworks like ISO 27001, NIST, and SOC2. Be ready to discuss how you've applied these in past roles, especially in cloud environments. This will show that you understand the importance of embedding security by design.
✨Demonstrate Cross-Functional Collaboration
Prepare examples of how you've worked with different teams, such as Architecture, DevOps, and Product Development, to implement security measures. Highlight your ability to influence without authority and how you’ve promoted a proactive security culture in previous positions.
✨Showcase Your Client-Facing Skills
As an Information Security Manager, you'll need to advise clients on security and risk management. Think of scenarios where you've successfully communicated complex security concepts to non-technical stakeholders. This will demonstrate your ability to translate technical jargon into business language.
✨Stay Updated on Trends
Familiarise yourself with the latest trends in cloud security, AI, and data governance. Mention any recent certifications or training you've completed. This shows your commitment to continuous learning and your readiness to tackle evolving security challenges.
