Security Lead

Security Lead

Full-Time 65000 - 65000 £ / year (est.) No working from home possible
Mental Health Innovations

At a Glance

  • Tasks: Lead our security management system and maintain ISO 27001 certification.
  • Company: Join a charitable organisation focused on mental health innovations.
  • Benefits: Up to £65,000 salary, 25 days leave, private health insurance, and pension scheme.
  • Other info: Hybrid working with opportunities for professional growth and development.
  • Why this job: Make a real impact in security while supporting mental health initiatives.
  • Qualifications: Experience in risk management and knowledge of security standards like ISO 27001.

The predicted salary is between 65000 - 65000 £ per year.

Location

Hybrid working, with a mix of home and minimum 1 day per week in West London office

Salary

Up to £65,000 per annum

We aim to be transparent about remuneration at MHI.

As a charitable organisation, salaries for this role are predetermined and not negotiable.

Please consider the advertised salary before applying.

Hours of Work

40 hours per week, inclusive of a daily 1 hour paid lunch

Contract

  • Permanent
  • 25 days annual leave per year, plus public holidays;
  • Company electronic devices;
  • Enhanced salary sacrifice pension scheme;
  • Private health insurance after completion of probation;
  • Eligibility for a Blue Light discount card.

Closing Date

24th July 2026 at 5pm. We reserve the right to close the job advert early if we receive a high number of applicants.

Click Here for a full copy of the candidate pack for this role.

Job Summary

To operate our information security management system, and maintain Mental Health Innovations’ ISO 27001 certification.

Key Responsibilities

  • Building and maintaining excellent relationships with team leads across the organisation to raise awareness of security and work through issues
  • Deputising for the Director in security matters as required
  • Operation of the ISMS and Data Protection processes
  • Managing risk register, preparing for management review meetings
  • Developing/maintaining controls and ensuring they are implemented across the organisation
  • Refining our security KPIs and maintaining them
  • Proposing actions from KPIs, events and incidents and coordinating resultant work
  • Working with the Director to track threats and vulnerabilities, evaluate risk levels and progress treatment plans
  • Ensuring secure endpoint and cloud posture
  • Working with the team to plan consultancy days; e. g. work items requiring deep knowledge of a specific security domain or a technical specialist
  • Monitoring our processes and suggesting improvements
  • Proposing and progressing other continuous improvement work
  • Feeding into training and awareness programmes and improving security culture
  • Preparing for audits and carrying out remediation work
  • Working with the Director to create, maintain and manage policies and ensure compliance
  • Planning and participating in incident response exercises
  • Managing major incidents and conducting post mortems/reviews

Person Specification

  • The ability to learn new skills and technologies quickly
  • Experience of risk management
  • Working knowledge of security standards and frameworks, particularly ISO 27001
  • Knowledge (and preferably experience) of GDPR and DPA 2018
  • Experience of incident management
  • Excellent knowledge of high level security concepts and best practice
  • Excellent documentation skills, including policies and standards
  • Knowledge of the following areas (deeper experience of one or more preferred):
  • Network security
  • Application security
  • Identity and access management
  • Secure distributed working practices
  • Ability and desire to learn new tools, skills and consider other perspectives
  • Growth mindset. Comfortable performing a wide range of activities, including stretching to new skill/experience areas
  • Ability to manage own time, confirm priorities and expectations
  • Independent worker who knows when to ask questions
  • Comfortable working with the wider team and organisation
  • Comfortable dealing with ambiguous situations and objectives
  • Don’t worry if you only have some of these - we’d still encourage you to apply.
  • Professional qualifications, such Comp TIA+, CISSP, CCSP, ISO 27001 Auditor
  • Exposure to ITIL (ITIL Foundation or higher preferred)

• Experience in one or more of the following

  • SSO & federated identities
  • Network security, SASE & VPNs
  • Infrastructure security and best practices
  • Working knowledge of encryption technologies
  • Password management and access control
  • Security training and awareness
  • Secure distributed working practices
  • Detection and response, with excellent troubleshooting skills

• Working knowledge of one or more of these tools/products

  • JIRA & Confluence
  • OSWindows/Office365
  • Google Workspace
  • Creative thinker, but understands the importance of seeing a piece of work through to the end and on time
  • Decisive, proactive, knows when to check the boundaries

This role is subject to eligibility to work in the UK, plus satisfactory background and reference checks.

We understand that AI is increasingly part of everyday life, and you might choose to use it when putting together your application.

While AI can be a helpful tool, we ask that anything you submit reflects your own skills, experiences, and perspective.

We value authenticity and integrity, and we want to see what you uniquely bring to our team and why our mission resonates with you personally.

#J-18808-Ljbffr

Security Lead employer: Mental Health Innovations

Mental Health Innovations is an exceptional employer, offering a supportive work culture that prioritises employee well-being and professional growth. With a competitive salary of up to £65,000 and generous benefits, including a hybrid working model and a focus on work-life balance, this role in West London provides a unique opportunity to make a meaningful impact in the field of information security while enjoying a collaborative environment.

Mental Health Innovations

Contact Details:

Mental Health Innovations Recruitment Team

We think you need these skills to ace Security Lead

ISO 27001
Risk Management
GDPR Knowledge
Incident Management
Network Security
Application Security
Identity and Access Management