At a Glance
- Tasks: Lead information security for the London Cycle Hire Scheme and drive a proactive security culture.
- Company: Join Serco, a leader in delivering essential public services with a focus on innovation.
- Benefits: Enjoy flexible working, competitive salary, and a wealth of career development opportunities.
- Other info: Be part of a diverse team committed to inclusion and support.
- Why this job: Make a real impact on public services while shaping the future of information security.
- Qualifications: ISO27001 certification and strong relationship-building skills are essential.
The predicted salary is between 63000 - 63000 £ per year.
Serco is proud to operate the London Cycle Hire Scheme - one of the capital’s most visible and impactful public services. We are now recruiting a brand-new Information Security Manager (ISM) to help shape the future security posture of this high-profile, citizen-facing contract.
This isn’t a role about sitting behind policies or focusing solely on tech. We need someone who can build strong relationships, steer suppliers, engage directly with our customer, and roll out practical, people-focused security improvements from day one. You will set the foundations, mature our processes, drive awareness, and ensure cyber security and data protection are embedded into everything we deliver.
You will take operational ownership and accountability for all information security management processes across Serco delivery of the London Cycle Hire Scheme (LCHS). You’ll maintain alignment with ISO27001, ensure compliance with data protection legislation, and manage information security and data protection activities in partnership with the Data Protection Champion (DPC), the Cyber Assurance Lead, and contract leadership.
As Part Of This You’ll:
- Take operational ownership of all information security processes across the LCHS contract.
- Lead information security risk management, incident response, and investigations.
- Maintain ISO27001 alignment and support GDPR/DPA 2018 compliance with the DPC.
- Establish and run an Information Security Management Forum.
- Drive a proactive security culture through training, awareness, and engagement.
- Manage and coordinate assurance activities, including audits, pen tests, and IT Health Checks.
- Work directly with the customer and suppliers to ensure security obligations are met and understood.
- Provide clear, accessible security advice to stakeholders at all levels.
- Conduct gap analyses against ISO27001 and HMG standards and produce remediation plans.
- Support new projects with Secure by Design guidance, including technical, procedural, physical, and personnel controls.
- Oversee documentation, risk registers, and security governance records.
- Recommend appropriate security controls, technologies, and improvements.
- Maintain all information security and data protection documentation and ensure ongoing compliance.
What You’ll Need To Do The Role:
We are looking for someone who is credible, engaging, pragmatic, and people-focused, with the ability to guide suppliers and influence stakeholders at every level.
Essential Skills & Qualifications:
- ISO27001 Lead Implementer and/or Lead Auditor.
- Cyber security formal certification (e.g. CISM, CISSP).
- Strong understanding of data protection legislation (GDPR/DPA 2018).
- Risk management experience.
- Experience managing security in complex, multi-supplier environments.
- Ability to translate complex security concepts into clear, actionable guidance.
- Strong relationship-building and stakeholder engagement skills.
- Ability to work independently, organise workload, and deliver to deadlines.
- Eligible for BPSS clearance.
Desirable:
- Experience supporting UK government or public sector contracts.
- Experience in customer-facing roles.
What We Offer:
- Flexible working considered.
- Pension – 6%.
- Chance to contribute to innovation in the public services.
- A company passionate about diversity and inclusion.
- Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
- A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
- A wealth of career development training to suit your future aspirations.
- A safe and supportive culture.
About Serco:
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.
By joining Serco you will have unlimited access to our Global Employee Networks – SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging.
Equal Opportunity:
At Serco we support fair access to employment for those with unspent criminal convictions through the ‘Ban the Box’ pledge (some may be exempt due to the nature of the role and the security clearance required). We operate a hybrid work structure in many of our business areas and are proudly Disability Confident Leader employers and holder of the Gold Inclusive Employer Standard.
Information Security Manager employer: Serco
Serco is an exceptional employer, offering a dynamic work environment where innovation meets public service. As an Information Security Manager for the London Cycle Hire Scheme, you will enjoy flexible working arrangements, a strong focus on employee wellbeing, and extensive career development opportunities. With a commitment to diversity and inclusion, Serco fosters a supportive culture that empowers you to make a meaningful impact in the community while advancing your professional journey.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Manager
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Serco, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Serco
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Serco. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Serco insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Serco that you’re committed to staying ahead in the game.
How to prepare for a job interview at Serco
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Serco to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Serco.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
