At a Glance
- Tasks: Lead our information security strategy and protect data from cyber threats.
- Company: Join Sightsavers, a forward-thinking organisation dedicated to making a difference.
- Benefits: Competitive salary, remote work, and opportunities for professional growth.
- Other info: Dynamic role with excellent career advancement opportunities.
- Why this job: Make a real impact in cybersecurity while working with a passionate team.
- Qualifications: Experience in information security and strong communication skills required.
The predicted salary is between 45405 - 53418 £ per year.
Location: Remote, with a requirement to work from our modern Haywards Heath office approximately once per month.
Contract: Permanent
Salary: £45,405 to £53,418 depending on experience, with scope for discussion at interview.
About the role:
In this role, you will lead Sightsavers information security function, ensuring our systems, services and data are protected from evolving cyber threats. You will drive the development and delivery of our information security strategy, working closely with teams across the organisation to strengthen controls and embed secure ways of working. This will include overseeing key areas such as vulnerability management, patching and compliance activities, as well as identifying and assessing risks and supporting colleagues to put effective, practical safeguards in place. Acting as the organisation’s subject matter expert, you will play a central role in managing audits, supporting incident response and ensuring we meet key security standards, while continuously improving our overall security approach.
Responsibilities:
- Lead the development and delivery of Sightsavers information security strategy, ensuring it aligns with organisational priorities.
- Oversee key security controls, including patching, vulnerability management and change control processes.
- Identify and assess information security risks across the organisation, supporting teams to implement practical solutions.
- Provide expert advice and guidance on information security controls to protect systems, services and data.
- Act as the organisation’s subject matter expert for audits, reviews and security assurance activities.
- Maintain compliance with key standards and certifications, including Cyber Essentials and PCI-DSS.
- Lead or support the investigation of security incidents, ensuring lessons learned are captured and acted upon.
- Provide guidance on information governance, including data access, classification and retention practices.
- Monitor emerging cyber threats, trends and regulatory requirements, recommending improvements where needed.
- Promote awareness of information security across the organisation, encouraging good practice and secure behaviours.
- Build strong relationships with internal teams, suppliers and external partners to embed security into day-to-day operations.
- Support continuous improvement of security processes, ensuring controls remain effective and fit for purpose.
This is a highly varied and involved role and the above is not an exhaustive list of duties or required professional skills.
Jobholder Requirements:
- Strong experience working in information security, cyber risk or security governance within a complex organisation.
- A recognised professional certification such as CISSP, CISM or ISO 27001 (or equivalent experience).
- Solid understanding of security standards and compliance frameworks, including PCI-DSS.
- Experience applying security principles in a practical, real-world environment.
- Confident working with both technical and non-technical stakeholders.
- Strong communication skills, with the ability to translate complex information into clear, practical guidance.
- Highly organised, with strong attention to detail and the ability to manage competing priorities.
- Experience working within an outsourced or multi-supplier environment.
- Good technical understanding of IT infrastructure and security technologies.
- Ability to explain technical risks and concepts to a range of audiences across the organisation.
- Experience supporting audits, compliance frameworks or certification processes.
- An interest in staying up to date with emerging threats, trends and best practice in information security.
We anticipate that remote interviews will take place from the week commencing the 15th of June onwards and the evaluation process will include an online task. To apply for this exciting new opportunity, please complete an application via our recruitment portal. We are particularly interested in learning of your motivations for applying.
As an equal opportunity employer, we actively encourage applications from all sections of the community. Sightsavers is a Disability Confident Leader and qualified people with a disability are particularly encouraged to apply. Sightsavers is an employer that does not tolerate any form of harassment and has zero tolerance for sexual exploitation and abuse. All potential candidates will be subjected to rigorous background checks and controls.
Information Security Manager employer: Sightsavers
Sightsavers is an exceptional employer that prioritises the well-being and professional growth of its employees, offering a flexible remote working environment complemented by monthly collaboration at our modern Haywards Heath office. With a strong commitment to information security, we foster a culture of continuous improvement and innovation, providing opportunities for employees to develop their skills while making a meaningful impact in safeguarding vital data and systems. Join us to be part of a diverse team that values inclusivity and encourages everyone to contribute to our mission of creating a world where no one is blind and people with disabilities can participate equally in society.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Network like a pro! Reach out to folks in the information security field on LinkedIn or at industry events. Building connections can lead to insider info about job openings and even referrals.
✨Tip Number 2
Prepare for those interviews! Research common questions for Information Security Managers and practice your responses. We want you to showcase your expertise and how you can tackle real-world security challenges.
✨Tip Number 3
Show off your skills! If you’ve got any relevant projects or case studies, be ready to discuss them. We love seeing practical examples of how you’ve handled security risks or improved processes.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we’re keen to hear about your motivations for joining us in this exciting role!
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Show Your Passion:When you're writing your application, let us know why you're excited about the Information Security Manager role. Share what drives you in the field of information security and how you can contribute to our mission at Sightsavers.
Tailor Your CV:Make sure your CV highlights relevant experience that aligns with the job description. We want to see how your skills in vulnerability management, compliance, and risk assessment can help us strengthen our security strategy.
Be Clear and Concise:Keep your application straightforward and to the point. Use clear language to explain your experience and qualifications, making it easy for us to see how you fit into the role and our team.
Apply Through Our Website:Don't forget to submit your application via our recruitment portal! This helps us keep everything organised and ensures your application gets the attention it deserves. We can't wait to hear from you!
How to prepare for a job interview at Sightsavers
✨Know Your Stuff
Make sure you brush up on the latest trends in information security and be ready to discuss your experience with frameworks like PCI-DSS. Being able to talk confidently about your past roles and how they relate to the responsibilities of the Information Security Manager will show that you're the right fit.
✨Showcase Your Communication Skills
Since you'll be working with both technical and non-technical stakeholders, practice explaining complex security concepts in simple terms. Prepare examples of how you've successfully communicated security risks and solutions in previous roles to demonstrate your ability to bridge the gap between teams.
✨Prepare for Scenario Questions
Expect questions that ask how you would handle specific security incidents or compliance challenges. Think through real-life scenarios you've faced and be ready to explain your thought process, the actions you took, and the outcomes. This will highlight your problem-solving skills and practical experience.
✨Demonstrate Your Passion for Security
Show your enthusiasm for staying updated on emerging threats and best practices in information security. Mention any relevant certifications you hold, ongoing training, or industry events you've attended. This will convey your commitment to continuous improvement and keeping the organisation secure.
