At a Glance
- Tasks: Lead InfoSec initiatives, manage compliance, and foster a security-first culture.
- Company: Join The Key, a trusted provider transforming education with impactful resources.
- Benefits: Enjoy flexible hours, generous holiday allowance, free breakfast, and regular socials.
- Other info: Open to candidates who are eager to learn, even if they don't meet all qualifications.
- Why this job: Make a real impact in education while developing your skills in a supportive environment.
- Qualifications: Experience in InfoSec and compliance, knowledge of ISO27001, and strong communication skills required.
The predicted salary is between 43200 - 72000 £ per year.
Are you looking for an InfoSec role in a fast-growing business where people are at the heart of everything we do?
Would you like to work within a socially conscious organisation that is making a real impact in the education sector?
The company
The Key is the country’s most trusted provider of knowledge and know-how to education leaders determined to make a difference. We provide authoritative, up-to-the-minute sector intelligence, tools, services and resources that give leaders the knowledge to act.
The role
We are looking for a InfoSec & Compliance Manager to join our IT team. This person will take ownership of The Key\'s Information Security Management System (ISMS) and cultivate an environment that balances robust security with effective user enablement. You will
1. Governance & Risk
- Own and evolve the Information Security Management System (ISMS) for this business unit, keeping us aligned to ISO 27001, Cyber Essentials Plus and data-protection law aligned as appropriate to other BUs and Group activities.
- Maintain the enterprise risk register: identify, assess, prioritise and track remediation of InfoSec and compliance risks
- Lead internal / external audits and certifications, coordinating evidence collection and driving closure of findings.
- Manage the full policy lifecycle - draft, review, publish and socialise security and compliance policies.
- Report security metrics and risk posture to the Exec and Board, translating technical risk into clear business impact.
2. Security Operations
- Oversee day-to-day security operations across our Microsoft stack (Entra ID, Intune, Defender) and key SaaS platforms.
- Act as Incident Manager for security events: coordinate investigation, containment, eradication, recovery and lessons learned.
- Run the vulnerability-management programme - scans, penetration tests, prioritisation and remediation tracking.
- Conduct supplier due-diligence and ongoing security reviews, embedding robust clauses into new and renewal contracts.
- Own access governance for critical systems, working with colleagues and automating joiner-mover-leaver controls and periodic privilege reviews.
3. Enablement & Culture
- Design and deliver engaging security-awareness initiatives that build a security-first mindset across the organisation.
- Support colleagues and business owners to ensure we build and adhere to processes that bring policies to life.
- Advise product and engineering teams, embedding “secure-by-design” principles into the SDLC and change management.
- Lead business-continuity and disaster-recovery planning, tabletop exercises and continuous improvement.
- Monitor emerging threats, regulatory changes and best practice; translate insights into a forward-looking security roadmap.
- Mentor colleagues and nurture a network of “security champions”, fostering a collaborative, growth-oriented culture.
The ideal person
- Understanding of modern security principles and knows what “good enough” looks like.
- Extensive experience in a hands-on InfoSec SME role.
- Considerable experience in a hands-on Compliance role, including maintaining ISO27001 or similar.
- Demonstrable knowledge and experience in delivering end-to-end Governance and Risk Management alongside core InfoSec and Compliance requirements.
- Experience with data protection regulations (e.g., GDPR, DPA) and their implementation.
- Experience with conducting internal and external audits.
- Ability to communicate risk and compliance issues to technical and non-technical stakeholders.
- Knowledge and experience with the Microsoft security stack (EntraID, Intune, Defender)
- Experience with business continuity planning and disaster recovery.
- Strong problem-solving and troubleshooting skills.
- Excellent communication and collaboration skills.
- Ability to work effectively in a fast-paced environment.
If you don’t meet all of the above but have a genuine interest in joining our team please get in touch - we’d be very happy to chat.
Why work for us
We place huge importance on caring for and developing our people. If you join us you can expect a good work-life balance and the training and support you need to succeed in your role and continue to progress. We are a socially conscious company, but one that also likes to have fun. We offer a generous holiday allowance, flexible hours, buying and selling holiday, enhanced maternity pay, free breakfast, fruit, and drinks, regular socials and much more.
How to apply
Please upload your CV [and covering letter] below. In your cover letter please explain why you think you would be right for this role, how your experience fits, and why you would like to work at The Key
The deadline for applications is 5pm on Friday 22nd August.
If you have any questions please email recruitment@thekeysupport.com.
InfoSec & Compliance Manager in Gateshead employer: The Key Group
The Key is an exceptional employer that prioritises the well-being and development of its employees, offering a supportive work culture where individuals can thrive. With a strong focus on social impact in the education sector, employees enjoy generous benefits such as flexible working hours, enhanced maternity pay, and regular social events, all while contributing to meaningful initiatives. The company fosters a collaborative environment that encourages professional growth and innovation, making it an ideal place for those passionate about information security and compliance.
StudySmarter Expert Advice🤫
We think this is how you could land InfoSec & Compliance Manager in Gateshead
✨Join Compliance Communities
Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!
✨Attend Industry Conferences
Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.
✨Leverage Your University Career Services
If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.
✨Showcase Your Knowledge Online
Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like The Key Group looking for candidates who are engaged and informed.
We think you need these skills to ace InfoSec & Compliance Manager in Gateshead
Some tips for your application 🫡
Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!
Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.
Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!
Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at The Key Group. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!
How to prepare for a job interview at The Key Group
✨Master the Regulations
Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!
✨Show Your Analytical Skills
Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!
✨Know Your Tools
Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!
✨Align with Company Culture
Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with The Key Group’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!
