Information Security Manager in Cheadle

Job Description

Reporting to the Chief Information Security Officer, you will play a critical role in supporting the development and continuous improvement of our Information Security governance, risk management, and assurance framework.

You will be a seasoned Information Security professional able to support and maintain governance and leading frameworks such as NIST CSF and the UK Cyber Assessment Framework (CAF) to identify, assess and manage risks across the Group. You will develop risk metrics (KPIs/KRIs). However, what is critical for the role is the ability to deliver security training and awareness programmes as well as leading third‑party cyber, information and AI security due diligence. This would include ongoing monitoring of risks and incidents. The role also involves supporting audits, driving continuous improvement across policies and controls, and implementing monitoring solutions using Microsoft Purview and DLP. Working closely with the CISO and Cyber Security team, you will contribute to governance, reporting and incident response, while building strong stakeholder relationships across IT, Risk and the wider business.

Responsibilities

• Maintain and enhance Information Security governance frameworks aligned to NIST CSF and CAF
• Define and report on security risk metrics, KPIs and KRIs
• Identify and assess Information Security risks across business and technology environments
• Deliver engaging security awareness and training programmes
• Conduct third‑party cyber, information and AI security due diligence
• Support audit and assurance activities, including evidence collation
• Drive continuous improvement across policies, processes and controls
• Support Microsoft Purview and DLP monitoring capabilities
• Partner with the CISO on governance, reporting and incident response activities

Qualifications

You are a proactive and detail‑oriented Information Security professional with experience working in regulated environments and a passion for improving security maturity.

Essential Experience

• Proven experience in third‑party security due diligence
• Experience delivering Information Security training and awareness
• Hands‑on experience with Microsoft Purview and DLP
• Strong understanding of risk management and governance
• Experience working within regulated environments
• Experience developing policies, processes and standards
• Knowledge of cloud and SaaS‑based environments

Desirable

• CISM or equivalent certification
• Strong presentation and stakeholder engagement skills
• Experience reviewing technical security designs

Benefits

• Based in Cheadle (SK8 3GW) – Monday to Friday
• 26 days holiday, plus a day off for your birthday (increasing to 30 days with service), plus bank holidays
• Free access to company holiday homes
• Buy & sell holidays
• Discretionary annual bonus plus an additional Shared Reward Bonus
• Matched pension contribution
• Health cash plan plus Private medical insurance
• Life assurance and Critical illness cover
• Travel season ticket loans and Ride to work scheme
• Free local gym access
• Local bar / restaurant discounts

Additional Information

If you feel you have some of the skills mentioned above, but not all, please do still apply and we would be happy to have a further discussion with you regarding your suitability for the role.

Together embraces diversity and inclusion, and we are proud to be an equal opportunity workplace. We welcome and celebrate differences and value our colleagues for who they are. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills.

If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please let us know when completing your application so we can help you be at your best.