At a Glance
- Tasks: Lead the merger of Information Security Management Systems and enhance security processes.
- Company: Purpose-led organisation focused on practical innovations for communities.
- Benefits: Competitive salary, excellent benefits, hybrid working, and flexible hours.
- Other info: Opportunity for career growth in a dynamic, multi-entity setting.
- Why this job: Make a real impact on security culture in a collaborative environment.
- Qualifications: Experience in Information Security management and strong stakeholder skills.
The predicted salary is between 60000 - 65000 € per year.
Location: Blackfriars, London hybrid
Salary: £60-65K plus excellent benefits package
Contract: 12-month fixed term contract, with possibility of extension
About the Opportunity
Our client is a UK-based, purpose-led organisation that partners with public, private and third sector bodies to design, test and scale practical innovations that improve outcomes for people and communities. They are now seeking an experienced Group Information Security Manager to join their IT team. This is an elevated Manager-level role, created to support the merger of two existing Information Security Management Systems into one coherent Group-wide framework. The Information Security strategy is already in place, so this role is focused on execution, delivery, stakeholder management and clear communication. It will suit a hands-on player-manager who can improve processes, embed controls, coordinate audit readiness and bring people with them across a complex, multi-entity environment.
Key Requirements
- You will be an experienced Information Security Manager, ISMS Manager, Information Security Lead, Cyber Security Governance Manager or similar, with strong practical experience across security governance, risk, compliance, audit readiness and ISMS delivery.
- Strong experience managing Information Security in a complex organisation or group structure.
- Excellent knowledge of ISO 27001, ideally including ISO 27001:2022.
- Experience with Cyber Essentials and Cyber Essentials Plus.
- Strong understanding of ISMS management, implementation and continuous improvement.
- Experience supporting or leading internal and external audits.
- Ability to manage audit preparation, evidence gathering, remediation and follow-up actions.
- Strong knowledge of information security risk management, asset registers, risk logs and treatment plans.
- Experience improving practical security processes, controls and reporting.
- Working knowledge of GDPR, the Data Protection Act and wider data protection implications.
- Experience with incident management, corrective actions and remediation tracking.
- Strong stakeholder management skills, with the ability to influence without direct authority.
- Experience working across multiple entities, departments or subsidiaries would be highly valuable.
- Prior experience merging or aligning ISMS frameworks would be a significant advantage.
- Desirable knowledge of NIST and qualifications such as CISM.
You will be a clear communicator, practical problem solver and organised delivery-focused professional who can balance governance requirements with real-world implementation.
Role & Responsibilities
- As Group Information Security Manager, you will support the continued maturity of Information Security across the organisation and its subsidiaries, with a strong focus on implementation and operational delivery.
- Supporting the merger of two existing ISMS frameworks into one Group-wide model.
- Helping to reduce duplication, clarify accountability and improve visibility across entities.
- Delivering against the existing Information Security roadmap.
- Embedding Information Security into day-to-day business processes and decision-making.
- Translating security requirements into clear, proportionate and usable guidance for staff.
- Supporting compliance and audit activity for ISO 27001, Cyber Essentials and Cyber Essentials Plus.
- Coordinating audit preparation, staff readiness, evidence collection and remediation activity.
- Acting as a key point of contact for external auditors and certification bodies.
- Preparing and supporting Information Security Management Reviews.
- Supporting the cross-organisational Security Forum and Audit and Risk Committee reporting.
- Maintaining Information Security policies, standards, risk logs, asset registers and treatment plans.
- Conducting security reviews and assessments across the organisation.
- Managing the Corrective Action Plan and improving tracking of risks, incidents and actions.
- Supporting third-party and supplier security assessments, including cloud-based services.
- Investigating and coordinating responses to Information Security incidents.
- Working closely with IT, Technical Architecture, Finance, Legal and business stakeholders.
- Supporting Business Continuity Planning, Disaster Recovery Planning and resilience testing.
Why Join?
This is an excellent opportunity to step into a visible Group Information Security Manager role where the focus is on practical delivery, not just policy ownership. You will play a key part in merging and maturing the organisations ISMS framework, improving audit readiness, strengthening controls and helping embed a clear, practical security culture across a purpose-led organisation. The role offers hybrid working from Blackfriars, London, flexible working options and the chance to make a meaningful impact across a collaborative, multi-entity environment.
Group Information Security Manager in City of London employer: Walsh Employment
Join a purpose-led organisation in Blackfriars, London, where you can make a meaningful impact as a Group Information Security Manager. With a strong focus on practical delivery and employee growth, the company offers a collaborative work culture, hybrid working options, and an excellent benefits package, making it an attractive employer for those looking to advance their careers in information security.
StudySmarter Expert Advice🤫
We think this is how you could land Group Information Security Manager in City of London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We can’t underestimate the power of personal connections when it comes to landing that Group Information Security Manager role.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001 and Cyber Essentials. We recommend creating a list of potential questions based on the job description and practising your responses. This will help you feel confident and ready to showcase your expertise during the interview.
✨Tip Number 3
Showcase your hands-on experience! When discussing your past roles, focus on specific examples where you improved security processes or managed audits. We want to see how you’ve made a tangible impact in previous positions, especially in complex environments.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search. Let’s get you that Group Information Security Manager position!
We think you need these skills to ace Group Information Security Manager in City of London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the Group Information Security Manager role. Highlight your experience with ISMS, ISO 27001, and any relevant certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Share specific examples of how you've improved security processes or managed audits in the past. Let us know why you’re excited about joining our team!
Showcase Your Communication Skills:As a Group Information Security Manager, clear communication is key. In your application, demonstrate your ability to convey complex information simply. Whether it's in your CV or cover letter, we want to see how you can engage stakeholders effectively.
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get all the updates. Plus, it shows you're keen on joining our purpose-led organisation!
How to prepare for a job interview at Walsh Employment
✨Know Your ISMS Inside Out
Make sure you’re well-versed in the existing Information Security Management Systems and how they function. Be ready to discuss your experience with ISO 27001 and any relevant frameworks, as this will show you understand the complexities of merging systems.
✨Showcase Your Stakeholder Skills
Prepare examples that highlight your ability to manage stakeholders effectively. Think about times when you’ve influenced decisions without direct authority, as this role requires strong communication and relationship-building skills across various departments.
✨Be Audit-Ready
Brush up on your audit preparation techniques. Be prepared to discuss your experience with internal and external audits, including how you’ve gathered evidence and followed up on remediation actions. This will demonstrate your hands-on approach to compliance.
✨Practical Problem Solving
Think of specific instances where you’ve improved security processes or controls. Be ready to share how you tackled real-world challenges in information security, as this role is all about practical delivery and operational effectiveness.
