At a Glance
- Tasks: Lead the merger of ISMS frameworks and enhance security processes across the organisation.
- Company: Purpose-driven UK organisation focused on innovative solutions for communities.
- Benefits: 12-month contract with potential extension, collaborative culture, and impactful work.
- Other info: Opportunity to shape a robust security culture in a dynamic environment.
- Why this job: Make a real difference in information security while working with diverse stakeholders.
- Qualifications: Experience in ISO 27001, risk management, and stakeholder communication.
The predicted salary is between 60000 - 75000 € per year.
Contract: 12-month FTC, with possibility of extension
About the Opportunity
Join a UK-based, purpose-led organisation working with public, private and third sector partners to design, test and scale practical innovations that improve outcomes for people and communities. The organisation is merging two existing Information Security Management Systems into one coherent Group-wide framework. The security strategy is already in place, so this role is focused on execution, delivery, stakeholder management and clear communication. It will suit a hands-on player-manager who can improve processes, embed controls and coordinate audit readiness across a complex, multi-entity environment.
Key Requirements
- ISO 27001, ideally including ISO 27001:2022
- Cyber Essentials and Cyber Essentials Plus
- ISMS management, implementation and continuous improvement
- Internal and external audit preparation, evidence gathering and remediation
- Information security risk management, asset registers and risk logs
- Corrective action tracking, incident management and practical controls
- GDPR, Data Protection Act awareness and wider data protection implications
- Stakeholder management, communication and influencing without direct authority
- Working across multiple entities, departments or subsidiaries
- Supplier and third-party security assessments
Desirable:
- NIST, CISM or similar security qualifications
- Prior experience merging or aligning ISMS frameworks would be a significant advantage.
Role & Responsibilities
- Support the merger of two existing ISMS frameworks into one Group-wide model
- Reduce duplication, clarify ownership and improve visibility across entities
- Deliver against the existing Information Security roadmap
- Embed security controls into day-to-day business processes
- Support ISO 27001, Cyber Essentials and Cyber Essentials Plus audit activity
- Coordinate audit readiness, staff preparation, evidence collection and remediation
- Maintain security policies, standards, risk logs, asset registers and treatment plans
- Support Information Security Management Reviews and governance reporting
- Manage corrective actions and improve tracking of risks, incidents and actions
- Work closely with IT, Technical Architecture, Finance, Legal and business stakeholders
- Support supplier security reviews, incident response, BCP and disaster recovery activity
Why Join?
A visible and practical Group Information Security Manager role focused on delivery, not just policy ownership. You will help merge and mature the organisation’s ISMS framework, improve audit readiness, strengthen controls and embed a clear, practical security culture across a collaborative, purpose-led organisation.
Group Information Security Manager employer: Walsh Employment
Join a purpose-led organisation that prioritises meaningful impact and collaboration across public, private, and third sector partners. As a Group Information Security Manager, you will thrive in a supportive work culture that values hands-on leadership and offers ample opportunities for professional growth, all while contributing to the enhancement of community outcomes. With a focus on practical execution and stakeholder engagement, this role provides a unique chance to shape the future of information security within a dynamic and innovative environment.
StudySmarter Expert Advice🤫
We think this is how you could land Group Information Security Manager
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their current projects and challenges, especially around information security. We want you to show them that you’re not just a fit for the role, but also for their team and mission.
✨Tip Number 3
Practice your communication skills! As a Group Information Security Manager, you’ll need to influence without authority. We suggest doing mock interviews with friends or mentors to refine how you present your ideas and experiences clearly and confidently.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Group Information Security Manager
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the job description. Highlight your experience with ISO 27001 and any relevant security qualifications. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for the Group Information Security Manager role. Share specific examples of how you've successfully managed ISMS frameworks or improved security processes.
Showcase Your Stakeholder Management Skills:Since this role involves a lot of communication and collaboration, make sure to highlight your experience in managing stakeholders. We love seeing how you’ve influenced others and worked across different departments!
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep everything organised and ensures your application gets the attention it deserves!
How to prepare for a job interview at Walsh Employment
✨Know Your ISO 27001 Inside Out
Make sure you’re well-versed in ISO 27001, especially the latest updates. Be ready to discuss how you've implemented or improved ISMS frameworks in the past. This will show your hands-on experience and understanding of the standards they’re looking for.
✨Showcase Your Stakeholder Management Skills
Prepare examples of how you've effectively communicated and influenced stakeholders without direct authority. This role requires strong collaboration across various departments, so demonstrating your ability to manage relationships is key.
✨Be Ready for Audit Talk
Brush up on your audit preparation skills. Be prepared to discuss your experience with internal and external audits, including evidence gathering and remediation processes. Highlight any specific instances where you’ve coordinated audit readiness successfully.
✨Demonstrate Your Practical Approach
This role is all about execution and delivery, so be ready to share practical examples of how you've embedded security controls into daily business processes. Show them that you’re not just about policies but also about making things happen.
