Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage security and privacy activities, ensuring compliance and protecting data.
- Company: Join a friendly IT consultancy that values trust and collaboration.
- Benefits: Enjoy unlimited holidays, flexible working, and private healthcare.
- Why this job: Make a real impact on security and privacy while growing your career.
- Qualifications: Five years in Information Security with ISO27001 knowledge required.
- Other info: Diverse and inclusive workplace with excellent development opportunities.
The predicted salary is between 36000 - 60000 £ per year.
Who you’ll be joining
We’re problem solvers at heart. Sometimes the answer is technology, sometimes it is strategy, and sometimes it is a strong cup of tea and a bit of thoughtful conversation. Whatever it takes, we work it out with our clients. We’re an IT consultancy that helps organisations get the best out of their technology. That means keeping them secure and keeping the bad guys out, making sure everything works and is easy to use, and doing smart things with data and software to give their business an edge. It is important work, and we care about doing it well and for the right reasons. Life at Waterstons is friendly, flexible and built on trust. We hire people who are curious, thoughtful and good at getting to the heart of a problem. You get support, trust and room to grow in a place that still feels human. The unlimited holidays and private healthcare are a nice touch, although most people stay because it feels like the right place to do good work with good people.
What You’ll Be Doing
As our Security & Privacy Manager, you will be responsible for the day to day management of Waterstons Information Security, Data Protection and wider business compliance activities. You will work closely with colleagues across the business including Systems & Facilities, People & Culture and senior stakeholders, providing guidance and support to ensure we maintain strong security and privacy standards. You will also take ownership of Waterstons ISO27001 management and provide advice across the organisation on all aspects of information security and data protection. On occasion you may support with client related matters where required. This role requires someone who can think strategically as well as operationally, considering how decisions may impact business risk, reputation and compliance status, while driving continual improvement across the organisation.
Your Day-to-Day
- Managing and completing security and privacy activities in a timely and thorough way
- Maintaining Information Security and ISO27001 documentation and records including policies, registers, incidents, risks, supplier due diligence and audits
- Maintaining Data Protection documentation and records including privacy notices, registers, rights requests, agreements, asset registers and data maps
- Assessing and managing security and privacy risk across the business, identifying appropriate remediation actions while taking a pragmatic and balanced approach
- Managing incidents and breaches including triage, investigation, mitigation and communications
- Managing internal and external audits
- Supporting supplier due diligence alongside the Purchasing Manager
- Advising and supporting colleagues across the business on security and privacy matters at all levels
- Working with People & Culture on employee security related activities
- Working with Facilities on physical security controls
- Managing priorities and workload independently, adapting as business needs change
- Keeping up to date with emerging security and privacy developments across Waterstons locations
- Driving continual improvement across security, privacy and compliance practices
- Supporting wider compliance requirements across the business where required
What we’re looking for
If some (or most) of the following sound like you, we’d love to hear from you:
- At least five years experience in Information Security with a strong understanding of ISO27001 controls and best practice
- Degree level education or equivalent industry experience
- Solid IT foundation knowledge including Microsoft 365, SharePoint, Office applications and an understanding of Active Directory and security tools
- Experience in risk assessment and incident management with the ability to consider wider business implications
- Data Protection Practitioner certification and or practical experience of Data Protection management and UK GDPR
- Strong attention to detail combined with the ability to make pragmatic, risk based decisions
- A willingness to learn, develop and expand your knowledge
- Excellent customer service mindset and stakeholder engagement skills
- Strong communication skills with a calm, approachable and adaptable style, with the ability to be firm and decisive when required
Nice to have
- ISO27001 Lead Auditor or Implementer qualification
- Experience or familiarity with frameworks such as Cyber Essentials, NIST, NIS, CAF or SOC2
- Wider knowledge of information security standards and best practice
- Security certifications such as CISSP, CISM or CISA
- Experience reviewing legal agreements relating to security and data protection
- Experience writing or reviewing policies
- Experience participating in internal or external ISO audits
- Experience developing or delivering training
- Broader technical knowledge of IT systems and security controls
How We Take Care of You
As well as offering a competitive salary, we have an attractive benefits package including:
- A healthy work life balance with flexible and agile working being the norm
- Unlimited holiday allowance
- EV car scheme (salary sacrifice)
- Room to grow with supported development opportunities and sponsored training
- Enhanced family policies
- If you ever need it, company sick pay and life assurance
- Supported wellbeing with regular initiatives, an employee assistance programme and private medical insurance
- Flexible benefits such as a dental scheme, eye care support, season ticket loan and cycle to work
We require a security check to be carried out on all colleagues due to the nature of some of our clients’ industries.
Waterstons is committed to creating an inclusive, understanding, and flexible place to work. We value diversity, equality and inclusion and encourage everyone to 'bring their whole selves' to work. We believe that a company that works to truly embrace and value diversity, create an environment where everyone from any background can do their best work, and feel valued and appreciated is a better company to work for.
Privacy Statement
Waterstons are gathering the data in this application for the purpose of recruitment and to ensure we can contact you regarding this application. For information about what we do with your personal data see our Privacy Notice.
Security & Privacy Manager in North East employer: Waterstons Limited
Contact Detail:
Waterstons Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security & Privacy Manager in North East
✨Tip Number 1
Network like a pro! Reach out to people in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their values and how they align with your own. This will help you show that you're not just a fit for the role, but for the team too!
✨Tip Number 3
Practice your responses to common interview questions, especially those related to security and privacy. Use the STAR method (Situation, Task, Action, Result) to structure your answers and showcase your experience effectively.
✨Tip Number 4
Don’t forget to follow up after your interview! A simple thank-you email can leave a lasting impression and keep you top of mind. Plus, it shows your enthusiasm for the role and the company.
We think you need these skills to ace Security & Privacy Manager in North East
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Security & Privacy Manager role. Highlight your experience with ISO27001 and data protection, as well as any relevant certifications. We want to see how your skills align with what we do!
Show Your Problem-Solving Skills: In your application, share examples of how you've tackled security challenges in the past. We love problem solvers, so let us know how you think strategically and operationally to keep things secure and compliant.
Be Personable: We value a friendly and approachable style, so don’t be afraid to let your personality shine through in your writing. Show us that you’re not just about the technical stuff but also about building relationships and engaging with colleagues at all levels.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team at Waterstons!
How to prepare for a job interview at Waterstons Limited
✨Know Your Stuff
Make sure you brush up on ISO27001 controls and best practices. Familiarise yourself with the specific security and privacy challenges that Waterstons faces, and be ready to discuss how your experience aligns with their needs.
✨Show Your Problem-Solving Skills
Since they value problem solvers, prepare examples of how you've tackled security issues in the past. Think about times when you had to balance risk with business needs and be ready to share those stories.
✨Engage with Stakeholders
Highlight your experience in stakeholder engagement. Be prepared to discuss how you've successfully communicated complex security concepts to non-technical colleagues and how you can support various teams at Waterstons.
✨Stay Current
Keep up to date with the latest trends in information security and data protection. Mention any recent developments or frameworks you've been following, and express your eagerness to bring that knowledge to the role.