Be at the heart of actionFly remote-controlled drones into enemy territory to gather vital information.

Apply Now

Information Security and Compliance Manager

London
4 days ago
Create job alert

I am currently working with a Charity who are seeking a Head of Information Security and Compliance. You will join an ambitious, focused and dynamic team who are passionate about how technology can enable our staff to deliver incredible support to the armed forces community.

Role Purpose:
The Information Security and Compliance Manager is responsible for developing, implementing, and maintaining security policies, procedures, and controls to protect the data and systems. They will play a pivotal role in the management and containment of security incidents, ensuring continuous improvement in their security posture while raising awareness for staff, volunteer and member communities. The post holder will lead on activities that assess, report and mitigate risk associated with third parties with the focus being to protect the confidentiality, integrity, and availability of information assets.

Key Responsibilities:
Information Protection

Take responsibility for their information and data protection policies, practices and settings to include sensitivity labels, data retention policies and data loss protection policies
Collaborate with the Head of Risk, DPO and VCISO to identify and manage information security risks and mitigating controls
Lead the wider business areas to ensure security policies and procedures are embedded in all business processes.
Take an active role in in the containment and reporting of information security incidents, including detection, response, remediation and communication.Third Party risk management

Lead on the design and implementation of robust processes for reviewing & addressing the data security posture of third-party suppliers.
Take a leading role in managing relationships with vendors and service providers to assess compliance with security and data protection policies and standards.Policy, Audit & Reporting

Take the lead on the review process for information security policies working to agreed re-view schedules. Ensure all policies are published and made available to all staff and volunteers increasing awareness among these groups.
Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001.
Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents.Knowledge & Experience

Significant proven experience in information security and compliance management.
Familiarity with ITIL practices and risk management methodologies.
Significant proven experience with cyber security incident management and response
Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001
Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview)
Experience of managing projects through to completionSkills & Attributes

Excellent problem-solving skills and the ability to provide technical expertise and advice - Strong all round technical skills
Strong communication and collaboration skills & proven ability to work effectively with various departments including senior leaders.
Ability to explain technical solutions to a non-technical audience
Ability to manage and organise own workload and be flexible and ready to adapt to changing demands
Strong analytical skills with the proven ability to (use) on the data available to inform decisions and actionsQualifications
Certified in one of the following:

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)

Related Jobs

View all jobs

Security Compliance Manager

Compliance Manager

Security Compliance Analyst

Graduate Compliance Manager

Information Security Manager

Security Governance Risk and Assurance Manager

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Cyber Security Recruitment Trends 2025 (UK): What Job Seekers Must Know About Today’s Hiring Process

Summary: UK cyber security hiring has shifted from title‑led CV screens to capability‑driven assessments that emphasise incident readiness, cloud & identity security, detection engineering, governance/risk/compliance (GRC), measurable MTTR/coverage gains & secure‑by‑default engineering. This guide explains what’s changed, what to expect in interviews, & how to prepare—especially for SOC analysts, detection engineers, blue/purple teamers, penetration testers, cloud security engineers, DFIR, AppSec, GRC & security architecture. Who this is for: SOC & detection engineers, security operations leads, DFIR analysts, penetration testers/red teamers, purple teamers, AppSec/DevSecOps engineers, security architects, cloud security engineers, identity/IAM engineers, vulnerability managers, GRC/compliance specialists, product security & security programme managers targeting roles in the UK.

Jobs

Why Cyber Security Careers in the UK Are Becoming More Multidisciplinary

Cyber security used to be viewed primarily as a technical discipline: firewalls, encryption, intrusion detection, penetration testing. In the UK today, it’s far broader. Organisations now face complex legal frameworks, ethical dilemmas, human-behaviour risks, communication challenges & usability hurdles. This shift means cyber security careers are becoming more multidisciplinary. From protecting NHS patient records to defending financial services, securing supply chains & safeguarding national infrastructure, cyber security now touches every sector. Employers increasingly want professionals who understand law, ethics, psychology, linguistics & design alongside traditional technical skills. In this article, we’ll explore why UK cyber security careers are expanding in this way, how these five disciplines shape the profession, and what job-seekers & employers need to know to thrive in this new landscape.

Jobs

Cyber Security Team Structures Explained: Who Does What in a Modern Cyber Security Department

Cyber security has become a top priority for UK organisations of all sizes. From small businesses to financial institutions, healthcare providers, and government bodies, the risk of cyber attack is now a constant concern. Threats are more sophisticated, regulations more demanding, and customers more aware of data privacy than ever before. But defending against cyber threats isn’t simply about having the right tools — it’s about having the right team. A modern cyber security department relies on clearly defined roles and responsibilities to ensure that defences are proactive, incidents are managed swiftly, and compliance is maintained. This article explains the structure of a modern cyber security team, the roles you’ll typically find within it, how they collaborate, and what skills, qualifications, and salaries are expected in the UK job market.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.