Senior Information Security Administrator

My client is hiring an Information Security Lead to help shape and implement its cybersecurity operations, governance, and risk framework. Reporting to the IT Operations & Security Manager, this role is critical in maintaining the organisation's security posture, ensuring compliance, and supporting ongoing IT service resilience.

Key Responsibilities

Oversee third-party security tools and services (e.g. firewalls, IDS/IPS, endpoint protection) and monitor vendor SLA adherence.
Conduct risk assessments, maintain the security risk register, and manage remediation activities.
Lead incident response processes including detection, containment, investigation, and resolution.
Develop, implement, and maintain information security policies, procedures, and standards.
Ensure compliance with ISO 27001, NIS2, and other regulatory requirements; manage documentation and audits.
Coordinate change, risk, and incident management activities across IT security functions.
Support secure design and delivery of IT projects and solutions.
Manage internal security testing schedules and ensure timely execution and review.
Deliver cybersecurity awareness initiatives, training sessions, and effectiveness reporting.
Collaborate with vendors and contribute to security procurement and tendering processes.
Monitor emerging threats and recommend improvements to maintain a strong security posture.
Contribute to the development of long-term IT security strategy and continuous improvement efforts.Qualifications and Experience

Degree in Computer Science, Information Security, or a related field.
Minimum 5 years' experience in IT security roles, ideally within regulated or public sector environments.
Solid knowledge of ISO 27001 and related frameworks; experience with certified environments.
Strong understanding of risk, incident, and change management.
Familiarity with security technologies such as SIEM, MFA, encryption, and vulnerability management.
Ability to communicate technical issues clearly to non-technical stakeholders.Preferred

Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer.
Project management qualifications (Agile, PMP, or Prince2).
Understanding of public sector IT governance and regulatory requirements.
Knowledge of current threat landscapes, business continuity, and cyber resilience practices.GCS is acting as an Employment Agency in relation to this vacancy