Information Security Manager

Salary:£70,000 to £80,000

Location:Remote

Security Clearance: Eligible forSC/DVclearance

About the role

We are looking for a cybersecurity subject matter expert to provide technical advice to internal staff on cybersecurity best practices, risk management, and incident management.

This hands-on role focuses on governance, risk, and compliance, including developing and updating security policies, delivering training, and providing clear, practical security guidance acrossTwinStream.

You will work independently, driving day-to-day security activities and helping build a strong security culture, while enabling teams to deliver securely.

Key Responsibilities

• Provide technical information security expertise to projects, services, and business initiatives, including developing or contributing to Security Management Plans
• Manage information security incidents and security risks across the organisation
• Own andmaintainthe Information Security Management System (ISMS), including creating and updating policies, procedures, and guidance
• Ensure adherence to information security policies and standards
• Drive a programme of continuous information security improvement
• Embed and promote a positive security culture across the business
• Ensure compliance with relevant certifications and regulatory requirements, including ISO 27001, Cyber Essentials Plus, UK GDPR/Data Protection Act, and MOD CSM v3 and v4
• Assist withsecurityaudits (internal, external, customer, and penetration testing), managing evidence collection and tracking findings through to resolution
• Design and deliver information security training and awareness activities
• Contribute to Business Continuity, Disaster Recovery, and internalauditactivities
• Act as the primary point of contact for information security acrossTwinStream

Key Skills

• Proven experience in an Information Security Manager or similar role, including security incident management, risk management, security governance, andprovidingpractical information security guidance
• Experience embedding information security into the design, development, and delivery of software-based solutions, including secure development practices, cloud services, and integrated platforms
• Previousexperience in asoftware development or defence environment
• Understanding of recognised information security frameworks and certifications, particularly ISO 27001 and Cyber Essentials Plus
• Good knowledge of relevant UK legislation and regulatory requirements
• Comfortable working remotely (within the UK) in a flexible, fast-paced environment
• Strong organisational skills with the ability to manage priorities effectively
• Excellent written and verbal communication skills, with the ability to tailor messaging for different audiences
• Relevant professional certifications such as CISSP (highly desirable), CISM, or ISO 27001 Lead Implementer/Auditor
• Ability and willingness to undergo UK Security Clearance (minimumSC level)

Desired Skills

• Experience in information security roles within the UK defence sector, national security sector, or other highly regulated industries
• Existing UK Security Clearance (SC)
• Familiarity with MOD security frameworks, including CSM v3 and v4, IPSA, and FSC
• Experience using the Atlassian suite, particularly Jira
• Demonstrated experience in managing security incidents and leading incident response teams.
• Ability to present and be the focal point for security matters across the business.
• Experience in supporting the security controller role in various security frameworks.
• Understanding of insider threat operational and governance requirements, and experience in applying them.

#J-18808-Ljbffr…