Information Security Specialist

Information Security Specialist

Based in Stoke

Permanent Opportunity

Salary between £55,000 - £60,000 per annum

up to 1-2 days a week remote

*Please note this role requires Security Clearance

Job Description

The Information Security Manager will play a key role in defining, managing and ensuring the company is compliant with all aspects of IT security. The role will support the delivery of a variety of innovative, accreditable, cost efficient and profitable solutions to comply with the security classification system. These solutions are operated at a variety of company and customer's premises and are the foundation for the Company's secure managed ICT services to public sector customers.


  • Mentor junior members of the security team.

  • Lead the security accreditation and assurance processes for new and enhanced services which the company offer to our customers.

  • Planning Information Assurance Capability:

  • Develop and maintain Information Security Management System (ISMS) to best support the Company's activities, including Risk Management and Accreditation Document Sets and Company Security Policies.

  • Examine any risks to the Company's information security and put in place policies to manage those risks.

  • Develop, maintain and continually improve a set of controls and measures to manage any threats to information assets.

  • Plan and maintain compliance with the variety of security requirements that the Company meets.

  • Monitoring Information Assurance

  • Coordinate and implement all protective security activities including physical security.

  • Accountable for information governance, including annual assessments and risk management.

  • Monitor the operation of the Company's Information Security Management System.

Implementing Information Assurance:

  • Perform the role of Incident Manager during any security incidents and emergencies, ensuring that all business recovery/contingency plans and/or procedures are actioned accordingly.

  • Act as focal point for any investigations involving security; to prepare reports and note follow up action. Report any significant security breaches to the to the Operations Board; undertake full investigation; recommend remedial course of action.

  • Manage the Company's Information Security awareness, education and training programme.

  • Maintain and develop relationships with appropriate suppliers, including consultants and service providers.

  • To be the Company's Security Controller, providing advice as necessary and implementing company security policy.

Qualifications (Essential)

  • CISSP/CISA/ CISM desirable or equivalent professional experience.

  • Must hold or be able to gain national security clearance to the Developed Vetting level.

  • To meet government policy requirements, must be a British national.

Skills and Experience.

  • Experience in risk and regulatory frameworks and standards, such as NIST, ISO27001, MOD JSP440, JSP604 (Essential)

  • Proven track record in Information Security and Assurance and deploying continuous improvement initiatives. (Essential)

  • Initiative and pro-activity, matched by an ability to be a strong member of a team. (Essential)

  • Willingness to work flexibly in response to changing organisational requirements. (Essential)

  • Solid communications skills - including the ability to influence employee behaviour and perceptions. The best security policies won't be effective without buy-in from all employees; (Essential)

  • A keen understanding of technology and the ability to leverage this knowledge to implement effective security solutions (Preferable)

  • Experience of managed service environments, with an awareness of ITIL best practice. (Preferable)