iO Associates are working closely with a growing consultancy in the NS&D sector, seeking an experienced Information Assurance Security Manager to strengthen their cybersecurity posture.

This is an initially 12 months contract with the potential to be extended beyond. Due to the exciting nature of the role, you must hold and active UK*C DV Clearance to be eligible.

The role requires a proactive professional to develop and enforce security policies, risk management strategies, and compliance frameworks while collaborating with cross-functional teams.

Key Responsibilities:

Policy & Compliance

Develop, implement, and maintain information assurance policies, standards, and procedures.
Ensure compliance with ISO 27001 and other relevant regulatory requirements.
Oversee internal and external security audits to assess compliance.

Risk Management

Conduct risk assessments to identify, evaluate, and mitigate security threats.
Develop and implement risk mitigation strategies to enhance security resilience.

Security Infrastructure Management

Oversee the design, implementation, and maintenance of security controls, including:
- Firewalls
- Intrusion detection & prevention systems
- Other critical security technologies aligned with the National Technical Authority standards.
Work closely with IT teams to secure network infrastructure, servers, and endpoints.

Incident Response & Investigation

Develop and maintain a robust incident response plan.
Lead and coordinate incident investigations before transitioning to a Business-as-Usual (BAU) function.

Security Awareness & Training

Develop and deliver security awareness programs to educate employees on best practices.
Work with Subject Matter Experts (SMEs) to ensure a security-conscious workforce.

Collaboration & Communication

Work closely with internal departments to ensure cohesive security strategies.
Communicate security initiatives, risks, and compliance updates to senior management.

Team Leadership

Manage or lead a team of security professionals to ensure the successful implementation of security policies and procedures.
Provide guidance, mentorship, and support to team members, fostering a collaborative and high-performance environment.

Key Requirements:

Proven industry experience in IT Quality Assurance, Information Security, and Assurance.
Certified Information Security Manager (CISM) or an equivalent qualification.
ISO 27001 Auditor/Implementer certification is essential.
Strong understanding of cybersecurity principles, risk management, and compliance frameworks.
Experience managing or leading a team of security professionals.
Excellent communication and collaboration skills.