Information Security Manager

Information Security Manager  
Home-based with UK Travel   
Full Time, Permanent   
Band 4 / £55,000 - £63,000 (dependent on experience)

Here at Serco, we’re seeking an experienced Information Security Manager (ISM) to join our secure contracts division, supporting several critical operational sites across the UK, including prisons and immigration removal centres.

This is a high-impact role responsible for the operational ownership and accountability of information security management processes across designated Home Office and Ministry of Justice contracts. You will play a key role in ensuring compliance with contractual security requirements, ISO27001:2022 standards, UK data protection legislation, and relevant HMG security policies.

Reporting directly to the Head of Information Security (Security Compliance Lead), with a dotted-line relationship into senior operational contract leadership, you will work closely with stakeholders across the business to drive a strong culture of information security and data protection compliance.

As part of this you’ll:

• Take operational ownership of information security management across designated contracts

• Lead and support: Information security risk management, security incident management and investigations, security assurance and compliance activities, information security management forums

• Support Data Protection Champions (DPCs) in maintaining UK GDPR and Data Protection Act 2018 compliance

• Manage ISO27001:2022 alignment activities including assurance audits against the standard

• Conduct gap analyses against recognised security frameworks and produce remediation plans

• Coordinate and support penetration testing, IT Health Checks and external assurance activities

• Engage with auditors, accreditors, customers and operational stakeholders

• Provide pragmatic security advice on projects, technology implementations and operational changes

• Review security controls relating to: HMG policies and standards, technical and physical security, personnel and procedural controls, data protection requirements

• Lead incident response activities, including investigation, containment and remediation

• Maintain security documentation, risk registers and compliance evidence

• Promote a culture of information security awareness and best practice across contracts

What you’ll need to do the role:

• Proven experience in information security management within regulated or secure environments

• Strong knowledge of ISO27001:2022 standards and implementation

• ISO27001 Lead Implementer and/or Lead Auditor certification - desirable

• Experience managing information security risks, incidents and assurance activities

• Good understanding of UK GDPR and Data Protection Act 2018 requirements

• Strong stakeholder management and communication skills

• Ability to explain complex security concepts to both technical and non-technical audiences

• Ability to work independently and manage competing priorities effectively

• Privacy or data protection certifications – desirable

• Experience supporting Home Office, Ministry of Justice or other government contracts – desirable

• Understanding of secure environments and HMG security controls – desirable

• Experience working with external auditors and accreditation bodies – desirable

• Due to the nature of this role, the successful candidate must be able to achieve and maintain SC-level national security clearance.

Why Serco:

Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.

What we offer:

• Flexible working considered

• Pension – up to 6%

• Chance to contribute to innovation in the public services

• A company passionate about diversity and inclusion

• Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.

• A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.

• A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.

• A safe and supportive culture.

About Serco
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services.  We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.

By joining Serco you will have unlimited access to our Global Employee Networks – SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and In@Serco (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging. 

Apply
Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment. 

At Serco, we see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates and strongly encourage applications from a diverse candidate pool. We are open to discussions around flexibility and flexible working. We operate a hybrid work structure in many of our business areas. We are proudly Disability Confident Leader employers and holder of the Gold Inclusive Employer Standard.