Information Security Manager

Sightsavers implements projects in over 30 countries in Africa and South Asia working to eliminate avoidable blindness and promote the rights of people with disabilities.

Title: Information Security Manager (ISM)

Location: Remote, with a requirement to work from our modern Haywards Heath office approximately once per month     

Contract: Permanent

Salary: Salary: £45,405 to £53,418 depending on experience, with scope for discussion at interview

About the role

In this role, you will lead Sightsavers information security function, ensuring our systems, services and data are protected from evolving cyber threats. You will drive the development and delivery of our information security strategy, working closely with teams across the organisation to strengthen controls and embed secure ways of working. This will include overseeing key areas such as vulnerability management, patching and compliance activities, as well as identifying and assessing risks and supporting colleagues to put effective, practical safeguards in place. Acting as the organisation’s subject matter expert, you will play a central role in managing audits, supporting incident response and ensuring we meet key security standards, while continuously improving our overall security approach.

Responsibilities

• Lead the development and delivery of Sightsavers information security strategy, ensuring it aligns with organisational priorities

• Oversee key security controls, including patching, vulnerability management and change control processes

• Identify and assess information security risks across the organisation, supporting teams to implement practical solutions

• Provide expert advice and guidance on information security controls to protect systems, services and data

• Act as the organisation’s subject matter expert for audits, reviews and security assurance activities

• Maintain compliance with key standards and certifications, including Cyber Essentials and PCI-DSS

• Lead or support the investigation of security incidents, ensuring lessons learned are captured and acted upon

• Provide guidance on information governance, including data access, classification and retention practices

• Monitor emerging cyber threats, trends and regulatory requirements, recommending improvements where needed

• Promote awareness of information security across the organisation, encouraging good practice and secure behaviours

• Build strong relationships with internal teams, suppliers and external partners to embed security into day-to-day operations

• Support continuous improvement of security processes, ensuring controls remain effective and fit for purpose

This is a highly varied and involved role and the above is not an exhaustive list of duties or required professional skills. Please see the Job Description for full details.

The deadline to complete you application is 7 June 2026 by 23.30pm BST UK.

Skills and Experience

You will bring strong experience in information security, cyber risk or security governance within a complex organisation, along with a recognised certification such as CISSP, CISM or ISO 27001, or equivalent experience. As the Information Security Manager, you will have a solid understanding of security standards and frameworks, including PCI-DSS, and be confident working with both technical and non-technical stakeholders, translating complex issues into clear, practical guidance. You will be highly organised, with strong attention to detail, and able to manage competing priorities while taking a proactive, solutions-focused approach to risk. Strong communication and relationship-building skills will be key, as you work collaboratively across teams and with external providers, and you will have a genuine interest in continuous improvement and staying up to date with emerging threats and best practice.

Benefits 

Sightsavers offers some fantastic benefits. Our comprehensive benefits package includes generous annual leave allowance, pension, season ticket loan, cycle to work scheme, discounted gym memberships and wellness discounts. If you choose to work in or are visiting our collaborative, modern office space, you will find it an easy 20-minute train journey from Brighton or 45 minutes from London

Jobholder Requirements

Essential:

• Strong experience working in information security, cyber risk or security governance within a complex organisation

• A recognised professional certification such as CISSP, CISM or ISO 27001 (or equivalent experience)

• Solid understanding of security standards and compliance frameworks, including PCI-DSS

• Experience applying security principles in a practical, real-world environment

• Confident working with both technical and non-technical stakeholders

• Strong communication skills, with the ability to translate complex information into clear, practical guidance

• Highly organised, with strong attention to detail and the ability to manage competing priorities

• Experience working within an outsourced or multi-supplier environment

Desirable:

• Good technical understanding of IT infrastructure and security technologies

• Ability to explain technical risks and concepts to a range of audiences across the organisation

• Experience supporting audits, compliance frameworks or certification processes

• An interest in staying up to date with emerging threats, trends and best practice in information security

Next Steps

We anticipate that remote interviews will take place from the week commencing 15 June onwards and the evaluation process may include a online task.

To apply for this exciting new opportunity, please complete an application via our recruitment portal. We are particularly interested in learning of your motivations for applying.

As an equal opportunity employer, we actively encourage applications from all sections of the community. Sightsavers is a Disability Confident Leader and qualified people with a disability are particularly encouraged to apply.

Sightsavers is an employer that does not tolerate any form of harassment and has zero tolerance for sexual exploitation and abuse. All potential candidates will be subjected to rigorous background checks and controls.