Information Security Manager
UK Centre for Ecology & Hydrology
- Wallingford, Oxfordshire
- £48,414-52,405 per year
- Permanent
- Full-time
Hybrid working (50/50)
Permanent, full-time, based in Wallingford Oxfordshire
We reserve the right to close this advert early if we find the right candidate, so we encourage you to apply early.UKCEH is looking for an experienced Information Security Manager to join our team of talented individuals, contributing to scientific discovery and generating the data, insights and solutions that researchers, businesses and governments need to solve complex environmental challenges.Join our dynamic, cross functional team, where you’ll work collaboratively to shape and implement strategies, policies and procedures to enhance our information and cyber security.With a strong background in managing and delivering Information Security leadership within business and technology-led change projects, a pragmatic and proactive approach is key for this role. You will work with a small team across multiple sites, providing both strategic and day-to-day information security management, while developing and implementing changes to improve the information security position within UKCEH.Your ability to guide others, promote a positive team culture and drive continuous improvement will be essential.UKCEH is keen to develop and support your development, if you are ready to grow into a leadership position, we’ll work with you to develop your management skills alongside your security skills.Your main responsibilities will include:
- Lead the UKCEH Information Security programme, ensuring it is responsive, innovative, and cost-effective.
- Manage a small Information Security team and oversee the budget.
- Develop and maintain information security policies, standards, procedures, and guidance.
- Provide strategic threat management, including risk assessments, incident management, and internal reporting.
- Promote security awareness through training programmes for technical and non-technical staff.
- Assess and recommend technological upgrades and improvements to the information security environment.
- Communicate security goals and new programmes effectively across departments.
- Strong experience in an Information Security Management or equivalent role.
- Professional security qualification (e.g., CISSP, CISM) or relevant degree.
- Good knowledge of industry standard frameworks such as Cyber Essentials, GDPR, ISO27001, and NIST.
- Strong technical background in Cloud, Data Analytics, Security Technologies, and Application Security.
- Experience in managing and delivering Information Security leadership within business and technology-led change projects.
- Identification and articulation of Information Security risks and relevant mitigating controls, including vulnerability and threat intelligence knowledge.
- Knowledge of enterprise security design, with experience in Microsoft security stack, Amazon Cloud Services, MS Azure, Windows, Linux, and leading ERP solutions.
- Ability to think critically about process and procedures and to adjust consistently as needed
- Ability to interact confidently across UKCEH combined with the ability explain complex concepts in simple to understand terms.
- Good interpersonal skills including listening and questioning skills
- Excellent written and spoken English communication skills
- Demonstrate commitment to the UKCEH values of excellence, integrity and teamwork
- 27 days annual leave (rising to 29 days after 5 years’ service) plus 3 days for Christmas closure
- 10% employer pension contribution
- Flexible and hybrid working arrangements (role dependant)
- Peer reward and recognition scheme
- Dental insurance, gym/fitness discounts, retail discount portal
- Enhanced maternity and paternity leave
- 24-hour, 365-day support with physical, mental, social, health or financial issues and much more...