Information Security Manager - Senior Consultant
Indexed description
This is a senior individual contributor role for someone from a technical background: security operations, security engineering, or infrastructure. You will understand how IT estates are actually built, run, and broken into, and you will use that understanding to push remediation through to closure.
What You Will Do
- Own the security posture of your customers end to end: assess it, explain it, improve it, and evidence the improvement with data.
- Lead vulnerability management across customer estates. A Critical is not just a Critical: you will contextualise findings against exploitability, exposure, and the customer's environment, and prioritise what actually reduces risk. Our customers pay for that judgement.
- Get hands-on where it counts. Pull and shape raw data from security tooling, write the queries, build the Power BI dashboards, and present customers a clear, current picture of their estate without waiting on anyone else.
- Work shoulder to shoulder with technical resolver teams (infrastructure, DBA, network, end user services) to scope, drive, and validate remediation. You will engage as a peer who understands their world, not a signpost.
- Translate the live threat landscape into specific, actionable guidance for each customer: which CVEs matter to them, which attacker techniques apply to their stack, and what to do this week.
- Advise IT Managers and IT Directors on security strategy and risk-based decisions, grounded in their actual estate rather than generic framework language.
- Apply frameworks such as NIST CSF and ISO/IEC 27001 pragmatically: as tools to structure improvement, never as a substitute for it.
- Support customers through incident response planning, exercises, and live incidents alongside SOC and resolver teams.
- Use AI tooling daily to accelerate analysis, reporting, and automation. We expect our ISMs to move fast and to keep raising the bar on how the service is delivered.
- A technical foundation in security operations, security engineering or infrastructure, such as SOC triage and detection, EDR and vulnerability tooling, hardening, or running estates (AD, M365, networking, endpoint, patching).
- Proven vulnerability management experience, owning the full lifecycle from scan data through prioritisation to confirmed remediation.
- Strong data skills: confident with raw exports, KQL or SQL queries, advanced Excel, and able to build customer-facing Power BI reporting yourself.
- Threat fluency: you track active threats and attacker TTPs and can explain what they mean for a specific customer in language an IT Director can act on.
- Experience using AI tools to deliver faster and better, with the appetite to build prompt libraries, automated playbooks and AI-assisted workflows into your delivery.
- The credibility to advise senior IT leaders, challenge constructively and bring technical teams with you.
- Comfort working across multiple customers in a managed service environment, balancing priorities and owning outcomes.
- Degree-level education or equivalent professional experience. We value hands-on capability over certifications, though CySA+, Security+, CASP+/SecurityX or relevant vendor and cloud certifications will support your candidacy.
- 26 days’ holiday + bank holidays (and the option to buy more) plus 1 paid volunteering day every year
- Exceptional family leave, 26 weeks fully paid maternity/adoption, 4 weeks fully paid paternity, 22 weeks fully paid shared parental leave, plus 5 days paid bereavement leave
- Robust sick pay of up to 13 weeks full pay + 13 weeks half pay
- 24/7 Employee Assistance Programme for confidential support
- Private medical insurance for everyone, no medical-history exclusions
- Performance-based rewards tailored to your role, from company-wide bonuses to OTE and commission structures
- Income protection: up to 75% salary for 5 years if you ever need it
- SkillsHub learning platform with leadership pathways, future-manager training, and a huge online library
- Access to external training and apprenticeships
- MatchIt! Fundraise for a cause close to your heart and OneAdvanced will match part of the funding
- Pennies from Heaven donate the pennies from your pay check to help make a difference without lifting a finger
- ULEV car scheme with 1,000+ models
- Dental insurance, Health Cash Plan, Critical Illness Cover, Partner Life Cover
We’re much more than a software company. We deliver SaaS workflow applications and IT services that power organisations across Education, Government, Healthcare, Legal, Manufacturing, Housing, Retail, and more.
OneAdvanced is one of the UK’s largest business software and services companies. Based in Birmingham (The Mailbox), operating across the UK, Ireland, India, and Australia.
Our secure, scalable platform, including OneAdvanced AI, our private AI service for UK organisations, powers connectivity and innovation across critical sectors. Alongside our software are our IT services, including hosting, managed services, and application modernisation.
We strive to create an inclusive workplace that drives innovation and collaboration, championing diverse perspectives and ideas. Our Environmental, Social and Governance (ESG) strategy is embedded in everything we do, guiding us to create meaningful impact for our people, our customers and the planet.
Join us and become part of a team that’s powering the world of work and making a real difference.
Learn more at www.oneadvanced.com
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search