Information Security Manager
Indexed description
Information Security Manager
Cardiff
Salary: £58,000 – £67,000 per annum
Hybrid Working (minimum 1 day per week on-site)
About the Role
We are recruiting for a strategic Information Security Manager to join an IT function in South Wales.
Reporting to the Chief Technology Officer, the successful candidate will lead a team of three Security Analysts and work in close partnership with the Data Protection Officer to ensure the organisation's information security posture supports both operational needs and regulatory compliance.
This is a senior, strategic role rather than a hands-on technical position. The organisation is looking for a leader who can drive transformation, influence stakeholders at all levels, and balance competing business priorities.
Key Responsibilities
- Lead the assessment and onboarding of a third-party Security Operations Centre (SOC), currently in the early stages of business case development
- Lead the rollout of a flat, "coffee shop" style network access model, balancing business flexibility with the operational needs of the security and data protection functions
- Provide ongoing oversight of SOC operations and performance
- Lead third-party risk assessments on an ongoing basis
- Manage, develop, and support a team of three Security Analysts
- Act as a key point of collaboration with the Data Protection Officer on data protection and information governance matters
- Represent information security at a senior stakeholder level, building buy-in for security initiatives across the organisation
Candidate Requirements
- Demonstrable experience in cyber security operations, SOC management, or security operations leadership (this role is weighted approximately 80% cyber operations, 20% Information Security)
- Working understanding of the Microsoft security stack (Purview, Sentinel, Intune)
- Strong stakeholder management and influencing skills, with the ability to engage senior leadership and technical teams alike
- Experience with CrowdStrike and/or ISO 27001 is desirable but not essential
- This role is not gated on specific tools or technologies; emphasis is placed on strategic leadership, judgement, and the ability to drive change
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search