Information Security Manager
| Posting date: | 06 August 2025 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | Competitive Salary Depending On Experience |
| Hours: | Full time |
| Closing date: | 05 September 2025 |
| Location: | Birmingham, West Midlands |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | NTT Data |
| Job type: | Permanent |
| Job reference: |
Summary
The team you'll be working with:
Job Title: Information Security Manager
Location: London, UK or Birmingham hybrid Variable
Department: Information Security
About Us:
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
What you'll be doing:
What you will be doing;
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
Core responsibilities;
Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client’s business operations.
Collaborate with the client’s IT and business teams to integrate security solutions and processes that align with their goals.
Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
Manage security awareness training programs for the client’s staff, fostering a culture of cybersecurity awareness.
Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
Ensure that the client’s information security posture is continuously improved through proactive security measures, monitoring, and reporting.
What experience you'll bring:
What you will bring;
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
Experience managing and leading security operations, incident response, and risk assessments.
Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
Experience working in a service delivery or consultancy capacity with external clients.
Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
Desirable Attributes:
Strong stakeholder engagement experiences.
Ability to work independently, take initiative, and work in a dynamic environment.
Proactive approach to identifying and solving problems before they escalate.
Strong leadership and mentoring skills to support junior staff and teams.
Ability to translate business needs into security solutions.
Job Title: Information Security Manager
Location: London, UK or Birmingham hybrid Variable
Department: Information Security
About Us:
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
What you'll be doing:
What you will be doing;
We are seeking an experienced Information Security Manager to play a critical role in ensuring the security and resilience of our client's IT systems and data. As a client-facing professional, you will act as the pivotal point of contact for all matters relating to information and cybersecurity. You will collaborate closely with multiple teams to develop, implement, and manage robust information security frameworks, policies, and protocols.
This role combines both strategic leadership and technical expertise, enabling you to influence decision-making, advise on best practices, and ensure continuous improvement in the security posture. You will lead efforts in risk management, regulatory compliance, incident response, and security awareness training, while ensuring the client remains aligned with industry standards and legal requirements (e.g., ISO 27001, GDPR, Cyber Essentials). Your expertise will help mitigate risks, defend against cyber threats, and maintain the highest level of security across the client's infrastructure, all while maintaining a clear focus on delivering outstanding service and value.
Key to your success will be your ability to manage complex security challenges, foster strong relationships with teams, and drive a proactive security culture within their organisation.
Core responsibilities;
Act as the primary information security point of contact for relevant teams, developing a trusted relationship and advising on all aspects of cybersecurity.
Develop, implement, and maintain information security policies, procedures, and frameworks, ensuring alignment with industry standards (e.g., ISO 27001, NIST) and legal requirements (e.g., GDPR, Cyber Essentials).
Conduct security risk assessments and vulnerability management for the client, providing actionable recommendations to mitigate risks.
Lead incident detection, investigation, and response efforts, ensuring minimal impact to the client’s business operations.
Collaborate with the client’s IT and business teams to integrate security solutions and processes that align with their goals.
Deliver regular reporting to the client on security status, incidents, risks, and compliance with agreed SLAs and KPIs.
Provide guidance and support for the client in meeting their regulatory obligations (e.g., GDPR compliance, data protection).
Oversee and lead security audits, penetration testing, and vulnerability assessments for the client.
Manage security awareness training programs for the client’s staff, fostering a culture of cybersecurity awareness.
Provide ongoing advice on emerging threats, vulnerabilities, and security best practices, helping the client stay ahead of the curve.
Ensure that the client’s information security posture is continuously improved through proactive security measures, monitoring, and reporting.
What experience you'll bring:
What you will bring;
Proven experience (typically 5+ years) in information security management or a related role, preferably within an MSP or client-facing environment.
Strong understanding of UK and international cybersecurity regulations, including GDPR, Cyber Essentials, and ISO 27001.
Experience managing and leading security operations, incident response, and risk assessments.
Understanding and knowledge of security technologies (SIEM, firewalls, endpoint protection, encryption, etc.) and practices (vulnerability management, penetration testing).
Experience working in a service delivery or consultancy capacity with external clients.
Excellent communication skills, able to convey technical security information to non-technical stakeholders at all levels.
Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
Desirable Attributes:
Strong stakeholder engagement experiences.
Ability to work independently, take initiative, and work in a dynamic environment.
Proactive approach to identifying and solving problems before they escalate.
Strong leadership and mentoring skills to support junior staff and teams.
Ability to translate business needs into security solutions.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.