Information Security Manager
| Posting date: | 20 November 2025 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | £55000-65000 per annum |
| Hours: | Full time |
| Closing date: | 04 December 2025 |
| Location: | London, . |
| Company: | Serco Limited |
| Job type: | Permanent |
| Job reference: | 306039-43795294 |
Summary
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
Information Security Manager – London Cycle Hire Scheme Hybrid – London Full Time, Permanent Band 4 / £55,000
- £65,000 per annum
Serco is proud to operate the London Cycle Hire Scheme
- one of the capital’s most visible and impactful public services. We are now recruiting a brand-new Information Security Manager (ISM) to help shape the future security posture of this high-profile, citizen-facing contract.
This isn’t a role about sitting behind policies or focusing solely on tech. We need someone who can build strong relationships, steer suppliers, engage directly with our customer, and roll out practical, people-focused security improvements from day one. You will set the foundations, mature our processes, drive awareness, and ensure cyber security and data protection are embedded into everything we deliver.
You will take operational ownership and accountability for all information security management processes across Serco delivery of the London Cycle Hire Scheme (LCHS). You’ll maintain alignment with ISO27001, ensure compliance with data protection legislation, and manage information security and data protection activities in partnership with the Data Protection Champion (DPC), the Cyber Assurance Lead, and contract leadership.
As part of this you’ll:
· Take operational ownership of all information security processes across the LCHS contract.
· Lead information security risk management, incident response, and investigations.
· Maintain ISO27001 alignment and support GDPR/DPA 2018 compliance with the DPC.
· Establish and run an Information Security Management Forum.
· Drive a proactive security culture through training, awareness, and engagement.
· Manage and coordinate assurance activities, including audits, pen tests, and IT Health Checks.
· Work directly with the customer and suppliers to ensure security obligations are met and understood.
· Provide clear, accessible security advice to stakeholders at all levels.
· Conduct gap analyses against ISO27001 and HMG standards and produce remediation plans.
· Support new projects with Secure by Design guidance, including technical, procedural, physical, and personnel controls.
· Oversee documentation, risk registers, and security governance records.
· Recommend appropriate security controls, technologies, and improvements.
· Maintain all information security and data protection documentation and ensure ongoing compliance.
What you’ll need to do the role:
We are looking for someone who is credible, engaging, pragmatic, and people-focused, with the ability to guide suppliers and influence stakeholders at every level.
Essential Skills & Qualifications:
· ISO27001 Lead Implementer and/or Lead Auditor.
· Cyber security formal certification (e.g. CISM, CISSP).
· Strong understanding of data protection legislation (GDPR/DPA 2018).
· Risk management experience.
· Experience managing security in complex, multi-supplier environments.
· Ability to translate complex security concepts into clear, actionable guidance.
· Strong relationship-building and stakeholder engagement skills.
· Ability to work independently, organise workload, and deliver to deadlines.
· Eligible for BPSS clearance.
Desirable:
· Experience supporting UK government or public sector contracts.
· Experience in customer-facing roles.
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
· Flexible working considered
· Pension – 6%
· Chance to contribute to innovation in the public services
· A company passionate about diversity and inclusion
· Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
· A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
· A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
· A safe and supportive culture.
Information Security Manager – London Cycle Hire Scheme Hybrid – London Full Time, Permanent Band 4 / £55,000
- £65,000 per annum
Serco is proud to operate the London Cycle Hire Scheme
- one of the capital’s most visible and impactful public services. We are now recruiting a brand-new Information Security Manager (ISM) to help shape the future security posture of this high-profile, citizen-facing contract.
This isn’t a role about sitting behind policies or focusing solely on tech. We need someone who can build strong relationships, steer suppliers, engage directly with our customer, and roll out practical, people-focused security improvements from day one. You will set the foundations, mature our processes, drive awareness, and ensure cyber security and data protection are embedded into everything we deliver.
You will take operational ownership and accountability for all information security management processes across Serco delivery of the London Cycle Hire Scheme (LCHS). You’ll maintain alignment with ISO27001, ensure compliance with data protection legislation, and manage information security and data protection activities in partnership with the Data Protection Champion (DPC), the Cyber Assurance Lead, and contract leadership.
As part of this you’ll:
· Take operational ownership of all information security processes across the LCHS contract.
· Lead information security risk management, incident response, and investigations.
· Maintain ISO27001 alignment and support GDPR/DPA 2018 compliance with the DPC.
· Establish and run an Information Security Management Forum.
· Drive a proactive security culture through training, awareness, and engagement.
· Manage and coordinate assurance activities, including audits, pen tests, and IT Health Checks.
· Work directly with the customer and suppliers to ensure security obligations are met and understood.
· Provide clear, accessible security advice to stakeholders at all levels.
· Conduct gap analyses against ISO27001 and HMG standards and produce remediation plans.
· Support new projects with Secure by Design guidance, including technical, procedural, physical, and personnel controls.
· Oversee documentation, risk registers, and security governance records.
· Recommend appropriate security controls, technologies, and improvements.
· Maintain all information security and data protection documentation and ensure ongoing compliance.
What you’ll need to do the role:
We are looking for someone who is credible, engaging, pragmatic, and people-focused, with the ability to guide suppliers and influence stakeholders at every level.
Essential Skills & Qualifications:
· ISO27001 Lead Implementer and/or Lead Auditor.
· Cyber security formal certification (e.g. CISM, CISSP).
· Strong understanding of data protection legislation (GDPR/DPA 2018).
· Risk management experience.
· Experience managing security in complex, multi-supplier environments.
· Ability to translate complex security concepts into clear, actionable guidance.
· Strong relationship-building and stakeholder engagement skills.
· Ability to work independently, organise workload, and deliver to deadlines.
· Eligible for BPSS clearance.
Desirable:
· Experience supporting UK government or public sector contracts.
· Experience in customer-facing roles.
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
· Flexible working considered
· Pension – 6%
· Chance to contribute to innovation in the public services
· A company passionate about diversity and inclusion
· Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
· A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
· A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
· A safe and supportive culture.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.