Information Security Manager
| Posting date: | 28 May 2026 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | £55000-63000 per annum |
| Hours: | Full time |
| Closing date: | 11 June 2026 |
| Location: | Home-based, - |
| Company: | Serco Limited |
| Job type: | Permanent |
| Job reference: | 309912-44208264 |
Summary
Serco Limited
Information Security Manager Home-based with UK Travel Full Time, Permanent Band 4 / £55,000
- £63,000 (dependent on experience)
Here at Serco, we’re seeking an experienced Information Security Manager (ISM) to join our secure contracts division, supporting several critical operational sites across the UK, including prisons and immigration removal centres.
This is a high-impact role responsible for the operational ownership and accountability of information security management processes across designated Home Office and Ministry of Justice contracts. You will play a key role in ensuring compliance with contractual security requirements, ISO27001:2022 standards, UK data protection legislation, and relevant HMG security policies.
Reporting directly to the Head of Information Security (Security Compliance Lead), with a dotted-line relationship into senior operational contract leadership, you will work closely with stakeholders across the business to drive a strong culture of information security and data protection compliance.
As part of this you’ll:
· Take operational ownership of information security management across designated contracts
· Lead and support: Information security risk management, security incident management and investigations, security assurance and compliance activities, information security management forums
· Support Data Protection Champions (DPCs) in maintaining UK GDPR and Data Protection Act 2018 compliance
· Manage ISO27001:2022 alignment activities including assurance audits against the standard
· Conduct gap analyses against recognised security frameworks and produce remediation plans
· Coordinate and support penetration testing, IT Health Checks and external assurance activities
· Engage with auditors, accreditors, customers and operational stakeholders
· Provide pragmatic security advice on projects, technology implementations and operational changes
· Review security controls relating to: HMG policies and standards, technical and physical security, personnel and procedural controls, data protection requirements
· Lead incident response activities, including investigation, containment and remediation
· Maintain security documentation, risk registers and compliance evidence
· Promote a culture of information security awareness and best practice across contracts
What you’ll need to do the role:
· Proven experience in information security management within regulated or secure environments
· Strong knowledge of ISO27001:2022 standards and implementation
· ISO27001 Lead Implementer and/or Lead Auditor certification
- desirable· Experience managing information security risks, incidents and assurance activities
· Good understanding of UK GDPR and Data Protection Act 2018 requirements
· Strong stakeholder management and communication skills
· Ability to explain complex security concepts to both technical and non-technical audiences
· Ability to work independently and manage competing priorities effectively
· Privacy or data protection certifications – desirable
· Experience supporting Home Office, Ministry of Justice or other government contracts – desirable
· Understanding of secure environments and HMG security controls – desirable
· Experience working with external auditors and accreditation bodies – desirable
· Due to the nature of this role, the successful candidate must be able to achieve and maintain SC-level national security clearance.
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
· Flexible working considered
· Pension – up to 6%
· Chance to contribute to innovation in the public services
· A company passionate about diversity and inclusion
· Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
· A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
· A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
· A safe and supportive culture.
Information Security Manager Home-based with UK Travel Full Time, Permanent Band 4 / £55,000
- £63,000 (dependent on experience)
Here at Serco, we’re seeking an experienced Information Security Manager (ISM) to join our secure contracts division, supporting several critical operational sites across the UK, including prisons and immigration removal centres.
This is a high-impact role responsible for the operational ownership and accountability of information security management processes across designated Home Office and Ministry of Justice contracts. You will play a key role in ensuring compliance with contractual security requirements, ISO27001:2022 standards, UK data protection legislation, and relevant HMG security policies.
Reporting directly to the Head of Information Security (Security Compliance Lead), with a dotted-line relationship into senior operational contract leadership, you will work closely with stakeholders across the business to drive a strong culture of information security and data protection compliance.
As part of this you’ll:
· Take operational ownership of information security management across designated contracts
· Lead and support: Information security risk management, security incident management and investigations, security assurance and compliance activities, information security management forums
· Support Data Protection Champions (DPCs) in maintaining UK GDPR and Data Protection Act 2018 compliance
· Manage ISO27001:2022 alignment activities including assurance audits against the standard
· Conduct gap analyses against recognised security frameworks and produce remediation plans
· Coordinate and support penetration testing, IT Health Checks and external assurance activities
· Engage with auditors, accreditors, customers and operational stakeholders
· Provide pragmatic security advice on projects, technology implementations and operational changes
· Review security controls relating to: HMG policies and standards, technical and physical security, personnel and procedural controls, data protection requirements
· Lead incident response activities, including investigation, containment and remediation
· Maintain security documentation, risk registers and compliance evidence
· Promote a culture of information security awareness and best practice across contracts
What you’ll need to do the role:
· Proven experience in information security management within regulated or secure environments
· Strong knowledge of ISO27001:2022 standards and implementation
· ISO27001 Lead Implementer and/or Lead Auditor certification
- desirable· Experience managing information security risks, incidents and assurance activities
· Good understanding of UK GDPR and Data Protection Act 2018 requirements
· Strong stakeholder management and communication skills
· Ability to explain complex security concepts to both technical and non-technical audiences
· Ability to work independently and manage competing priorities effectively
· Privacy or data protection certifications – desirable
· Experience supporting Home Office, Ministry of Justice or other government contracts – desirable
· Understanding of secure environments and HMG security controls – desirable
· Experience working with external auditors and accreditation bodies – desirable
· Due to the nature of this role, the successful candidate must be able to achieve and maintain SC-level national security clearance.
Why Serco:
Meaningful and vital work: In this position, your work is vital to the business, in terms of decisions and growth. You will gain a world of opportunity working for a globally operating business delivering essential services across 5 vital sectors, personal growth, achievement and development won’t be hard to find. You'll also work with great people. You’ll find yourself working in a highly motivated, supportive environment where no two days are the same, with experienced colleagues who strive for excellence.
What we offer:
· Flexible working considered
· Pension – up to 6%
· Chance to contribute to innovation in the public services
· A company passionate about diversity and inclusion
· Serco discounts which include cinema, merlin entertainment and online shopping discounts, and discounts on mobile phone plans and leisure centre memberships.
· A range of benefits to support the health and wellbeing of you and your family such as Employee Assistance Programme, Simply Health Cash Plans, and more.
· A wealth of career development training to suit your future aspirations. These range from role specific training, leadership coaching, formal study and much more to support you to build your career with Serco.
· A safe and supportive culture.
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.