Information Security Manager
| Job Type | Permanent |
| Area | City of London, UK |
| Sector | InfoSec & Cyber Security - Management |
| Salary | £80,000-£90,000 |
| Currency | GBP |
| Start Date | asap |
| Advertiser | Business Services |
| Job Ref | 45769 |
- Description
We’re recruiting on behalf of a leading legal firm for an Information Security Manager to lead and strengthen their information security function. This is a hands-on, strategic role where you’ll manage a small team, oversee ISO 27001 and Cyber Essentials Plus compliance, and drive continuous improvement across the business.
What You’ll Do:
• Develop and deliver the firm’s information security strategy.
• Lead and mentor a small team of IT security professionals.
• Own ISO 27001 implementation and Cyber Essentials Plus certification.
• Manage operational security: endpoint protection, M365 security, SIEM/SOC, vulnerability management, and incident response.
• Lead security projects and embed “Secure by Design” principles across initiatives.
• Build strong relationships with stakeholders and deliver security awareness training.
- Experience
What We’re Looking For:
• Proven experience in information security management, ideally in professional services.
• Hands-on experience with ISO 27001 and Cyber Essentials Plus.
• Strong technical knowledge: endpoint security, M365/Entra ID, SIEM, network security, encryption, backup/recovery.
• Certifications highly desirable: CISM, CISSP, ISO 27001 Lead Implementer.
• Excellent communicator, strategic thinker, and supportive team leader.
Why Apply:
This is your chance to shape the security strategy for a forward-thinking legal firm, leading critical initiatives while making a real business impact.