IT Security Manager
Role details
Job location
Tech stack
Job description
Due to continued growth and an internal promotion, Jensten Group is hiring an IT Security Manager. In this role, you'll partner with the IT Director to develop and deliver our information security strategy. You'll ensure the business operates with the right security risk management approach and is protected from threats. Together, you'll be the subject matter expert for colleagues on IT security., * Strategy, policy & AI governance: Develop and deliver the information security strategy, policies, standards and procedures; define AI guardrails and implement risk controls.
- Risk management framework: Develop, maintain and monitor the information security risk management framework.
- Compliance & enforcement: Lead ISO 27001, Cyber Essentials/Plus and PCI DSS programmes; monitor and enforce organisational compliance with security policies.
- Controls & secure architecture: Ensure security processes, controls and technologies are effective and regularly reviewed; provide technical guidance on secure design and operations.
- Threat & vulnerability management + tooling: Assess, prioritise and remediate vulnerabilities and emerging threats; configure and optimise SIEM, EDR, WAF, vulnerability management, code scanning and cloud security tooling.
- Third-party- security: Liaise with vendors on security response and compliance; run due diligence and ongoing reviews for third-party- risk.
- Incident detection & response: Monitor for security incidents; lead timely investigation, containment, recovery and post incident- improvements.
- Assurance & testing: Plan and perform security audits; coordinate penetration testing and track remediation to closure.
Requirements
You're a hands-on- security professional, perhaps a Senior Security Engineer, ready to step up into a management role. You've implemented and configured technical security controls and delivered Information Security initiatives end-to-end, from policy and risk assessments through adoption and compliance. Ideally, you have enterprise incident response experience & can -input into strategy., * Hands-on experience- leading ISO 27001, Cyber Essentials/Plus, and PCI DSS programmes.
- Practical expertise with security tooling.
- Experience in incident management, threat modelling, secure architecture, and stakeholder engagement.
- Ability to write clear policies, risk assessments, and reports; comfortable presenting to technical and non-technical audiences.
- A collaborative, pragmatic approach-able to influence, coach, and drive outcomes.
- Be a good communicator with internal and external stakeholders.
- Take ownership of making change happen and driving improvements.
- Apply solid problem-solving skills to overcome challenges effectively.
Benefits & conditions
- Competitive salary with an annual pay review and bonus scheme.
- 27 days annual leave (includes a day off for your birthday and another for a religious holiday of your choice) + bank holidays.
- Auto enrolment into our excellent pension scheme.
- Flex-benefits - A range of flexible benefits to choose from, that are most important to you.
- Group Life Assurance cover.
- 3 months Maternity, Paternity & Adoption leave all fully paid.
- Professional qualification study support relevant to your role and career.
- Perks at Work - amazing discounts on cinema tickets, meals out, luxury items etc.
- Holiday purchase scheme - up to 5 days annually.
