Job details

IT & Information Security Manager

Get a free resume review

Role overview

Zaizi is a software consultancy specialising in building bespoke digital solutions using open source software and cloud platforms. We predominantly work with central government agencies and adhere to the Government Digital Service standard.

We take security seriously, and are certified to ISO 27001 and Cyber Essentials Plus, demonstrating our commitment to robust information security practices
To support our continued growth, we are seeking an experienced Information Security Manager.

In this role, you will be responsible for ensuring our ongoing compliance with ISO27001 and Cyber Essentials Plus, including the management of quarterly external audits and the facilitation of Integrated Management System (IMS) meetings.
You will also oversee our adherence to ISO 9001 and ISO14001, ensuring that all relevant documentation and processes are audited and maintained.

Furthermore, you will conduct internal and external risk management workshops, supporting both our own compliance and that of our clients. You will provide expert analysis and advisory services on security compliance standards for the applications and cloud solutions we develop and support.

Compliance and Security Management:

Develop, implement, and maintain comprehensive compliance programs, including integrated management systems for ISO 27001, ISO 9001, ISO 14001, and Cyber Essentials Plus.
Oversee security operations, managing internal security tools and processes to ensure optimal protection of company assets.
Lead IT Support management, including asset management, budget planning, software deployment, and strategic forward planning.

Team Leadership and Development:

Provide effective line management to an IT support team of three support staff, ensuring efficient team processes and driving continuous improvement initiatives.
Foster a collaborative and high-performing team environment.

Data Protection and Security Advocacy:

Serve as the acting Data Protection Officer, ensuring compliance with data protection regulations.
Champion a culture of security awareness, embedding security by design principles throughout the business.

Security Operations and Incident Response:

Own and manage critical security processes, including threat detection and incident response, vulnerability and patch management, security advisory and consultancy, and security testing, including the scoping and organisation of external penetration testing.

Strategic Reporting and Collaboration:

Collaborate closely with the leadership team, providing insightful reports on key security metrics.
Ensure security considerations are integrated into all projects and product development initiatives.

Risk Management:

Support enterprise risk and compliance initiatives, taking a lead role in IT risk management.

Experience

Extensive industry experience in an IT & Security focused role
You are an experienced supportive manager and can get the best out of your team.
You are keen to share your knowledge and are open to giving (and receiving) continuous feedback
Strong communicator who thrives working cross-functionally across multiple teams
You can influence people of all grades to deliver the right outcomes
Security Management
IT management (ITILv4)
Continuous Monitoring/Threat Alerts
Managing security incident and non-conformances
Experience with Data protection duties and GDPR

Desirable

(CISM) certification or CISSP desirable to have

We are looking for the successful candidate to be able to work in the office for a minimum of two days.

Security Clearance

Certain projects demand that our staff be British and cleared to SC level (or eligible for clearance).

You don’t meet all the requirements?

Studies show that women and black, Asian and minority ethnic people are less likely to apply for a job unless they meet every qualification. So if you’re excited about this role but your experience doesn’t align perfectly with the job description, we’d love you to still apply. You might just be the perfect person for this role, or another role here at Zaizi.

We actively welcome applications from people of colour, the LGBTQ+ community, individuals with disabilities, neurodivergent individuals, parents, carers, and those from lower socio-economic backgrounds.

If you need any accommodations to support your specific situation, please feel free to let us know. For candidates who are neurodiverse or have disabilities, we are happy to make any adjustments needed throughout the interview process—just ask!

Interview Process:

1st stage:

Initial phone screening done by a member of the recruitment team

2nd stage:

Technical interview, this stage evaluates your technical expertise and problem-solving abilities, especially if you're applying for a technical role.

Final Stage:

10-15 min presentation and a panel interview where multiple people from different departments ask you questions.

Salary: £70,000-£90,000

25 days paid holiday, plus bank holidays

Vitality medical insurance
Workplace Pension 5% employer contribution
Group Life Assurance
Cycle scheme
5 days a year for approved Training
WFH equipment allowance
Buy / Sell Holiday
2 days paid volunteering days

Other benefits:
Flexible working
Work on exciting projects - make a difference
Empowered to make decisions
Encouraged to fail fast and learn quickly
1-2-1 and team coaching / training available to all our staff

For further information contact- Talentteam@zaizi.com

Nat Hinds-Head of Talent

Kayla Kirby-Talent Acquisition Specialist

Average salary estimate

$80000 / YEARLY (est.)

min

max

$70000K

$90000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About IT & Information Security Manager, Zaizi

Are you ready to take on an exciting new challenge as the IT & Information Security Manager at Zaizi? Join us at our innovative software consultancy, where we focus on crafting bespoke digital solutions using open-source technology and cloud platforms, primarily for central government agencies. At Zaizi, we take security seriously and proudly hold ISO 27001 and Cyber Essentials Plus certifications, reflecting our dedication to robust information security practices. In this pivotal role, you'll ensure our compliance with these standards while also overseeing ISO 9001 and ISO 14001 adherence. Your guidance will be essential as you manage external audits and lead Integrated Management System meetings. Not only will you conduct risk management workshops to support both our compliance and our clients', but you will also offer expert analysis on security compliance standards for the applications and cloud solutions we develop. Leading an IT support team and fostering a high-performance environment, you’ll ensure optimal data protection and security advocacy throughout the business. Your influence will help integrate security into every project, making a significant impact on company operations. With opportunities to champion a culture of security awareness and cultivate a collaborative team atmosphere, this role is perfect for those who are passionate about IT security and looking to make a difference. If you are ready to help us create safe and effective digital solutions while managing critical security processes, we want to hear from you!

Frequently Asked Questions (FAQs) for IT & Information Security Manager Role at Zaizi

What are the key responsibilities of an IT & Information Security Manager at Zaizi?

As the IT & Information Security Manager at Zaizi, your primary responsibilities include ensuring compliance with security standards such as ISO 27001 and Cyber Essentials Plus, managing external audits, conducting risk management workshops, and overseeing the security operations of the company. You'll also be leading an IT support team, developing and maintaining compliance programs, and advocating data protection while integrating security considerations into all projects.