21 Oct
Digital Waffle
Nottingham
Job Title: Security Compliance Manager (ISMS)
Salary: £65k + Bonus
Location: Nottingham
We are looking for an experienced Security Compliance Manager to join our Compliance team. In this key role, you will be responsible for developing, implementing, maintaining, and continuously improving our Information Security Management System (ISMS) across the organisation. You will ensure compliance with relevant laws, regulations, and standards related to information security.
Key Skills:
- Handle internal compliance including (ISMS, ISO 270001 etc)
- Experience of compliance within a company that operates in multiple countries
Key Responsibilities:
- Develop and implement the ISMS framework,
including security policies and procedures across the organisation.
- Ensure compliance with ISO27001, as well as other relevant standards and certifications such as PCI, GDPR, and Cyber Essentials.
- Coordinate and oversee both internal and external security audits across global operations.
- Standardise security practices across regions, documenting any necessary exceptions.
- Conduct regular security risk assessments and develop mitigation strategies for identified risks.
- Work closely with IT and other teams to ensure effective implementation and maintenance of security controls.
- Lead information security training and awareness initiatives across the organisation.
- Stay informed about the latest trends, technologies, and best practices in information security.
- Collaborate with stakeholders to manage and resolve security incidents.
- Monitor and report on the effectiveness of the ISMS and related security measures.
Person Specification:
- Extensive experience in information security management, ideally within industries such as SaaS,
technology, telecommunications or similar.
- Proven experience managing an ISMS across multiple entities and regions, including leading internal compliance assessments and managing external audits.
- Strong knowledge of security frameworks and standards (e.g., ISO27001, NIST, GDPR), with hands-on experience in their implementation and ongoing monitoring.
- Excellent communication skills, with the ability to convey complex concepts clearly to senior leadership.
- Ability to work both independently and collaboratively in a fast-paced, dynamic environment.
- Flexibility to collaborate with colleagues across various locations and time zones.