Join Serco’s UK & Europe division as an Information Security Manager and take operational ownership and accountability for information security management processes for Defence opportunities. In this role, you will deliver, manage, and audit the cyber security aspects of contracts in accordance with MOD Secure by Design standards. You will oversee the extensive security arrangements for Serco partners and subcontractors, ensuring their compliance with MOD standards. Additionally, you will ensure adherence to data protection legislation through close collaboration with contract Data Protection Champions and senior management.
Serco is a global leader in public services, renowned for delivering essential solutions that make a real difference in people’s lives. By joining Serco, you become part of a forward-thinking organisation that values innovation, collaboration, and customer-centricity.
Main responsibilities of the role:
* Engage with key industry partners and suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138).
* Conduct information security risk assessment and management using recognized frameworks such as NIST SP800.
* Perform information security assurance activities and manage incidents.
* Establish and manage internal and external Security Working Groups.
* Support Serco Defence projects and design activities, ensuring compliance with MOD Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001.
* Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls.
* Provide advice and guidance to maintain existing cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls.
* Adopt a proactive approach to security management and assurance coordination, ensuring smooth running of scheduled activities and gaining trust of key stakeholders.
* Engage with external audit and assurance providers, scope test plans, help stakeholders interpret test results, and support implementation of remedial actions.
* Manage incident response, conduct investigations to understand security breaches, assess and contain damage, and devise measures to protect against future breaches.
What you’ll need:
* In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138 / DCPP.
* ISO27001 Lead Implementer / Auditor, CISSP or CISM.
* Strong understanding of data protection compliance and relevant privacy certifications.
* Proficiency in risk management using recognised frameworks like NIST.
* Experience in creating and delivering security awareness training.
* Ability to work effectively with stakeholders to support contract and business unit needs.
* Clear communication of cyber security concepts to senior stakeholders, with the ability to escalate issues promptly.
* Capability to work independently, make sound decisions, and meet deadlines.
* Logical and methodical approach to problem-solving.
* Ability to achieve and maintain UK Security Clearance (SC).
About Serco
At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone.
Apply
Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment.
At Serco we support fair access to employment for those with unspent criminal convictions through the ‘Ban the Box’ pledge (some may be exempt due to the nature of the role and the security clearance required). Please contact our recruitment team directly on 0345 010 4000 to discuss.
#J-18808-Ljbffr