Information Security Manager Hybrid - Bristol Full Time, Permanent Competitive salary plus benefits Join Serco’s UK & Europe division as an Information Security Manager and take operational ownership and accountability for information security management processes for Defence opportunities. In this role, you will deliver, manage, and audit the cyber security aspects of contracts in accordance with MOD Secure by Design standards. You will oversee the extensive security arrangements for Serco partners and subcontractors, ensuring their compliance with MOD standards. Additionally, you will ensure adherence to data protection legislation through close collaboration with contract Data Protection Champions and senior management. Serco is a global leader in public services, renowned for delivering essential solutions that make a real difference in people’s lives. By joining Serco, you become part of a forward-thinking organisation that values innovation, collaboration, and customer-centricity. Main responsibilities of the role: Engage with key industry partners and suppliers to ensure ongoing compliance with MOD standards (e.g., Secure By Design, DefStan 05-138). Conduct information security risk assessment and management using recognized frameworks such as NIST SP800. Perform information security assurance activities and manage incidents. Establish and manage internal and external Security Working Groups. Support Serco Defence projects and design activities, ensuring compliance with MOD Secure by Design, HMG policy, NCSC guidance, NIST 800, and ISO 27001. Advise on technical requirements and compliance with formal contract security schedules (Security Aspects Letters) and recommend security technologies and controls. Provide advice and guidance to maintain existing cyber security compliances (e.g., ISO 27001, Cyber Essentials Plus), MOD certifications, and HMG security controls. Adopt a proactive approach to security management and assurance coordination, ensuring smooth running of scheduled activities and gaining trust of key stakeholders. Engage with external audit and assurance providers, scope test plans, help stakeholders interpret test results, and support implementation of remedial actions. Manage incident response, conduct investigations to understand security breaches, assess and contain damage, and devise measures to protect against future breaches. What you’ll need: In-depth knowledge and experience with MOD policies and standards, including Secure by Design, JSP 440, and DefStan 05-138 / DCPP. ISO27001 Lead Implementer / Auditor, CISSP or CISM. Strong understanding of data protection compliance and relevant privacy certifications. Proficiency in risk management using recognised frameworks like NIST. Experience in creating and delivering security awareness training. Ability to work effectively with stakeholders to support contract and business unit needs. Clear communication of cyber security concepts to senior stakeholders, with the ability to escalate issues promptly. Capability to work independently, make sound decisions, and meet deadlines. Logical and methodical approach to problem-solving. Ability to achieve and maintain UK Security Clearance (SC). What we offer: Up to 6% contributory pension. 25 days annual leave plus bank holidays. Annual leave purchase scheme. Access to the Serco benefits portal offering discounts across major high street brands in Retail, Leisure & Hospitality. Health and wellbeing support for you and your family, including an Employee Assistance Programme, Health Cash Plans, free flu jabs, and more. Comprehensive career development opportunities, including role-specific training, leadership coaching, and formal study to support your growth with Serco. A safe, inclusive, and supportive culture. A company passionate about diversity and inclusion. About Serco At Serco, not only is the nature of the work we do important, everyone has an important role to play, from caring for vulnerable people to managing complex public services. We are a team of 50,000 people responsible for delivering essential public services around the world in areas including defence, transport, justice, immigration, healthcare and citizen services. We are innovators, committed to redesigning and improving public services for the benefit of everyone. By joining Serco you will have unlimited access to our Global Employee Networks – SercoInspire (Gender), SercoEmbrace (Multicultural), SercoUnlimited (Disability) and InSerco (LGBT & Networks). Serco Employee Networks, led by colleagues who are passionate about diversity, inclusion and belonging. Apply Please click on the apply button to complete your application. Occasionally we receive a large volume of applications for our roles and when that happens we sometimes bring the closing date forward, so please apply promptly to avoid disappointment. At Serco, we see people first and foremost for their performance and potential. We are committed to building a diverse and inclusive organisation that supports the needs of all. As such we will make reasonable adjustments at interview through to employment for our candidates and strongly encourage applications from a diverse candidate pool. We are open to discussions around flexibility and flexible working. We operate a hybrid work structure in many of our business areas. We are proudly Disability Confident Leader employers and holder of the Gold Inclusive Employer Standard. Disabled applicants who meet the minimum criteria for the job will be given the opportunity to demonstrate their abilities at an interview. For help with your application please contact 0345 010 4000. At Serco we support fair access to employment for those with unspent criminal convictions through the ‘Ban the Box’ pledge (some may be exempt due to the nature of the role and the security clearance required). Please contact our recruitment team directly on 0345 010 4000 to discuss.