Information Security Manager

InstaVolt is the largest owner-operator of rapid electric vehicle charging stations across the UK. In this important role, you will work closely with our international IT team to lead the organisation’s cybersecurity and information risk agenda, including oversight of ISO 27001 and broader security governance across the business.

We are seeking a highly skilled and experienced Information Security Manager to join our team. In this role, you will be responsible for developing, implementing, and maintaining our Information Security Management System (ISMS) in accordance with ISO 27001:2022, while also conducting hands-on technical assurance, including supplier due diligence, software and infrastructure security reviews, and incident response coordination. You will play a critical role in ensuring the confidentiality, integrity, and availability of our information assets and protecting them against unauthorised access, disclosure, alteration, and destruction.

£55,000 – £65,000 depending on experience.

Responsibilities:

• Maintain the Information Security Management System (ISMS) in compliance with ISO 27001:2022 standards.
• Establish, maintain and enforce security policies, procedures, and controls to mitigate information security risks and vulnerabilities.
• Conduct regular risk assessments and vulnerability assessments to identify potential threats and weaknesses in our information security infrastructure.
• Collaborate with internal stakeholders to ensure that information security requirements are integrated into business processes and systems.
• Lead internal audits and coordinate external audits and certifications to assess ISMS effectiveness and drive continuous improvement.
• Define and enforce information security policies, standards, and guidelines across the organisation.
• Monitor and enforce compliance with all information security policies, procedures, and standards.
• Management of tabletop/red team exercises and incident response playbooks.
• Assist the incident response process and lead investigations into information security breaches or incidents.
• Provide guidance and support to employees on information security matters and promote a culture of security awareness throughout the organisation.
• Stay up to date with the latest information security trends, threats, and best practices, and make recommendations for enhancing the organisation’s security posture.
• Conduct technical assessments of new suppliers, platforms, and software, including security architecture reviews, documentation checks, and evidence of compliance (e.g., ISO, SOC 2, pen test results).
• Collaborate with procurement, legal, and product teams to embed security requirements in onboarding and contract processes.
• Prepare and deliver reports on information security metrics, incidents, and compliance to senior management and relevant stakeholders.

Required Qualifications & Desirable Characteristics:

• Professional certifications in information security, such as CISSP, CISM, ISO 27001 Lead Auditor/Implementer, or equivalent.
• Extensive experience (5+ years) in information security management, with a focus on ISO 27001 compliance.
• In-depth knowledge of ISO 27001 standards and best practices, as well as other relevant security frameworks (e.g., NIST, COBIT).
• Strong technical understanding of modern IT and cloud environments, including the ability to assess third-party platforms, suppliers, and software for security risks.
• Proven experience in developing and implementing information security policies, procedures, and controls.
• Familiarity with risk assessment methodologies and tools.
• Experience in managing information security incidents and conducting investigations.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organisation.
• Strong analytical and problem-solving abilities.
• Demonstrated ability to manage multiple priorities and meet deadlines in a fast-paced environment.
• High level of integrity and a commitment to maintaining confidentiality.
• Join our dynamic team and contribute to the protection and security of our organisation’s information assets. Apply your expertise as an ISO 27001 Information Security Manager and help us maintain a robust information security program.

Other benefits to include:

• Competitive salary – dependent on experience & qualifications
• 10% discretionary annual bonus
• Company sick pay (30 days full pay & 30 days half pay per annum)
• Access for you & your family to join our Help@Hand virtual private healthcare app
• 25 days holiday + Bank Holidays
• 1 Paid volunteering day per year
• 1 paid day off if you are moving house
• Life insurance at 3 x annual salary from day 1
• Admission to pension scheme following successful 3-month employment
• Ongoing training in career building avenues, including study support
• Opportunity to enrol onto our salary sacrifice EV scheme
• Cycle to work scheme
• Access to PerkPal platform
• Quarterly company events
• Free snacks & drinks in the office
• Free office parking
• Free shuttle bus to/from Basingstoke Train Station

One last thing… We’re an equal opportunity employer. We are committed to equality and diversity, and all applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, or disability status.