Introduction Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world‑leading solutions and services in defence, aviation, space and civil security to keep people and society safe. Our UK presence has been growing at pace, offering a wide range of opportunities for personal fulfilment and career growth. We currently employ over 600 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI and armed forces training. The Role This role is part of our Public Safety Solutions Business Unit. The Information Security Manager is accountable for the organisation's information security strategy, governance and compliance, ensuring the protection of systems and data that support UK public sector and emergency service operations. The role is critical in ensuring that services remain secure, resilient and available, recognising the operational importance and potential impact on frontline emergency response. Key Responsibilities

Security Leadership & Assurance: Own and be accountable for the organisation's overall security posture, ensuring alignment with business objectives and public sector expectations. Lead the implementation, maintenance and continuous improvement of the ISMS in line with ISO/IEC 27001. Maintain Cyber Essentials Plus certification, ensuring ongoing compliance with technical controls. Develop and maintain the Security Management Plan, focusing on resilience, availability and service continuity. Provide regular assurance reporting to senior leadership and stakeholders. Risk Management & Compliance: Own and maintain the Security Risk Register, ensuring risks are identified, assessed and managed in line with organisational risk appetite. Conduct and support risk assessments, internal audits and external certification activities. Ensure compliance with relevant UK regulatory and security requirements, including GDPR and guidance from the Cyber Security Centre. Work with internal teams and suppliers to implement proportionate and effective security controls. Security Operations & Incident Management: Act as the primary point of contact for security incidents, leading or coordinating response activities. Take a hands‑on role in incident investigation, root‑cause analysis and remediation. Ensure incident response processes are aligned to the operational needs of emergency service environments, including timely escalation and communication. Oversee vulnerability management, security testing and remediation activities, engaging third parties where required (e.g. check providers). Service Resilience & Operational Security: Ensure security is embedded in the design and operation of services supporting emergency response. Work closely with operational and technical teams to maintain high levels of system availability and resilience. Support business continuity and disaster recovery planning, testing and continuous improvement. Security Awareness & Culture: Develop and deliver targeted security awareness and training programmes. Promote a strong security culture, ensuring all staff understand their responsibilities in protecting critical services. Stakeholder Engagement: Act as a trusted advisor to senior leadership, operational teams and external stakeholders. Support engagement with public sector customers, providing assurance on security controls and practices. Collaborate with suppliers and partners to ensure security requirements are met across the supply chain.

Qualifications & Skills

Proven experience in an information security role within a UK‑based organisation, ideally supporting public sector or critical services. Practical experience with security monitoring and incident response tooling (SIEM/XDR). Strong working knowledge of ISO/IEC 27001 and experience maintaining an ISMS. Practical experience with Cyber Essentials / Cyber Essentials Plus certification. Experience managing security risks, incidents, audits and compliance activities in operational environments. Ability to balance strategic leadership with hands‑on delivery in a small organisation. Strong understanding of service resilience, availability and risk in mission‑critical systems. Excellent communication skills, with the ability to engage both technical and non‑technical stakeholders.

By submitting an application to Saab UK, you consent to undertaking workforce screening activities that may include but are not limited to: baseline personnel security checks, security vetting, reference checks, verification of working rights and, in all circumstances, candidates will be placed through a security interview. #J-18808-Ljbffr