Information Security Manager

New Today

Were looking for an Information Security Manager to take ownership of information security across the business. Youll be the go-to authority on cybersecurity managing security tooling, driving compliance programmes, leading risk assessments and communicating security posture to senior leadership.

Maximise your chances of a successful application to this job by ensuring your CV and skills are a good match.
Weve built strong foundations and we need someone to own this domain full-time: to keep raising the bar, strengthen whats in place and embed security into the way the whole organisation works. This is a hands-on role in a fast-growing e-commerce business where security is treated as a priority, not an afterthought.
What Youll Do

Security Operations & Tooling

Own and continuously strengthen our cloud security posture across AWS as our primary platform, with oversight of our Azure and GCP environments.
Manage and optimise our WAF, bot management and DDoS protection to keep our platform secure and performant.
Drive vulnerability management across cloud infrastructure and application code, ensuring timely prioritisation and resolution.
Lead incident response coordinate detection, investigation, containment and post-incident reviews.
Maintain and evolve security monitoring, alerting and operational runbooks to ensure consistent coverage.
Governance, Compliance & Policy
Own and evolve the companys information security policy framework, ensuring policies remain current, practical and enforced.
Drive UK GDPR, DPA 2018 and PCI-DSS compliance in partnership with the Technology Director and development team.
Lead the security dimension of vendor and third-party risk assessments.
Deliver clear, confident security reporting to senior leadership and due diligence audiences.
Risk Management & Security Culture
Maintain and develop the technology risk register, running regular risk assessments aligned to business continuity planning.
Champion security awareness across the business through training programmes, phishing simulations and practical guidance.
Evaluate the security implications of new tools, integrations and emerging technologies including AI-assisted development.
Contribute to architecture and design reviews, ensuring security is built in from the start.

What Were Looking For

Required

Experience in an information security role (Security Manager, Security Analyst, GRC lead or similar), ideally within a technology or e-commerce environment.
Working knowledge of AWS security services such as Security Hub, GuardDuty, IAM, CloudTrail and KMS. AWS is our primary cloud provider and hands-on familiarity is important.
Practical understanding of UK GDPR, DPA 2018 and PCI-DSS compliance requirements.
Experience building or maturing security governance policies, risk registers, incident response procedures.
Ability to communicate security risk and posture clearly to both technical teams and senior leadership.
Hands-on comfort with security tooling, log analysis and vulnerability triage this isnt a role where you only write documents.

Nice to Have

Relevant certifications such as CompTIA Security+, CISM, AWS Security Specialty or ISO 27001 Lead Implementer.
Experience with WAF and bot management in a production e-commerce context.
Familiarity with SIEM, SOAR or security automation tooling.
Exposure to ISO 27001 implementation or SOC 2 readiness programmes.
Experience with multi-cloud security across Azure and GCP.
Background in e-commerce, retail or DTC brands.

What Success Looks Like

In your first six months youll have:

Taken full ownership of our security tooling and established a clear, measurable improvement plan.
Built a structured vulnerability management lifecycle with defined SLAs and visible progress.
Strengthened our policy framework and set direction toward a recognised maturity framework.
Delivered security reporting that gives senior leadership a clear and confident view of our posture.
Launched a security awareness programme with measurable engagement across the business. xbpsjku
Built strong working relationships across the technology team and the wider business.

Behaviours & Traits

Commercially wired - you think in LTV, contribution margin, and payback periods, not just campaign metrics
Ownership mindset - you don't wait to be told; you identify the gap and go close it
Comfortable with ambiguity - the playbook doesn't fully exist yet; you'll write it
Bias for testing - you run experiments, read the data, and act on it quickly
Customer-obsessed without being soft - you understand what makes Protein Works' community tick and you use that commercially

REF-227 894

Apply

Location:: Liverpool
Job Type:: FullTime
Category:: Information Technology

Start a New Search

Information Security Manager

We found some similar jobs based on your search

Information Security Manager

Information Security Manager

Information Security Manager

Information Security Manager

Information Security Manager

Information Security Manager