Information Security Manager

We are pleased to partner with a leading firm in Newcastle, who are seeking an experienced Information Security Manager to join their team. This role will have a strong focus on audit, reporting into senior leadership, and offers the chance to shape and drive the information security agenda in a growing business. Skills/Experience Experience in an information security management role - preferably within financial services but not essential. Strong familiarity with information security frameworks and standards (e.g., ISO/IEC27001:2022) and experience leading audits and compliance programmes. Excellent ability to engage with business stakeholders, translate business goals into security requirements and embed security into business processes. Robust understanding of legislative and regulatory requirements (e.g., GDPR, sector‑specific regulation) and ability to embed policy, standards and governance. Experience in developing and implementing information security strategies, policies and controls across corporate IT, physical security and business operations. Strong risk management mindset: able to assess security risks, propose controls balanced with business imperatives, and articulate these to senior management. Core Responsibilities Lead and coordinate security assessments, audits and compliance reviews - particularly aligned to ISO27001 and Cyber Essential + frameworks and manage physical and IT security collaborations with facility teams. Develop and maintain the information security strategy and related policies, plans and processes. Monitor, analyse and respond to changes in the IT and information security landscape; provide timely guidance on emerging threats and vulnerabilities. Ensure organisational compliance with relevant legislation, standards and internal policies (e.g., GDPR, sector‑specific regulation). Drive risk‑based decision‑making and ensure that security solutions and controls are aligned with the firm's risk appetite and business objectives. Deliver presentations and reports to senior leadership and key stakeholders as the designated subject matter expert in information security. Core-Asset Consulting is an equal opportunities recruiter and we welcome applications from everyone irrespective of age, disability, gender, gender identity or expression, race, colour, ethnic or national origin, sexual orientation, religion or belief, marital/civil partner status or pregnancy. Job reference: 16279 To apply for this vacancy applicants must be eligible to work in the UK in accordance with the Immigration, Asylum and Nationality Act 2006. At Core-Asset, we’re committed to protecting and respecting your privacy. Our privacy statement explains when and why we collect personal information about people who engage with our services, how we use it, the conditions under which we may disclose it to others, and how we keep it secure. We may change this policy from time to time, so please check this policy occasionally to ensure that you’re happy with any changes. By engaging with us (either by applying for a job we’re advertising, registering through our website, or getting in touch with our business) you’re agreeing to be bound by this policy. Core-Asset Consulting is committed to protecting the privacy of our candidates, clients and website users. For further information, please refer to our full Privacy Statement available on our website http://www.core-asset.co.uk/about-core-asset/privacy-statement Core-Asset Consulting offers specialist recruitment services to asset management, accounting & finance, asset servicing, legal and the wider financial services sector in Scotland. INDPERM #J-18808-Ljbffr