Salary:£70,000 to £80,000Location:RemoteSecurity Clearance: Eligible forSC/DVclearanceAbout the roleWe are looking for a cybersecurity subject matter expert to provide technical advice to internal staff on cybersecurity best practices, risk management, and incident management.This hands-on role focuses on governance, risk, and compliance, including developing and updating security policies, delivering training, and providing clear, practical security guidance acrossTwinStream.You will work independently, driving day-to-day security activities and helping build a strong security culture, while enabling teams to deliver securely.Key ResponsibilitiesProvide technical information security expertise to projects, services, and business initiatives, including developing or contributing to Security Management PlansManage information security incidents and security risks across the organisationOwn andmaintainthe Information Security Management System (ISMS), including creating and updating policies, procedures, and guidanceEnsure adherence to information security policies and standardsDrive a programme of continuous information security improvementEmbed and promote a positive security culture across the businessEnsure compliance with relevant certifications and regulatory requirements, including ISO 27001, Cyber Essentials Plus, UK GDPR/Data Protection Act, and MOD CSM v3 and v4Assist withsecurityaudits (internal, external, customer, and penetration testing), managing evidence collection and tracking findings through to resolutionDesign and deliver information security training and awareness activitiesContribute to Business Continuity, Disaster Recovery, and internalauditactivitiesAct as the primary point of contact for information security acrossTwinStreamKey SkillsProven experience in an Information Security Manager or similar role, including security incident management, risk management, security governance, andprovidingpractical information security guidanceExperience embedding information security into the design, development, and delivery of software-based solutions, including secure development practices, cloud services, and integrated platformsPreviousexperience in asoftware development or defence environmentUnderstanding of recognised information security frameworks and certifications, particularly ISO 27001 and Cyber Essentials PlusGood knowledge of relevant UK legislation and regulatory requirementsComfortable working remotely (within the UK) in a flexible, fast-paced environmentStrong organisational skills with the ability to manage priorities effectivelyExcellent written and verbal communication skills, with the ability to tailor messaging for different audiencesRelevant professional certifications such as CISSP (highly desirable), CISM, or ISO 27001 Lead Implementer/AuditorAbility and willingness to undergo UK Security Clearance (minimumSC level)Desired SkillsExperience in information security roles within the UK defence sector, national security sector, or other highly regulated industriesExisting UK Security Clearance (SC)Familiarity with MOD security frameworks, including CSM v3 and v4, IPSA, and FSCExperience using the Atlassian suite, particularly JiraDemonstrated experience in managing security incidents and leading incident response teams.Ability to present and be the focal point for security matters across the business.Experience in supporting the security controller role in various security frameworks.Understanding of insider threat operational and governance requirements, and experience in applying them. #J-18808-Ljbffr