Security and Compliance Manager

• Internal Operations
• Hybrid Remote
• Permanent

Security and Compliance Manager 

Who are we looking for? 

Bridewell is looking for an internal Security & Compliance Manager to manage the delivery, operation, and evolution of our Business Management System (BMS) and associated information assurance portfolio.  

This is an opportunity for someone, ideally with experience of ISO standards and compliance to truly own and shape something of strategic importance to our organisation. You will be supported by wider teams, which have a vast array of deep expertise in multiple domains, so this also a great opportunity to grow within the role if desirable. The successful candidate will report to a Principal Lead Consultant and will engage with Leadership and Board members as and when required.  

What you’ll be doing 

This role will focus on the BMS which is certified to ISO 27001, ISO 9001 and ISO 27701 and forms the basis for our SOC2 and Cyber Essentials Plus accreditations. A core element of the role is to ensure that Bridewell’s accreditation portfolio is maintained and, where required, integrate new standards. As a Security & Compliance Manager, you will operate within a dynamic and diverse working environment where you will be expected to: 

• Own and manage Bridewell’s BMS Management System from a people, process and  

technology perspective, working closely with key stakeholders across the business. 

• Be the primary point of contact for and manage all external auditors and partners in relation  

to Bridewell’s accreditation portfolio. 

• Maintain visibility of BMS activities and report progress, risks and issues to Leadership. 

• Take ownership for security initiatives and BMS planning activities and maintain an  

overarching initiatives plan. 

• Ensure all policies, procedures and standards are owned, reviewed, and aligned with best  

practice, meet industry requirements (where relevant) and remain relevant to Bridewell’s  

operating context. 

• Ensure all employees follow the required ISO processes consistently, including delivering  

training, overseeing internal audits and engaging with the business functions to ensure that  

documentation is up to date. 

• Support the management of privacy processes incl. providing security input and supporting  

Bridewell’s Data Protection Officer. 

• Chair the Security and Risk Working Group. 

• Support the sales function with information related to our BMS and accreditations when  

required for bids. 

What we’re looking for 

We’re looking to ensure that the successful candidate has the right attitude and behaviours to succeed in this role which include having excellent organisational skills, being proactive and take pride in everything they do.  

• Have experience of implementing and/or managing an Information Security Management System (ISO 27001) or generally managing and delivering on cyber security initiatives incl. controls design (SOC 2 etc.) 

• Be highly organised and proactive in terms of the delivery of tasks and activities that support effective outcomes.  

• Be a good communicator, listening effectively with strong written and verbal communications skills.  

• Ability to pay close attention to detail, meet deadlines and remain composed when dealing with stakeholders.  

• Demonstrate an inquisitive mindset that is focused around asking questions and continually learning.  

Desirable (but not essential):  

• High level understanding of wider security frameworks e.g., ISO 27001, NIST CSF, PCI DSS and GDPR. Bridewell - Internal  

• Understanding of Government Security requirements, particularly List X or List N.  

• CISSP, CISM, CESG CCP, CISA, CCSK, ISO27001 certified.  

• Knowledge of Cloud environments, particularly Microsoft 365 and/or Azure.  

What’s in it for you?  

Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of Do the Right Thing, One Team and Above and Beyond emphasises the importance of the part we play in society, and our commitment to our people and clients.  Our story to-date has been phenomenal, but success doesn’t end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far. Bridewell will provide a great career opportunity with continual development as well as the following:   

• Competitive Salary   

• 25 Days Holiday - Plus buy and sell options  

• Flexible Working (around core office hours)  

• Profit Share Scheme  

• Company Pension  

• Employee Shareholder Scheme  

• Dedicated Training Budget  

• Home Office Equipment (for remote working employees)  

• Life Assurance  

• Cycle to Work Scheme  

• Electric Vehicle Scheme  

• Private Healthcare (incl. Gym discounts)  

• Vision Care  

• Birthday off (After 1 year)  

About Bridewell  

One of the most exciting prospects in the UK Cyber Security sector today, Bridewell is one of the fastest growing Cyber Security services businesses with a strong track record for delivering complex security projects and providing excellent customer service. Bridewell has an exciting and varied portfolio of clients across Financial Services, Manufacturing, Oil & Gas, Government, Critical National Infrastructure and more. Bridewell holds the Gold level, Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly One Team. 

Along with our focus on our people, we also have a big focus on sustainability and recognise the role we play in the fight against climate change. Today, Bridewell is proud to be a carbon negative business.   

Location: Bridewell operates a hybrid and flexible working policy, however you will be required to travel to different sites on occasion.   

Note: To be eligible for this job you must either hold SC or be eligible and willing to go through security clearance.   

Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.