Information Security Manager
We are looking for an Information Security Manager to join a growing, international life science company on an exciting journey of scaling and maturing its information security and governance setup.
This is an opportunity to play a key role in strengthening a modern security program in an organisation where research, innovation, collaboration, and operational excellence are central to the business. You will work closely with senior security leadership and stakeholders across the organisation to ensure that information security enables the business – rather than slows it down.
As Information Security Manager, you will help drive the implementation, execution, and continuous improvement of security controls, risk management processes, and compliance activities across the organisation.
What you will do
You will help mature and maintain the company’s Information Security Management System and support the organisation in embedding strong, pragmatic security practices into daily operations.
Your responsibilities will include:
- Driving the implementation and execution of information security controls aligned with frameworks and regulations such as ISO 27001, GDPR, NIS2, and relevant IT financial controls
- Supporting and improving the company’s Information Security Management System
- Driving risk assessments, control evaluations, and remediation activities
- Collaborating with business stakeholders to ensure security requirements are built into processes, systems, and ways of working
- Preparing security reporting, risk summaries, and governance documentation for senior stakeholders
- Supporting internal audits, external assessments, and compliance activities
- Strengthening security awareness, training, and the overall security culture across the organisation
Who you are
You have experience working with risk management, continuity planning, and information security in environments where governance, structure, and compliance matter.
We would especially like to hear from candidates with experience from pharma, biotech, medtech, or life science, but this is not a requirement. We are also very open to candidates who bring strong experience from other regulated or high-stakes industries, such as financial services, healthcare, critical infrastructure, technology, or other environments where risk has real consequences.
You are someone who can translate business needs into practical controls and security processes that work in the real world. You understand that effective security is not about creating unnecessary friction – it is about helping the business operate safely, confidently, and efficiently.
What you bring
We imagine that you bring:
- A bachelor’s or master’s degree within information security, law, technology, business, or another relevant discipline
- Around 3–5 years of experience within information security, risk management, compliance, or continuity planning
- A strong process mindset and an ability to build fit-for-purpose security governance
- Familiarity with cybersecurity regulations and frameworks such as NIS2, GDPR, ISO 27001, or comparable regulatory frameworks
- Experience working with security policies, control frameworks, risk registers, audits, or compliance documentation
- The ability to communicate clearly with both technical teams and business stakeholders
- A pragmatic and proactive mindset, with a strong interest in continuously improving security maturity
Relevant certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or ISO 27001 Lead Auditor are considered an advantage, but not a requirement.
Why join?
This is a chance to join an ambitious, international organisation where information security is becoming increasingly important as the company grows.
You will have the opportunity to help shape and mature the security function, work closely with committed colleagues across the business, and contribute to building a strong, resilient, and scalable security setup in a regulated environment.
