Rodeo
ResourcesPartnersSign in

ADAM Audio GmbH

Information Security & Data Protection Manager

High Wycombe
£60k – £85k/yr
Posted about 1 month ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Description

Information Security & Data Protection Manager

Based: Remote (UK)/High Wycombe/London (N7)/Hybrid

Term: Permanent, Full time

Reporting to: Chief Information Officer (CIO)

Salary: £60k - £85k pa + excellent benefits

The Role

We're looking for an Information Security Compliance Specialist to take ownership of our Information Security, Data Protection, and AI Governance programmes across the Focusrite Group. You will be the operational owner of our Information Security and Data Protection (ISDP) framework informed by ISO 27001 (ISMS), ISO 27701 (PIMS), Cyber Essentials and NIST CSF keeping us aligned to those standards and ready for certification and audit.

Working alongside development, IT, and business teams, you will advise on security and privacy requirements for new and changing systems, ensuring appropriate controls are designed in, evidenced, and verified after implementation. You will also own the Group's response to emerging risks in AI, translating evolving regulation (EU AI Act, UK AI principles, ICO guidance) into practical governance.

About You

Several years' experience in Information Security and Data Protection, with a good understanding of IT systems, web operations, cloud platforms, and secure coding practices (including OWASP).

Comfortable engaging at all levels of the organisation and externally, with the gravitas to influence security and privacy outcomes and reduce the impact of change.

The position requires providing support and advice to all parts of the Group on Information Security and Data Protection.

You Will Be Responsible For

Information Security Systems:

Framework & advisory: own the Information Security and Data Protection Framework and its documentation, and advise IT, development, and business teams on security requirements Tools & supplier assurance: run the Business Approved Tools process (including assessment of AI tools, vendors, and use cases), own designated Information Security tools, and conduct supplier audit assessments Certification & standards: own certification readiness for Cyber Essentials and lead new certification efforts as the business requires Threats, incidents & testing: monitor cyber threats and translate them for the business, own the incident management process (including phishing response and simulation exercises), and manage vulnerability scans and penetration testing (including external Red/Purple/Blue Team engagements) Risk & resilience: conduct risk assessments across products, systems, and processes; own the Information Security and Data Protection risk register, contributing to the Group Risk Management process; and maintain and test the Business Continuity Plan (BCP) AI Governance: own the AI Governance framework, AI system inventory, and alignment with ISO 42001, NIST AI RMF, and the EU AI Act where appropriate

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Requirements

Data Protection compliance primarily UK GDPR and Data Protection Act, EU GDPR, and US state privacy laws (including CCPA/CPRA), to own and maintain all requirements including:

Data subject rights & assessments: handle Data Subject Rights requests (Subject Access, erasure, rectification, restriction, objection, portability, and rights relating to automated decision-making) and run Data Protection Impact Assessments (DPIAs) Records & registers: maintain the Records of Processing Activities (RoPA) under Article 30 for controller and processor activities, the lawful basis register, consent records, and Legitimate Interest Assessments (LIAs) Notices, cookies & marketing: operate Privacy Notices and Cookie Tools (OneTrust), and advise on PECR and e-privacy compliance including direct marketing and electronic communications Privacy by Design & training: help product managers and developers embed Privacy by Design, and design and deliver Data Protection training and awareness across the Group Retention & breach management: own the retention schedule and deletion/anonymisation processes, and own personal data breach handling (including detection triage, 72-hour ICO/EU supervisory authority notification, data subject notification where required, and the breach register) Third parties & international transfers: manage processor and sub-processor governance (Article 28 due diligence, Data Processing Agreements, processor register) and international data transfers (SCCs, the UK IDTA/Addendum, and Transfer Risk Assessments)

Change Management

Review and provide security and data protection sign-off on changes to systems, products, and processes Participate in the Change Advisory Board (CAB) and ensure security and privacy risks are assessed before changes are approved Own change management procedures relating to Information Security and Data Protection, ensuring evidence is captured for audit Ensure security and privacy requirements are embedded in the SDLC and release processes, working with development and operational teams Track and report on the security impact of significant business, technology, and organisational change initiatives

Compliance

Generate monthly compliance and activity reports and other reports as required by senior management Internal Audit: Reviewing Financial System compliance activities Performing Internal Information Security Audits Performing Internal Data Protection Audits

External Audit

Be the key contact for any IT / Data Protection related audits by external bodies, ensuring requested data is supplied, complete, and accurate Take ownership of any related audit issues Generate audit support documents

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

You will be expected to keep up to date with developments in the security, privacy, and AI regulatory landscape, translating these into practical actions for the Group.

We understand that not all candidates will have in depth experience of all these elements, so we welcome applications from candidates who meet most of the criteria and have a desire to learn the rest. Please provide details in your covering letter of additional training requirements / certifications in progress etc.

About Us

Focusrite plc is a global music and audio group that develops and markets music technology products. Used by audio professionals and amateur musicians alike, our solutions facilitate the high-quality production of recorded and live sound. Our audio technology brands stand together, seeking to enrich lives through music by removing barriers to creativity – ‘we make music easy to make’.

The Focusrite Group trades under thirteen established and rapidly growing brands: Focusrite, Focusrite Pro, Novation, ADAM Audio, Sequential, Oberheim, Martin Audio, Optimal Audio, Ampify Music, Linea Research, Sonnox, OutBoard and TiMax. With a high-quality reputation and a rich heritage spanning decades, its brands are category leaders in the music-making industry.

Music technology is an enriching space to work in and we enjoy a Group-wide open-door culture which encourages innovation. This culture, combined with a passion for the inspirational solutions we create, has led to the group winning numerous accolades, including six Queen's Awards, the AIM Company of the Year Award 2021 and regular appearances in 'The Sunday Times 100 Best Small Companies to Work For’.

The Focusrite Group is dedicated to building a great place to work and as an equal opportunity employer we are committed to Diversity and Inclusion. The group mission is to cultivate an equitable culture, internally and externally, where all people feel they are welcome, safe and positively represented, because at Focusrite they truly are. Equally, we recognise the major impact that climate change is having on our world and work every day towards being industry leaders in a carbon neutral future.

Benefits include flexible/hybrid working, company pension, life insurance, private healthcare, Health Cash Plan, enhanced Maternity and Paternity pay, employee purchase scheme, group bonus scheme, company music events, offsite company parties and free lunch in the canteen. We arrange company training sessions and encourage personal development.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Information Security
Data Protection
AI Governance
ISO 27001
ISO 27701
Cyber Essentials
NIST CSF
Risk Assessment
Incident Management
Data Subject Rights
Privacy by Design
Change Management
Supplier Assurance
Vulnerability Scanning
Penetration Testing
Data Processing Agreements

Location

High Wycombe, England, United Kingdom

Sign up to applySee more jobs like this