Rodeo
ResourcesPartnersSign in

The Careers & Enterprise Company

Senior Information Security Governance Manager

London
£60k – £65k/yr
Posted about 23 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Job Title: Senior Information Security Governance Manager

Working For: The Careers & Enterprise Company

Working Arrangements

This role can be home-based, with occasional attendance at the London office required, or performed on a hybrid basis (depending on your location).


About Us

We are the national body for careers education in England, delivering support to schools and colleges to deliver modern, 21st-century careers education.

The Careers & Enterprise Company is a great place to work. We operate within a fast-paced and collaborative environment. We are brought together by one thing: our passion to ensure young people get the best possible start in life and are supported to find their best next step.

Do you want to be part of a mission-driven team focused on transforming young people’s lives? If so, we’d love to hear from you!


Role Summary (please see the full job description for further information on the role)

The Careers & Enterprise Company, a non-profit organisation with a social purpose, is looking for a knowledgeable and committed Senior Information Security Governance Manager to join its small Compliance Team. Reporting to the Head of Compliance (CEC’s Data Protection Officer), you will lead CEC’s ISO 27001-certified information security management system, strengthen processes, and help shape policy. In this role, you will play a key part in ensuring information risk is managed effectively, that audits and monitoring are delivered well, and policies and processes continue to improve. Your work will be essential in providing assurance that the young people’s data entrusted to CEC is secure.

You may already be leading information security governance in a smaller organisation, or you may have built strong experience as a key member of a larger information security or governance team.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

We are seeking a candidate with broad experience across information security governance, including most of the following: identifying and assessing information risk, managing controls, carrying out internal and third-party audits, improving processes, developing training and guidance for staff, managing and reviewing incidents, and contributing to policy development. A strong eye for detail and excellent record-keeping will be essential to success in this role.

Because CEC works with children’s data and provides digital tools for careers education, we are especially interested in candidates who are motivated by social purpose who understand the importance of security governance in this context. An appreciation of data protection, tech ethics, and safeguarding will be important in helping you thrive here. Technical skills and experience matter, but so do your values.

We are passionate about helping young people take their best next step, and keeping their information safe is fundamental to that mission. This is a fast-moving environment, so you will need to be comfortable working through ambiguity, building strong partnerships across teams, finding practical solutions, and confidently raising significant risks when needed.


Key Responsibilities

  • Manage and continually improve CEC’s ISO 27001-certified Information Security Management System
  • Oversee business continuity management for information and technology risks
  • Support the organisation’s development of a proportionate quality management approach, including work towards ISO 9001 certification

Essential Criteria

  • Strong understanding of information security management principles and appropriate up-to-date technological, organisational, physical, and people security controls.
  • Good understanding of security frameworks such as ISO 27001 and Cyber Essentials.
  • Good working knowledge of the range of tools, platforms, utilities, and cloud computing typically used within modern digital-first organisations.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Experience / Qualifications

One or more of the following:

  • Undergraduate or postgraduate qualification in information/cyber security
  • Equivalent professional certification such as CISSP, CIMP, or equivalent
  • ISO 27001 lead implementer or lead auditor

To Apply

Please complete the application form including your cover letter and upload a copy of your most recent CV removing any personal details (i.e., name, DOB, address).


Closing Date

Sunday 26th July Midnight

PLEASE NOTE THAT WE RESERVE THE RIGHT TO CLOSE THIS ADVERT EARLY SHOULD WE RECEIVE SUITABLE APPLICATIONS


Equity, Diversity, and Inclusion

At the Careers and Enterprise Company (CEC), we are committed to fostering a culture of belonging. We know that engagement at work relies on feeling included and valued. Inclusion is both a choice and a practice, for us as an organisation and for individuals within our team. We aim to drive inclusion through every aspect of our work and we understand that diverse teams are essential for innovative careers education and are central to our mission and impact. CEC values the visible and invisible qualities that make each member of our team who they are. We are a disability confident employer, and if you need any help or support through the application process, please contact the HR team, and details can be found on our website.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Information Security Management
ISO 27001
Cyber Essentials
Risk Assessment
Internal Audits
Third-Party Audits
Process Improvement
Training Development
Incident Management
Policy Development
Data Protection
Tech Ethics
Safeguarding
Collaboration
Problem Solving
Record Keeping

Location

London, England, United Kingdom

Sign up to applySee more jobs like this