Location:Hybrid working, with a mix of home and minimum 1 day per week in West London office
Salary: Up to £65,000 per annum We aim to be transparent about remuneration at MHI. As a charitable organisation, salaries for this role are predetermined and not negotiable. Please consider the advertised salary before applying.
Hours of Work:40 hours per week, inclusive of a daily 1 hour paid lunch
Contract:Permanent
Benefits:
25 days annual leave per year, plus public holidays;
Company electronic devices;
Enhanced salary sacrifice pension scheme;
Private health insurance after completion of probation;
Eligibility for a Blue Light discount card.
Closing Date: 24th July 2026 at 5pm. We reserve the right to close the job advert early if we receive a high number of applicants.
Click Here for a full copy of the candidate pack for this role.
Job Summary To operate our information security management system, and maintain Mental Health Innovations’ ISO 27001 certification.
Key Responsibilities
Building and maintaining excellent relationships with team leads across the organisation to raise awareness of security and work through issues
Deputising for the Director in security matters as required
Operation of the ISMS and Data Protection processes
Managing risk register, preparing for management review meetings
Developing/maintaining controls and ensuring they are implemented across the organisation
Refining our security KPIs and maintaining them
Proposing actions from KPIs, events and incidents and coordinating resultant work
Working with the Director to track threats and vulnerabilities, evaluate risk levels and progress treatment plans
Ensuring secure endpoint and cloud posture
Working with the team to plan consultancy days; e.g. work items requiring deep knowledge of a specific security domain or a technical specialist
Monitoring our processes and suggesting improvements
Proposing and progressing other continuous improvement work
Feeding into training and awareness programmes and improving security culture
Preparing for audits and carrying out remediation work
Working with the Director to create, maintain and manage policies and ensure compliance
Planning and participating in incident response exercises
Managing major incidents and conducting post mortems/reviews
Person Specification
Essential Criteria
The ability to learn new skills and technologies quickly
Experience of risk management
Working knowledge of security standards and frameworks, particularly ISO 27001
Knowledge (and preferably experience) of GDPR and DPA 2018
Experience of incident management
Excellent knowledge of high level security concepts and best practice
Excellent documentation skills, including policies and standards
Knowledge of the following areas (deeper experience of one or more preferred):
Endpoint security
Network security
Cloud security
Application security
Identity and access management
Secure distributed working practices
Excellent written and verbal communicator
Ability and desire to learn new tools, skills and consider other perspectives
Growth mindset. Comfortable performing a wide range of activities, including stretching to new skill/experience areas
Ability to manage own time, confirm priorities and expectations
Independent worker who knows when to ask questions
Comfortable working with the wider team and organisation
Comfortable dealing with ambiguous situations and objectives
Desirable Criteria
Don’t worry if you only have some of these - we’d still encourage you to apply.
Professional qualifications, such CompTIA+, CISSP, CCSP, ISO 27001 Auditor
Exposure to ITIL (ITIL Foundation or higher preferred)
Experience in one or more of the following:
Cloud (AWS preferred)
Salesforce
SSO & federated identities
Network security, SASE & VPNs
Endpoint security
Infrastructure security and best practices
Working knowledge of encryption technologies
Password management and access control
Security training and awareness
Secure distributed working practices
Securing domains
Detection and response, with excellent troubleshooting skills
Working knowledge of one or more of these tools/products:
Salesforce
JIRA & Confluence
Mac/iOS & Chrome
OSWindows/Office365
Google Workspace
Creative thinker, but understands the importance of seeing a piece of work through to the end and on time
Decisive, proactive, knows when to check the boundaries
This role is subject to eligibility to work in the UK, plus satisfactory background and reference checks.
We understand that AI is increasingly part of everyday life, and you might choose to use it when putting together your application. While AI can be a helpful tool, we ask that anything you submit reflects your own skills, experiences, and perspective. We value authenticity and integrity, and we want to see what you uniquely bring to our team and why our mission resonates with you personally.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the UK.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the UK, connecting you to thousands of jobs fast!
Find the best jobs in the UK, apply in 1 click and get a job today!