Most people would agree cookies make life better. For us, they help us make our site and marketing better. But if you don't like cookies, that's cool too. Find out more in our
Cookie Policy.
Explore our vision: Incredible, effortless recruitment
£70k-£100k
Typical base salary
12 wks
Replacement guarantee
Strategy and governance
Ask how they've built a security programme or improved a posture.
Risk and compliance
Probe experience with the standards and regulations that apply to you.
Influence
They must get the whole business to take security seriously. Look for persuasion, not just policy.
How to run the hire
1. Define the mandate
Be clear on scope - strategy, compliance, team, incident ownership.
2. Score for governance and influence
Weight the ability to build a programme and change behaviour.
3. Source and approach
Approach senior candidates directly.
4. Test with a scenario
Ask how they'd raise the security posture in their first six months.
5. Reference impact
Confirm they measurably improved security and compliance.
Fees typically run 20-25% of first-year salary, capped and agreed upfront.
Nothing is due until your hire starts.
Around 6-10 weeks.
It's a senior, in-demand role, so a targeted search and a competitive offer matter.
An Information Security Manager owns the organisation's security strategy, risk management, policy and compliance, and often leads the security team.
They set the direction, manage risk and drive a security culture across the business.
An analyst is hands-on with monitoring and response. A manager owns strategy, governance, compliance and the team.
They complement each other, and we'll help you scope which you need.
Try: How would you raise our security posture in six months?
Tell me about a compliance programme you built.
How do you get non-technical leaders to care about security? and How do you handle a serious incident?
Yes. Where you need experience with ISO 27001, Cyber Essentials or sector-specific regulations, we match it.
We'll weight relevant compliance experience against broader security leadership as your role requires.
Tell us about your role and a specialist IT recruiter will call you. No fee until your hire starts.
{"@context": "https://schema.org", "@graph": [{"@type": "Article", "headline": "How to Hire a Information Security Manager in the UK (2026)", "description": "How to hire an Information Security Manager in the UK. Salary, time to hire and what to look for.", "datePublished": "2026-07-13", "dateModified": "2026-07-13", "author": {"@type": "Person", "name": "Charles Trivett", "jobTitle": "Managing Director, Coburg Banks IT", "url": "https://www.linkedin.com/in/charlestrivett/", "worksFor": {"@type": "Organization", "name": "Coburg Banks"}}, "publisher": {"@type": "Organization", "name": "Coburg Banks", "logo": {"@type": "ImageObject", "url": "https://cdn.prod.website-files.com/645cf1f1ad8cd97335eefcd6/67e52adb28b5bfce304c13dd_CB%20Sales%20Logo.svg"}}, "mainEntityOfPage": "https://www.coburgbanks.co.uk/hiring/information-security-manager"}, {"@type": "FAQPage", "mainEntity": [{"@type": "Question", "name": "How much does it cost to hire an Information Security Manager?", "acceptedAnswer": {"@type": "Answer", "text": "Fees typically run 20-25% of first-year salary, capped and agreed upfront. Nothing is due until your hire starts."}}, {"@type": "Question", "name": "How long does it take to hire an Information Security Manager?", "acceptedAnswer": {"@type": "Answer", "text": "Around 6-10 weeks. It's a senior, in-demand role, so a targeted search and a competitive offer matter."}}, {"@type": "Question", "name": "What does an Information Security Manager do?", "acceptedAnswer": {"@type": "Answer", "text": "An Information Security Manager owns the organisation's security strategy, risk management, policy and compliance, and often leads the security team. They set the direction, manage risk and drive a security culture across the business."}}, {"@type": "Question", "name": "What's the difference between a security manager and analyst?", "acceptedAnswer": {"@type": "Answer", "text": "An analyst is hands-on with monitoring and response. A manager owns strategy, governance, compliance and the team. They complement each other, and we'll help you scope which you need."}}, {"@type": "Question", "name": "What should I ask an Information Security Manager at interview?", "acceptedAnswer": {"@type": "Answer", "text": "Try: How would you raise our security posture in six months? Tell me about a compliance programme you built. How do you get non-technical leaders to care about security? and How do you handle a serious incident?"}}, {"@type": "Question", "name": "Do you recruit for specific standards like ISO 27001?", "acceptedAnswer": {"@type": "Answer", "text": "Yes. Where you need experience with ISO 27001, Cyber Essentials or sector-specific regulations, we match it. We'll weight relevant compliance experience against broader security leadership as your role requires."}}]}, {"@type": "ItemList", "name": "What to look for in a Information Security Manager", "itemListElement": [{"@type": "ListItem", "position": 1, "name": "Strategy and governance"}, {"@type": "ListItem", "position": 2, "name": "Risk and compliance"}, {"@type": "ListItem", "position": 3, "name": "Influence"}]}, {"@type": "ProfessionalService", "name": "Coburg Banks IT Recruitment", "url": "https://www.coburgbanks.co.uk/it-recruitment-agencies", "telephone": "+441213622300", "foundingDate": "2002", "areaServed": {"@type": "Country", "name": "United Kingdom"}, "serviceType": "IT Recruitment", "sameAs": ["https://www.linkedin.com/company/coburgbanks/", "https://uk.trustpilot.com/review/coburgbanks.co.uk", "https://www.facebook.com/CoburgBanksJobs/"]}]}