Join our IT Team based in Bristol as an IT Security Manager and help us to achieve our mission of pioneering electric aviation.
We are looking for an experienced IT Security Manager with a solid background in cybersecurity, SOX compliance, ISO 27001, and NIST cybersecurity frameworks to join our dynamic and industry-leading organisation.
This newly created role offers an exciting opportunity to shape and oversee the implementation, management, and continuous enhancement of our information security programs within a fast-paced, innovative,and groundbreaking eVTOL (electric vertical take-off and landing) industry.
What success will look like for you, as an IT Security Manager?
Lead and manage the security operations, policies, and procedures for the company’s information systems, protecting against unauthorized access, data breaches, and other security threats.
Lead efforts to achieve and maintain ISO 27001 certification, ensuring that the company’s information security management system (ISMS) is compliant with international standards.
Develop, implement, and continuously improve policies, procedures, and controls in line with ISO 27001 to mitigate risks associated with the confidentiality, integrity, and availability of information.
Coordinate internal and external audits to ensure ISO 27001 compliance and assist in the certification process.
Perform security risk assessments, vulnerability management, and threat modelling based on NIST guidelines, ensuring appropriate security controls are in place.
Collaborate with IT and engineering teams to integrate NIST-based security controls into the company’s systems and technologies.
Oversee the implementation and maintenance of SOX (Sarbanes-Oxley Act) compliance, particularly around IT general controls (ITGC), and ensure that all financial systems and processes meet SOX audit requirements.
Work closely with internal and external auditors to ensure security controls are properly documented, tested, and reported on in compliance with SOX standards. Stay up-to-date with evolving regulatory requirements and security standards (including GDPR, CMMC, FAA regulations, etc.) and ensure company policies are compliant.
What would we like you to bring? We want you to be successful in your role, in order to achieve this, you will need to have proven experiencewithin the following areas: Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.
Minimum of 5-7 years of experience in information security management, with at least 3 years in a security management or leadership role in an aerospace or high-tech industry.
Proven expertise in SOX compliance, ISO 27001 certification/maintenance, and implementation of NIST cybersecurity frameworks.
Experience working in a regulated environment, ideally aerospace, aviation, or a related high-security sector.
Strong knowledge of information security frameworks (ISO 27001, NIST, SOX, etc.) and regulatory requirements.
Experience with security technologies (SIEM, DLP, IDS/IPS, etc.) and network security protocols.
Familiarity with risk management methodologies, vulnerability management, and incident response procedures.
Our benefits Our people matter - we're not going anywhere without them. Which is why our company benefits go beyond the essentials. 26 days holiday, plus bank holiday
5 extra days per year to buy (or sell)
5 extra days holiday when you get married or enter a civil partnership
Additional 4% of your salary to spend on extra benefits
Award-winning digital health and wellbeing service (Help@Hand)
Company Share Scheme - open to every Vertical employee
Company Pension Scheme - 5% and we match it
Breakfast on us, every day
We may just be the hardest job you've ever had, but we're confident it will be the most rewarding. Join the team today and help us shape the future of Advanced Air Mobility. Disclaimer Statement We encourage you to apply even if you may not have all the experience listed in the advert. We recognise that talent comes in various forms and we are committed to providing opportunities that create an environment of growth, diversity, and inclusion for everyone. As part of our desire to review and make our processes fair, we may ask you questions related to these aspects during the application process. For more information on how we will use your data, see our Legal section.
#J-18808-Ljbffr
Lead efforts to achieve and maintain ISO 27001 certification, ensuring that the company’s information security management system (ISMS) is compliant with international standards.
Develop, implement, and continuously improve policies, procedures, and controls in line with ISO 27001 to mitigate risks associated with the confidentiality, integrity, and availability of information.
Coordinate internal and external audits to ensure ISO 27001 compliance and assist in the certification process.
Perform security risk assessments, vulnerability management, and threat modelling based on NIST guidelines, ensuring appropriate security controls are in place.
Collaborate with IT and engineering teams to integrate NIST-based security controls into the company’s systems and technologies.
Oversee the implementation and maintenance of SOX (Sarbanes-Oxley Act) compliance, particularly around IT general controls (ITGC), and ensure that all financial systems and processes meet SOX audit requirements.
Work closely with internal and external auditors to ensure security controls are properly documented, tested, and reported on in compliance with SOX standards. Stay up-to-date with evolving regulatory requirements and security standards (including GDPR, CMMC, FAA regulations, etc.) and ensure company policies are compliant.
What would we like you to bring? We want you to be successful in your role, in order to achieve this, you will need to have proven experiencewithin the following areas: Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field.
Minimum of 5-7 years of experience in information security management, with at least 3 years in a security management or leadership role in an aerospace or high-tech industry.
Proven expertise in SOX compliance, ISO 27001 certification/maintenance, and implementation of NIST cybersecurity frameworks.
Experience working in a regulated environment, ideally aerospace, aviation, or a related high-security sector.
Strong knowledge of information security frameworks (ISO 27001, NIST, SOX, etc.) and regulatory requirements.
Experience with security technologies (SIEM, DLP, IDS/IPS, etc.) and network security protocols.
Familiarity with risk management methodologies, vulnerability management, and incident response procedures.
Our benefits Our people matter - we're not going anywhere without them. Which is why our company benefits go beyond the essentials. 26 days holiday, plus bank holiday
5 extra days per year to buy (or sell)
5 extra days holiday when you get married or enter a civil partnership
Additional 4% of your salary to spend on extra benefits
Award-winning digital health and wellbeing service (Help@Hand)
Company Share Scheme - open to every Vertical employee
Company Pension Scheme - 5% and we match it
Breakfast on us, every day
We may just be the hardest job you've ever had, but we're confident it will be the most rewarding. Join the team today and help us shape the future of Advanced Air Mobility. Disclaimer Statement We encourage you to apply even if you may not have all the experience listed in the advert. We recognise that talent comes in various forms and we are committed to providing opportunities that create an environment of growth, diversity, and inclusion for everyone. As part of our desire to review and make our processes fair, we may ask you questions related to these aspects during the application process. For more information on how we will use your data, see our Legal section.
#J-18808-Ljbffr
