United Kingdom onlyBe Part of Something Real
Envitia is a UK-based software and services company that helps organisations unlock the full value of their data to make better, faster decisions. With over 30 years of experience, we specialise in delivering innovative software products, solutions, and consultancy services that transform complex data challenges into actionable insights.
Our mission is to empower customers across defence, government, and national security sectors to harness the power of data — from geospatial intelligence to advanced analytics and AI integration. We are proud to be a trusted partner to UK defence and government organisations, delivering technology that drives smarter, data-driven outcomes.
We’re also delighted to have been named one of The Sunday Times Top 100 Medium-Sized Companies to Work For 2025 — a recognition of our commitment to innovation, collaboration, and creating an outstanding workplace where people can thrive.
The Role
Envitia is looking for a Security Manager to lead our Information Security (InfoSec) strategy and oversee wider company security across the organisation. This role is central to ensuring we meet and maintain high-assurance defence and industry security standards while continuing to deliver trusted, mission-critical solutions for our clients.
You will operate at the intersection of technical security delivery and formal compliance, bridging the gap between how systems are built and how they are assured. Working closely with engineers, operations, quality, and leadership teams, as well as customers, auditors, and government bodies, you will ensure security is embedded by design.
It’s an exciting time for Envitia where we have tripled in size in the last 3 years and continued to win new clients. The role will continue to lead shaping Envitia’s security posture, managing key standards and certifications, leading incident response, and fostering a strong security-aware culture across the business. You will also play a key role in supporting defence engagements, audits, and pre-sales activities, helping position Envitia as a trusted, security-first partner.
Responsibilities
- Standards Management: Lead the implementation and maintenance of key frameworks (e.g., ISO 27001, Cyber Essentials Plus, and defence-specific standards like DCC, NIST or JSP 440).
- Security Strategy: Develop and enforce internal security policies that protect both our company data and our clients' intellectual property.
- Risk Assessment: Conduct regular gap analyses and risk assessments to identify vulnerabilities in our digital workflows and supply chain.
- Defence Liaison: Act as the primary point of contact for defence-related security audits and government vetting processes.
- Incident Response: Manage the "Security Incident Response Plan," ensuring the team knows exactly how to react to potential breaches or data leaks and lead any incident response activities.
- Culture & Training: Run security awareness sessions for our teams to ensure "Security by Design" is part of every project we deliver.
- Tooling & Monitoring: Oversee the selection and management of security tools (EDR, SIEM, Encryption) used across our remote or hybrid workforce.
- Collaboration: Support and collaborate with the Quality Manager and Head of Operations in maintaining ISO standards and other required certifications.
- Sales Support: Support the business in pre-sales activities, specifically relating to the security aspects of a tender / project.
Experience Required
- Leading or owning an Information Security Management within a consultancy or defence-adjacent firm.
- Implementing, maintaining, and evidencing compliance against recognised security frameworks such as ISO 27001 and Cyber Essentials Plus, with exposure to defence-specific standards (e.g. DCC, NIST, JSP 440).
- Acting as a primary point of contact for external audits, security assessments, and government or customer assurance activities.
- Conducting risk assessments, gap analyses, and security reviews across systems, processes, and supply chains.
- Working closely with software engineers, cloud architects, and technical teams to embed security controls into real-world delivery.
- Developing and enforcing security policies, procedures, and incident response plans.
- Supporting or leading security incident response, including investigation, containment, and reporting.
Security Clearance Requirements
The successful candidate must be eligible for a DV (Developed Vetting) security clearance.
Location
The role will require travel to our Horsham offices 2 days a month.
What it's like to work at Envitia
At Envitia, we believe that our greatest asset is our people. We’re committed to fostering a work environment where every employee feels valued, supported, and motivated to excel. Our comprehensive benefits package is designed to enhance both your professional and personal wellbeing, including:
- Annual Leave: 25 days plus your birthday off, with the ability to buy or sell up to five additional days
- Private Healthcare: Comprehensive coverage with additional options for family members
- Training & Skills Development: Ongoing learning opportunities to help you advance your career
- Fitness Reimbursement: Support for gym memberships or fitness-related expenses
- Life Assurance: Extensive life insurance coverage for peace of mind
- Pension Contribution: Competitive options to help you plan for a secure financial future
- Perkbox Subscription: Discounts on a wide range of products and services
- Flexible Work Arrangements: Designed to support work-life balance and personal commitments
- Internal Reward Schemes: Recognition initiatives to celebrate your contributions and achievements
- Community Engagement & Volunteering: Opportunities to support meaningful causes through company-sponsored programs
Inclusion at Envitia
At Envitia, we celebrate diversity and are committed to creating an inclusive environment for all employees. We welcome applicants from all backgrounds and walks of life. We believe that our strength lies in our differences, and we are dedicated to fostering a workplace where everyone feels valued, respected, and empowered.
We encourage applications from people of all abilities, ages, genders, sexual orientations, races, ethnicities, and religions. We strive to support a culture of inclusion, accessibility, and work-life balance.
If you require any accommodations during the application or interview process, please let us know.
