Information Security SpecialistPermanent - Up to 75k + strong benefitsLocation: Hybrid - LeatherheadYour new company:A leading construction and development company in Surrey is currently looking for an Information Security Specialist to come in and support the existing IT Security Manager to improve and maintain their governance, risk and compliance (GRC) capability and help us continually improve our ISO 27001 Information Security Management System (ISMS). The role is full-time, with a hybrid working pattern usually around 2/3 days a week in the office in Leatherhead.Role responsibilities:You will be supporting the IT Security Manager across a broad variety of work. You''ll apply hands-on expertise across both public and private sector programmes-particularly UK government and construction. Own and improve our ISMS: Develop, implement and maintain our ISO 27001 aligned ISMS, report on control effectiveness and drive continuous improvement.Run regular security risk assessments and gap analyses to identify vulnerabilities in policies, procedures and configurations, and track remediation.Create and maintain security policies, procedures and controls tailored to construction and government-related projects.Act as the primary liaison to project teams, Build Asset Security Managers and Information Controllers-especially on UK government contracts.Lead audits and reviews to confirm conformance with Wates Professional Standards.Deliver guidance and training on security best practice