Cyber Security Manager

Cyber Security Manager - London (hybrid working, 2 day per week WFH)

Up to 80k plus excellent benefits

Information Security Manager sought by a well-known and public-facing organisation with numerous sites spread across the county. The business is involved in significant, complex and critical logistical operations, providing services to hundreds-of-thousands.

As a public-facing, Critical National Infrastructure business the Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business.

In this role, you'll take a proactive leadership approach to strengthening cybersecurity measures, cultivating a security-first mindset across the business, and ensuring alignment with industry regulations. Reporting to the Head of IT, you'll oversee a Security Engineer and collaborate with both internal teams and external partners to uphold best practices in IT security.

Key Responsibilities:

• Work with the Head of IT to design, refine, and implement a robust cyber security roadmap that effectively mitigates risks.
• Maintain and manage security policies and procedures to ensure compliance with industry best practices.
• Embed "Security by Design" principles into all technological projects and initiatives.
• Promote a strong IT and cybersecurity awareness culture, encouraging accountability at all levels.
• Develop, refine, and execute a forward-thinking Information Security Strategy.
• Continuously assess security threats, risks, and capabilities to identify and mitigate vulnerabilities.
• Establish, manage, and monitor third-party SOC (Security Operations Center) services.
• Conduct security audits, address findings, and ensure compliance with regulations like GDPR and data protection laws.

Required Experience:

• Experience in an cyber security focussed role involving management of strategy and oversight in the deployment of security controls.
• Ideally have experience setting up and running of SOC services ( either internal or SOCaaS )
• Ideally come from a 'hands on' SecOps/Infrastructure background
• Extensive experience with GDPR and data protection, together with extensive knowledge of IS standards including ISO and NIST.
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Ideally hold a relevant qualifications; CISSP, CISM or similar.
• Understanding of TOGAF methodology would be beneficial, although is not a requirement.

The role offers excellent benefits, including an industry leading pension scheme, free/heavily discounted public transport travel and much more.

Location; Central London (or alternatively from other sites in Buckinghamshire or Oxfordshire), with occasional travel a requirement.