Location: Wembley - 5 days on-site
Type: Permanent
Salary: £(phone number removed) per annum + permanent benefits
We're partnered with a large organisation undergoing a major digital and data transformation, and we're looking for an experienced Cyber Security Manager to lead and mature their cybersecurity function.
This is a strategic and governance-focused role, sitting at the intersection of security operations, risk management, and data protection. You'll take ownership of security oversight, working closely with external security providers while ensuring internal teams are aligned to best practice frameworks and regulatory requirements.
Responsibilities
Security Operations & Vendor Oversight
Own and manage relationships with outsourced 24/7 SOC / MDR providers
Monitor performance against SLAs and ensure proactive threat detection across cloud environments
Manage security incident escalations and coordinate response activities across internal and external teams
Drive value and accountability from third-party security partnersGovernance, Risk & Compliance
Own and maintain the Information Security Policy, Cyber Risk Register, and Risk Appetite framework
Lead internal and external audits, ensuring compliance with UK GDPR and relevant security standards
Oversee regulatory reporting and ensure adherence to industry frameworks (e.g., ISO 27001, NIST)
Focus on practical risk reduction aligned to business prioritiesData Security & Transformation
Lead the implementation of data security capabilities to discover, classify, and protect sensitive data
Support broader digital and AI initiatives by ensuring robust data protection practices
Collaborate with engineering and architecture teams to embed security controls into platformsStakeholder Engagement
Translate complex technical risks and alerts into clear, business-facing insights for senior leadership
Act as a trusted advisor to the IT Director and wider leadership team on cyber risk and resilience
Ensure security policies are embedded into delivery through automated controls and best practice frameworksSkills & Experience Required
Proven experience managing external MSSPs, SOC, or MDR providers
Strong knowledge of security frameworks such as ISO 27001, NIST, and UK GDPR
Experience maintaining enterprise-level risk registers and governance frameworks
Familiarity with data security posture management (DSPM) tools and data classification platforms
Good understanding of cloud security (Azure/AWS) and identity protocols (OIDC, SAML, MFA / Entra ID)
Experience coordinating incident response across multiple stakeholders, including external forensic teams
Strong commercial awareness with the ability to link security decisions to business outcomes
Excellent communication skills, with the ability to translate technical risk into business impact