Cyber Security Manager - #1687709

Cyber Security Manager - Birmingham (hybrid working, 2 day per week WFH, can also be based in Oxfordshire, Aylesbury or London if preffered)

£75,000 - £80,000 PA (plus Excellent Benefits)

Information Security Manager sought by a well-known and public-facing organisation with numerous sites spread across the county. The business is involved in significant, complex and critical logistical operations, providing services to hundreds-of-thousands.

As a public-facing, Critical National Infrastructure business the Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business.

In this role, you'll take a proactive leadership approach to strengthening cybersecurity measures, cultivating a security-first mindset across the business, and ensuring alignment with industry regulations. Reporting to the Head of IT, you'll oversee a Security Engineer and collaborate with both internal teams and external partners to uphold best practices in IT security.

Key Responsibilities

• Work with the Head of IT to design, refine, and implement a robust cyber security roadmap that effectively mitigates risks.
• Maintain and manage security policies and procedures to ensure compliance with industry best practices.
• Embed 'Security by Design' principles into all technological projects and initiatives.
• Promote a strong IT and cybersecurity awareness culture, encouraging accountability at all levels.
• Develop, refine, and execute a forward-thinking Information Security Strategy.
• Continuously assess security threats, risks, and capabilities to identify and mitigate vulnerabilities.
• Establish, manage, and monitor third-party SOC (Security Operations Center) services.
• Conduct security audits, address findings, and ensure compliance with regulations like GDPR and data protection laws.
  
  

Required Experience

• Experience in an cyber security focussed role involving management of strategy and oversight in the deployment of security controls.
• Ideally have experience setting up and running of SOC services ( either internal or SOCaaS )
• Ideally come from a 'hands on' SecOps/Infrastructure background
• Extensive experience with GDPR and data protection, together with extensive knowledge of IS standards including ISO and NIST.
• Security assessment frameworks (threat modelling, controls assessment, risk assessment)
• Ideally hold a relevant qualifications; CISSP, CISM or similar.
• Understanding of TOGAF methodology would be beneficial, although is not a requirement.
  
  

Some travel required between Birmingham and London.