Cyber Security Manager - Birmingham (hybrid working, 2 day per week WFH, can also be based in Oxfordshire, Aylesbury or London if preffered)
£75,000 - £80,000 PA (plus excellent benefits)
Information Security Manager sought by a well-known and public-facing organisation with numerous sites spread across the county. The business is involved in significant, complex and critical logistical operations, providing services to hundreds-of-thousands.
As a public-facing, Critical National Infrastructure business the Information Security Manager will be a crucial component in ensuring the effective management of both the technical cyber security environment and wider information security management piece for the business.
In this role, you'll take a proactive leadership approach to strengthening cybersecurity measures, cultivating a security-first mindset across the business, and ensuring alignment with industry regulations. Reporting to the Head of IT, you'll oversee a Security Engineer and collaborate with both internal teams and external partners to uphold best practices in IT security.
Key Responsibilities:
Work with the Head of IT to design, refine, and implement a robust cyber security roadmap that effectively mitigates risks.
Maintain and manage security policies and procedures to ensure compliance with industry best practices.
Embed "Security by Design" principles into all technological projects and initiatives.
Promote a strong IT and cybersecurity awareness culture, encouraging accountability at all levels.
Develop, refine, and execute a forward-thinking Information Security Strategy.
Continuously assess security threats, risks, and capabilities to identify and mitigate vulnerabilities.
Establish, manage, and monitor third-party SOC (Security Operations Centre) services.
Conduct security audits, address findings, and ensure compliance with regulations like GDPR and data protection laws.
Required Experience:
Experience in an cyber security focussed role involving management of strategy and oversight in the deployment of security controls.
Ideally have experience setting up and running of SOC services ( either internal or SOCaaS )
Ideally come from a 'hands on' SecOps/Infrastructure background
Extensive experience with GDPR and data protection, together with extensive knowledge of IS standards including ISO and NIST.
Security assessment frameworks (threat modelling, controls assessment, risk assessment)
Ideally hold a relevant qualifications; CISSP, CISM or similar.
Understanding of TOGAF methodology would be beneficial, although is not a requirement.
Some travel required between Birmingham and London
