At a Glance
- Tasks: Lead cybersecurity efforts, manage external partners, and ensure data protection standards.
- Company: Bestway Group, a forward-thinking company prioritising security and compliance.
- Benefits: Pension, 22 days annual leave, life assurance, private medical, and onsite parking.
- Other info: Join a diverse team with a focus on career growth and innovation.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technology.
- Qualifications: Experience with MSSPs, ISO 27001, NIST, and UK GDPR required.
The predicted salary is between 80000 - 100000 £ per year.
Reporting to the IT Director, you will lead Bestway’s cybersecurity function through a modern, 3-Layer Operating Model. Your primary focus is to govern our outsourced Managed Detection & Response (MDR/SOC) partners, own the internal GRC (Governance, Risk, and Compliance) framework, and ensure data protection standards are met. You will act as the strategic link between external security experts and our internal Architecture and Platform Engineering teams to ensure Bestway remains secure, compliant, and AI-ready.
Key Responsibilities
- Act as the primary owner for our outsourced 24/7 SOC/MDR partners. Monitor their performance against SLAs, manage incident escalations, and ensure they are proactively hunting threats across our Azure and Snowflake environments.
- Own the implementation and operation of data security to discover, classify, and protect sensitive data across the group, supporting our broader AI roadmap.
- Maintain the Group Information Security Policy, Cyber Risk Register, and Risk Appetite statements.
- Lead internal and external security audits, ensuring UK GDPR compliance and managing regulatory reporting.
- Partner with the technology team to ensure that cybersecurity policies are translated into automated 'Golden Path' guardrails.
- Translate complex security alerts into business-relevant risk stories for the IT Director and the Board.
Required Skills and Experience (Must-have)
- Proven experience managing high-performance external Managed Security Service Providers (MSSP) or MDR vendors.
- Deep knowledge of ISO 27001, NIST, and UK GDPR.
- Experience maintaining a formal Enterprise Risk Register.
- Familiarity with DSPM (Data Security Posture Management) tools like Cyera or similar data discovery platforms.
- High-level understanding of Azure/AWS security controls, Identity protocols (OIDC/SAML), and MFA strategies (Entra ID).
- Experience coordinating response and recovery efforts between external forensic teams and internal IT functions.
- Ability to tell 'risk stories' that align security investment to margin preservation and business continuity.
- Skilled at holding external partners accountable and driving value from service contracts.
- Focuses on material risk reduction rather than theoretical compliance.
Benefits
- Pension
- 22 days annual leave plus the option to buy additional days
- Life Assurance
- Private Medical
- Onsite parking
Bestway Group is an equal opportunity employer.
Senior Cybersecurity Manager employer: Bestway Group
Bestway Group is an exceptional employer that prioritises employee growth and well-being, offering a dynamic work culture in the heart of Park Royal, Brent. With a focus on cybersecurity excellence, employees benefit from comprehensive training opportunities, competitive pension plans, and private medical insurance, all while working in a supportive environment that values diversity and innovation. Join us to be part of a forward-thinking team that is committed to maintaining the highest standards of data protection and compliance.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cybersecurity Manager
✨Tip Number 1
Network like a pro! Reach out to folks in the cybersecurity field on LinkedIn or at industry events. We all know that sometimes it’s not just what you know, but who you know that can help you land that Senior Cybersecurity Manager role.
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies that highlight your experience with managing MSSPs and implementing GRC frameworks. We want to see how you’ve tackled challenges and driven results in past roles.
✨Tip Number 3
Get ready for those interviews! Brush up on your knowledge of ISO 27001, NIST, and UK GDPR. We suggest practising how to translate complex security concepts into business language, as this will be key when discussing risk stories with the IT Director.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Senior Cybersecurity Manager
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the job description. Highlight your experience with Managed Security Service Providers and any relevant certifications like ISO 27001 or NIST. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to tell us about your journey in cybersecurity, especially your experience with GRC frameworks and data protection. Make it personal and show us why you're excited about this role at Bestway.
Showcase Your Achievements:Don’t just list your responsibilities; share your achievements! Whether it’s improving security protocols or leading successful audits, we love to see how you’ve made an impact in your previous roles. Numbers and results speak volumes!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Bestway Group
✨Know Your Cybersecurity Frameworks
Make sure you brush up on ISO 27001, NIST, and UK GDPR before the interview. Being able to discuss these frameworks confidently will show that you understand the compliance landscape and can effectively manage risk.
✨Demonstrate Your Vendor Management Skills
Prepare examples of how you've successfully managed high-performance external Managed Security Service Providers (MSSP) or MDR vendors. Highlight specific incidents where you held partners accountable and drove value from service contracts.
✨Translate Technical Jargon into Business Language
Practice explaining complex security alerts in a way that relates to business risks. Being able to tell 'risk stories' that resonate with non-technical stakeholders, like the IT Director and Board, will set you apart.
✨Showcase Your Incident Response Experience
Be ready to discuss your experience coordinating response and recovery efforts between external forensic teams and internal IT functions. Share specific examples that demonstrate your ability to manage incidents effectively and ensure compliance.
