Cyber Security Manager

Cyber Security Manager Central London (hybrid) Up to £80,000 per annum A leading, acquisitive, £500m turnover construction engineering business (with revenues expected to double in the coming years), is undergoing a significant period of digital transformation and growth. They are seeking an experienced Cyber Security Manager to act as the principal point of contact for all security matters across a rapidly expanding enterprise. Genuine opportunity to have significant input and influence into the shape and future of the business by leading vital security initiatives. Key Responsibilities * Own and maintain all Security related policies and procedures, implementing \’Security by Design\’, driving a culture of IT and Cyber Security awareness and responsibility. * Develop and maintain the Information Security Strategy. * Conduct ongoing security threat, risk, capability &/or maturity assessments. * Oversee an outsourced Security Operations Centre (SOC) and Managed Security Services Provider (MSSP), managing performance reviews, ensuring service levels and effective incident management. * Ensure alignment with NIST, NCSC, ISO27001, GDPR, and Cyber Essentials Plus standards. * Drive the completion of ISO27001 implementation and certification, working with external partners and internal stakeholders. * Lead upcoming security initiatives including such as; Qualys rollout, supporting completion of Sophos Endpoint Protection deployment. * Developing business frameworks and templated responses for tender processes. * Provide security oversight for new office locations and integration points, ensuring secure network ingress through firewalls and switches into third-party SOC systems. * Develop, implement, and maintain comprehensive security policies and frameworks. Qualifications and Experience: * Proven track record in managing security operations, compliance and third-party security providers. * Experience required from both a strategy / framework management level and security controls deployment oversight. * Ability to oversee technical solutions and remediate issues when required, with an excellent understanding of underlying systems. Technical background is a must. * Advanced knowledge Industry Information Security Standards such as NIST, NCSC, ISO 27001, GDPR, and Cyber Essentials Plus. * Management of 3rd party SOC / MSSP including service reviews, ensuring adherence to SLAs, and effective SOC governance. * Experience delivering key security projects within tight deadlines. * Professional Security Qualifications, for example CISSP, CISM, Security+ etc. Note: All potential candidates must be eligible for basic level Security Clearance JBRP1_UKTJ