Cyber Security Technical Programme Manager

Our client, a Lloyds of London listed insurance company, are currently seeking Technical Programme Managers in Cyber Security to lead the delivery of complex, high-risk technology initiatives that protect our customers, colleagues, data, and brand. This role exists to reduce risk and increase resilience.

You’ll lead large, cross-functional security and resilience programmes spanning cloud, infrastructure, applications, identity, data protection, and third-party risk. You’ll work across Security, Engineering, Architecture, Risk, Compliance, Claims, and Operations to ensure the right controls are in place — and actually work in practice. You won’t just track plans; you’ll drive outcomes, remove blockers, and make security real.

What you’ll do:

• Deliver complex cyber security and resilience programmes with material business, regulatory, and operational risk.
• Lead initiatives such as cloud security uplift, identity modernisation, zero trust adoption, vulnerability remediation, incident readiness, and data protection.
• Turn unclear or emerging threats into structured, actionable delivery plans.
• Establish pragmatic delivery approaches that balance speed, cost, and risk reduction.
• Build and own integrated plans covering architecture, dependencies, controls, and implementation milestones.
• Align Security, Engineering, and Product teams around practical solutions that reduce risk without slowing delivery.
• Surface risks early and manage escalations with clarity and confidence.
• Understand technical architecture well enough to anticipate integration, legacy constraints, and security impacts.
• Ensure regulatory, audit, and compliance requirements are built in from day one, not bolted on later.
• Coordinate incident response improvements, testing, and recovery planning.
• Partner with Finance and leadership on budgets, cost control, and value tracking.
• Manage external suppliers and security vendors, holding them accountable to delivery and measurable outcomes.
• Support vendor selection, contracts, SLAs, and assurance processes.
• Coach teams on secure-by-design and secure-by-default practices.
• Raise the overall maturity of programme delivery across the security and technology estate.

What good looks like:

• Security risks reduced in measurable ways.
• Controls implemented and embedded, not just documented.
• Fewer critical vulnerabilities and faster remediation.
• Clear ownership of risks and decisions.
• Audit and regulatory reviews passed with confidence.
• Teams that ship safely and quickly.
• Incidents contained fast with minimal business impact.

What you’ll bring:

• Proven delivery of large-scale security, infrastructure, or enterprise technology programmes.
• Experience leading cross-functional initiatives across Security, Engineering, Risk, and Operations.
• Strong understanding of modern security practices (cloud security, IAM, DevSecOps, vulnerability management, resilience).
• Ability to translate technical risk into clear business decisions.
• Excellent stakeholder and executive communication skills.
• Strong vendor and commercial management capability.
• Solid financial forecasting and reporting discipline.
• Calm leadership during high-pressure situations and incidents.
• A practical mindset focused on risk reduction and outcomes over process.
• Own outcomes end-to-end.
• Be decisive and transparent.
• Create clarity from ambiguity.
• Hold teams and partners accountable.
• Coach others and build capability.
• Leave the security posture stronger than you found it.