IT Manager - Cyber Defence in Newcastle upon Tyne

Mott MacDonald is a global engineering, management, and development consultancy with over 20,000 employees across more than 50 countries and 140+ offices. We deliver exciting work that defines our future and makes an important societal impact in the communities we serve. Our people power our performance – we succeed when they do. With countless opportunities to collaborate, learn, and grow, the possibilities for excellence are as varied as every individual. As a proudly employee‑owned business, we invest in creating the right space for everyone to feel empowered, included, and valued. Wherever your ambition lies, Mott MacDonald is where people come to be brilliant.

Overview of the role

As the Cyber Security Manager for Cyber Defence, you will lead the organisation’s proactive defence strategy across four specialist pillars: Pen Testing & System Hardening, Communication Security, Web Security, and Cloud Security. This senior role is accountable for designing and delivering a defence‑in‑depth programme that hardens our attack surface and ensures measurable risk reduction aligned to Zero Trust. You will manage a high‑performing team of specialists and drive continuous improvement to protect the organisation against evolving threats. You will influence strategic decisions and champion a security‑first culture across all business units. Close collaboration with IT, engineering, product, compliance, and risk teams is essential to integrate cyber defence into architecture and service operations. We are committed to building a diverse, inclusive, and high‑performing security function. In this role, you will nurture talent, foster innovation, and create an environment where people feel supported, empowered, and valued in their mission to protect the organisation.

Key responsibilities

• Define and execute the Cyber Defence strategy, aligning with business objectives, regulatory requirements, and risk appetite.
• Lead and develop a high‑performing cyber defence team, fostering accountability, innovation, and continuous improvement.
• Champion Zero Trust principles and ensure defence controls are embedded across platforms and programmes.
• Maintain strong partnerships with SOC, platform owners, architecture, and product teams to ensure early threat detection and rapid remediation.
• Drive audit readiness for Cyber Essentials, ISO, and regulatory requirements.
• Develop and enforce security policies, standards, reference architectures, and governance reporting.
• Maintain and contribute to the organisation’s cyber risk register.
• Direct incident response for exploited vulnerabilities and attack campaigns, ensuring rapid containment and root cause analysis.
• Coordinate post‑incident hardening and uplift of threat‑informed controls.
• Act as the primary point of contact for cyber matters with senior leaders and cross‑functional teams.
• Provide clear, actionable insights and recommendations to leadership and boards.
• Establish and govern a penetration testing programme, drive secure configuration baselines, and manage remediation of findings.
• Implement advanced email, messaging, and collaboration security controls; enforce cryptographic standards.
• Define and implement cloud‑native security controls, enforce compliance frameworks, and lead cloud incident readiness with playbooks and blast‑radius reduction.

Personal attributes

• Proactive & Innovative: Continuously improves controls and adopts emerging best practices.
• Strategic Thinker: Translates complex threats into actionable strategies aligned with business goals.
• Leadership Presence: Inspires confidence, motivates teams, and drives accountability.
• Decisive Under Pressure: Makes sound decisions in high‑tempo incidents and crisis scenarios.
• Excellent Communicator: Engages technical and non‑technical audiences; simplifies complex concepts.
• Integrity & Professionalism: Demonstrates ethical leadership and stewardship of organisational assets.

Key performance indicators

• Mean Time to Remediate critical findings and percentage of high‑risk findings closed within SLA.
• Baseline compliance coverage (CIS), patch compliance (e.g., >X% within Y days), and reduction of attack paths.
• Phishing resilience rate and reduction in user‑reported compromises.
• CSPM risk score trend, misconfiguration mean time to remediate, adherence to encryption and key‑management standards, and reduction of privileged access.
• Audit success measured by severity and count of findings, incident containment within SLA, and completion rate of post‑incident hardening activities.

Candidate specification

Essential

• Proven leadership in cyber security, with experience managing teams and driving strategic initiatives.
• Deep knowledge of secure configuration standards, vulnerability management, and quality assurance processes.
• Strong understanding of cyber defence principles, including threat detection, incident response, and risk management.
• Ability to manage complex programmes and competing priorities, delivering measurable outcomes within agreed timelines.
• Excellent stakeholder engagement and communication skills, capable of influencing at all levels and translating technical concepts into business language.
• Demonstrated experience in governance, compliance, and regulatory frameworks (e.g., ISO 27001, NIST, GDPR).
• Proficiency in developing and implementing security policies, standards, and operational procedures.
• Strong analytical and problem‑solving skills, with the ability to make data‑driven decisions under pressure.

Desirable

• Professional certifications such as CCSP, CISSP, CISM, or equivalent experience.
• Hands‑on experience with security tooling such as Tenable, Microsoft Defender suite, Zscaler, ServiceNow, or equivalent platforms.
• Familiarity with cloud security and modern architectures (Azure, AWS, GCP) including CSPM and identity/access management.
• Knowledge of secure software development practices and application security (OWASP, DevSecOps).
• Experience in leading cyber resilience programmes, including phishing simulations, vulnerability assessments, and penetration testing.
• Understanding of automation and orchestration in security operations (SOAR platforms).

Please be advised that offers for this role are conditional upon obtaining the appropriate level of Security Clearance.

Agile working

At Mott MacDonald, we believe it makes business sense for you and your manager to choose how you can work most effectively to meet your client, team, and personal commitments. We offer a hybrid working policy that embraces your well‑being, flexibility, and trust.

Equality, diversity and inclusion

We put equality, diversity and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they have the opportunity to contribute.

Accessibility

We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.