IT Security Manager in Sheffield

At Leviat, you can build a future with a lasting legacy. Help us make great architecture possible. Responsibly and sustainably. For everyone, and with everyone. Because we’re one rich, vibrant global network of insight and expertise with c.3,000 people at c.60 locations globally, we are a global leader in connecting, fixing, lifting and anchoring technology for the construction industry.

Purpose of the role

The IT Security Manager is responsible for establishing, implementing, and managing the security landscape across the organisation’s global IT environment. This role ensures the protection of infrastructure, cloud platforms, workplace technologies, and enterprise systems while enabling the business to operate securely, efficiently, and without disruption. The role oversees day‑to‑day security operations, continuously identifies and mitigates cyber risks, and leads incident response activities to ensure rapid and effective resolution of threats. The IT Security Manager ensures compliance with internal policies, audit requirements, and external regulatory standards, embedding security best practices across all technology domains. In addition, the role drives security awareness across the organisation and is accountable for key security technologies and capabilities including firewalls, endpoint protection, vulnerability management, SIEM operations, email and proxy security, and related security monitoring tools. The IT Security Manager works closely with internal teams and external partners to maintain a robust security posture and support the long‑term resilience of the business.

Key Tasks & Responsibilities

• Own and govern the organisation’s security controls across global systems, networks, endpoints and cloud services, ensuring a robust and resilient security posture.
• Lead all IT security operations, including real‑time monitoring, threat detection, vulnerability management, and remediation activities to safeguard Leviat’s global technology landscape.
• Build, lead, and develop a high‑performing IT Security team, providing strategic direction across cloud, data‑centre and infrastructure environments to ensure alignment with business priorities.
• Oversee and enhance network and network‑security capabilities, including firewalls, SD‑WAN, LAN, and associated technologies, ensuring secure, scalable, high-performance connectivity.
• Manage the full lifecycle of key security tools and services, including vulnerability management platforms, EDR, proxy services, SIEM operations, email security, cloud‑security tooling and security incident workflows.
• Design, implement, and continuously improve security protocols, standards, and procedures, ensuring consistent adoption across all technology domains.
• Partner with SOC teams and Managed Security Service Providers (MSSPs) to manage security operations, elevate critical issues, and ensure high‑quality service delivery from external suppliers.
• Embed security architecture and risk assessments into all major IT programmes, projects, and technology decisions to ensure secure‑by‑design outcomes.
• Lead and champion organisation‑wide security awareness and onboarding programmes, ensuring employees understand their responsibilities and contribute to a strong security culture.

Key stakeholders

• Internal: Business key users
• External: Software vendors (various), Software & professional service providers, External Auditors

Key functional competencies and relevant experience

• 7–10+ years’ experience in IT security or infrastructure security roles, with a proven track record of leading security teams and delivering large‑scale security programmes.
• Demonstrated expertise in enterprise security architecture and operations, including SIEM, EDR, email security, cloud‑security technologies and associated tooling.
• Strong hands‑on knowledge of Azure Security and Microsoft 365 Security technologies, including Defender, Entra ID and Intune, with experience securing modern cloud‑first environments.
• Experienced in managing incident response, from detection and assessment through to coordinated resolution and post‑incident review.
• Solid background in networking and network‑security principles, including firewalls, routing, threat prevention and secure connectivity.
• Proven experience delivering security solutions across geographically dispersed business units, ideally within a global or multi‑region organisation.
• Demonstrated ability to manage external partners, including offshore/nearshore providers, MSSPs and specialist technology vendors.
• Strong understanding of leading security frameworks and standards, such as NIST‑CSF and ISO 27001, and how to apply them in a business‑focused environment.
• A confident people leader, capable of mentoring, developing and upskilling IT staff and building a culture of security awareness and accountability.
• Excellent communication skills, with the ability to translate complex security concepts to both technical and non‑technical stakeholders.
• Relevant industry certifications such as CISSP, CISM or CCSP are highly desirable.

What’s in it for you?

• Competitive salary plus bonus
• 25 days annual leave plus statutory bank holidays (plus the option to buy 5 more)
• Westfield health cash plan and 24/7 GP service
• Free Optical vouchers
• Company pension scheme
• Life assurance
• Discounted products and services via Westfield Rewards
• Access to Employee Assistance Programmes
• Cycle to work scheme plus a bicycle storage area