Cyber Security Manager ( SC) in Bath

My client, a leading public sector financial services body, are seeking a permanent Cyber Security Manager to play a pivotal role within their business. You will support the Senior Cyber Security Manager in ensuring that key service providers maintain effective and resilient cyber security controls. This position calls for someone who can navigate complex and evolving cyber threats, apply technical principles, and provide clear assurance that cyber risks are being managed effectively. You will have the ability to build trusted relationships with senior stakeholders, service providers, and B2B clients, helping to foster a strong and collaborative security culture across all partners.

Role Responsibilities

• Oversee cyber security risk management across service providers and their supply chains
• Identify, assess, and mitigate cyber security risks, ensuring effective vulnerability and control management
• Support senior cyber security leadership in driving cyber maturity and ensuring providers invest in appropriate defences
• Deliver structured assurance activities, including evidence‐based testing and escalation of issues through governance forums
• Review and interpret evidence to assess compliance with policies, standards, and regulatory requirements
• Challenge service providers on control weaknesses and drive continuous improvement in security posture
• Build strong, trust‐based relationships with service providers and B2B clients
• Act as the primary point of contact for assigned providers, ensuring clear communication and understanding of portfolio complexities
• Participate in governance forums and working groups to monitor control effectiveness and provider performance
• Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, PCI DSS, NIST CSF)
• Influence cyber security improvements by reviewing IT/security architectures and providing expert challenge
• Oversee incident response readiness and assurance of cyber security testing across the enterprise
• Promote strong security awareness and assure the quality of provider training
• Conduct horizon scanning to monitor emerging threats and evolving industry standards

Essential Skills

• Strong experience managing and assuring service provider cyber security performance
• Ability to communicate complex cyber and risk information clearly to senior stakeholders
• Experience assuring controls against frameworks such as NIST CSF and ISO27001
• Skilled in cyber risk assessment and development of mitigation plans aligned to business objectives
• Experience producing cyber security performance metrics for senior leadership
• Hands‐on experience in incident response, vulnerability management, system hardening, and post‐incident analysis
• Strong understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro‐segmentation)
• Broad knowledge of security technologies (firewalls, IDS/IPS, endpoint protection, SIEM, SOAR, DLP, PKI, cryptography)
• Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO)
• Strong analytical skills with the ability to interpret complex technical information
• Good understanding of threat modelling and threat intelligence methodologies (OWASP, STRIDE, MITRE)

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.