Cyber Security Manager in Bedford

Company Profile: Total IT is an award-winning technology services and systems integration business founded in 2006, with offices in Bedford, London, and Dubai. We operate at the intersection of IT, cyber security, networks, and smart building technology, supporting some of the largest and most complex commercial buildings in the United Kingdom, alongside a growing portfolio of international clients. With sustained growth, an exceptional client portfolio, and a people-first culture, we combine technical excellence with a commitment to outstanding customer experience. As we evolve our security posture internally and for clients, this role is critical for shaping and delivering a mature, modern cyber practice.

Description: As Cyber Security Manager, you will own the delivery of cyber security across Total IT - not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day-to-day running of our cyber capability. This role blends hands-on technical leadership with operational delivery. You'll be the driving force behind improving security for clients, maturing our internal processes, and ensuring that risks are understood, prioritised, and actioned. You will be a trusted advisor to clients, a partner to our Operations and Technical teams, and the person who ensures this gets done.

Responsibilities:

• Own client cyber security roadmaps: creation, prioritisation, scheduled review, and delivery.
• Lead and continually improve our incident response function including triage, containment, communications, and lessons learned.
• Drive remediation by working closely with Service Desk, Projects, and clients.
• Maintain robust security reporting and ensure clients understand their risk position.
• Oversee compliance efforts (ISO 27001, NIST, GDPR) and ensure gaps are addressed.
• Provide guidance on governance, policies, and technical best practice.
• Ensure SOC activities are efficient, actioned, and measurable.
• Act as the escalation point for all complex cyber queries internally.
• Work with leadership to shape the long-term vision of our cyber offering.

Every week, you will:

• Build, update, and deliver client cyber security roadmaps ensuring agreed actions are completed, not just documented.
• Run regular risk and vulnerability reviews, prioritising remediation and driving work into the Service Desk / Projects teams.
• Lead incident handling end-to-end: triage, investigation, containment, communication, documentation, and lessons learned.
• Monitor and improve Microsoft 365 security posture across clients (Identity, Defender, Conditional Access, Purview, Secure Score).
• Manage SOC output and ensure alerts are assessed, escalated, and addressed.
• Own patching, vulnerability reporting, and remediation follow-through.
• Conduct technical control checks (email security, endpoint protection, MFA/SSPR, logging, backups, etc.).
• Attend client and internal security meetings, clearly communicating risks, progress, and next steps.
• Maintain our security documentation, processes, and SLAs.
• Assist engineers during major incidents or escalations.
• Lead post-incident reviews and convert them into long-term improvements.
• Build practical, usable processes and playbooks that work in a fast-moving MSP environment.
• Proactively identify areas where Total IT can improve our security resilience and service quality.
• Support presales for security-related work and advise on solution design.
• Lead and manage a team of Security analysts to:

• Configure and optimise security settings in Microsoft 365 & Azure AD.
• Validate SOC alerts, perform investigations, and drive containment actions.
• Analyse vulnerabilities, confirm exploitability, and ensure fixes are deployed.
• Review firewall rules, email security controls, and endpoint configurations.

Experience:

• Proven experience in a security leadership or senior security operations role - ideally within an MSP or high-variability environment.
• Demonstrable success delivering real-world security improvements, not just writing policies.
• Strong background in incident response and security operations.
• Ability to design, articulate, and deliver actionable security roadmaps.
• Comfortable interacting with senior client stakeholders and influencing decisions.

Desirable certifications: CISSP, CISM, ISO 27001 Lead Implementer but practical experience and delivery capability matter more.

Technical Skills Required:

• Strong hands-on Microsoft 365/Azure AD security experience.
• Understanding SOC processes, alert triage, and incident escalation.
• Solid grasp of vulnerability management (tools, triage, prioritisation, remediation).
• Familiarity with ISO 27001, NIST CSF, GDPR, Cyber Essentials Plus.
• Ability to translate technical risk into business-impact language.
• Strong documentation, reporting, and communication skills.
• Experience implementing technical controls that materially reduce risk.

What good looks like in the first 30/60/90 days:

• First 30 Days: Complete onboarding and gain a deep understanding of Total IT's current security posture. Review existing client security baselines and identify immediate gaps. Begin leading small incidents with support. Establish relationships with Operations, and key clients. Produce a clear quick wins plan.
• First 60 Days: Take full ownership of incident response. Deliver updated security roadmaps for priority clients. Introduce improved processes for SOC alert handling and vulnerability follow-up. Begin leading client-facing security reviews and audits.
• First 90 Days: Lead the cyber function end-to-end with confidence. Demonstrate improvements against measurable KPIs (reduced vulnerabilities, improved Secure Scores, incident SLAs met). Deliver a proposal for maturing Total IT's long-term security approach. Be recognised internally and externally as the go-to security authority. Review and evolve our current security training framework with key clients. Deliver successful TTX (tabletop exercises) internally and with clients to help raise cyber awareness.

Development Path: You'll grow into: Leading a larger cyber function/building a team. Enterprise-level governance & security management. Security consultancy and advisory roles. Certifications can support this path, but proven capability always comes first.

Company Benefits: 28 days annual leave plus 1 additional day to be used 2 weeks either side of your birthday. Comprehensive private healthcare and wellness programs. A contributory pension scheme. Access to high-performance computing resources and a modern working environment. Professional development opportunities, including up to 10 days of relevant training per year.

Interview Process: Stage 1: Screening Interview with HR team via Microsoft Teams. Stage 2: Microsoft Teams Interview with Head of Operations. Stage 3: Face to face with our CEO & Head of Operations. Stage 4: A call with our HR Manager to run through a job offer, set expectations and confirm any outstanding questions. Final Stage: An offer letter is sent with an agreed start date. Welcome to the Total IT Team!

Why Work at Total IT: Total IT is not just a workplace; it's a community where innovation, passion, and teamwork are valued above all. Our team survey highlights the positive atmosphere and the professional growth opportunities available here. Join us and be part of a company that values your expertise and dedication to the cyber security field.