Cyber Security Manager in Newquay

We're looking for a dynamic hands-on Cyber Security Manager to lead, strengthen and mature our operational cyber security capability across a complex, multi-supplier environment. This is a technical leadership role for someone who enjoys staying close to the detail while also leading people, improving processes and driving change. You'll take ownership of day-to-day security operations, incident response, vulnerability management and identity security, while managing a specialist team and key security suppliers. Working closely with colleagues across technology, data, infrastructure, information governance and audit, you'll help ensure the organisation is secure by design, resilient in practice and prepared for assurance, audit and regulatory scrutiny.

What you'll be doing:

• Operate security controls to defined Minimum Security Baselines and policies; meet SLA/SLOs for patching, vulnerability Mean Time To Remediate, identity hygiene and change success.
• Lead technical incident response (contain-eradicate-recover) and support ISIM with incident governance and reporting.
• Lead the technical Disaster Recovery posture for cyber incidents (runbooks, rehearsal/exercises, recovery validation), aligning with ISIM's BCP/DR requirements.
• Maintain security tooling (EPP/EDR, firewalls, email/web filtering, SIEM inputs, identity protections, posture/ASR rules) and ensure robust monitoring/alerting.
• Own technical enforcement of Identity & Access Management (e.g., conditional access, privileged access hygiene, risky-user reduction), maintain IAM hygiene KPIs, and implement ISIM's policy requirements in identity platforms.
• Provide and manage the technical control evidence for CE+ and PCI DSS, and deliver remediation of audit/assessment findings to agreed SLAs.
• Provide operational evidence (metrics, logs, runbooks) into CAB and Business Management Unit assurance packs.
• Commission and technically coordinate penetration testing; own remediation.
• Manage a security engineering team and suppliers; build skills, SOPs and reusable patterns.
• Contribute technical content to awareness and training led by ISIM.

What's essential:

• Proficiency with reporting and visualisation tools (e.g., Power BI, Excel, dashboarding platforms).
• Experience working in or alongside portfolio-led environments with multiple concurrent projects or product teams.
• Aligning to ISO 27001 in complex, multi-supplier environments.
• Leading technical incident response and remediation.
• Hybrid cloud security in Microsoft 365 / Azure.
• Operating security controls at scale (firewalls, endpoint, identity, email/web, vulnerability/patch).
• Establishing policies, MSBs, risk registers, DPIAs, and supplier security.
• Commissioning pen tests and driving remediation.
• Managing technical teams and suppliers.
• Experience working with operational, service, delivery or technology-related data.
• Experience producing dashboards, reports or analytics for senior stakeholders.
• Experience supporting continuous improvement or lessons-learnt processes.

Salary and benefits:

• Local Government Pension Scheme (one of the most generous pension schemes in the UK).
• Shared Cost Additional Voluntary Contribution scheme where you can build an additional pot of money alongside your pension with contributions exempt from Income Tax and National Insurance contributions (NICs).
• 28 days paid annual leave (with an option to purchase more) + Statutory days.
• EV car benefit scheme.
• Healthcare plans.
• Discounted gym membership, will writing and mortgage advice.
• An option to buy a bicycle, including e-bikes and adapted pedal cycles, at a discounted rate.
• 3 days of paid leave each year to volunteer.
• Interest-free financing through SmartTech to buy the latest technology.
• Discounted shopping with over 2,000 big-name retailers, and more.
• You can now also obtain a Costco membership through the WMCA.
• Boundless unlocks unlimited entry to top-rated UK attractions and loads of extra benefits and discounts.
• Eye Care Scheme, offering a free eye test and a financial contribution towards your glasses.

Location:

This role is based at 16 Summer Lane, Birmingham, B19 3SD, with 2/3 days per week spent in the office. You'll participate in an out-of-hours/on-call rota for critical incident response, coordinating with the SOC/MSSP to support 24x7 escalation and containment.

Right to Work in the UK:

Proof of Right to Work in the UK will be required for all applicants in accordance with UK Home Office requirements, before any employment offer can be confirmed. Non-UK applicants (excluding Ireland) would be required to hold a relevant Visa from the UK Visas and Immigration (UKVI).

Inclusion and Equality:

We hold diversity accreditations, such as the RACE Code Quality Mark, Armed Forces Covenant (Gold status) and are recognised as one of the Inclusive Top 50 Employers and The Times Top 50 Employers for Women. We are a Disability Confident Employer with 'Leader' status and a Ban the Box employer, committing to fair opportunities for applicants, including those with disabilities or past convictions. We gladly consider part-time, flexible and job-share arrangements, so please do not let these factors deter you from applying.