Summary: The Cyber Security Governance Manager will lead the enhancement of information and cyber security management within a prominent IT consultancy, collaborating with key stakeholders. This hybrid role requires a proactive individual to improve business-as-usual activities related to cybersecurity. The position involves developing policies, managing risks, and ensuring compliance with industry standards. The successful candidate will also oversee security operations and incident management while fostering interdepartmental collaboration.

Key Responsibilities:

• Drive security operations structure with clear metrics and reporting lines.
• Develop and maintain technical posture assessments of core systems.
• Create and align cybersecurity policies, procedures, and standards with organizational requirements.
• Assess and manage cybersecurity risks from third-party vendors.
• Implement vendor risk assessment processes and ensure cybersecurity contractual compliance.
• Manage cybersecurity incidents in collaboration with the Group Cyber Security Officer.
• Support deployment of security tools and technologies aligned with organizational standards.
• Conduct regular reviews of cybersecurity controls and processes.
• Foster collaboration with other departments to align cybersecurity initiatives with business objectives.
• Establish reporting channels for cybersecurity concerns and incidents.

Key Skills:

• Experience with Microsoft Stack security technologies (Defender, Exchange, M365, Azure).
• Strong understanding of core security technologies (Firewalls, SIEM, EDR, Email Gateway, IAM/PAM, CASB).
• Knowledge of cybersecurity technologies supporting industry frameworks (ISO27001, NIST CSF).
• Understanding of regulatory and compliance requirements (GDPR, HIPAA, PCI DSS).
• Proficiency in risk management and technical assessment methodologies.
• Experience in developing cybersecurity policies, procedures, and standards.

Salary (Rate): 80000

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT