This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
We are seeking an experienced, hands-on IT Security Manager to lead a small in-house team responsible for strengthening and maintaining the organisation’s cyber security posture across all IT systems, services and infrastructure. You will manage the implementation of security controls, ensure compliance with industry and governance standards and best practice, oversee risk management activities, and support the secure operation of cloud, network and application environments. This role is well suited to a seasoned IT Security Engineer with strong practical experience who is ready to progress into a managerial position.
Job Responsibility
Lead, mentor, and support a small cybersecurity and infrastructure security team
Assist with the creation, management, and tracking of the IT security budget
Provide practical technical leadership and remain hands-on in operational security activities
Develop team capability through coaching, knowledge sharing, training, and process improvement initiatives
Develop, maintain, and execute the organisation’s IT security strategy, policies, and standards
Help establish and mature team procedures, standards, documentation, and operational best practices
Act as a senior escalation point for complex security and infrastructure security issues
Ensure alignment with frameworks such as ISO 27001, NIST, CIS Controls, and relevant regulatory requirements
Advise senior stakeholders on cyber threats, emerging risks, and security investment priorities
Oversee day-to-day security operations including monitoring, threat response, vulnerability management, and incident handling
Ensure the organisation’s SIEM, EDR, firewalls and other security tools are well-configured and maintained
Work closely with infrastructure, engineering, and operational teams to embed security best practices
Manage relationships with managed security service providers and other security vendors
Ensure secure configuration and monitoring of cloud platforms (Azure, AWS) and hybrid infrastructure
Review and approve changes to networks, systems and architecture from a security perspective
Promote secure development practices across software engineering teams
Oversee vulnerability remediation and work closely with developers
Conduct regular risk assessments and ensure appropriate risk treatment plans are in place
Maintain relationships and good working practises with the wider Protective Security team
Manage relationships with business teams to create and implement security protocols
Ensure all projects identify and address security requirements and follow Secure by Design principles
Oversee cyber security audits, compliance initiatives and certification efforts
Maintain security documentation, registers and evidence repositories for audit readiness
Lead the response to cyber incidents and coordinate with technical teams to contain and remediate threats
Ensure good threat intelligence sources for the latest security threats and mitigation strategies
Maintain and continuously improve incident response playbooks, disaster recovery plans and continuity strategies
Deliver lessons-learned reviews and drive improvements to prevent recurrence
Deliver security awareness training and foster a strong security culture across the organisation
Provide security guidance to IT teams, project managers and senior leadership team
Communicate technical risks in clear, business-friendly language
Requirements
Degree in Computing or equivalent
Proven experience in an IT security leadership or management role
Strong background in cyber security operations, cloud security and enterprise IT systems
Hands-on experience with security tools such as SIEM (Splunk), EDR, vulnerability scanners and cloud security platforms
Experience with ISO 27001 compliance
Experience in Risk Management
Cloud security (Azure/AWS)
Identity & access management, MFA, RBAC, PAM
Network and endpoint security
Threat detection, incident response and vulnerability management
Secure development and DevSecOps principles
Strong communication and stakeholder management abilities
Ability to work collaboratively with both technical and non-technical teams
Analytical thinking and a pragmatic approach to balancing risk with business needs
Must be able to obtain SC Clearance
Nice to have
CISSP, CISM, CCSP, CRISC, CEH, or similar
Cloud security certifications such as AZ-500 or AWS Security Specialty