Cybersecurity Manager

About the role

The Cybersecurity Manager will shape and continuously improve the organisation's security posture across all business units. This senior role leads the in‑house Security Operations Center (SOC), drives ISO 27001 certification, and aligns security practices with the NIST Cybersecurity Framework.

Key responsibilities

• Develop and execute a company‑wide cybersecurity strategy, creating and enforcing policies based on ISO 27001 and NIST CSF.
• Lead the ISO 27001 certification lifecycle, from gap analysis to final audit.
• Provide strategic direction and mentorship to the SOC team, standardising SIEM tuning, threat hunting, alert triage and incident response processes.
• Oversee deployment and lifecycle management of firewalls, EDR/XDR, IDS/IPS, IAM and endpoint protection solutions.
• Coordinate vulnerability scans and penetration tests, prioritising remediation based on business impact.
• Conduct enterprise‑level risk assessments, maintain a dynamic risk register and manage vendor security vetting.
• Design and deliver a comprehensive cybersecurity awareness programme, including phishing simulations and targeted training.
• Act as primary liaison for internal and external auditors, ensuring compliance with ISO 27001 and relevant data‑protection regulations.

Required profile

• Proven experience in cybersecurity governance, strategy development and ISO 27001 implementation.
• Strong background in SOC management and incident response.
• Demonstrated ability to lead risk management and compliance initiatives.
• Excellent communication skills to work with IT, digital and business teams.

Required skills

• ISO 27001
• NIST Cybersecurity Framework
• SIEM (tuning, threat hunting, alert triage)
• Incident response
• Firewalls
• EDR / XDR
• IDS / IPS
• Identity and Access Management (IAM)
• Endpoint protection
• Vulnerability scanning
• Penetration testing
• Cloud security and Security‑by‑Design principles
• GRC platforms