Senior Information Security Analyst - Leeds (Hybrid) - £55K Information Security - AWS - ISO 27001 - CISSP - CISM - Security - Cyber Security - GDPR - Security Analyst - SIEM - Penetration Testing I am looking for a Senior Information Security Analyst for a pharmaceutical software company based in Leeds click apply for full job details
Mar 28, 2026
Full time
Senior Information Security Analyst - Leeds (Hybrid) - £55K Information Security - AWS - ISO 27001 - CISSP - CISM - Security - Cyber Security - GDPR - Security Analyst - SIEM - Penetration Testing I am looking for a Senior Information Security Analyst for a pharmaceutical software company based in Leeds click apply for full job details
Supplier Risk Analyst Location: Newcastle upon Tyne (Hybrid 2 days on site) Contract Length: 6-month contract (possible extension) Day Rate: £450 per day inside IR35 via umbrella About the Opportunity We're supporting a major organisation through a large-scale separation and transformation programme, and we're looking for an experienced Supplier Risk Analyst to join the team responsible for onboarding a significant number of new third-party suppliers. This role is ideal for someone who enjoys structured work, thrives under pressure, and feels confident engaging with suppliers and internal risk specialists. You'll play a meaningful part in a programme with firm regulatory deadlines, giving you exposure across information security, operational resilience, IT continuity, legal, procurement, and wider governance teams. Key Roles and Responsibilities Leading the supplier due-diligence process for new suppliers joining the organisation as part of a separation programme. Reviewing onboarding forms and clarifying service scope, criticality, and resilience requirements with business stakeholders. Coordinating and facilitating meetings with suppliers and internal SMEs to complete due-diligence questionnaires and collate evidence. Assessing and escalating risks across information security, operational resilience, data privacy and IT service continuity. Managing and updating Kanban boards (Microsoft Planner), trackers and workplans. Presenting risk findings clearly and concisely for senior stakeholders, translating technical information into accessible summaries. Handling supplier pushbacks professionally and keeping delivery aligned with strict programme deadlines. Working collaboratively across legal, procurement, compliance, data privacy, business owners and technology teams. Key Skills & Experience Experience in supplier risk, third-party risk, assurance, or operational resilience . Knowledge across at least one core risk domain: Information Security IT Service Continuity Operational Resilience Excellent stakeholder engagement skills, including managing external suppliers. Strong planning, coordination and PMO-style organisational skills. Confident communicator able to summarise risk and technical issues clearly. Comfortable working in high-pressure, deadline-driven Understanding of regulatory frameworks such as operational resilience standards and sector-specific supervisory statements. Relevant certifications such as CISA (highly desirable) or CISSP (nice-to-have). Experience of risk-related PMO work. Strong Excel skills; MS Project familiarity helpful but not required. Please note: Due to the high volume of applications, only successful candidates will be contacted. If you do not hear from us within 48 hours, unfortunately, your application has not been successful on this occasion. However, we may retain your details for any future suitable vacancies and contact you accordingly. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
Mar 27, 2026
Contractor
Supplier Risk Analyst Location: Newcastle upon Tyne (Hybrid 2 days on site) Contract Length: 6-month contract (possible extension) Day Rate: £450 per day inside IR35 via umbrella About the Opportunity We're supporting a major organisation through a large-scale separation and transformation programme, and we're looking for an experienced Supplier Risk Analyst to join the team responsible for onboarding a significant number of new third-party suppliers. This role is ideal for someone who enjoys structured work, thrives under pressure, and feels confident engaging with suppliers and internal risk specialists. You'll play a meaningful part in a programme with firm regulatory deadlines, giving you exposure across information security, operational resilience, IT continuity, legal, procurement, and wider governance teams. Key Roles and Responsibilities Leading the supplier due-diligence process for new suppliers joining the organisation as part of a separation programme. Reviewing onboarding forms and clarifying service scope, criticality, and resilience requirements with business stakeholders. Coordinating and facilitating meetings with suppliers and internal SMEs to complete due-diligence questionnaires and collate evidence. Assessing and escalating risks across information security, operational resilience, data privacy and IT service continuity. Managing and updating Kanban boards (Microsoft Planner), trackers and workplans. Presenting risk findings clearly and concisely for senior stakeholders, translating technical information into accessible summaries. Handling supplier pushbacks professionally and keeping delivery aligned with strict programme deadlines. Working collaboratively across legal, procurement, compliance, data privacy, business owners and technology teams. Key Skills & Experience Experience in supplier risk, third-party risk, assurance, or operational resilience . Knowledge across at least one core risk domain: Information Security IT Service Continuity Operational Resilience Excellent stakeholder engagement skills, including managing external suppliers. Strong planning, coordination and PMO-style organisational skills. Confident communicator able to summarise risk and technical issues clearly. Comfortable working in high-pressure, deadline-driven Understanding of regulatory frameworks such as operational resilience standards and sector-specific supervisory statements. Relevant certifications such as CISA (highly desirable) or CISSP (nice-to-have). Experience of risk-related PMO work. Strong Excel skills; MS Project familiarity helpful but not required. Please note: Due to the high volume of applications, only successful candidates will be contacted. If you do not hear from us within 48 hours, unfortunately, your application has not been successful on this occasion. However, we may retain your details for any future suitable vacancies and contact you accordingly. Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
This role has a starting salary of £70,975 per annum, for working 36 hours per week. We are excited to be recruiting a Chief Information Security Officer to join our fantastic team based at Woodhatch Place in Reigate. We offer a hybrid working model with a minimum of two office days per week. Our Offer to You 26 days' holiday, rising to 28 days after 2 years' service and 31 days after 5 years' service (prorated for part time staff) Option to buy up to 10 days of additional annual leave A generous local government salary related pension Up to 5 days of carer's leave and 2 paid volunteering days per year Paternity, adoption and dependents leave An Employee Assistance Programme (EAP) to support health and wellbeing Learning and development hub where you can access a wealth of resources Wellbeing and lifestyle discounts including gym, travel, and shoppingA chance to make a real difference to the lives of our residents. About the Role In this senior leadership role, you will own and drive cyber security strategy, governance and operational resilience across Surrey County Council's complex hybrid environment. Your typical week will include: Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/monitoring, and vulnerability management priorities. Setting clear security expectations and driving cultural change across service owners, technical teams and leadership groups. Developing and maintaining cyber policies, standards and evidence based reporting. This is a hands-on leadership role where strategic thinking and operational decision-making are equally important. You will hold line management responsibility for the cyber security function, including analysts or virtual team members through matrix management, and provide leadership and direction across IT&D and supplier teams. Within your first 12-18 months, you will be expected to lead or significantly contribute to: Delivery of a refreshed cyber security strategy and multi year improvement roadmap Establishment of strengthened cyber governance, including improved reporting, risk tracking and decision making structures Implementation of a formal cyber exercising programme (tabletop and technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. You will directly shape the council's ability to manage and reduce cyber risk, influence technology and service design decisions, and embed a cyber aware culture across one of the UK's largest local government environments. With a dedicated investment programme to drive security improvements, you will have a significant opportunity to transform how the organisation protects its people, data and systems. Your Application In order to be considered for shortlisting, your application will clearly evidence the following skills and align with our behaviours: Significant senior cyber security leadership experience in a complex organisation Strong capability to operate strategically and hands on, delivering measurable security improvements Deep understanding of cyber risk management, governance and assurance frameworks Proven experience leading cyber incidents, including response coordination and exercising Excellent communication and stakeholder influence skills across technical and non technical groups Familiarity with NCSC aligned approaches and/or frameworks such as NIST CSF Relevant professional qualifications such as CISSP or CISM To apply, we request that you submit a CV and you will be asked the following 4 questions: What steps would you take in your first few months to understand our cyber risks and priorities? Can you describe a complex cyber incident you have led, including how you coordinated the response and what improvements were implemented afterwards? How do you balance strategic cyber security planning with hands on delivery to ensure both long term resilience and quick, tactical gains? Which cyber security governance or risk management frameworks (e.g., NCSC CAF, NIST CSF) have you implemented, and how have they influenced decision making and assurance in your previous organisations? The job advert closes at 23:59 on 12/04/2026 with interviews planned shortly afterwards. Local Government Reorganisation (LGR) Surrey County Council is undergoing Local Government Reorganisation, moving from a two-tier system to two new unitary councils in April 2027. If you are employed by Surrey on 1st April 2027, your role will transfer with current terms and conditions to one of the new organisations, supporting local devolution and greater powers for our communities. Join our dynamic team and shape the future of local government. Make a lasting impact with innovative solutions and improved services for our community. Help us build a brighter future for our residents! Our Commitment We are a disability confident employer which means if you have shared a disability on your application form and have evidenced you meet the minimum criteria, we guarantee you an interview. Your skills and experience truly matter to us. From application to your first day, we're committed to supporting you with any adjustments you need, we value inclusion and warmly welcome you to join and help build a workplace where everyone be
Mar 27, 2026
Full time
This role has a starting salary of £70,975 per annum, for working 36 hours per week. We are excited to be recruiting a Chief Information Security Officer to join our fantastic team based at Woodhatch Place in Reigate. We offer a hybrid working model with a minimum of two office days per week. Our Offer to You 26 days' holiday, rising to 28 days after 2 years' service and 31 days after 5 years' service (prorated for part time staff) Option to buy up to 10 days of additional annual leave A generous local government salary related pension Up to 5 days of carer's leave and 2 paid volunteering days per year Paternity, adoption and dependents leave An Employee Assistance Programme (EAP) to support health and wellbeing Learning and development hub where you can access a wealth of resources Wellbeing and lifestyle discounts including gym, travel, and shoppingA chance to make a real difference to the lives of our residents. About the Role In this senior leadership role, you will own and drive cyber security strategy, governance and operational resilience across Surrey County Council's complex hybrid environment. Your typical week will include: Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/monitoring, and vulnerability management priorities. Setting clear security expectations and driving cultural change across service owners, technical teams and leadership groups. Developing and maintaining cyber policies, standards and evidence based reporting. This is a hands-on leadership role where strategic thinking and operational decision-making are equally important. You will hold line management responsibility for the cyber security function, including analysts or virtual team members through matrix management, and provide leadership and direction across IT&D and supplier teams. Within your first 12-18 months, you will be expected to lead or significantly contribute to: Delivery of a refreshed cyber security strategy and multi year improvement roadmap Establishment of strengthened cyber governance, including improved reporting, risk tracking and decision making structures Implementation of a formal cyber exercising programme (tabletop and technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. You will directly shape the council's ability to manage and reduce cyber risk, influence technology and service design decisions, and embed a cyber aware culture across one of the UK's largest local government environments. With a dedicated investment programme to drive security improvements, you will have a significant opportunity to transform how the organisation protects its people, data and systems. Your Application In order to be considered for shortlisting, your application will clearly evidence the following skills and align with our behaviours: Significant senior cyber security leadership experience in a complex organisation Strong capability to operate strategically and hands on, delivering measurable security improvements Deep understanding of cyber risk management, governance and assurance frameworks Proven experience leading cyber incidents, including response coordination and exercising Excellent communication and stakeholder influence skills across technical and non technical groups Familiarity with NCSC aligned approaches and/or frameworks such as NIST CSF Relevant professional qualifications such as CISSP or CISM To apply, we request that you submit a CV and you will be asked the following 4 questions: What steps would you take in your first few months to understand our cyber risks and priorities? Can you describe a complex cyber incident you have led, including how you coordinated the response and what improvements were implemented afterwards? How do you balance strategic cyber security planning with hands on delivery to ensure both long term resilience and quick, tactical gains? Which cyber security governance or risk management frameworks (e.g., NCSC CAF, NIST CSF) have you implemented, and how have they influenced decision making and assurance in your previous organisations? The job advert closes at 23:59 on 12/04/2026 with interviews planned shortly afterwards. Local Government Reorganisation (LGR) Surrey County Council is undergoing Local Government Reorganisation, moving from a two-tier system to two new unitary councils in April 2027. If you are employed by Surrey on 1st April 2027, your role will transfer with current terms and conditions to one of the new organisations, supporting local devolution and greater powers for our communities. Join our dynamic team and shape the future of local government. Make a lasting impact with innovative solutions and improved services for our community. Help us build a brighter future for our residents! Our Commitment We are a disability confident employer which means if you have shared a disability on your application form and have evidenced you meet the minimum criteria, we guarantee you an interview. Your skills and experience truly matter to us. From application to your first day, we're committed to supporting you with any adjustments you need, we value inclusion and warmly welcome you to join and help build a workplace where everyone be
About the role This is a fantastic opportunity to join Southern Water's Cyber Risk & Assurance team, the organisation's second line of defence within the wider Cyber Security function. As a Cyber Risk & Assurance Analyst, you'll play a central role in helping the business understand, manage and reduce cyber risk across critical operations. You'll be responsible for developing and improving cyber risk insights in your area of specialism, driving process and tooling enhancements, and supporting stakeholders across Technology, Legal and the wider business. This is a role for someone who enjoys tackling complex problems, breaking them down into actionable solutions, and collaborating with a wide range of experts. You'll also act as a trusted advisor helping colleagues understand cyber threats, risks and controls, and supporting the wider team in embedding strong cyber risk management practices across Southern Water. What you will be responsible for: You will conduct complex cyber risk assessments, strengthen key controls, deliver clear risk insights, and drive improvements across cyber domains - all while building collaborative relationships across Technology, Security, Legal and the business. Key Responsibilities Maintain an up-to-date understanding of the cyber threat landscape, relevant regulations (including NIS1/NIS2 and GDPR), and emerging risks. Lead, plan and perform complex cyber risk assessments aligned to industry-recognised frameworks, testing the design and effectiveness of cyber controls. Produce high-quality risk assessment reports with clear, actionable conclusions that support timely risk-based decision-making. Identify and deliver improvements across domains such as identity & access management, application security, endpoint security, and network security. Work closely with stakeholders across Security, Technology, Legal, Internal Audit and the wider business to assess control gaps, prioritise remediation actions and track progress to completion. Build strong working relationships across teams to influence, support and strengthen cyber risk management practices. Drive process improvements and enhancements across the Cyber Risk & Assurance function. Additional requirements specific to the role Will work closely with both technical teams and non-technical stakeholders, requiring an ability to communicate complex concepts clearly. Must be comfortable operating in an environment with regulatory, operational and cyber security obligations. Occasional engagement with internal or external audit teams may be required. What you'll bring to the role: Essential Degree-level education or equivalent experience. Strong knowledge of cyber security and information security control best practice. Proven experience in cyber security, risk management or security assessment (10+ years, or advanced degree with 8+ years). In-depth understanding of key frameworks such as NIST (800-37, 800-30, 800-53), ISO 27001/27005, SOC 2, PCI or MITRE ATT&CK. Solid understanding of cloud models, application security, vulnerability and patch management. Experience in regulated and/or unionised environments. Excellent communication skills with the ability to simplify complex findings for senior management. Strong attention to detail and a proactive, positive, innovative mindset. Desirable GRC or security certifications (e.g., CISSP, CISM, CRISC, CISA, GCFE, GSEC, CCSP). Experience with cyber risk modelling (e.g., CyberCube, RMS, Cyence). Hands-on experience with frameworks such as ISO 27001, NIST CSF, NCSC CAF or CIS Controls. Understanding of ICS/OT environments. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation . At Southern Water, we believe diverse perspectives drive innovation. If you're passionate about making a positive impact and think you can bring value to our team, we'd love to hear from you-even if you don't tick every box. Your unique skills and experiences could be exactly what we need. Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all preemployment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
Mar 26, 2026
Full time
About the role This is a fantastic opportunity to join Southern Water's Cyber Risk & Assurance team, the organisation's second line of defence within the wider Cyber Security function. As a Cyber Risk & Assurance Analyst, you'll play a central role in helping the business understand, manage and reduce cyber risk across critical operations. You'll be responsible for developing and improving cyber risk insights in your area of specialism, driving process and tooling enhancements, and supporting stakeholders across Technology, Legal and the wider business. This is a role for someone who enjoys tackling complex problems, breaking them down into actionable solutions, and collaborating with a wide range of experts. You'll also act as a trusted advisor helping colleagues understand cyber threats, risks and controls, and supporting the wider team in embedding strong cyber risk management practices across Southern Water. What you will be responsible for: You will conduct complex cyber risk assessments, strengthen key controls, deliver clear risk insights, and drive improvements across cyber domains - all while building collaborative relationships across Technology, Security, Legal and the business. Key Responsibilities Maintain an up-to-date understanding of the cyber threat landscape, relevant regulations (including NIS1/NIS2 and GDPR), and emerging risks. Lead, plan and perform complex cyber risk assessments aligned to industry-recognised frameworks, testing the design and effectiveness of cyber controls. Produce high-quality risk assessment reports with clear, actionable conclusions that support timely risk-based decision-making. Identify and deliver improvements across domains such as identity & access management, application security, endpoint security, and network security. Work closely with stakeholders across Security, Technology, Legal, Internal Audit and the wider business to assess control gaps, prioritise remediation actions and track progress to completion. Build strong working relationships across teams to influence, support and strengthen cyber risk management practices. Drive process improvements and enhancements across the Cyber Risk & Assurance function. Additional requirements specific to the role Will work closely with both technical teams and non-technical stakeholders, requiring an ability to communicate complex concepts clearly. Must be comfortable operating in an environment with regulatory, operational and cyber security obligations. Occasional engagement with internal or external audit teams may be required. What you'll bring to the role: Essential Degree-level education or equivalent experience. Strong knowledge of cyber security and information security control best practice. Proven experience in cyber security, risk management or security assessment (10+ years, or advanced degree with 8+ years). In-depth understanding of key frameworks such as NIST (800-37, 800-30, 800-53), ISO 27001/27005, SOC 2, PCI or MITRE ATT&CK. Solid understanding of cloud models, application security, vulnerability and patch management. Experience in regulated and/or unionised environments. Excellent communication skills with the ability to simplify complex findings for senior management. Strong attention to detail and a proactive, positive, innovative mindset. Desirable GRC or security certifications (e.g., CISSP, CISM, CRISC, CISA, GCFE, GSEC, CCSP). Experience with cyber risk modelling (e.g., CyberCube, RMS, Cyence). Hands-on experience with frameworks such as ISO 27001, NIST CSF, NCSC CAF or CIS Controls. Understanding of ICS/OT environments. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation . At Southern Water, we believe diverse perspectives drive innovation. If you're passionate about making a positive impact and think you can bring value to our team, we'd love to hear from you-even if you don't tick every box. Your unique skills and experiences could be exactly what we need. Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all preemployment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
Cybersecurity Professional - Cambridge Innovation Hub Location: Cambridge, UK Type: Full-time Salary: Competitive + Bonus + Benefits Are you ready to defend critical systems, tackle cyber threats, and grow your career in a fast-paced tech environment ? Join our innovative team in Cambridge , at the heart of the UK's tech and research hub, and be part of shaping the future of cybersecurity! Your Role As a Cybersecurity Professional, you will: Monitor, detect, and respond to security incidents across networks, cloud platforms, and applications. Conduct vulnerability assessments, penetration testing, and security audits . Collaborate with IT and development teams to implement robust security measures. Research emerging threats and contribute to proactive security strategies. Help build a culture of security awareness across the company. Who You Are Passionate about cybersecurity and eager to develop your expertise . Experience with network, cloud, or application security, SIEM tools, firewalls, or ethical hacking. Strong analytical and problem-solving skills. A team player with excellent communication skills. Excited about continuous learning and professional growth. Why Join Us? Career Progression: Clear pathways from analyst to senior and specialist roles. Learning & Development: Funded certifications (CISSP, CISM, CEH, OSCP), workshops, and conferences. Flexible Working: Hybrid options to balance work and life. Generous Benefits: Competitive salary, performance bonuses, private healthcare, pension, wellness programs, and generous leave. Impactful Work: Protect businesses, research, and critical infrastructure in Cambridge's thriving tech ecosystem. Innovative Environment: Collaborate with bright minds in a culture that values creativity and curiosity. If you're ambitious, curious, and ready to advance your cybersecurity career in Cambridge, apply now and help us stay one step ahead of cyber threats!
Mar 25, 2026
Full time
Cybersecurity Professional - Cambridge Innovation Hub Location: Cambridge, UK Type: Full-time Salary: Competitive + Bonus + Benefits Are you ready to defend critical systems, tackle cyber threats, and grow your career in a fast-paced tech environment ? Join our innovative team in Cambridge , at the heart of the UK's tech and research hub, and be part of shaping the future of cybersecurity! Your Role As a Cybersecurity Professional, you will: Monitor, detect, and respond to security incidents across networks, cloud platforms, and applications. Conduct vulnerability assessments, penetration testing, and security audits . Collaborate with IT and development teams to implement robust security measures. Research emerging threats and contribute to proactive security strategies. Help build a culture of security awareness across the company. Who You Are Passionate about cybersecurity and eager to develop your expertise . Experience with network, cloud, or application security, SIEM tools, firewalls, or ethical hacking. Strong analytical and problem-solving skills. A team player with excellent communication skills. Excited about continuous learning and professional growth. Why Join Us? Career Progression: Clear pathways from analyst to senior and specialist roles. Learning & Development: Funded certifications (CISSP, CISM, CEH, OSCP), workshops, and conferences. Flexible Working: Hybrid options to balance work and life. Generous Benefits: Competitive salary, performance bonuses, private healthcare, pension, wellness programs, and generous leave. Impactful Work: Protect businesses, research, and critical infrastructure in Cambridge's thriving tech ecosystem. Innovative Environment: Collaborate with bright minds in a culture that values creativity and curiosity. If you're ambitious, curious, and ready to advance your cybersecurity career in Cambridge, apply now and help us stay one step ahead of cyber threats!
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
Mar 04, 2026
Full time
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
