VIRTUS Data Centres is the UK’s fastest growing data centre provider which owns, designs, builds and operates the country’s most efficient and flexible data centres. In May 2023 we announced our plans to expand into continental Europe, with our first data centre due to open in Berlin in 2026, to be quickly followed by two full campuses and expansion into other countries in the pipeline. Our purpose is to serve humanity by being an active, positive participant in the 4th industrial revolution. When we talk about our purpose, we refer to our customers’ customers; the child playing a computer game, the person watching their favourite movie, booking a medical appointment, a plane ticket, a hotel or doing their online banking; those things can’t be done if we don’t do our job. Our mission is to consistently exceed the expectations of customers through innovative, high-quality solutions and services. We employ intelligent thinkers – people with positive attitudes, who add to the quality of our customer proposition and business. We value individual endeavour and initiative and encourage teamwork and togetherness because collective experience and expertise is VIRTUS’ greatest strength. Job Summary As the Cyber Security Manager, you will work closely with the IT and OT Service Delivery Managers to oversee technical cyber security operations. You will play a crucial role in managing and providing security solutions and services across the VIRTUS Group, and be responsible for monitoring and managing future risks from future cyber security threats. Duties and Responsibilities The role includes but is not limited to the following: - Strategic Planning & Implementation: Working with the VP IT & Improvement, develop and execute a comprehensive cyber security strategy to protect the organisation’s IT and OT infrastructure. Oversee the design, development & implementation of security measures. Incident Response & Crisis Management: Lead the response to security breaches, including incident management, investigation & remediation. Implement improvements to prevent future incidents. Instigate simulation exercises to test and improve the response of operations teams in accordance with incident and crisis management plans. Team Management: Educate the user community in best practices to minimise the risk of a cyber security incident. Manage and mentor cyber security teams to ensure they are equipped to respond to cyber security threats. Compliance & Risk Management: Monitor adherence to operational best practices & regulatory requirements. Responsibility for the scope and execution of regular vulnerability audits, penetration tests and forensic investigations. Lead responses to internal and external auditors on matters relating to cyber security. Third Party Management: Evaluate the security measures of third-party systems and applications to ensure compliance with policies and standards, including authentication, authorisation and error handling. Collaborate with third party contractors to ensure their cyber security policies and procedures meet the minimum standards required. Policies & Procedures: Develop cyber security policies & procedures and enforce their adoption. Regularly review and update security measures to reflect current and emerging threats. Reporting & Communication: Report to the VP IT & Improvement on the organisation’s cyber security posture. Ensure cyber security policies and procedures are communicated and that users are fully engaged in understanding and complying with their responsibility to keep the organisation safe. Person Specification Essential Significant experience in cyber security, to include knowledge of cyber on Operational Technology. Good technical expertise across multiple areas, including application deployment, endpoint security, data security, and encryption in across the IT and OT environment. Proven ability to design and implement complex security solutions in line with company policies and standards. Familiarity with various security techniques and methodologies, such as threat modelling and vulnerability management. A self-motivated individual who is resourceful, with the ability to build working relationships quickly and effectively. Excellent organisational skills, the ability to influence and strong interpersonal skills. Knowledge and experience of cyber security is essential and how it would be applied to all aspects of the IT and OT infrastructure. You must have outstanding communication skills, both written and verbal, with an ability to articulate complex problems in a clear and methodical way and have experience dealing with difficult and multi-faceted problems. Pro-active, responsive. Able to prioritise and deal with intense moments of high activity using excellent analytical/problem solving skills. Comfortable working through ambiguity, bringing clarity and control in a growing and dynamic environment. Industry certifications experience standards such as CISSP, CISM, CRISC, certifications from Azure and AWS Experience of relevant standards such ISO27001, IEC 62443 and NIST. Highly Desirable as Cyber Security Manager Ideally educated to degree or equivalent standard, with membership of a recognised relevant professional body, and certification or qualifications from a relevant industry body. Relevant experience within a Data centre or critical infrastructure environment. In line with VIRTUS’ Vetting Policy, the successful applicant must be willing to undergo a BS7858 screening process. Additional Information This is a hybrid role, with regular travel to data centres based around London, and occasional travel into central London required. This role comes with an on-call element, which will require the post holder to participate in an out-of-hours on-call escalation rota. We reserve the right to close this post for applications should sufficient applications be received.