As Cyber Security Manager, you'll take responsibility for leading a team of Cyber Security Engineers and Analysts who carry out security engineering and security operations activities within Openwork, as part of a wider Information Security team. You and the team will be accountable for protecting the organisation's information systems and infrastructure from cyber threats, ensuring the confidentiality, integrity, and availability of data. The team supports the ongoing operation and improvement of Cyber and Information Security systems, implements security policies, standards, and procedures and coordinates with other departments to ensure the security of the organization's information assets. You'll be passionate about leading a dynamic cyber security team, ensuring robust security measures, and fostering a culture of continuous improvement in the organisation's security posture. This is a hybrid role, with 2 days per week in our Swindon office. The benefits: • Salary - up to £85,000 • Bonus scheme - on target bonus -15% • Pension scheme - contribute up to 5% of your salary and Openwork will match you and put in an extra 5% • Critical illness cover • Income protection - 1x salary • Death in service - 4x salary • 25 days holiday bank holidays, with the opportunity to buy up to an additional 10 days • A range of other flexible benefits to include private medical insurance, dental insurance and much more. Key Accountabilities: Team Management – Demonstrate effective team management to identify and drive capability maturity levels. Carry out performance management duties for direct reports and encourage, mentor and support team member development. Security Incident Response – Accountable for the security incident response function. Oversee the response to security incidents and breaches, ensuring timely resolution and mitigation. Act swiftly, with confidence and due diligence to high profile security incidents. Security Engineering – Accountable for the security engineering function and experienced with managing security toolsets to provide security protection and analytics. Security Controls – Responsible for implementing operational controls that will govern the security of company information assets and any threat to or unauthorised access to assets including customer and employee information. Communication - Responsible for ensuring engagement of key stakeholders and keeping them engaged and up to date with security incidents and risk mitigation activities. Supplier Management – Manage key supplier relationships, such as our managed Security Operations Centre (SOC) service. Identify opportunities for improvement and foster a good working relationship. Vulnerability Management - Deliver the Vulnerability Management Programme to proactively identify and mitigate risk. Threat Intelligence - Deliver appropriate and focussed Cyber Threat Intelligence (CTI) products and deliver an intelligence led Threat Hunting capability. Security Testing – Facilitate a programme of security testing, risk assessments and audits covering critical systems and services to identify, track and remediate vulnerabilities and risks. Risk Management – Take a lead role in the identification, prioritisation and treatment of risks and issues related to technology and information security. Provide support in proactive and effective oversight (and where appropriate challenge) of the technology and security risk management frameworks, methodologies, processes, assurance, remediation and reporting activities. Reporting - Establish, monitor, evaluate and report in a professional manner; clearly highlighting the current state of Security Operations and any associated risks. Threats – Keep abreast of emerging threat types, active threats, and ways to protect Openwork systems against these. Security Policies and Standards - Support the development and implementation of security policies, standards, and processes to protect the organization's information systems and data. Business Change – Attend Change Assessment, Change Assessment Board, and the Technical Design Authority to assess risk, provide approval where necessary and to seek awareness of business change that could affect information security What will you need to succeed? Qualifications: BA/BS degree, practitioner-level qualifications, or equivalent experience in the field of Information / Cyber Security. Professional certifications such as CISSP, CISM, Microsoft or vendor-specific security qualifications or equivalent are desirable. Experience: Established management experience across a variety of cyber security disciplines Excellent communication and leadership skills. Strong knowledge of information security principles and practices. Proven track record of deploying, managing and utilising security tools. Proven track record of managing security incidents. Experience managing 3rd Party vendor relationships. Lead and participate in audits, assurance reviews and risk assessments across complex environments. Experience working in financial services or with financial services clients that were subject to regulatory requirements such as FCA and GDPR would be advantageous. Knowledge: Knowledge of cybersecurity frameworks and standards (e.g., NIST, CIS, ISO27001, OWASP, Cyber Essentials). Familiarity with security technologies and tooling (e.g., Microsoft Defender 365, vulnerability management, threat intelligence and web proxy tooling). Knowledge of security incident response processes and best practice. Understanding of risk management principles and methodologies. Strong leadership and team management skills. Excellent communication and interpersonal skills. Ability to think strategically and make informed decisions. Highly organised to manage your own and the teams’ workload. Be a Security advocate and work with other technology teams to embed security in day-to-day operations, designs, and implementations. Sufficient confidence and gravitas to speak up when risk are identified or to provide challenge and direction during the management of security incidents and in other high-pressured scenarios. Why us? We're a dynamic, fast-paced and growing business with huge ambition. This is all made possible by the brilliant people who are part of The Openwork Partnership family. We're investing heavily in our colleagues, continuously striving to give them the platform to develop personally and professionally and reach their full potential. We’re also very proud of our culture, as one of the Best 100 Large Companies to work for in 2022. The Openwork Partnership values and respects individuality and we are committed to building an inclusive culture and environment where you can balance a successful career with your commitments and interests outside of work. We believe that you will bring your best self to work if you are trusted to choose when, where and how you do it. On top of offering a modern workplace with bags of development opportunities, we also offer a highly attractive benefits package to reward you for your hard work. This includes a competitive base salary, an industry-leading annual bonus, enhanced pension, critical illness cover, income protection and a range of other flexible benefits.