Skills

Leadership Penetration Testing Incident Response Risk Management Architecture Security Architecture

Job Specifications

Cyber Security Manager

Public Sector Organisation – Risk Function

Permanent | Full-time

Salary: £54,000 – £63,000

Locations: Multiple UK locations (including London, North West, North East, and Scotland)

Hybrid working: Approximately 40% office-based per month

About the Organisation

This public sector organisation is one of the UK’s largest savings and financial services providers, supporting millions of customers and managing over £200bn in customer investments. It operates at national scale, delivering critical services with a strong public purpose.

The organisation offers flexible working, a supportive culture, and excellent opportunities for professional development.

The Role

We are seeking an experienced Cyber Security Manager to join the Risk function. The role supports senior cyber leadership by providing assurance that third-party service providers operate effective cyber security control environments.

You will act as the primary cyber security contact for key suppliers, working closely with senior stakeholders to ensure cyber risks are identified, managed, and reduced to acceptable levels.

Key Responsibilities

Provide cyber security assurance over third-party and outsourced service providers
Hold suppliers to account through governance, performance reporting, and assurance activity
Conduct cyber security risk assessments and develop mitigation plans aligned to business objectives
Review evidence against recognised standards such as NIST CSF and ISO27001
Oversee security incident response, vulnerability management, and post-incident analysis
Communicate complex cyber risks clearly to senior technical and non-technical stakeholders

Essential Requirements

Extensive experience in cyber security assurance, risk management, and supplier oversight
Strong understanding of cloud environments and modern security architectures
Experience with enterprise security tooling (e.g. SIEM, SOAR, IAM, DLP, vulnerability management)
Proven ability to present cyber risk and assurance findings to senior stakeholders
Essential certification: CISSP or CISM
Ability to obtain Security Check (SC) clearance

Desirable Experience

Security architecture or application security assurance
SOC design or assurance oversight
Penetration testing and vulnerability remediation management
Threat intelligence and threat modelling

About the Company

We are a global recruitment solutions company with four decades of experience. The idea of partnership is at the heart of everything we do at Sanderson. Working with clients and candidates alike, we deliver permanent or contract hires, executive search assignments, fully outsourced recruitment solutions, including RPO and MSP and deploy high-performing project teams. We strive to deliver with personality and a passion for service excellence. Our services are built on collaboration, understanding and flexibility. Our breadt... Know more