IT Cyber Security Manager

IT Cyber Security Manager – 12 Months Contract – Remote (UK)

Remote with the odd business trip to the Middle East

8 Hour Day, 5 days per week

Essential:-  Cybersecurity governance and risk management. Network security architecture. Incident response and forensics. Threat intelligence and ethical hacking. Security operations and monitoring. Cloud security and identity management. Regulatory compliance and audit. Vulnerability assessment and penetration testing. Digital fluency and automation in security operations. Business continuity and disaster recovery planning. Oil & Gas background

IT Cyber Security Manager Job Overview

The Cyber Security Manager will lead the cyber security function within the Organisation, ensuring the protection of critical IT and OT (Operational Technology) infrastructure. This role requires a blend of hands-on technical expertise and strategic leadership to design, implement, and maintain robust cybersecurity policies and frameworks aligned with the Cybersecurity Framework (CSF) and Defence-in-Depth models. The IT Cyber Security Manager will collaborate closely with internal and external stakeholders, IT teams, to develop and enforce security measures that protect against cyber threats.

Key Responsibilities

• Support all aspects of IT and OT security strategy.
• Act as the subject matter expert (SME) on cybersecurity risk management, guiding leadership on security investments and risk mitigation strategies.
• Lead the development and implementation of cybersecurity policies, procedure, and standards aligned with industry frameworks and industry best practices
• Design and implement Defence-in-Depth security architecture, ensuring multiple layers of security across IT and OT environments.
• Conduct regular risk assessments and audits to identify and mitigate vulnerabilities in IT and OT systems.
• Manage cybersecurity monitoring, detection, and response capabilities to mitigate threats.
• Ensure compliance with local regulatory requirements, DLP obligations, and international cybersecurity frameworks.
• Develop and execute cybersecurity awareness training programs for Organisation employees.
• Collaborate with internal and external stakeholders, to establish and enforce security measures.
• Oversee incident response planning and execution to ensure timely and effective management of cybersecurity incidents.
• Aligned with Organisational growth, build a team of cybersecurity professionals, providing guidance and support to enhance their skills and performance.
• Collaborate with IT teams to secure cloud, network, and endpoint environments, implementing access control and encryption strategies.
• Participate in Ethics & Compliance Committees and IT Governance Forums, ensuring security is embedded in all IT and business processes.
• Collaborate with the IT Security team and NOC on cybersecurity initiatives, ensuring alignment with corporate policies and global threat intelligence.
• Work closely with procurement teams to review security requirements in vendor contracts and third-party risk assessments.
• Stay current with the latest cybersecurity trends, threats, and technologies to ensure the organisation's security posture is up to date.
• Lead security governance, incident response, and forensic investigations when required.
• Provide technical mentorship and training to NOC and security teams.

IT Cyber Security Manager desirable experience & qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related discipline.
• Experience working in the oil and gas industry or with industrial control systems (ICS) and knowledge of specific cybersecurity threats and challenges faced by the energy sector.
• Knowledge of specific cybersecurity threats and challenges faced by the energy sector.
• Professional certifications such as CISSP, CISM, CEH, or GIAC (GSEC, GCIH, GCIA) preferred.
• Extensive hands-on experience in cybersecurity operations, threat intelligence, and incident response.
• Strong knowledge of NIST CSF, ISO 27001, MITRE ATT&CK, and Defence-in-Depth security models.
• Experience with firewalls, SIEM solutions, endpoint security, identity and access management (IAM), and cloud security controls.
• Ability to perform penetration testing, digital forensics, and malware analysis.
• Proven track record in leading security audits, risk assessments, and compliance reporting.
• Proven track record of developing and implementing cybersecurity policies and frameworks.
• Strong leadership skills with experience in mentoring and developing cybersecurity talent.
• Excellent communication and stakeholder management skills, particularly in cross-functional integration with IT, operations, and executive teams.
• Excellent leadership and team management skills.
• Strong problem-solving skills and the ability to work under pressure.
• Strong Team player with demonstrated ability in consensus building to ensure excellent stakeholder engagement, alignment and ethical decision-making.

With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.