Description

Digital Resilience Manager Location: South Yorkshire (Hybrid – minimum 2 days per week on-site) Job Type: 12-Month Fixed-Term Contract Salary: £50,000 - £70,000 per annum (Depending on experience) Hours: Full-time, 37.5 hours per week (Monday–Friday, 9am–5pm) About the Role Are you an experienced Information Security professional looking to take full ownership of a digital resilience function? We are recruiting a Digital Resilience Manager to lead and mature the cyber and information security capability for a rapidly growing FTSE 250 business. This is a broad, hands-on 12-month fixed-term contract. The role is perfectly split to keep you engaged across both strategy and operations: * 70% Governance, Risk & Compliance (GRC): Policy, risk management, assurance, and supplier security. * 30% Security Operations: Managing an outsourced detection and response capability (MSSP). You will work closely with cross-functional teams to embed security-conscious practices, taking day-to-day direction from the internal Director of Digital Transformation and receiving professional, strategic oversight from an external Fractional CISO. Key Responsibilities Governance, Risk & Compliance (70%) * Policy & Frameworks: Own the lifecycle of digital resilience policies and standards—drafting, reviewing, and ensuring compliance with changing threat landscapes. * Risk Management: Maintain the functional risk register, run the Risk & Compliance Committee, and translate technical risks into clear business language for board reporting. * Audit & Certification: Track and remediate internal/external audit findings, maintain Cyber Essentials compliance, and help prepare the business for future ISO 27001 certification. * Third-Party Security: Oversee the supplier security risk process, embedding security requirements into procurement and onboarding. * Data Protection & Training: Conduct DPIAs in collaboration with Legal, and design/run the company-wide security awareness and phishing simulation programmes. Security Operations (30%) * MSSP Oversight: Act as the primary point of contact for the Managed Security Service Provider, managing day-to-day detection, response, and service levels. * Vulnerability Management: Operate the vulnerability management cycle, prioritising and driving remediation aligned to Cyber Essentials. * Incident Response: Lead the coordination of security incidents alongside internal teams and incident response partners (occasional out-of-hours support may be required, compensated via TOIL or pay). * Technical Assurance: Oversee endpoint protection, identity controls, and email security, while scoping and coordinating external penetration testing. About You Essential Criteria: * Proven experience in cyber/information security spanning both GRC and operational security. * Strong grasp of risk management principles, risk registers, and running governance forums. * Demonstrable experience overseeing an MSSP (alert triage, tuning, and service governance). * Solid understanding of vulnerability management, incident response, and third-party supply chain risk. * Knowledge of UK GDPR and experience conducting DPIAs. * Superb communication skills, with the ability to influence stakeholders at all levels and translate technical terms into business language. Desirable Criteria: * Relevant certifications (e.g., CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor). * Experience with ISO 27001 implementation and Cyber Essentials / Cyber Essentials Plus. * Familiarity with Microsoft 365 security tooling (Intune, Conditional Access, Defender). * A background in property, construction, or similar industries. What’s on Offer? * Salary: £50,000 - £70,000 (DOE) * Work-life Balance: Structured hybrid working (2 days on-site in South Yorkshire) * Flexibility: TOIL or paid overtime for the rare occasions out-of-hours incident support is required. * Professional Growth: Direct exposure to executive leadership and mentoring from a Fractional CISO. To Apply: If you are a proactive problem-solver who thrives in a dynamic, growing environment, please submit your CV today for immediate consideration. *Please not visa sponsorship is not available on this role