Senior Information Security Manager

Position Overview:

We are seeking a Senior Cyber Security Posture and Exposure Manager to lead and enhance our organization's security posture and manage cyber exposure risks. This role will oversee a small team of highly skilled Security Engineers and will be responsible for developing, implementing, and maintaining strategies to identify, assess, and mitigate security vulnerabilities across the enterprise. The ideal candidate will have a strong technical background, leadership experience, and a proactive approach to managing cyber risks in a dynamic technology environment.

What You’ll Do:

Leadership and Team Management:

• Lead, mentor, and manage a team of Security Engineers, fostering a culture of collaboration, innovation, and continuous improvement.
• Define team goals, assign responsibilities, and ensure the successful execution of security initiatives.
• Conduct regular performance reviews and provide professional development opportunities for team members.
• Ability to work across the organisation and communicate at all levels

Security Posture Management:

• Develop and maintain a comprehensive security posture management program to proactively identify and address vulnerabilities.
• Continuously assess the organization's security posture through vulnerability assessments, penetration testing, and threat modelling.
• Collaborate with cross-functional teams to implement security best practices and ensure compliance with industry standards and regulations.

Cyber Exposure Risk Management:

• Identify, analyse, and prioritize cyber exposure risks across the organization’s infrastructure, applications, and systems.
• Develop and implement strategies to mitigate risks, including patch management, configuration management, and secure coding practices.
• Monitor and respond to emerging threats, ensuring the organization remains resilient against evolving attack vectors.
• Collaborate with external partners and stakeholders to share threat intelligence and improve the organization’s defences.

Policy and Compliance:

• Establish and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, GDPR).
• Conduct regular audits and assessments to identify gaps and ensure adherence to security policies.

Reporting and Communication:

• Provide regular updates to senior leadership on the organization’s security posture, key risks, and mitigation efforts.
• Prepare detailed reports and metrics to demonstrate the effectiveness of security initiatives and identify areas for improvement.

What You’ll Bring:

Experience:

• A depth of experience in cybersecurity, with at least 3 years in a leadership or management role.
• Proven experience in vulnerability management, threat modelling, and incident response.
• Strong understanding of security frameworks, compliance standards, and best practices.
• Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field. Advanced degrees or certifications (e.g., CISSP, CISM, CEH) are highly desirable.

Technical Skills:

• Proficiency in security tools and technologies, such as SIEM, vulnerability scanners, and endpoint protection platforms.
• Knowledge of cloud security, network security, and secure software development practices.
• Familiarity with scripting and automation tools to streamline security processes.
• Working with data centres and native cloud environments AWS, GCP, and Azure
• OS Linux, Windows, Mac

Soft Skills:

• Excellent leadership, communication, and interpersonal skills.
• Ability to work under pressure and manage multiple priorities in a fast-paced environment.
• Strong analytical and problem-solving skills.

What We Bring

Mimecast offers formal and on the job learning opportunities, maintains a comprehensive benefits package that helps our employees and their family members to sustain a healthy lifestyle, and importantly - working in cross functional teams to build your knowledge!

Our Hybrid Model:

We provide you with the flexibility to live balanced, healthy lives through our hybrid working model that champions both collaborative teamwork and individual flexibility. Employees are expected to come to the office at least two days per week, because working together in person:

• Fosters a culture of collaboration, communication, performance and learning
• Drives innovation and creativity within and between teams
• Introduces employees to priorities outside of their immediate realm
• Ensures important interpersonal relationships and connections with one another and our community!

The UK base salary range for this position is £80,000-£120,000 base + benefits. This reflects the minimum and maximum target for new hire salaries for this position. This position may also be eligible for bonus, incentive plans, and other related benefits. Our salary ranges are determined by role, level, and location. These factors and individual capabilities will also determine the individual pay offered.

#LI-CS1

DEI Statement

Cybersecurity is a community effort. That’s why we’re committed to building an inclusive, diverse community that celebrates and welcomes everyone – unless they’re a cybercriminal, of course.

We’re proud to be an Equal Opportunity and Affirmative Action Employer, and we’d encourage you to join us whatever your background.

We particularly welcome applicants from traditionally underrepresented groups.

We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won’t affect your application.

Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law.