Senior Manager/Manager, Cyber Security Manager, Cyber, Defence & Security (Government and Public Sector)

Connect to your Industry

Do you want to be at the heart of some of the biggest and most ambitious programmes undertaken to keep our country safe?

We are proud of the impact we have with our range of Defence and Security clients, from the strength of our relationships to the variety of our skills and expertise that we bring to help these clients deliver on their mission.

We're growing our teams across all of Technology and Transformation. If you are cleared to SC or DV level, or willing and eligible to obtain this and want to grow your career in this sector, we would love to hear from you.

Connect to your career at Deloitte

Deloitte drives progress. Using our vast range of expertise, we help our clients' become leaders wherever they choose to compete. To do this, we invest in outstanding people. We build teams of future thinkers, with diverse talents and backgrounds, and empower them all to reach for and achieve more.

What brings us all together at Deloitte? It's how we approach the thousands of decisions we make every day. How we behave, our beliefs and our attitudes. In other words: our values. Whatever we do, wherever we are in the world, we lead the way , serve with integrity , take care of each other , foster inclusion , and collaborate for measurable impact . These five shared values lead every decision we make and action we take, guiding us to deliver impact how and where it matters most.

Connect to your opportunity

We recognise the importance of bringing together diverse experience and perspectives to innovatively solve some of our clients most complex problems and as a Cyber Security Manager, you will become a trusted advisor to those clients, helping them to navigate the complex world of cyber security, building robust security postures and supporting complex cyber transformations. You will leverage your expertise and that of our technical SMEs to assess their current state, identify vulnerabilities and design and implement tailored solutions that align with their business objectives and risk appetite.

As a senior member of the team, you must develop relationships with key stakeholders, understand a client's security policy framework and control sets, and design solutions that will meet our unique requirements.

Our projects vary greatly and your responsibility as a cyber security manager will differ based on the focus of the engagement and your skillset, but could include and may require you to:

• Lead client engagements, building strong relationships and understanding their business objectives, risk tolerance, and security challenges.
• Conduct effective workshops and presentations, clearly communicating complex security concepts to both technical and non-technical stakeholders.
• Perform comprehensive cyber security assessments, including: vulnerability assessments; security architecture reviews; and risk analysis to identify potential security threats and vulnerabilities.
• Utilise industry-standard frameworks and methodologies (e.g., NIST, ISO 27001, CIS, CAF) to evaluate and benchmark client security posture.
• Develop pragmatic and cost-effective security solutions tailored to client needs, encompassing people, process, and technology aspects.
• Provide guidance on security technologies, architectures, and best practices for implementing secure solutions.
• Assist clients in developing and refining their cyber security strategy, aligning it with their business goals and risk appetite.
• Create actionable roadmaps for implementing security initiatives, prioritising activities based on risk and business impact.
• Support clients in developing and testing incident response plans and business continuity strategies.
• Stay abreast of emerging threats, vulnerabilities, security trends and industry best practices.
• Contribute to thought leadership initiatives, developing white papers, presentations, and blog posts to share expertise.
• Provide specialist technical advice, recommended approaches, recommended security controls and identify solutions that meet client business objectives.
• Stay up to date with emerging security threats, technologies, and industry best practices, and provide recommendations for improvement.

Connect to your skills and professional experience

All applicants must be willing and eligible to apply for and obtain UK security clearance to Security Check (SC) or Developed Vetting (DV) level, if not already holding an existing clearance.

Candidates will be able demonstrate relevant knowledge and experience through a combination of qualifications and evidence of work history such as:

• Information Security qualification (or equivalent) e.g. CISSP, CISM, CRISC, GSEC.
• In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, CIS, CAF).
• Experience of working in Cyber/Information security within the Defence / Security environment with a focus on one of more of the domains (Land, Air, Maritime, Space, Cyberspace).
• Experience of working within Defensive Cyber Operations with an in-depth knowledge of at least one specialisation (security monitoring, network operations, Incident Response/Management, Threat Intelligence, Vulnerability Management or Cyber Operations).
• Experience working in or with Government organisations, including the handling of assets subject to the Government Security Classification Policy.
• Experience of threat and risk modelling.
• Strong understanding of network security, encryption, authentication, and access control mechanisms.
• Experience with security technologies such as firewalls, intrusion detection/prevention systems, security information and event management (SIEM) systems, and vulnerability assessment tools, and their configuration options.
• Familiarity with cloud security principles and best practices, including securing cloud-based infrastructure and services (AWS, Azure or Google).
• Experience of research in technology trends and ways to secure those technologies.
• A strong working knowledge of Government cyber requirements related to Defence and Security e.g. JSP440, JSP441, JSP453, JSP490, JSP503, JSP628, JSP892, Security Risk Management, Information Security, Secure by Design, Supply Chain Security.

Connect to your business - Technology and Transformation

Distinctive thinking, deep expertise, innovation and collaborative working. That's what connects us. That's what makes us Deloitte. If you want to help solve some of the biggest tech and transformational challenges around, join us. Together, we'll make an impact that matters.

Cyber

The modern world is more complex than ever before, and we are navigating an ever-changing landscape. We help clients to operate with resilience and grow with confidence to secure success and minimise risk.

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints (e.g., in relation to any financial interests and employment relationships). This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm, and also prohibitions on certain employment relationships (e.g., you are not permitted to hold a secondary employment role with SEC audit clients of the firm whilst being employed by the firm). The recruitment team will provide further detail as you progress through the recruitment process or you can contact the Independence team upon request.

Connect with your colleagues

"The opportunities to make a difference here are huge. We're constantly encouraged to come up with ideas, so a lot of what we do to drive change comes from within our own workforce.

- Gurpal, T&T

"Innovation is at the heart of everything we do, so we're using the latest technologies to constantly improve how we deliver our projects and bring insights to our clients. It means I'm always learning."

- Gurpal, T&T

Our hybrid working policy

You'll be based in London with hybrid working.

At Deloitte we understand the importance of balancing your career alongside your home life. That's why we'll support you to work flexibly through our hybrid working policy. Depending on the requirements of your role, you'll have the opportunity to work in your local office, virtual collaboration spaces, client sites and remotely. You'll get the chance to meet face to face when needed, while you collaborate and learn from colleagues, share your experiences, and build the relationships that will fuel your career and prioritise your wellbeing. Please check with your recruiter for the specific working requirements that may apply for your role.

Our commitment to you

Making an impact is more than just what we do: it's why we're here. So we work hard to create an environment where you can experience a purpose you believe in, the freedom to be you, and the capacity to go further than ever before.

We want you. The true you. Your own strengths, perspective and personality. So we're nurturing a culture where everyone belongs, feels supported and heard, and is empowered to make a valuable, personal contribution. You can be sure we'll take your wellbeing seriously, too . click apply for full job details