Cyber Manager

Malloy Aeronautics Ltd
Maidenhead, SL6 1QB, United Kingdom
Today
Job Type
Permanent
Work Pattern
Full-time
Work Location
Hybrid
Seniority
Senior
Education
Degree
Visa Sponsorship
Available
Security Clearance
Required
Posted
6 Jul 2026 (Today)

Benefits

25 days holiday + bank holidays Pension scheme Professional development support Employee assistance programme

Job Title: Cyber Security Manager

Location: Maidenhead/ Southeast – regular travel between Entities

Role Overview

We are seeking an experienced and adaptableCyber Security Manager to strengthen cyber resilience, lead security improvements, and embed secure-by-design practices across a diverse range of technical estates. This includes Defence-classified networks, legacy and industrial systems, hybrid IT/OT environments, research platforms, and modern cloud services.

Key Responsibilities

1. Cyber Security Strategy, Planning & Delivery

  • Develop, maintain, and execute cyber security plans and roadmaps tailored to each entity’s operational context, regulatory requirements, and risk profile.
  • Provide informed security input into business planning, technology adoption, digital initiatives, and transformation programmes.
  • Ensure cyber activities support wider organisational objectives, customer expectations, and contractual obligations.

2. Secure-by-Design & Architecture Assurance

  • Embed secure-by-design principles across platforms, services, products, and transformation initiatives.
  • Review solution designs, technical architectures, and configuration proposals to ensure appropriate security controls and alignment with best practice.
  • Provide early engagement and continuous assurance to engineering, IT, OT, digital development teams, and research groups.

3. Cyber Governance & Compliance

  • Implement and continuously improve cyber governance frameworks, processes, and metrics suitable for small, agile organisations operating in sensitive environments.
  • Manage and maintain entity-level cyber risk registers, ensuring clear visibility, prioritisation, and mitigation progress.
  • Ensure alignment with key standards and regulatory frameworks including:
  • NCSC guidance and CAF
  • ISO 27001
  • NIST CSF
  • Cyber Essentials Plus
  • Secure by Design principles
  • Work with procurement to ensure cyber requirements are appropriately flowed down to suppliers, partners, and third-party service providers.

4. Operational Cyber Security Management

  • Oversee operational security activities across multiple entities, including:
  • Threat detection and monitoring
  • Incident response and remediation
  • Vulnerability identification and patch management
  • Endpoint protection and hardening
  • Network and boundary defence
  • IDS/IPS tuning, configuration, and alert handling
  • Ensure operational security tools, processes, and monitoring capabilities are effectively deployed and maintained.

5. Management of Classified & High-Security Environments

  • Govern cyber controls and practices for systems handling Official-Sensitive and above.
  • Ensure appropriate physical, procedural, and technical controls are in place across secure research, prototyping, and engineering environments.
  • Ensure that classified systems adhere to the appropriate Defence standards, accreditation requirements, and audit expectations.

6. IT & OT Security Integration

  • Lead the integration of cyber controls across mixed technology estates, including:
  • Traditional IT
  • Operational Technology (OT)
  • Industrial Control Systems (ICS)
  • Legacy and bespoke engineering platforms
  • Provide risk-based guidance that accounts for operational constraints and system criticality.

7. Customer Assurance & Stakeholder Engagement

  • Act as the central point of cyber expertise for internal entities, customers, and auditors.
  • Produce high-quality reporting, assurance documentation, and security evidence packs for customer programmes and assessments.
  • Support contract negotiations and customer engagements where cyber security obligations or expectations are discussed.

8. Collaboration & Leadership

  • Work closely with IT, OT, engineering, digital development, legal, procurement, programme delivery, and operations teams to embed security throughout the lifecycle.
  • Contribute to the development of cyber culture and awareness across the entities supported.
  • Provide leadership, mentoring, and task direction to cyber specialists and third-party providers.

Qualifications & Experience

Essential

  • 8+ years’ experience in cyber security roles within complex, secure, or regulated environments (e.g., defence, government, national security, critical infrastructure, aerospace, research).
  • Demonstrable experience managing cyber security in high-assurance and classified system environments.
  • Strong experience across security operations, incident response, vulnerability management, and threat detection.
  • Technical knowledge of:
  • Identity management and access controls
  • PKI and cryptographic services
  • SIEM platforms and log analytics
  • Firewalls, boundary protection, and secure networking
  • Endpoint security and system hardening
  • Hands-on implementation experience of frameworks such as:
  • NIST CSF
  • ISO 27001
  • CIS Controls
  • Cyber Essentials (Plus)
  • Secure by Design / Security by Design
  • Proven ability to balance strategic thinking with tactical execution.
  • Experience working with OT and legacy systems, including industrial or research environments...

Skills & Competencies

  • Able to pivot betweenstrategic engagement (roadmaps, governance, risk, leadership support) andhands-on operational delivery (tooling, response, reviews, configurations).
  • Strong analytical, organisational, and communication skills.
  • Comfortable advising senior leaders and collaborating across multi-disciplinary teams.
  • Experience building positive security cultures in small, innovative organisations.
  • Practical mindset, able to deliver effective security outcomes in constrained or agile environments.

Desirable

  • Background in defence, aerospace, national security, or critical national infrastructure.
  • Familiarity with Defence security policies and standards including:
  • DefStan 05-139
  • DefCon 658
  • DefStan 05-138
  • JSP453 / JSP604
  • Experience supporting MOD accreditation and assurance processes.
  • Experience with Microsoft Azure security, including identity, governance, monitoring, hybrid integration, and Azure-native security controls.
  • Professional certifications such as CISSP, CISM, CISA, SABSA, GICSP, or cloud security certifications (e.g., Azure Security Engineer).

Related Jobs

View all jobs
Spotlight

Lead Systems Engineer – Space

Lockheed Martin Newcastle, North East England, United Kingdom
£93,000 – £116,000 pa On-site Clearance Required
Spotlight

Lead AIT Engineer (Satellite Delivery)

Exobotics Ltd London, United Kingdom
£62,000 – £82,000 pa Hybrid

Lead Software Engineer

Saab Fareham, United Kingdom
On-site Clearance Required

Senior Cyber Security Engineer

Open Cosmos Ltd Didcot, OX11 0RL, United Kingdom
On-site

Principal Systems Engineer - PYRAMID

Synoptix Gloucestershire, United Kingdom
£65,000 – £80,000 pa Hybrid Clearance Required

Automation Engineer

Sopra Steria Farnborough, GU14 7JT, United Kingdom
£55,000 – £60,000 pa Hybrid Clearance Required

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.