Cyber Resilience Manager

Cyber Resilience Manager

We're looking for a proactive and experienced Cyber Resilience Manager to lead ITV's efforts to build and strengthen our ability to withstand, recover from, and adapt to cyber disruptions. You'll design, implement, and oversee a comprehensive cyber resilience programme aligned to NIST, ensuring that our incident response, business continuity, and disaster recovery capabilities are robust, well-tested, and ready when needed.

In this critical role, you'll assess cyber threats, evaluate vulnerabilities, and their potential impact to ensure ITV's technology and operational teams are prepared for disruption. You'll collaborate across multiple stakeholders, from senior management to third-party suppliers, to embed a culture of cyber resilience, delivering meaningful business impact through preparation, testing and continuous improvement.

• Develop and implement a holistic cyber resilience plan aligned to business objectives, risk appetite and supporting regulatory requirements- defining resilience goals, identifying critical functions, and setting recovery time objectives (RTOs) and recovery point objectives (RPOs)
• Collaborate with Security Operations to maintain and test ITV's cyber recovery plan
• Work with technology teams and business stakeholders to build and maintain business continuity and disaster recovery plans- covering data recovery, redundancy, and alternative operations
• Design and lead regular cyber resilience exercises, including simulations, tabletop sessions and technical drills to evaluate the effectiveness of response and recovery plans and identify areas for improvement
• Collaborate with the security operations team to analyse cyber threats and vulnerabilities, and incorporate threat intelligence into resilience planning to proactively address potential disruptions
• Communicate and embed cyber resilience strategy across the business, including senior leaders, business units and operational teams
• Ensure ITV's resilience programme aligns with legal, regulatory and industry frameworks (e.g. NIS Directive, GDPR)
• Assess third-party and vendor resilience practices, ensuring alignment with ITV's expectations
• Monitor emerging cyber threats, industry best practices, and technological advancements, and continuously improve the organisation's cyber risk and resilience management to enhance its effectiveness.

• Proven experience in cyber security, IT disaster recovery or business continuity, with a focus on cyber resilience
• Strong understanding of cyber threats, techniques and their business impact
• Hands-on experience in designing and implementing incident response methodologies, business continuity planning frameworks, and disaster recovery principles.
• Ability to design and conduct effective cyber resilience testing and exercises
• Excellent communication, presentation, and interpersonal skills, with the ability to communicate technical and non-technical information to diverse audiences
• Strong analytical, problem-solving, and decision-making skills, with the ability to manage complex situations under pressure.
• Knowledge of relevant legal, regulatory, and industry standards related to cyber security and resilience.
• Knowledge of cloud computing resilience, and regulatory standards (e.g. NIS, GDPR)

• Certifications such as Certified Cyber Resilience Manager (CCRM), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Business Continuity Professional (CBCP)
• Experience delivering BCP and DR within mixed-platform environments (on-premise and cloud: IaaS, PaaS, SaaS)
• Strong collaboration and stakeholder engagement skills, working across both tech and business teams
• Good organisation and project management skills