Cybersecurity & Compliance Manager

Enter Job title or skill to search relevant jobs

Enter your city or postcode to show jobs in your location

This advertiser has chosen not to accept applicants from your region.

ABOUT TOSCA

Tosca is a global leader in reusable packaging and pooling solutions that service the supply chain end-to-end. Re-use is the key word as Tosca facilitates moving away from single-use packaging towards a circular model of reusable packaging with its robust portfolio of plastic containers, pallets, bins, crates, and more. We focus on optimizing the flow of perishables, eliminating waste at every turn – product, packaging, labor, and transportation waste. Our reusable plastic products improve the quality of product delivered, create more efficient supply chains, and are more sustainable than single-use packaging.

To strengthen our IT department at our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager.

Position purpose

The Cybersecurity & Compliance Manager will lead Tosca's cybersecurity and compliance efforts, ensuring adherence to NIST CFS 2.0, ISO 27001, and other relevant standards. This critical role ensures Tosca’s cyber readiness through the development of security protocols, meticulous documentation maintenance, risk assessments, and strict compliance with regulations. Key responsibilities include monitoring and managing security infrastructure, defining and implementing security policies, managing incident response processes, and promoting cybersecurity awareness across the organization. This global position involves close collaboration with Global IT colleagues, various functions, and third-party partners to integrate security measures seamlessly. Key focus areas include cybersecurity, compliance, and enhancing the user experience while advocating for resilient security within budget constraints. Skills and qualifications required for this role include proven experience in cybersecurity and compliance management, strong understanding of NIST CFS 2.0, ISO 27001 standards, excellent risk assessment and management skills, ability to develop and maintain security protocols and documentation, and effective communication and collaboration skills.

This is a full-time role based in Dudley, UK, with travel up to 30% of the time.

Responsibilities

• Implement security protocols and manage information security programs
• Report performance, exceptions, and outages to all audiences transparently
• Align disaster recovery with business continuity plans
• Ensure compliance with ISO 27001, NIST CFS 2.0, and maintain ISMS
• Identify risks, develop a comprehensive security plan
• Test cyber-attacks regularly to address vulnerabilities
• Monitor security trends, adapt strategies
• Oversee incident monitoring, detection, response via SOC and MSSPs
• Manage security tools like SIEM and endpoint protection
• Lead incident response and post-incident analysis
• Enforce policies for data privacy (GDPR & NIST)
• Conduct regular security audits
• Manage vendor relationships and negotiate contracts
• Report service performance to stakeholders
• Coordinate with other Tosca functions for effective implementation
• Other relevant responsibilities as required

Requirements, Experience & Education

• Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field; a Master's degree is preferred
• At least 7-10 years of experience in information security, specifically within security operations, with proven experience in a leadership or management role
• Relevant certifications such as CISSP, CISM, or CISA are highly desirable
• Strong knowledge of security frameworks (e.g., ISO27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA
• Proficiency in risk management processes, vulnerability assessments, and incident response strategies
• Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender
• Excellent analytical, problem-solving, and decision-making skills, with the ability to conduct post-incident analysis and implement corrective actions
• Strong communication and interpersonal skills, capable of working effectively with diverse teams and stakeholders
• Ability to stay current with security trends, emerging threats, and best practices in cybersecurity
• Experience in manufacturing and/or supply chain industry is preferred
• Able to operate in a multinational corporation with several locations
• Expertise in Customer/Relationship Management
• Excellent communication skills, conveying ideas clearly and effectively
• Specialized knowledge and skills in your field
• Collaborative spirit, thriving in teamwork and working with others
• Ability to analyze situations and make informed decisions
• Forward-thinking and strategic planning for long-term success

Our Offer

You will have a permanent contract with a competitive remuneration package aligned with your knowledge and experience.

We invest in your personal and professional development through our training & coaching programs.

You will join a dynamic, fast-growing company that is part of a strong international group. We pride ourselves on our green services and encourage employee participation in our growth and success. You will work in a collaborative environment with a supportive team that values each other.

Interested?

We cultivate a team of smart, caring individuals. This role is ideal for someone eager for a fast-paced challenge and to become an integral part of our team.

Send us your CV and a motivation letter in English. We look forward to meeting you!

We value diversity and equal opportunity. Applicants are considered based on merit, regardless of age, sex, disability, ethnicity, religion, or sexual orientation. Our global presence reflects our commitment to diversity.

External recruitment agencies will not be used for this position.