Cyber Security Manager (Executive Level)

Add expected salary to your profile for insights

Lead the development, implementation, and continuous improvement of information security policies, technical standards, and security guidelines across the organization.

Oversee and evaluate compliance with security controls, regulatory requirements, and internal security standards.

Provide strategic and practical guidance to technical teams on the effective implementation of security controls and security-by-design principles.

Manage and support internal and external security assessments, audits, and regulatory reviews.

Identify, assess, and manage information security risks, including the development and execution of risk mitigation strategies.

Communicate security posture and residual risks to senior management and stakeholders through clear, executive-level reporting and presentations.

Review and enhance Governance, Risk, and Compliance (GRC) processes to improve efficiency, effectiveness, and regulatory alignment.

Oversee the security, stability, and availability of IT systems and infrastructure, ensuring the protection of business-critical systems and business continuity.

Ensure ongoing risk assessments for IT infrastructure, systems, and processes, and maintain compliance with applicable standards, practices, and guidelines (e.g. ISMS, GPIS).

Ensure timely escalation and reporting of any breaches of law, regulation, company policies, or code of conduct to relevant authorities and management.

Establish, maintain, and continuously improve the organization’s Information Security Management System (ISMS).

Required education and experience

Strong subject matter expertise in cybersecurity, compliance frameworks, privacy controls, and security best practices (e.g. WebTrust Principles and Criteria for CAs, ISO/IEC 27001 ISMS, SOC 2, CIS Controls).

Proven experience in developing, managing, and enforcing enterprise-wide information security policies, standards, and guidelines.

Demonstrated experience in security assessments, audits, risk management, and risk mitigation at an organizational level.

Strong technical understanding of security controls, including their intent and implementation within complex enterprise IT environments.

Bachelor’s degree in Computer Science, Information Technology, or a related technical field, or equivalent professional experience.

Minimum 3+ years of experience in information security or cybersecurity roles, preferably in a managerial or senior capacity.