{ “@context”: “http://schema.org”, “@type”: “JobPosting”, “title”: “Cyber Security Compliance Manager”, “description”: “
Role
Technology – Cyber Security Compliance Manager
Location
Hybrid schedule: 2–3 days a week at the office in Thorpe Park, Leeds.
Salary
£DOE plus extensive benefits.
Contract type
Permanent.
Employment type
Full time.
Working hours
Core hours 09:30–16:00, flexible around these.
Overview
The Cyber Security Compliance Manager plays a pivotal role in shaping and demonstrating the organisation's cyber security maturity. The role brings cyber governance to life, owning risk, compliance, and assurance while providing clear, executive‑level insight into the organisation's security posture. From developing KPIs and dashboards to supporting cyber due‑diligence across mergers and acquisitions, the role sits at the centre of growth, trust, and accountability. It offers the opportunity to influence decision‑making, strengthen security foundations, and help scale a secure, resilient organisation, without being focused on day‑to‑day technical delivery.
Responsibilities
- Lead the organisation's cyber security governance, risk, and compliance (GRC) strategy.
- Maintain continuous alignment with the cyber security baseline across all business units.
- Ensure ongoing audit readiness through proactive control monitoring and evidence management.
- Strengthen the cyber control environment by identifying gaps and driving remediation activities.
- Oversee compliance with regulatory, contractual, and internal cyber security requirements.
- Manage and maintain the enterprise cyber risk register, ensuring risks are accurately assessed and tracked.
- Monitor, analyse, and report cyber security KPIs to senior stakeholders.
- Conduct cyber security assessments across partners, vendors, and subsidiaries.
- Support cyber due‑diligence activity related to mergers and acquisitions.
- Identify and assess cyber risks associated with new business opportunities.
- Provide structured risk management guidance to both technical and non‑technical teams.
- Translate complex compliance requirements into clear, actionable guidance.
- Coordinate cross‑functional stakeholders to ensure consistent implementation of security controls.
- Drive continuous improvement in cyber compliance processes and reporting.
- Prepare and present compliance insights, dashboards, and risk updates to leadership.
Qualifications
- Experience leading governance, risk, and compliance (GRC) programmes across complex organisations.
- Experience managing cyber security audits (internal, external, and regulatory) and maintaining continuous audit readiness.
- Experience developing, implementing, and monitoring cyber security controls aligned to frameworks such as CIS18, ISO 27001, NIST CSF, SOC 2, or similar.
- Experience maintaining and operating enterprise cyber risk registers, including risk identification, assessment, scoring, and reporting.
- Experience conducting cyber security assessments of third parties, vendors, partners, and subsidiaries.
- Experience supporting cyber due‑diligence activities during mergers, acquisitions, or divestments.
- Experience monitoring and reporting cyber KPIs and compliance metrics to senior leadership and cross‑functional stakeholders.
- Ability to interpret regulatory, contractual, and policy requirements and translate them into actionable compliance obligations.
- Ability to communicate complex cyber compliance concepts to both technical and non‑technical audiences.
- Strong analytical skills and experience applying structured risk‑management methodologies to evaluate control effectiveness and identify gaps.
- Experience using Power BI to generate reports and dashboards would be an advantage.
Benefits
Financial security & rewards
- Competitive contributory pension
- Occupational sick pay
- Long‑service awards and refer‑a‑friend bonuses
- Professional registration fees covered (GPhC, NMC, CIPD and more)
- Cycle to Work and Green Car schemes (subject to eligibility)
Family‑friendly
- Enhanced maternity and paternity pay
- Flexible hybrid working to help balance work and home life
Health & wellbeing
- Private healthcare insurance at discounted rates (Aviva)
- Employee Assistance Programme and in‑house mental health support
- Access to discounted gym memberships via Blue Light Card and benefits schemes
- Regular health and wellbeing initiatives
Career growth
- Strong commitment to CPD, training and professional development
Time off & flexibility
- 25 days' annual leave, increasing with service
- Buy and sell holiday scheme
Everyday perks & exclusive discounts
- Blue Light Card and employee discount platform
- Exclusive discounts at The Springs, Leeds
- 25% off health & beauty purchases
- 25% off Pharmacy2U Private Online Doctor services
Culture & community
- Regular social events throughout the year
Company: Pharmacy2U | Certified B Corp
Location: Leeds
Job Description:
Role
Technology – Cyber Security Compliance Manager
Location
Hybrid schedule: 2–3 days a week at the office in Thorpe Park, Leeds.
Salary
£DOE plus extensive benefits.
Contract type
Permanent.
Employment type
Full time.
Working hours
Core hours 09:30–16:00, flexible around these.
Overview
The Cyber Security Compliance Manager plays a pivotal role in shaping and demonstrating the organisation’s cyber security maturity. The role brings cyber governance to life, owning risk, compliance, and assurance while providing clear, executive‑level insight into the organisation’s security posture. From developing KPIs and dashboards to supporting cyber due‑diligence across mergers and acquisitions, the role sits at the centre of growth, trust, and accountability. It offers the opportunity to influence decision‑making, strengthen security foundations, and help scale a secure, resilient organisation, without being focused on day‑to‑day technical delivery.
Responsibilities
- Lead the organisation’s cyber security governance, risk, and compliance (GRC) strategy.
- Maintain continuous alignment with the cyber security baseline across all business units.
- Ensure ongoing audit readiness through proactive control monitoring and evidence management.
- Strengthen the cyber control environment by identifying gaps and driving remediation activities.
- Oversee compliance with regulatory, contractual, and internal cyber security requirements.
- Manage and maintain the enterprise cyber risk register, ensuring risks are accurately assessed and tracked.
- Monitor, analyse, and report cyber security KPIs to senior stakeholders.
- Conduct cyber security assessments across partners, vendors, and subsidiaries.
- Support cyber due‑diligence activity related to mergers and acquisitions.
- Identify and assess cyber risks associated with new business opportunities.
- Provide structured risk management guidance to both technical and non‑technical teams.
- Translate complex compliance requirements into clear, actionable guidance.
- Coordinate cross‑functional stakeholders to ensure consistent implementation of security controls.
- Drive continuous improvement in cyber compliance processes and reporting.
- Prepare and present compliance insights, dashboards, and risk updates to leadership.
Qualifications
- Experience leading governance, risk, and compliance (GRC) programmes across complex organisations.
- Experience managing cyber security audits (internal, external, and regulatory) and maintaining continuous audit readiness.
- Experience developing, implementing, and monitoring cyber security controls aligned to frameworks such as CIS18, ISO 27001, NIST CSF, SOC 2, or similar.
- Experience maintaining and operating enterprise cyber risk registers, including risk identification, assessment, scoring, and reporting.
- Experience conducting cyber security assessments of third parties, vendors, partners, and subsidiaries.
- Experience supporting cyber due‑diligence activities during mergers, acquisitions, or divestments.
- Experience monitoring and reporting cyber KPIs and compliance metrics to senior leadership and cross‑functional stakeholders.
- Ability to interpret regulatory, contractual, and policy requirements and translate them into actionable compliance obligations.
- Ability to communicate complex cyber compliance concepts to both technical and non‑technical audiences.
- Strong analytical skills and experience applying structured risk‑management methodologies to evaluate control effectiveness and identify gaps.
- Experience using Power BI to generate reports and dashboards would be an advantage.
Benefits
Financial security & rewards
- Competitive contributory pension
- Occupational sick pay
- Long‑service awards and refer‑a‑friend bonuses
- Professional registration fees covered (GPhC, NMC, CIPD and more)
- Cycle to Work and Green Car schemes (subject to eligibility)
Family‑friendly
- Enhanced maternity and paternity pay
- Flexible hybrid working to help balance work and home life
Health & wellbeing
- Private healthcare insurance at discounted rates (Aviva)
- Employee Assistance Programme and in‑house mental health support
- Access to discounted gym memberships via Blue Light Card and benefits schemes
- Regular health and wellbeing initiatives
Career growth
- Strong commitment to CPD, training and professional development
Time off & flexibility
- 25 days’ annual leave, increasing with service
- Buy and sell holiday scheme
Everyday perks & exclusive discounts
- Blue Light Card and employee discount platform
- Exclusive discounts at The Springs, Leeds
- 25% off health & beauty purchases
- 25% off Pharmacy2U Private Online Doctor services
Culture & community
- Regular social events throughout the year
#J-18808-Ljbffr…
Posted: May 20th, 2026