Cyber Advisory Services Manager
- Information Security Solutions
- 02/06/2026
Full time
Information Technology
Telecommunications
Cyber Security
Job Description
Cyber Advisory Services Manager Location: London or Peterborough with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).
Working Pattern: 37.5 hours per week, Monday - Friday.
Salary: £84,000 - £100,000
Benefits: Car allowance, Bupa, Matched pension contributions.
Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on.
Role Summary Reporting to the Deputy Group CISO, the Cyber Advisory Services Manager leads the GCS consulting and advisory capability - the function that turns Group cyber standards and expertise into practical, tailored support for all the divisions. This is a role for a confident, credible cyber security generalist with strong consulting instincts: someone who is equally comfortable advising a divisional CIO on strategic security posture, reviewing a firewall ruleset for technical debt, or scoping the cyber workstream of a merger integration programme. The role provides a broad portfolio of advisory services to the Group and its divisions, including technical standards advice and interpretation; security configuration, rule base assessment and policy change support; input to non functional security requirements for Group and divisional programmes; cyber security input to mergers, acquisitions, and divestiture activity; and the deployment of specialist consulting resource into divisions that need temporary uplift in cyber capability. The Cyber Advisory Services Manager acts as an important feedback loop into GCS: gathering intelligence from divisional engagements that informs the evolution of Group standards, identifies emerging needs, and ensures that GCS remains relevant and responsive to the businesses it serves. The role works in close partnership with the Cyber Architecture Manager, the Head of Cyber Assurance, and the Security Platform Engineering Manager to ensure that advisory activity is consistent with and supportive of the broader GCS strategy.
Technical Standards Advisory & Interpretation
Working Pattern: 37.5 hours per week, Monday - Friday.
Salary: £84,000 - £100,000
Benefits: Car allowance, Bupa, Matched pension contributions.
Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on.
Role Summary Reporting to the Deputy Group CISO, the Cyber Advisory Services Manager leads the GCS consulting and advisory capability - the function that turns Group cyber standards and expertise into practical, tailored support for all the divisions. This is a role for a confident, credible cyber security generalist with strong consulting instincts: someone who is equally comfortable advising a divisional CIO on strategic security posture, reviewing a firewall ruleset for technical debt, or scoping the cyber workstream of a merger integration programme. The role provides a broad portfolio of advisory services to the Group and its divisions, including technical standards advice and interpretation; security configuration, rule base assessment and policy change support; input to non functional security requirements for Group and divisional programmes; cyber security input to mergers, acquisitions, and divestiture activity; and the deployment of specialist consulting resource into divisions that need temporary uplift in cyber capability. The Cyber Advisory Services Manager acts as an important feedback loop into GCS: gathering intelligence from divisional engagements that informs the evolution of Group standards, identifies emerging needs, and ensures that GCS remains relevant and responsive to the businesses it serves. The role works in close partnership with the Cyber Architecture Manager, the Head of Cyber Assurance, and the Security Platform Engineering Manager to ensure that advisory activity is consistent with and supportive of the broader GCS strategy.
Technical Standards Advisory & Interpretation
- Provide authoritative advice to divisions, business units, and Group functions on the interpretation and practical application of the Group cyber technical standards and security policies; acting as the primary advisory interface between GCS and the divisions on matters of standards compliance, technology and implementation.
- Help divisions translate Group cyber standards into their specific operational context - providing pragmatic, risk proportionate guidance on what good looks like in their environment, and a credible path from current state to compliant state.
- Feed intelligence from divisional advisory engagements back into the standards development process; identify where standards are unclear, impractical, or creating unintended barriers, and work with the Cyber Architecture Manager and Head of Cyber Assurance to drive improvements.
- Lead and deliver security configuration and rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and provide clear, prioritised remediation recommendations.
- Provide technical review and advisory support for security policy change requests from divisions, assessing proposed changes against Group standards and architectural principles, and providing a clear recommendation with appropriate justification.
- Develop and maintain a structured approach to rule base and policy review across the Group, including tooling, methodology, scheduling, and output standards, ensuring consistent and repeatable assessment quality across different divisional environments.
- Provide security input to non functional requirements (NFRs) for Group and divisional programmes and projects; define the security properties that technology solutions must meet - covering areas such as authentication, authorisation, encryption, logging, resilience, and data classification - in a form that is actionable by project and engineering teams.
- Maintain and evolve a Group standard NFR library derived from the Group cyber technical standards, enabling consistent security requirements to be applied across the programme portfolio without reinventing them for each project; work with the Cyber Architecture Manager to ensure NFRs remain aligned to the enterprise architecture.
- Engage with divisional and Group programme teams at the point where security NFRs are being defined, ensuring security is embedded by design rather than added retrospectively; provide advisory support through the project lifecycle where security design decisions need to be revisited or refined.
- Lead the GCS advisory contribution to mergers, acquisitions, and divestiture activity; scope and deliver the cyber workstream in M&A programmes, covering pre deal due diligence support, integration planning, and the transition of acquired entities onto the Group cyber standard.
- Provide cyber advisory resource and expertise to other significant Group and divisional strategic programmes - including major technology transformations, ERP deployments, cloud migrations, and site openings or closures - ensuring security considerations are addressed at the right point in the programme lifecycle.
- Maintain a forward view of the M&A and strategic programme pipeline in collaboration with Group corporate development and divisional leadership, enabling advisory resource to be planned and mobilised proactively rather than reactively.
- Manage the GCS flexible resourcing pool as an advisory and consulting resource, deploying cyber consultants and specialist advisors into divisions that require temporary uplift in security capability - whether to support a programme, fill a capability gap, or accelerate compliance with Group standards.
- Work with divisional BISOs, CIOs, and IT security leads to understand their advisory and resource needs; define the scope and objectives of each deployment clearly, brief and onboard resources appropriately, and ensure that the output of each engagement meets the division's needs and GCS quality standards.
- Manage the demand pipeline for advisory and flexible resource deployments; prioritise requests in line with Group risk priorities, balance supply against demand, and ensure that resourcing decisions are transparent and agreed with the Deputy CISO and relevant divisional stakeholders.
- Ensure that flexible resources deployed into divisions are competent, well briefed on standards and culture, and set up to add genuine value from day one; maintain quality standards across the pool and build a pipeline of trusted specialists who understand the environment.
- Build and sustain trusted relationships with divisional BISOs, security leads, CIOs, and IT directors across all 11 divisions; position the Cyber Advisory Services function as a valued, accessible, and practical source of cyber expertise - not a bureaucratic overhead.
- Use divisional advisory engagements as an active intelligence gathering mechanism; identify common themes, recurring challenges, emerging risks, and capability gaps across the estate, and bring these insights back to the GCS Leadership Team to inform strategy, standards development, and investment priorities.
- Champion the GCS advisory model as a two way relationship; ensure divisions feel heard and that their feedback genuinely influences how GCS operates, while maintaining the Group standards and non negotiables that the advisory function exists to support.
- Lead and develop the permanent Cyber Advisory Services team; set clear standards of advisory quality, professional conduct, and output, and foster a culture where consultants take personal pride in the value they add to the divisions they support.
- Develop and maintain a service catalogue for the Cyber Advisory Services function that clearly articulates what the function offers, how to engage it, what divisions can expect, and how outcomes will be measured; make the function easy to access and straightforward to work with.
- Work in close partnership with the Cyber Architecture Manager, Head of Cyber Assurance, and Security Platform Engineering Manager to ensure advisory activity is consistent with the GCS strategy, avoids duplication of effort, and is integrated into the broader GCS operating model.
- 10+ years in cyber security, with a significant portion in advisory, consulting, or technical leadership roles requiring breadth across multiple security domains click apply for full job details
About Information Security Solutions