Cyber Security Policy Manager

I'm currently supporting a global organisation on the search for a Cybersecurity Policy Manager to join their growing cybersecurity function based in Liverpool.

Our client is a globally recognised manufacturing organisation operating across multiple international markets and regarded as a market leader within its sector.

With continued investment across technology, digital transformation and cybersecurity, the business is further strengthening its enterprise security and governance capability to support a complex global environment.

This is a strategic governance and compliance focused role, responsible for helping shape and strengthen the organisation's cybersecurity policy framework, regulatory compliance posture, and enterprise-wide cyber governance capability.

The successful candidate will work closely with Legal, Privacy, IT, Audit and Security teams, ensuring the business remains aligned with evolving cybersecurity regulations and industry frameworks including NIST, ISO
27001, GDPR, PCI DSS and NIS
2.

Key responsibilities include:

• Developing and maintaining cybersecurity policies, standards and controls
• Driving compliance and regulatory readiness across the organisation
• Monitoring emerging cybersecurity legislation and regulatory changes
• Supporting internal and external audit activities
• Advising stakeholders on cyber risk, governance and compliance matters
• Delivering compliance awareness initiatives and best practice guidance
• Supporting enterprise-wide cybersecurity and transformation programmes
• Reporting compliance risks, findings and metrics to senior stakeholders.
• Degree qualified within IT, Cybersecurity, Information Systems or a related discipline, or equivalent industry experience
• Proven experience within Cybersecurity Governance, Risk & Compliance, IT Audit, Security Compliance or related areas
• Strong understanding of cybersecurity and IT governance frameworks such as NIST, SOX and ITIL
• Experience supporting and managing regulatory compliance activities within complex enterprise environments
• Exposure to IT General Controls (ITGC) and SOX-related processes would be highly advantageous
• Excellent stakeholder management skills with the ability to work cross-functionally across IT, Finance, Audit, Compliance and wider business teams
• Strong communication skills, both written and verbal, with the ability to present complex information clearly to technical and non-technical audiences
• Analytical and detail-oriented mindset with strong organisational and problem-solving capabilities
• Comfortable working both independently and collaboratively within global teams
• Ability to manage multiple priorities and work effectively within deadline-driven environments
• Experience using GRC platforms and strong proficiency across Microsoft Office applications, particularly Excel
• Professional certifications such as CISA, CIA, CPA or similar would be beneficial