Project Manager - Cyber Security Services

Role Overview

As a Cyber Project Manager within IBM Consulting’s Security Services practice, you will lead the end‑to‑end delivery of complex cyber programmes across public and private sector environments. The role involves managing scope, schedule, cost, risk, and stakeholder expectations while coordinating multidisciplinary teams to deliver secure‑by‑design solutions and measurable business outcomes.

• Lead full lifecycle delivery of cyber security projects, ensuring scope, quality, schedule, and cost targets are achieved.
• Establish and run project governance, including RAID management, dependency tracking, change control, financial reporting, and stage‑gate reviews.
• Coordinate cross‑functional teams—security consultants, engineers, architects, PMO, suppliers, and client stakeholders—to deliver aligned outcomes.
• Drive secure‑by‑design delivery, ensuring security requirements are captured, validated, and embedded into programme and platform decisions.
• Manage risks, issues, and decisions, maintaining clear logs, proactive mitigation, and transparent escalation pathways.
• Collaborate with technical leads across IAM, Infrastructure, SIOC, OT, Dev Sec Ops , and GRC to ensure deliverables are technically accurate and cohesive.
• Prepare and deliver project documentation, including project initiation documentation, plans, status reporting, commercial updates, and post‑implementation reviews.
• Engage senior stakeholders, providing structured, business‑aligned communication around delivery progress, risk posture, and operational readiness.
• Manage third‑party suppliers, subcontractors, and MSSPs, ensuring commercial performance and contractual alignment.
• Support financial forecasting and budget management, ensuring accurate cost tracking, billing, and change management.
• Ensure compliance with cyber and regulatory standards relevant to the project (e.g., ISO 27001, NIST CSF, NIS/NIS2, CAF, CE+).
• Contribute to continuous improvement, feeding back lessons learned, process enhancements, and best practices across Future Now delivery teams.

None

Bachelor's Degree

• Proven experience delivering complex cyber or technology projects in fast‑paced, matrixed environments.
• Strong understanding of cyber security domains, such as IAM, infrastructure security, cloud security, SOC/SIEM, or GRC (deep technical expertise not required).
• Demonstrable experience managing RAID, change control, planning, reporting, dependencies, and budgets.
• Hands‑on project leadership, not just oversight—demonstrated ability to drive momentum, unblock delivery, and ensure outcomes land.
• Ability to translate technical detail into business language, enabling effective communication with both engineering teams and executive stakeholders.
• Experience in regulated industries (public sector, defence, finance, utilities, or CNI) is highly beneficial.
• Excellent stakeholder management skills, including steering group facilitation and senior leadership engagement.
• Familiarity with secure‑by‑design concepts, governance uplift, controls alignment, incident readiness, or related cyber initiatives.
• Experience managing vendors or MSSPs, including contract adherence, work‑package delivery, and performance tracking.
• Strong documentation and reporting capability, producing clear and structured plans, summaries, and business cases.

• Formal qualifications such as PRINCE2, APM PMQ/PPQ, MSP, Scrum Master, or equivalent project delivery certifications.
• Experience delivering cyber programmes in public‑sector, defence, or critical national infrastructure settings.
• Understanding of NCSC CAF, NIST CSF, NIS/NIS2, or other sector‑specific security frameworks.
• Experience delivering across multiple Future Now domains (e.g., IAM, SIOC, Infrastructure, OT, GRC, Dev Sec Ops ).
• Demonstrated ability to run multi‑vendor transformation programmes, including contract negotiation or oversight.
• Experience managing cloud transformation projects, especially those requiring coordinated change across identity, network, and security tooling.
• Exposure to security operations…