Cyber Security Manager
BH-312654
Posted: 02/09/2025
- Competitive
- Scotland Scotland Aberdeen
- Contract
-
Oil & Gas
Job Title: Cyber Security Manager
Reports to: CIO (Chief Information Officer)
Location: Aberdeen, UK
Contract Length: Until 31/12/2026
Description:
Role Overview
The Cyber Security Manager will play a critical leadership role in shaping, implementing, and maintaining our client’s cybersecurity strategy and operational resilience. Reporting directly to the CIO, the role will act as the tactical and operational cybersecurity lead, managing security engineering, monitoring, response, governance, and awareness programs. This is ideal for someone with strong leadership skills, deep cybersecurity knowledge, and practical experience operating in industrial environments.
Key Responsibilities
Cybersecurity Strategy and Governance
• Development and execution of cyber strategy and risk posture.
• Define and implement cybersecurity policies, standards, and procedures aligned to ISO27001, NIST, and OG86 frameworks.
• Conduct regular threat assessments and ensure alignment of security controls with business risk appetite.
• Monitor compliance with regulatory and shareholder cybersecurity obligations, including NIS2 and UK critical infrastructure laws.
Responsbile for Information Risk Management across the IT function.
Operational Security Leadership
• Lead cybersecurity operations including Security Operations Centre (SOC), SIEM management, and incident response coordination.
• Oversee vulnerability management, patch management, and threat detection for both IT and OT systems.
• Partner with IT and OT teams to embed security across network infrastructure, cloud services, and field operations.
• Manage third-party security risk, including joint venture interfaces, vendors, and BPO service providers.
• Build, lead, mentor, and develop a high-performing cyber security team.
Risk, Awareness, and Culture
• Champion a strong security culture through education, awareness, and engagement.
• Lead cyber and IT risk assessments across the enterprise, producing mitigation plans and escalating risks appropriately.
• Act as a subject matter expert (SME) during audits, regulator reviews, and board reporting cycles.
Transformation and Transition
• Support the separation of IT estate fromlegacy systems, ensuring cyber risk is proactively managed during transition.
• Design and implement the foundational security architecture for a greenfield technology landscape, including secure cloud, identity management, and endpoint protection.
Qualifications & Experience
Required:
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• Minimum 10 years of experience in IT risk management or cybersecurity roles, including at least 3 years in leadership/management.
• Familiarity with security frameworks (NIST CSF, ISO 27001), regulatory requirements (NIS2, GDPR), and OT standards (IEC 62443, OG86).
• Strong vendor and stakeholder management skills.
Preferred:
• Professional certifications such as CISSP, CISM, or SANS GIAC.
• Deep understanding of both enterprise IT and industrial control systems (ICS/SCADA) in upstream energy.
• Proven experience in managing SOC operations, incident response, and threat intelligence.
What We Offer
• Opportunity to build a cybersecurity function in a high-impact role at a newly formed, agile energy company.
• Exposure to both enterprise and operational cybersecurity challenges in the UK’s most ambitious upstream JV.
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.
Reports to: CIO (Chief Information Officer)
Location: Aberdeen, UK
Contract Length: Until 31/12/2026
Description:
Role Overview
The Cyber Security Manager will play a critical leadership role in shaping, implementing, and maintaining our client’s cybersecurity strategy and operational resilience. Reporting directly to the CIO, the role will act as the tactical and operational cybersecurity lead, managing security engineering, monitoring, response, governance, and awareness programs. This is ideal for someone with strong leadership skills, deep cybersecurity knowledge, and practical experience operating in industrial environments.
Key Responsibilities
Cybersecurity Strategy and Governance
• Development and execution of cyber strategy and risk posture.
• Define and implement cybersecurity policies, standards, and procedures aligned to ISO27001, NIST, and OG86 frameworks.
• Conduct regular threat assessments and ensure alignment of security controls with business risk appetite.
• Monitor compliance with regulatory and shareholder cybersecurity obligations, including NIS2 and UK critical infrastructure laws.
Responsbile for Information Risk Management across the IT function.
Operational Security Leadership
• Lead cybersecurity operations including Security Operations Centre (SOC), SIEM management, and incident response coordination.
• Oversee vulnerability management, patch management, and threat detection for both IT and OT systems.
• Partner with IT and OT teams to embed security across network infrastructure, cloud services, and field operations.
• Manage third-party security risk, including joint venture interfaces, vendors, and BPO service providers.
• Build, lead, mentor, and develop a high-performing cyber security team.
Risk, Awareness, and Culture
• Champion a strong security culture through education, awareness, and engagement.
• Lead cyber and IT risk assessments across the enterprise, producing mitigation plans and escalating risks appropriately.
• Act as a subject matter expert (SME) during audits, regulator reviews, and board reporting cycles.
Transformation and Transition
• Support the separation of IT estate fromlegacy systems, ensuring cyber risk is proactively managed during transition.
• Design and implement the foundational security architecture for a greenfield technology landscape, including secure cloud, identity management, and endpoint protection.
Qualifications & Experience
Required:
• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• Minimum 10 years of experience in IT risk management or cybersecurity roles, including at least 3 years in leadership/management.
• Familiarity with security frameworks (NIST CSF, ISO 27001), regulatory requirements (NIS2, GDPR), and OT standards (IEC 62443, OG86).
• Strong vendor and stakeholder management skills.
Preferred:
• Professional certifications such as CISSP, CISM, or SANS GIAC.
• Deep understanding of both enterprise IT and industrial control systems (ICS/SCADA) in upstream energy.
• Proven experience in managing SOC operations, incident response, and threat intelligence.
What We Offer
• Opportunity to build a cybersecurity function in a high-impact role at a newly formed, agile energy company.
• Exposure to both enterprise and operational cybersecurity challenges in the UK’s most ambitious upstream JV.
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.