Cyber Security Lead
Set2Recruit
Job Title: Cyber Security Lead
Location: Hertfordshire (Hybrid / 3 days a week in the office)
Please note: all applicants must have the right to work in the UK, unfortunately we're unable to offer sponsorship for this role.
About the Role
We're working with a growing Managed Service Provider (MSP) based in Hertfordshire, looking to appoint a Cyber Security Lead to lead their security and compliance function, manage a small internal team, and act as a trusted security advisor across their customer base. This role blends internal team leadership with external-facing compliance and virtual CISO work for clients — you'll need strong strategic security knowledge, though this isn't a deeply hands-on technical security role.
Key Responsibilities
- Lead and develop a small team (currently 2 junior team members), ensuring they're supported, mentored, and getting the best out of the tools and platforms available to them
- Oversee the effectiveness of security platforms used across the business, including their MDR provider, Adlumin (who manage 24x7 initial response and triage), ensuring maximum value and appropriate escalation processes are in place
- Act as the senior point of contact for MSP customers on security and compliance matters, guiding them towards certifications such as ISO 27001 and Cyber Essentials / Cyber Essentials Plus
- Provide virtual CISO (vCISO) services to core customer accounts — advising on security strategy, risk management, and governance at a senior/strategic level
- Set and own the overall security and compliance strategy internally, ensuring the business's own posture aligns with best practice and relevant frameworks
- Act as an escalation point for complex security or compliance issues raised by the team or by clients
- Build strong, credible relationships with clients — able to communicate security and compliance concepts clearly to both technical and non-technical stakeholders
What We're Looking For
- Strong strategic understanding of information security, risk, and compliance frameworks (ISO 27001, Cyber Essentials) — hands-on technical security experience is not essential, but credible working knowledge is required
- Previous experience within an MSP or IT services environment is highly desirable
- Experience leading or managing a small team, with the ability to coach and develop junior staff
- Comfortable operating in a client-facing, advisory capacity — ideally with prior vCISO, security consultancy, or compliance advisory experience
- Experience working with or overseeing MDR/security platforms
- Excellent communication and stakeholder management skills
- Based in or able to comfortably commute to Hertfordshire
What's On Offer
- Competitive salary
- Private healthcare
- 26 days annual leave + bank holidays
- Great training and career progression plans
- Hybrid working
Application opens at the source listing. Free for jobseekers.