Overview
Manager, Cyber Security, Cyber Transformation and Assessment, TC UKI – Location: London; Other locations: Primary Location Only. Date: 28 Jan 2026 | Requisition ID: 1677300
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
Responsibilities
- Support the design and delivery of cyber security transformation programmes, including operating model design, capability uplift and technology modernisation.
- Advise clients on integrating cyber security into digital, cloud, data and business transformation initiatives – including the impact of innovative / disruptive technologies such as AI.
- Translate complex cyber risks into business-relevant insights and actionable recommendations.
- Conduct cyber maturity, risk and resilience assessments (e.g. against NIST CSF, NIS2, ISO27001, CAF).
- Deliver high-quality cybersecurity engagements, ensuring alignment with EY’s standards of technical excellence and client satisfaction.
- Build and maintain strong relationships with clients, leveraging these connections to effectively execute work and understand their business agendas.
- Maintain open and proactive communication with clients and stakeholders, building credibility by staying informed about their businesses and industry trends.
- Develop and manage project plans, ensuring timely delivery and effective resource allocation.
- Foster a positive team environment by mentoring and coaching junior staff, conducting performance reviews, and contributing to their professional development.
- Support business development activities, including proposal writing and impactful presentations to potential clients.
- Contribute to recruiting, retaining, and training cybersecurity professionals, ensuring a high-performing team.
Skills and Attributes for Success
- Professional demeanor with the ability to establish credibility and demonstrate expertise quickly.
- Excellent communication skills, both oral and written, tailored to diverse audiences.
- Strong team player who values collaboration and kindness that encourages open communication among team members.
- Proven ability to deliver high-quality outputs against project objectives and tight deadlines.
- Experience in people management, coaching, and developing colleagues.
- The ability to build capabilities and drive innovation.
To Qualify for the Role, You Must Have
- Professional experience delivering cybersecurity solutions, either in an operational or consulting capacity.
- High level of drive and commitment to achieving solutions, with the ability to work under pressure and in unstructured environments.
- Expertise in developing impactful written presentations, bids / proposals and engaging effectively with senior stakeholders.
- Specialisation in one or more of the following areas: Governance, Risk, and Compliance; Cyber Security Culture, Transformation or large Cyber Security Programme Delivery.
Desirable/Additional Qualifications
- Security-related qualifications such as CISSP, CISM, CISA, CRISC or ISO27001 lead implementer or auditor.
- Experience operating within an NCSC Assured Cyber Consultancy.
- Experience in regulated sectors (financial services, critical infrastructure, healthcare, government).
- Understanding of the cybersecurity regulatory landscape and assessment frameworks (e.g., NIS2, NIST CSF).
- Key delivery experience in cybersecurity strategy, transformation, and compliance.
- Sector experience in Government & Public Sector, Energy & Utilities, Retail and Consumer Products, Life Sciences, Telecoms, Media and Technology, or Transport.
- Professional services experience with market-leading organizations in delivering cybersecurity solutions.
Other Requirements
Please note: The successful candidate must undergo and pass checks in line with SC (Security Check) clearance standards after joining EY. These checks may include, but are not limited to, verification of identity, right to work in the UK, employment history, proof of address may be required and unspent criminal convictions. Candidates must be a UK national or have been a resident in the UK for a minimum of five years and ensure that they have not spent more than six months outside the UK.
What We Offer
- We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions.
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
Apply Now
TCCyberUKI2026
Cyber2026
EY | Building a better working world
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
Provider
Description
Enabled
SAP as service provider
- "route" is used for session stickiness
- "careerSiteCompanyId" is used to send the request to the correct data centre
- "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor