Title:
Cyber Risk & Compliance Manager
Reports to:
VP Cybersecurity
Capability Unit:
MAMK
Capability Group:
Platform
Capability Area:
Cybersecurity
Function:
IA
Level:
Specialist
Work Arrangement:
Remote, Hybrid
Position Summary
Metrea's Platform Team is searching for a results-oriented Cyber Risk & Compliance Manager with a deep understanding of the M365 technical and security capabilities. Aerospace industry experience would be ideal. This position is primary responsible for driving the development and integration of cybersecurity and information assurance programs, supporting bid and proposal efforts, conducting software security and risk assessments, and aligning system capabilities with regulatory and contractual requirements. The role also includes the development of dashboards and reports that reflect risk posture, compliance progress, and audit readiness across various business functions.
The ideal candidate will bring a strong foundation in cybersecurity compliance frameworks such as ISO 27001 and NIST RMF, paired with working knowledge of technical security features within Microsoft 365, including logging, access controls, and policy enforcement. The position requires excellent communication and analytical skills, as well as the ability to collaborate across technical, operational, and executive teams.
Role And Responsibilities
* Work closely with the security, cybersecurity, and information assurance team to develop and enhance needs for the overall infrastructure.
* Define and manage the Information Security Management System (ISMS) aligned with ISO 27001 and relevant frameworks.
* Support the evaluation and improvement of security policies, procedures, and standards.
* Ensure organizational compliance with regulations and contractual obligations.
* Oversee the Risk Management Framework (RMF) process, including security assessments, authorization, and ongoing monitoring.
* Conduct threat modeling and support the risk and vulnerability assessment of Metrea's ISMS.
* Establish cybersecurity risk management and supply chain assurance frameworks.
* Ensure integration of cybersecurity and information assurance into Business Continuity Planning (BCP) and Disaster Recovery (DR) strategies.
* Coordinate and participate in tabletop exercises, disaster recovery drills, and continuity tests.
* Analyze the security of new or existing software applications across the enterprise.
* Generate and review security reports for senior management.
* Capable of identifying, prioritizing, strategizing and mitigating risks associated across the enterprise.
* Support bid and proposal processes by ensuring cybersecurity and information assurance requirements are accurately represented.
* Staying current with emerging security threats, technologies and trends to develop and implement cybersecurity awareness programs, promoting a culture of security within Metrea.
Skills And Experience
* Self-motivated; team oriented; responsible, and reliable.
* Positive attitude and proactive style. Candidate must have the ability to work in a structured, yet variable environment.
* Capable of conducting regular risk and vulnerability assessments across Metrea's information systems.
* Oversee compliance assessments and internal/external audits.
* Approve supplier and third-party security policies and evaluate vendor compliance.
* Ensure Secure by Design (SbD) principles are embedded in all system developments and projects.
* Capable of reviewing, managing, and monitoring security dashboards and system logs for suspicious activity.
* Capable of preparing and maintaining documentation for system authorization, security plans, and assessment results.
* Capable of conducting and maintaining security awareness training programs, simulations, and compliance tracking.
* Ability to analytical and systematically breakdown complex problems and develop solutions.
* Capable of communicating and conveying technical information to a broad audience.
* Promote a collaborative environment to foster teamwork and team building.
* Ability to create technical specifications and documentation.
* Strong analytical skills.
* Good grasp of systems from "big picture" integration perspective.
* Ability to manage multiple tasks with attention to detail and accuracy.
* Must be organized, focused and able to deliver under tight timelines.
* Excellent interpersonal, written, and verbal communications skills, with the ability to interact with various levels of personnel, including end users, management, and developers.
Our Culture
Metrea's single core value "rooted in humility" is supported by four key attributes; entrepreneurial, systematic, discerning & over-deliver which combined; form our Teammate Firmware, our culture. These attributes are explored during the hiring process, when we grow our teams and to continually support the growth of our culture. We are a hyper-collaborative, dynamically hierarchical organization united by a passion for what we do, and how we do it, who we do it with, and who we do it for
Benefits
Private Medical Insurance
Subsided gym membership / plans through Wellhub
Electric Car scheme
Cycle to work scheme
Salary sacrificed pension scheme
Free lunch on office days
Security Clearance
As required
Equal Opportunities Statement
Metrea Managment Ltd (MAM) is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other characteristics protected by law.
Position Type and Expected Hours of Work
This is a full-time position with typical working hours of Monday through Friday, 9:00 a.m. to 6:00 p.m. Hours and work shifts may change in accordance with department and business needs. Exempt Employees must have the ability to be on-call and available, as business needs require. Non-Exempt employees may be required to work over 40 hours per week with approval from the department manager.
Travel
Minimal, as required
Work Location
London
Work Environment
This job operates in an office setting