The Project Manager will lead one, and possibly two, strategic enterprise‑wide initiatives. The initiatives involve the evaluation of technologies and service providers. The outcome of the evaluation will determine the progress of the projects, which would entail either implementing a technology or onboarding a service provider to provide a service.

This role requires a senior, experienced project manager with strong cybersecurity delivery experience, sufficient technical depth to engage credibly with security and engineering teams, and a proven ability to run structured Request for Proposal (RFP) processes within large, regulated organisations.

Key Responsibilities

Programme & Project Delivery

• Own end‑to‑end delivery of the projects, from initiation and vendor evaluation through to implementation and operational handover.
• Define and manage programme scope, milestones, dependencies, risks, and deliverables across multiple workstreams.
• Ensure alignment with enterprise security strategy, identity and access management (IAM) roadmaps, and broader zero‑trust and cyber‑resilience initiatives.
• Provide accurate, timely reporting to senior stakeholders, steering committees, and executive sponsors.

Technology Evaluation & RFP Management

• Lead a formal RFP process to identify and evaluate technologies and service
• Coordinate technical evaluations, proof‑of‑concept activities, and vendor due‑diligence exercises.
• Work closely with procurement, legal, risk, and compliance teams to ensure commercial, regulatory, and contractual alignment.

Technical & Security Engagement

• Act as a bridge between cybersecurity and risk teams and various other technical teams required to deliver the project
• Understand and articulate technical concepts
• Ensure security requirements, architectural standards, and risk controls are translated into clear project outcomes.

Stakeholder Management

• Engage with senior leaders across IT, Security, Risk, and Business functions.
• Drive alignment across teams with competing priorities in a complex enterprise environment.
• Manage third‑party vendors and system integrators to ensure delivery quality and accountability.

Governance, Risk & Compliance

• Ensure the programme meets internal security policies, regulatory expectations, and audit requirements applicable to the financial services sector.
• Identify, track, and mitigate risks related to identity‑based threats, operational disruption, and implementation challenges.

Required Experience & Qualifications

Essential

• Minimum 8+ years’ experience delivering complex cybersecurity projects or programmes.
• Proven experience managing enterprise‑scale security initiatives within the financial services sector or similarly regulated environments.
• Demonstrated success in running formal RFP processes, including vendor evaluation and selection.
• Strong project management discipline across budget, scope, risk, and stakeholder governance.
• Ability to engage confidently with technical and security specialists while maintaining a delivery‑focused mindset.

Technical Background (Required)

• Solid understanding of cybersecurity and third-party risk concepts
• Experience delivering projects spanning both on‑premises and cloud environments.
• Ability to translate technical risk into business‑relevant outcomes.

Desirable

• Experience with identity‑centric security or zero‑trust programmes.
• Exposure to non‑human identity, service account governance, or machine identity risk.
• Professional certifications such as PMP, PRINCE2, or equivalent.

Key Skills & Attributes

• Strong leadership and stakeholder‑management capability at senior levels.
• Highly organised, analytical, and delivery‑oriented.
• Comfortable operating in complex, matrixed enterprise environments.
• Able to balance strategic objectives with operational realities.
• Calm and decisive under pressure, with a proactive risk‑management mindset.