Director, Cybersecurity, Cyber Resilience, TC, UKI

Job Title: Director Cybersecurity Cyber Resilience

About EY:At EY we are committed to building a better working world. Our Cybersecurity Consulting Practice is rapidly expanding and we are investing in our capabilities to meet the increasing demand for cybersecurity solutions. Join us and be part of a global team of over 13000 professionals dedicated to delivering cutting-edge security transformation programs and services.

The Opportunity:As a Director in Cybersecurity Cyber Resilience you will bring diverse perspectives and deep subjectmatter expertise to deliver highquality insights and outcomes for our clients. You will play a strategic leadership role in shaping and overseeing complex cybersecurity resilience engagements strengthening senior client relationships and guiding teams to develop innovative practical solutions that help build greater resilience into their businesses.

Key Responsibilities:

• Lead and deliver cyber resilience transformation programmes owning end-to-end engagement delivery (scope quality timeline budget) and ensuring outcomes measurably improve preparedness response and recovery.
• Design run and continuously enhance cyber crisis simulations and tabletop exercises for executives and operational teamsensuring scenarios reflect the current threat landscape sector trends and the clients critical business services.
• Act as an outstanding facilitator and crisis conductor: guide senior leaders through high-pressure decision making inject realistic developments challenge assumptions and drive clear actions owners and lessons learned.
• Translate threat intelligence and emerging attacker tactics into practical resilience improvementslinking likely threats to business impact critical dependencies and control or capability gaps.
• Integrate cyber response and recovery into wider enterprise resilience plans including business continuity IT disaster recovery operational resilience third-party resilience and enterprise risk managementensuring cyber is embedded not bolted on.
• Partner with C-suite and functional leaders (CIO CISO COO Risk Legal Comms HR Ops) to strengthen organisational readiness clarify risk appetite and improve cross-functional coordination during incidents.
• Build capability roadmaps and investment cases for resilience (people/process/technology) prioritising initiatives that reduce time-to-detect time-to-respond and time-to-recover for critical services.
• Shape and grow a cyber resilience offering: originate opportunities develop proposals create market-facing materials and contribute thought leadership aligned to evolving resilience and regulatory expectations.
• Lead coach and inspire a high-performing cyber resilience teamdeveloping facilitation skills incident leadership scenario design expertise and client advisory confidence.
  
  
  Skills and Attributes for Success

• Exceptional facilitator and communicatorable to run engaging high-impact workshops and crisis simulations influencing senior audiences across business technology and risk.
• Deep understanding of the cyber threat landscape and attacker behaviours with the ability to convert threat insight into relevant scenarios decision points and resilience improvements.
• Strong resilience practitioner mindset: comfortable operating in ambiguity steering complex stakeholder groups and driving structured outcomes under time pressure.
• Strategic problem solverable to diagnose resilience gaps design pragmatic target-state capabilities and secure executive buy-in by linking cyber resilience to business continuity and critical service delivery.
• Experienced programme and engagement leaderable to structure and manage large complex initiatives and deliver measurable resilience outcomes.
• Commercially astute and quality-drivenbalancing pace with rigour managing delivery risk and protecting client and firm reputation.
• Collaborative leaderbuilds trusted relationships develops talent through coaching and mentoring and fosters a culture of continuous learning and accountability.
• Confident advisor at board/exec levelable to discuss governance risk appetite crisis communications regulatory considerations and operational resilience expectations.
• Strong market access and trusted relationships leveraging established sector networks and seniorlevel contacts to originate opportunities shape market conversations and strengthen the firms position with key decisionmakers.

To Qualify for the Role You Must Have

• Proven experience leading cyber resilience incident readiness and/or crisis management programmesdemonstrating tangible improvements in preparedness response effectiveness and recovery capability.
• Strong track record designing and facilitating cyber crisis simulations and tabletop exercises for senior stakeholders including scenario development exercise delivery and after-action reporting with actionable remediation plans.
• Experience building or enhancing incident response and recovery operating models: governance roles processes playbooks communications and integration with ITDR/BCP.
• Demonstrable ability to embed cyber into wider business resilience frameworks (e.g. business continuity operational resilience third-party resilience) and align cyber capabilities to critical business services and impact tolerances.
• Ability to develop compelling investment cases and prioritised roadmaps for resilience capability uplift aligned to organisational goals and risk appetite.
• Robust knowledge of relevant security and resilience frameworks and regulations (e.g. NIST CSF NIS/NIS2 sector-specific resilience expectations) and practical experience translating these into implementable capabilities and controls.
• Strong stakeholder management experience across C-suite technology operations legal risk and communicationsensuring coherent decision-making before during and after incidents.

Ideally Youll Also Have:

• Security-related qualifications such as CISSP CISM CISMP CIISEC.
• Experience operating within an NCSC Assured Cyber Consultancy.
• Sector experience in one or more of the following: Government & Public Sector Energy & Utilities Retail and Consumer Products Life Sciences Telecoms Media and Technology or Transport.
• Professional services experience with market-leading organisations in delivering cybersecurity solutions.

Join Us:At EY youll have the chance to build a meaningful and fulfilling career supported by an inclusive culture and cutting-edge technology. Together we can create a better working world for all.

What we look for

Were interested in people with integrity who can collaborate with people from a diverse range of backgrounds and crucially a growth mindset.

What we offer

We offer a competitive remuneration package where youll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development and with FlexEY you can select benefits that suit your needs covering holidays health and well-being insurance savings and a wide range of discounts offers and promotions. Plus we offer:

• Continuous learning:Youll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: Well provide the tools and flexibility so you can make a meaningful impact your way.
• Transformative leadership: Well give you the insights coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: Youll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above please contact us as soon as possible.

TCCyberUKI2026

Cyber2026