I recently answered a similar question.
https://learn.microsoft.com/en-us/answers/questions/1491037/only-allow-access-to-one-folder-and-its-subfolders
I believe that the answer to your question is the "Applies to" settings. By selecting "This folder only", that allows the user to read the directory but not any file contents. (The "and files" part.)
In the testing that I did, my testuser could see that Folder1, 2, and 3 existed, and that there was a file in the root of Data, but could only access file contents under Folder3. You might want to limit the Employee's access to "This folder only", because even if they can't read the contents. simply seeing that a file named 2024-Layoffs.xls exists in one of the managers subfolders might not be good.