Key skills
AzureCloudCyber SecurityGoogle Cloud PlatformIoTAIMLGCPGoogle CloudAgileCI/CDCommunicationOWASPCloud Security
About this role
Role Overview
- Define clear security requirements for programmes and agile initiatives, including user stories and acceptance criteria.
- Lead security design reviews and provide expert guidance on control implementation.
- Identify and manage complex security risks, creating practical mitigation strategies.
- Embed security throughout product and programme lifecycles across diverse delivery models.
- Manage escalations and advise on critical security decisions impacting delivery.
- Present security findings and recommendations to senior leaders and stakeholders.
- Provide expert consultation on technical security decisions during development and delivery.
- Support security assessments for vendors and third-party integrations.
- Collaborate with product owners, project managers, and technical leads to integrate security seamlessly.
- Champion a security-first culture and promote awareness across teams.
- Drive continuous improvement through retrospectives and feedback loops.
- Coordinate with other security functions to ensure comprehensive coverage.
- Contribute to process improvements and ensure consistent application of security standards.
Requirements
- Extensive experience in information security, including security consulting and assurance roles.
- Strong knowledge of cyber security principles, practices, and emerging technologies.
- Proven ability to lead complex security assessments and assurance activities.
- Expertise in cloud security concepts and best practices across major platforms (Azure, GCP)
- Skilled in engaging and influencing senior executives, technical leaders, and diverse stakeholders.
- Excellent written and verbal communication skills, able to simplify complex security topics.
- Deep understanding of security frameworks and standards (e.g., NIST CSF, ISO 27001, CIS Controls, OWASP).
- Experience embedding security within agile delivery and traditional project methodologies.
- Ability to work on complex, multi-disciplinary programmes and product initiatives.
- Advanced security certifications (CISSP, CISM etc.) and specialist knowledge across multiple domains (preferred).
- Familiarity with regulated environments and large-scale organisational contexts (preferred).
- Strong capability in security reviews, control validation, and assurance methodologies.
- Understanding of security testing approaches, tools, and integration with CI/CD pipelines.
- Awareness of security implications of emerging technologies such as AI, ML, and IoT.
Tech Stack
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- IoT
Benefits
- 25 days holiday, increasing through length of service, with option to buy or sell
- Bupa medical insurance as a benefit in kind
- An enhanced pension plan and life insurance
- Target bonus of 10% based on individual and company performance
- Onsite gyms or local discounts where no onsite gym available
- Various other benefits and online discounts