Key skills
Cyber SecurityFirewallsSAMLLDAPAgileRisk ManagementOWASP
About this role
Role Overview
- Deliver day to day IT security objectives and lead assigned projects or assurance activities.
- Integrate cyber assurance into multiple delivery methodologies (Agile, Waterfall, SAFe, Incremental, DevOps).
- Act as a point of contact for client security teams on assurance matters.
- Conduct vulnerability assessments, ITHCs, incident response activities, and evaluate responses to system security requirements.
- Support accreditation and continuous assurance using recognised risk frameworks (ISO, NIST) and structured analysis methods.
- Maintain and develop ISMS documentation and security artefacts (SyOPS, RMADS, Security Management Plans).
- Contribute to the analysis of system security weaknesses and communicate findings to programme leads and engineering teams.
- Understand security monitoring tools, logs, alerts, and protective monitoring systems (e.g., SIEM/SOC).
- Maintain the Information Security Risk Register and coordinate monthly vulnerability management activities, ensuring remediation is tracked, reported, and aligned with the Security POAP.
- Support delivery of contracted service levels and participate in security governance forums such as Security Working Groups.
- Assist with security policy development, cryptographic assurance, audit support, and compliance with regulatory and client standards.
Requirements
- Proven cybersecurity or information assurance experience.
- Proficiency with common security tools (firewalls, IDS/IPS, antivirus, SIEM).
- Familiarity with frameworks such as NIST, CIS, OWASP, ISO 27001.
- Strong understanding of cybersecurity principles, CIA, risk management, and incident response.
- Experience across the systems engineering lifecycle and its supporting processes.
- Hands on experience with ITHC management, vulnerability assessment, and security assurance.
- Familiarity with accreditation processes for secure/sensitive systems.
- Experience maintaining security documentation sets (SyOPS, RMADS, ISMS elements).
- Practical understanding of: Network and boundary protection technologies (firewalls, gateways, IDS/IPS, diodes).
- Protective monitoring systems (SIEM/SOC).
- Authentication and authorisation (PKI, LDAP, SAML).
- Encryption principles and secure communications.
Tech Stack
- Cyber Security
- Firewalls
Benefits
- Contributory Pension Scheme
- Private Medical Insurance
- 33 days Annual Leave (including public and privilege holidays)
- Access to Flexible benefits (including life assurance, health schemes, gym memberships, annual buy and sell holidays and a cycle to work scheme)
- Flexi-Time