Define clear security requirements for programmes and agile initiatives, including user stories and acceptance criteria.
Lead security design reviews and provide expert guidance on control implementation.
Identify and manage complex security risks, creating practical mitigation strategies.
Embed security throughout product and programme lifecycles across diverse delivery models.
Manage escalations and advise on critical security decisions impacting delivery.
Present security findings and recommendations to senior leaders and stakeholders.
Provide expert consultation on technical security decisions during development and delivery.
Support security assessments for vendors and third-party integrations.
Collaborate with product owners, project managers, and technical leads to integrate security seamlessly.
Champion a security-first culture and promote awareness across teams.
Drive continuous improvement through retrospectives and feedback loops.
Coordinate with other security functions to ensure comprehensive coverage.
Contribute to process improvements and ensure consistent application of security standards.

Requirements

Extensive experience in information security, including security consulting and assurance roles.
Strong knowledge of cyber security principles, practices, and emerging technologies.
Proven ability to lead complex security assessments and assurance activities.
Expertise in cloud security concepts and best practices across major platforms (Azure, GCP)
Skilled in engaging and influencing senior executives, technical leaders, and diverse stakeholders.
Excellent written and verbal communication skills, able to simplify complex security topics.
Deep understanding of security frameworks and standards (e.g., NIST CSF, ISO 27001, CIS Controls, OWASP).
Experience embedding security within agile delivery and traditional project methodologies.
Ability to work on complex, multi-disciplinary programmes and product initiatives.
Advanced security certifications (CISSP, CISM etc.) and specialist knowledge across multiple domains (preferred).
Familiarity with regulated environments and large-scale organisational contexts (preferred).
Strong capability in security reviews, control validation, and assurance methodologies.
Understanding of security testing approaches, tools, and integration with CI/CD pipelines.
Awareness of security implications of emerging technologies such as AI, ML, and IoT.

Benefits

25 days holiday, increasing through length of service, with option to buy or sell
Bupa medical insurance as a benefit in kind
An enhanced pension plan and life insurance
Target bonus of 10% based on individual and company performance
Onsite gyms or local discounts where no onsite gym available
Various other benefits and online discounts

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securitycyber security principlescloud securitysecurity assessmentssecurity frameworkssecurity testingcontrol validationassurance methodologiesagile deliveryCI/CD pipelines

Soft Skills

leadershipcommunicationinfluencingcollaborationproblem-solvingcritical thinkingadaptabilitypresentation skillsstakeholder engagementcontinuous improvement

Certifications

CISSPCISM