Senior Software Security Engineer, Detection & Response Engineering
Grafana Labs
CloudGoGrafanaKubernetesPythonReactTypeScript
Information Security Manager, Cyber Security Business Partner
PEXA
full-time
Posted on:
Location: 🇬🇧 United Kingdom
Visit company websiteSalary
💰 £65,000 - £75,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud Platform
About the role
- Act as the security point of contact for UK business units, aligning cyber security goals with business priorities
- Provide guidance on secure-by-design principles during project planning, procurement, and solution development
- Build strong relationships across technical and non-technical stakeholders to promote security best practices
- Ensure the business’ information security posture is continuously improved through proactive security measures, monitoring, and reporting
- Lead and manage customer cyber security assurance activities, including due diligence and technical assurance engagements
- Support development and maintenance of materials evidencing cyber maturity and compliance posture
- Liaise with internal audit and risk functions to ensure cyber and information security controls align with FCA expectations and industry standards
- Lead preparation and support for external audits including ISO 27001 and Cyber Essentials Plus
- Provide expertise on cloud security controls across AWS and Azure environments
- Ensure secure adoption of cloud-native services per recognised frameworks (CIS, NIST, OWASP)
- Identify and assess cyber risks within business processes and technology environments
- Support risk mitigation planning, tracking, and reporting in line with enterprise risk frameworks
- Contribute to business-targeted cyber security awareness and education initiatives
- Produce and maintain reporting information as required
Requirements
- 5+ years’ experience in a cyber security, risk, or assurance role
- Strong stakeholder-facing exposure
- Experience managing customer cyber assurance activities
- Experience supporting external audit preparation (ISO 27001, Cyber Essentials Plus)
- Proficient in cloud security (AWS, Azure, or GCP), including security control implementation and risk assessment
- Working knowledge of NIST, ISO 27001, FCA Handbook (SYSC), and NCSC guidance
- Excellent verbal and written communication skills
- Desirable: background in financial services or regulated industries
- Desirable: experience in third-party/vendor risk assessment and assurance
- Desirable: relevant Cyber Security or IT degree level education
- Desirable: ISO 27001 Lead Implementer / Auditor
- Desirable: CISSP, CISM, CRISC
- Desirable: AWS/Azure security certifications
