Requirements
Bachelor’s degree in computer science, Cybersecurity, or related field
8+ years of experience in cybersecurity or information security roles
Experience designing and implementing enterprise scale security principles
Proven ability to influence and work with cross-functional teams and departments
Hands on experience with end user and cloud security (Azure, AWS, Windows and MAC O/S)
Strong technical knowledge of software development (CI/CD pipeline), cloud and security by design ways of working
Experience with security frameworks (NIST, ISO/IEC 27001, NIS2 TISAX)
Security architecture & Zero Trust principles
Cloud security (Azure & AWS)
DevSecOps and CI/CD security integration (SDLC)
Security frameworks & compliance (ISO 27001, NIST, NIS2, TISAX)
Workflow Automation & AI adoption
Stakeholder management & technical leadership
Microsoft Azure (E5 Toolset) - Defender for Cloud, Defender for Endpoint, Defender for Identity, Microsoft Purview
AWS Security Hub (CSPM), Amazon Guard Duty, AWS Inspector, AWS Identity Analyser, AWS Config
SonarCloud (SAST Tooling)
Atlassian Cloud (Confluence / Jira)
Vanta (GRC)
Strong Microsoft Office 365 knowledge
(Desirable) ISC2 - CISSP/CCSP/CSSLP
(Desirable) AWS Certified Security - Specialty
(Desirable) Microsoft Azure Security Engineer Associate (AZ-500)
(Desirable) Microsoft Cybersecurity Architect Expert (SC-100)
(Desirable) GIAC GSSP/ GCSA
What the job involves
Responsible for leading the design, implementation, and continuous improvement of security engineering practices across cloud, on-premise, and hybrid environments. This role drives security-by-design principles, DevSecOps integration, Cloud and platform hardening, while providing technical leadership across the organisation
Define and implement security-by-design principles across cloud, on-premise, endpoint, and network environments
Embed security into CI/CD pipelines (DevSecOps) in collaboration with engineering and DevOps teams
Conduct and lead security risk assessments, ensuring mitigation strategies are implemented across new applications, platforms, and third-party tools
Own and enhance cloud, platform, and endpoint security posture, including monitoring for configuration drift and vulnerabilities
Develop and enforce hardening standards across endpoints (Windows/macOS), servers, and compute environments
Support and partner with teams across IAM, GRC, DLP, SOC, and Vulnerability Management to strengthen overall security capability
Own and manage security tools related to the role and discipline e.g. SAST Tooling
Drive automation, AI usage and tooling improvements to increase efficiency and reduce risk
Provide support to the business as it relates to solution design, project and change management security
Provide technical leadership and incident response support during security events
Collaborate with IT, DevOps, Software, Networks and Infra teams to embed security practices
Stay current on emerging threats, vulnerabilities, and security technologies
#J-18808-Ljbffr