Cyber Security Engineer (Hedge Fund) - Python/Powershell/SQL/Tableau BI/NIST/CISSP/CISA - PERM

Cyber Security Engineer (Hedge Fund) - Python/Powershell/SQL/Tableau BI/NIST/CISSP/CISA - PERM

We are seeking a Cyber Security Risk Engineer with a robust background in the full suite of modern technologies employed within an enterprise environment. This role requires a deep understanding of operating systems (Windows, Linux, MacOS, and Mobile), cloud services (Google, Amazon, Microsoft to include M365), network infrastructure, technologies, and protocols as well as databases.

Primary Responsibilities

Provide technical advice and guidance related to modern system architectures that meet stakeholder needs and provide functionality, security, and resilience by design.

Collaborate closely with compliance, legal, IT, business stakeholders, and external clients to understand operational requirements, regulatory obligations, and risk tolerance.

Serve as a technical point of contact for clients, addressing and managing their technical requirements, security concerns, and risk management needs.

Conduct comprehensive risk assessments of information systems, applications, business processes, and underlying technical infrastructure and clearly document identified risks with accompanied compensating controls that address security gaps when standard controls are not feasible. Monitor the effectiveness of compensating controls and recommend improvements as needed to maintain compliance and reduce residual risk across diverse technical environments.

Stay current with emerging threats, regulatory changes, and industry best practices in risk management, compensating controls, and evolving enterprise technologies.

Assist with incident response planning and post-incident risk evaluation, leveraging broad technical knowledge to assess impacts and recommend improvements.

Qualifications/Skills Required

Demonstrated experience working with information technology, information security, compliance, legal, business teams, and clients to assess and document security risks and compensating controls.

Advanced knowledge of risk management frameworks (eg, NIST, ISO 27001, CIS20) and regulatory requirements relevant to the financial sector is a plus.

Exceptional analytical, communication, and report-writing skills, with the ability to translate complex technical issues into clear, actionable recommendations for both technical and non-technical audiences.

Desired Skills

Experience in the financial services sector or advisory work with a leading consulting firm.

Familiarity with the design and evaluation of compensating controls in regulated environments.

Ability to translate technical risks into business impacts and actionable recommendations.

Experience presenting technical risk findings to executive leadership, clients, and non-technical stakeholders.

One or more of the following certifications: CISSP, CISA, CompTIA CySA+

Permanent - Central London based