Russell Taylor Group Ltd
ICS OT Cyber Security Consultant Home based with travel to Staffordshire and UK-wide customer sites Are you an OT/ICS cyber specialist who enjoys getting hands-on with red team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What's in it for you Fantastic basic salary 28 days holiday plus bank holidays 6.5% pension scheme Life assurance policy Private health care Green car scheme Support in achieving or maintaining chartered status (e.g. IET, BCS, CIISEC) with professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as IEC 62443, NIST SP800-82 and NIS-R Helping deploy, configure and maintain OT cybersecurity and security monitoring solutions Contributing to crisis simulations, incident response plans and cybersecurity awareness training Preparing reports, documenting findings and recommending improvements to strengthen cyber resilience Supporting proposal development and wider service delivery documentation Where you'll be doing it You'll be joining a long-established advanced systems integrator focused on operational technology and digital transformation. They deliver complex, business-critical projects across highly regulated industrial sectors including energy, water, renewables and manufacturing, helping clients optimise performance and manage cyber risk at scale. What you'll need A degree in Engineering, Computer Science or a related discipline, plus around 3-5 years' practical cyber security experience Hands-on experience in offensive security (penetration testing, vulnerability assessment, adversary simulation) Working knowledge of ICS/OT environments (e.g. SCADA, PLCs, RTUs) and securing IT/OT interfaces At least one relevant ICS/OT certification (e.g. SANS GICSP, SANS GRID, or IEC 62443) Familiarity with ICS protocols (MODBUS, OPC, DNP3) and core network security principles (switching, routing, firewalls) Experience deploying or supporting OT cybersecurity solutions and monitoring tools Ability to develop attack scenarios and validate security posture against recognised frameworks (e.g. NIST 800-53/82, IEC 62443) Exposure to incident response, including testing and improving detection and response capabilities Strong communication and stakeholder engagement skills, comfortable with both technical and non-technical audiences Eligible for UK Cyber Security Council Practitioner registration (or close to it - SFIA Level 4) Eligible for SC clearance We appreciate your CV may not be up to date. No problem, just apply and we can deal with that later. Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Russell Taylor will be acting within your interest and will contact you in relation to the role, either by email, phone or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please get in touch with us here.
ICS OT Cyber Security Consultant Home based with travel to Staffordshire and UK-wide customer sites Are you an OT/ICS cyber specialist who enjoys getting hands-on with red team activities in critical industrial environments? Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing? What's in it for you Fantastic basic salary 28 days holiday plus bank holidays 6.5% pension scheme Life assurance policy Private health care Green car scheme Support in achieving or maintaining chartered status (e.g. IET, BCS, CIISEC) with professional membership fees covered What will you be doing? Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises Planning and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as IEC 62443, NIST SP800-82 and NIS-R Helping deploy, configure and maintain OT cybersecurity and security monitoring solutions Contributing to crisis simulations, incident response plans and cybersecurity awareness training Preparing reports, documenting findings and recommending improvements to strengthen cyber resilience Supporting proposal development and wider service delivery documentation Where you'll be doing it You'll be joining a long-established advanced systems integrator focused on operational technology and digital transformation. They deliver complex, business-critical projects across highly regulated industrial sectors including energy, water, renewables and manufacturing, helping clients optimise performance and manage cyber risk at scale. What you'll need A degree in Engineering, Computer Science or a related discipline, plus around 3-5 years' practical cyber security experience Hands-on experience in offensive security (penetration testing, vulnerability assessment, adversary simulation) Working knowledge of ICS/OT environments (e.g. SCADA, PLCs, RTUs) and securing IT/OT interfaces At least one relevant ICS/OT certification (e.g. SANS GICSP, SANS GRID, or IEC 62443) Familiarity with ICS protocols (MODBUS, OPC, DNP3) and core network security principles (switching, routing, firewalls) Experience deploying or supporting OT cybersecurity solutions and monitoring tools Ability to develop attack scenarios and validate security posture against recognised frameworks (e.g. NIST 800-53/82, IEC 62443) Exposure to incident response, including testing and improving detection and response capabilities Strong communication and stakeholder engagement skills, comfortable with both technical and non-technical audiences Eligible for UK Cyber Security Council Practitioner registration (or close to it - SFIA Level 4) Eligible for SC clearance We appreciate your CV may not be up to date. No problem, just apply and we can deal with that later. Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Russell Taylor will be acting within your interest and will contact you in relation to the role, either by email, phone or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please get in touch with us here.
Tribe Recruitment
City, Manchester
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
Technology Services Group
City, Birmingham
Job Title: Technical Consultant Location: Home Based Salary: Highly Competitive + Bonus Job type: Full Time, Permanent About the role; As a Technical Consultant, you will be part of the Technical Delivery team. The Microsoft Cloud platforms are central to our business strategy, and this role will require you to architect and deploy solutions within Microsoft 365 and Azure. You will design, plan, execute and complete projects according to agreed deadlines and within budget. Who are we? TSG (Technology Services Group) are a Managed IT Services provider supporting businesses UK wide with their technology solutions. As a Microsoft Partner we are committed to delivering excellence for our customers alongside investing in our colleagues to provide them with the knowledge and tools required to deliver great results. TSG are one of the few Microsoft Partners in the UK who hold all six Microsoft designations, and one of the only partners who specialise in mid-market. Our commitment to excellence for our customers and employees is backed by our consistent world class NPS score of and our accreditation as a 'Great Place to Work' in addition to being placed on the 'UK's Best Workplaces in Tech' list in both 2024 and again in 2025. Our guiding principles of Team TSG, Service Excellence and Shared growth are at the heart of everything we do. Job responsibilities will include, but are not limited to; Design and implement technical solutions predominately within Microsoft 365 and Microsoft Azure Design authority for Project Delivery team Pre-project liaison with customers / Client Success Managers / Client Directors and Technical Specialists to agree objectives Prepare technical plans and execution of plan to completion with customer acceptance Hardware and software installations based primarily around Microsoft / Hewlett Packard technologies at customer sites UK Wide Document all project work to a high standard Maintain awareness of new and emerging technologies Assist with post-installation issues where required About you: Knowledge, Skills & Experience; Educated to degree level or equivalent At least one Microsoft Azure certification - preferably Microsoft Azure Architect Expert (AZ303/304 or AZ104/305) Current or working towards; Microsoft Expert, CCNA, VCP or equivalent qualification would be desirable Prince2 Foundation/Practitioner or other project management qualifications would be a distinct advantage Significant experience in a similar role Proven effective communication and influencing skills Excellent knowledge of current IT Technologies Excellent knowledge of the following technologies; Microsoft Azure, Azure IAAS, PAAS, Storage and Networking, Identity and Authentication (MFA), Azure HA/DR, scaling and backup, Azure Monitor Microsoft 365 Threat Protection, Identity and Access Management, Device and Application Management, Information Protection, Compliance, Email and Teams Microsoft Windows Serve (up to at least 2024) Virtualisation - Microsoft Hyper-V, VMware Microsoft desktop operating systems - Windows 11 etc LAN technologies - switching, routing, VLANs etc. (hardware to include HPE, Cisco.) WAN technologies - routers, firewalls (hardware to include Sophos, Cisco, Draytek.) Private Cloud infrastructure - Private and IAAS also including hybrid deployments Antivirus (Preferably Microsoft Defender and Sophos Endpoint) Backup Technologies - Datto, Veeam, Azure. Experience with; Azure Automation, Azure CLI, PowerShell scripting Azure DevOps, including Automation Kubernetes and Docker HPE Server and SAN infrastructure Benefits; - 25 days annual leave + public holidays, rising with length of service - Employee benefits trust - Company bonus scheme - Life assurance 4 x Salary -Contributory pension scheme at 4% matched - Healthcare and cash plan - Electric vehicle salary sacrifice scheme - Cycle to work scheme - Employee discounts - Employee assistance programme - Paid CSR Days - Company sick pay and income protection cover - Enhanced Maternity and Paternity pay - Employee recognition scheme - Eyecare vouchers - Discounted gym membership - Long service rewards Please click on the APPLY button to be redirected to our website to complete your application. Candidates with the relevant experience or job titles of: IT Technical Consultant, IT Support, Technical Consultant, Technical & Training Consultant, Cybersecurity Consultant, Cybersecurity Technical Consultant, Business Intelligence Technical Advisor, Technical Advisor, Technical Specialist, Data Architect, Business Consultant, Networking and Security Consultant, Data Migration Consultant, Technical Implementation Consultant, Technical Support Advisor, Technical Service Delivery Advisor may also be considered for this role.
Job Title: Technical Consultant Location: Home Based Salary: Highly Competitive + Bonus Job type: Full Time, Permanent About the role; As a Technical Consultant, you will be part of the Technical Delivery team. The Microsoft Cloud platforms are central to our business strategy, and this role will require you to architect and deploy solutions within Microsoft 365 and Azure. You will design, plan, execute and complete projects according to agreed deadlines and within budget. Who are we? TSG (Technology Services Group) are a Managed IT Services provider supporting businesses UK wide with their technology solutions. As a Microsoft Partner we are committed to delivering excellence for our customers alongside investing in our colleagues to provide them with the knowledge and tools required to deliver great results. TSG are one of the few Microsoft Partners in the UK who hold all six Microsoft designations, and one of the only partners who specialise in mid-market. Our commitment to excellence for our customers and employees is backed by our consistent world class NPS score of and our accreditation as a 'Great Place to Work' in addition to being placed on the 'UK's Best Workplaces in Tech' list in both 2024 and again in 2025. Our guiding principles of Team TSG, Service Excellence and Shared growth are at the heart of everything we do. Job responsibilities will include, but are not limited to; Design and implement technical solutions predominately within Microsoft 365 and Microsoft Azure Design authority for Project Delivery team Pre-project liaison with customers / Client Success Managers / Client Directors and Technical Specialists to agree objectives Prepare technical plans and execution of plan to completion with customer acceptance Hardware and software installations based primarily around Microsoft / Hewlett Packard technologies at customer sites UK Wide Document all project work to a high standard Maintain awareness of new and emerging technologies Assist with post-installation issues where required About you: Knowledge, Skills & Experience; Educated to degree level or equivalent At least one Microsoft Azure certification - preferably Microsoft Azure Architect Expert (AZ303/304 or AZ104/305) Current or working towards; Microsoft Expert, CCNA, VCP or equivalent qualification would be desirable Prince2 Foundation/Practitioner or other project management qualifications would be a distinct advantage Significant experience in a similar role Proven effective communication and influencing skills Excellent knowledge of current IT Technologies Excellent knowledge of the following technologies; Microsoft Azure, Azure IAAS, PAAS, Storage and Networking, Identity and Authentication (MFA), Azure HA/DR, scaling and backup, Azure Monitor Microsoft 365 Threat Protection, Identity and Access Management, Device and Application Management, Information Protection, Compliance, Email and Teams Microsoft Windows Serve (up to at least 2024) Virtualisation - Microsoft Hyper-V, VMware Microsoft desktop operating systems - Windows 11 etc LAN technologies - switching, routing, VLANs etc. (hardware to include HPE, Cisco.) WAN technologies - routers, firewalls (hardware to include Sophos, Cisco, Draytek.) Private Cloud infrastructure - Private and IAAS also including hybrid deployments Antivirus (Preferably Microsoft Defender and Sophos Endpoint) Backup Technologies - Datto, Veeam, Azure. Experience with; Azure Automation, Azure CLI, PowerShell scripting Azure DevOps, including Automation Kubernetes and Docker HPE Server and SAN infrastructure Benefits; - 25 days annual leave + public holidays, rising with length of service - Employee benefits trust - Company bonus scheme - Life assurance 4 x Salary -Contributory pension scheme at 4% matched - Healthcare and cash plan - Electric vehicle salary sacrifice scheme - Cycle to work scheme - Employee discounts - Employee assistance programme - Paid CSR Days - Company sick pay and income protection cover - Enhanced Maternity and Paternity pay - Employee recognition scheme - Eyecare vouchers - Discounted gym membership - Long service rewards Please click on the APPLY button to be redirected to our website to complete your application. Candidates with the relevant experience or job titles of: IT Technical Consultant, IT Support, Technical Consultant, Technical & Training Consultant, Cybersecurity Consultant, Cybersecurity Technical Consultant, Business Intelligence Technical Advisor, Technical Advisor, Technical Specialist, Data Architect, Business Consultant, Networking and Security Consultant, Data Migration Consultant, Technical Implementation Consultant, Technical Support Advisor, Technical Service Delivery Advisor may also be considered for this role.
Deerfoot Recruitment Solutions Limited
Cyber Security - Secure by Design Consultant (Contract) London 680 per day 6-month initial contract (with strong potential to go permanent) Deerfoot Recruitment is working with a leading financial services organisation to recruit a Secure by Design Consultant to join their IT Risk, Security & Control function in London. This is a 6-month contract paying 680 per day (Inside IR35) , with a high likelihood of converting to a permanent role. The successful candidate will play a key role in delivering secure-by-design assessments across technology projects, ensuring compliance with IT security policies and industry standards. You will work closely with senior stakeholders, providing assurance on cybersecurity controls, identifying risks, and recommending actions to strengthen the organisation's security posture. Key responsibilities include: Conducting IT security assessments across infrastructure, cloud, applications, and service operations projects. Reviewing and testing security controls to ensure operating effectiveness. Documenting risks, gaps, and recommendations for remediation. Supporting project teams to embed security requirements from the outset. Engaging with senior stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications (CISSP, CISM, CISA, CRISC) desirable. This is an exciting opportunity to join a high-performing cyber security team within a global financial services organisation, with genuine long-term career potential. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
Cyber Security - Secure by Design Consultant (Contract) London 680 per day 6-month initial contract (with strong potential to go permanent) Deerfoot Recruitment is working with a leading financial services organisation to recruit a Secure by Design Consultant to join their IT Risk, Security & Control function in London. This is a 6-month contract paying 680 per day (Inside IR35) , with a high likelihood of converting to a permanent role. The successful candidate will play a key role in delivering secure-by-design assessments across technology projects, ensuring compliance with IT security policies and industry standards. You will work closely with senior stakeholders, providing assurance on cybersecurity controls, identifying risks, and recommending actions to strengthen the organisation's security posture. Key responsibilities include: Conducting IT security assessments across infrastructure, cloud, applications, and service operations projects. Reviewing and testing security controls to ensure operating effectiveness. Documenting risks, gaps, and recommendations for remediation. Supporting project teams to embed security requirements from the outset. Engaging with senior stakeholders and providing clear, actionable reporting. Skills & experience sought: Strong background in IT Security, Cyber Assurance, or IT Audit. Hands-on knowledge across areas such as governance, IAM, threat management, vulnerability management, and incident response. Good understanding of security frameworks (e.g. ISO27001, NIST, PCI-DSS, SOX). Experience engaging with senior stakeholders within complex environments. Relevant certifications (CISSP, CISM, CISA, CRISC) desirable. This is an exciting opportunity to join a high-performing cyber security team within a global financial services organisation, with genuine long-term career potential. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy.
