Cyber Security Engineer

As a Cyber Security consultant, you will play a critical role in shaping and safeguarding the organization’s security posture. You will help design and deliver secure solutions aligned with industry frameworks and organisational standards, producing high-quality security designs and architecture assessments. Analyse and deconstruct complex systems to identify threats, assess risks, and implement appropriate security controls using recognised methodologies (e.g. STRIDE, MITRE). Collaborate with technical and business stakeholders to clearly communicate security risks and design decisions, balancing security requirements against business needs. Support multiple projects simultaneously, ensuring secure integration across networks, applications, and cloud environments. Leverage expertise in IAM, cryptography, Information management, secure development practices, and cloud security to enhance overall security posture while ensuring compliance with frameworks such as ISO 27001, NIST, and PCI DSS.

Your responsibilities:

• Design secure solutions documenting the key security controls and adhering to security standards.
• Threat model by deconstructing technical solutions, identifying threats and vulnerabilities associated with proposed solutions and assessing risks.
• Use experience to analyse the risks and benefits of design options to support making safe architectural decisions.
• Effectively communicate technical concepts to both technical and non-technical audiences, providing security direction, governance, assurance and guidance.
• Define security testing requirements and assess findings.
• Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence.

Your Profile

Essential skills/knowledge/experience:

• Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure.
• Broad knowledge of modern Enterprise technologies including Cloud and AI.
• Exposure to contemporary architectures eg. RESTful APIs and containerised microservices.
• Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE / MITRE ATT&CK.
• Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography, information management and IAM.

Desirable skills/knowledge/experience:

• Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
• Certifications in security management eg. CISSP / CISM / CCSP or equivalent.
• Certifications in technical security domains eg. CEH / OSCP or equivalent.
• Experience of Public and or Private cloud environments.