Information Security Solutions Ltd

Information Security Solutions Ltd - Latest Vacancieshttps://www.informationsecuritysolutions.com/All of the latest vacancies from Information Security Solutions Ltd.en-gbFri, 12 Jun 2026 15:59:36 GMTwww.firefishsoftware.comHead of Cyber AssuranceTitle: Head of Cyber Assurance

Reference No: 2156

Company: FTSE100

Location: London – 3 days in the office (Tuesday -Thursday) plus if required for specific meetings on other 2 days

Working pattern: This hybrid role is 37.5 hour week Monday – Friday

Reports to Group CISO

Salary: £130,000 - £150,000

The Role

Group Cyber Security Overview

The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group. The cyber strategy has been refreshed, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group is a highly federated business model spanning 10 divisions, 90+ businesses and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities while working with and through that model.

It is an exciting time to join GCS – we are in a period of significant investment and transformation. GCS is establishing the Group cyber standard, measuring compliance against it across all the businesses, and standing up new capabilities at pace. This permanent role will play a pivotal part in shaping that programme and, as it matures, in owning and continuously improving the assurance, risk, and governance functions at the heart of the Group’s security posture.

Role Summary

Reporting to the Group CISO, the Head of Cyber Assurance leads the second line of defence for cyber security – providing independent, risk-based oversight across governance, risk management, regulatory compliance, and assurance. The role is the functional owner of everything GRC touches: from information security policy and non-technical standards, through enterprise cyber risk management and third-party security, to continuous controls assessment, audit management, and regulatory reporting.

This role oversees continuous controls monitoring, leveraging tooling, to provide real-time visibility of control coverage and effectiveness, and translates that data into meaningful management information for informed governance decisions. They govern risk acceptance and exceptions, manage regulatory obligations under GDPR, NIS2, and DORA, and act as the primary liaison with legal teams and regulators.

Beyond formal governance, this role drives cyber communications, culture, and awareness across the diverse workforce; leads the Group security hygiene and resilience programme; produces Board, ExCo, and Information Security Committee reporting packs; and coordinates crisis exercising and playbook execution to ensure the organisation is ready to respond to major cyber incidents.

Role Responsibilities / Accountabilities

Strategic Leadership & Stakeholder Engagement

• Lead and develop the Group Cyber Assurance function, establishing a high-performing second line of defence and embedding risk-based decision-making as a natural habit across the organisation.

• Act as a trusted adviser to the Group CISO and senior stakeholders on all GRC matters; work in partnership with the GCS Leadership Team across all verticals and represent the Group in external forums and regulatory engagements.

• Collaborate with divisional GRC functions, BISOs, legal, finance, and operational teams to ensure integrated and proportionate risk management; build and sustain trusted relationships with senior stakeholders across a large, federated Group.

Information Security Policy, Standards & Governance

• Own and maintain the Group information security policy framework and all non-technical standards; ensure they are current, enforceable, written in plain language, and visibly aligned to external regulation and the Group’s risk appetite.

• Govern the risk acceptance and exception process end-to-end: ensure all policy deviations are formally assessed, justified, approved at the appropriate level, time-bounded, and subject to periodic review.

• Plan, chair, and facilitate the Group Security Working Group (SWG) and wider governance forums; produce regular, concise reporting for senior leadership, the ISC, and audit committees.

Cyber Risk Management & Risk Exceptions Governance

• Develop and operate enterprise-wide cyber risk management processes; maintain the Group cyber risk register and ensure risks are accurately captured, assessed, owned, mitigated, and escalated appropriately across all 11 divisions.

• Lead risk quantification initiatives; implement methodologies and develop metrics that communicate risk reduction in business terms, enabling the CISO and ExCo to make well-informed investment and prioritisation decisions.

• Conduct horizon scanning for emerging regulatory requirements and threat-driven risk changes; ensure the Group risk posture is proactively managed rather than reactively patched.

Third-Party & Supply-Chain Security Assessment & Management

• Define and deliver the Group third-party cyber security strategy; drive a step change in third-party risk capability through the Third-Party Management workstream of the cyber transformation programme.

• Manage third-party cyber risk at point of contract and through ongoing assurance; build a proportionate, risk-tiered assessment framework and deliver a measurable reduction in supply-chain cyber risk exposure across the Group.

Continuous Controls Assessment & Control Effectiveness MI

• Lead the Group continuous controls monitoring programme, leveraging Axonius and complementary tooling to provide real-time, evidence-based visibility of control coverage, gaps, and drift across the estate.

• Design and produce control effectiveness MI that is meaningful to different audiences – from technical teams needing remediation data to ExCo and Board needing a clear view of overall security posture.

Cyber Assurance Programme & Audit Finding Management

• Define and deliver the end-to-end Group cyber assurance programme, encompassing internal reviews, thematic assessments, divisional control testing, and first-line challenge – providing the CISO with independent confidence in the state of security controls.

• Own the management of audit findings across internal audit, external audit, and regulatory reviews; drive timely remediation, track progress rigorously, and ensure sustainable rather than cosmetic closure of issues.

Cyber Communications, Culture & Awareness

• Drive cyber awareness and behavioural change agenda; develop and deliver engaging, targeted programmes that embed a strong security culture across a diverse, geographically dispersed, and federated workforce.

• Lead Group cyber communications, ensuring messaging is clear, consistent, aligned to risk priorities, and pitched appropriately for each audience from shopfloor to Board; influence organisational culture to embed risk-based thinking at every level.

Regulatory Reporting (GDPR / NIS2 / DORA) & Legal Liaison

• Lead regulatory compliance reporting across applicable regimes, including GDPR, NIS2, and DORA; act as the primary cyber security liaison to legal teams and regulators, ensuring responses are consistent, accurate, defensible, and filed within required timeframes.

• Monitor the evolving regulatory landscape across the global operating jurisdictions; proactively advise the CISO and business on incoming obligations and ensure compliance posture is maintained ahead of regulatory change.

Security Hygiene & Resilience Programme

• Lead the Group security hygiene and operational resilience programme, strengthening the ability to prevent cyber incidents, detect threats early, and recover effectively – with clear metrics, targets, and accountability for improvement.

• Define and track hygiene KPIs – including patching currency, MFA adoption rates, vulnerability remediation SLAs, and phishing resilience scores – and report progress against targets to senior leadership and divisional stakeholders.

Board / ExCo / ISC Reporting Pack Production

• Produce clear, authoritative, and insightful reporting packs for the Board, Executive Committee, and Information Security Committee; deliver a joined-up view of cyber risk, control effectiveness, assurance outcomes, and regulatory standing that enables confident governance decisions.

• Respond to ad hoc reporting requests from divisions, business units, and senior management; translate complex technical risk and assurance matters into accessible, decision-ready business language.

Crisis Exercising & Playbook Execution

• Coordinate Group cyber crisis exercising, including tabletop scenarios, cross-divisional simulations, and Executive-level war-gaming; ensure the Group is genuinely prepared – not just theoretically compliant – to respond to major cyber incidents.

• Own the cyber incident response playbook framework; ensure playbooks are maintained, tested, regularly updated to reflect the threat landscape, and actionable by the right people at pace when an incident occurs.

Experience, Knowledge, Skills & Attributes

Essential

Experience

• 10+ years in cyber security, information security, or technology risk, with demonstrable progression into senior leadership roles.

• Proven track record designing and operating a cyber GRC / second-line-of-defence function within a large, complex, or highly regulated organisation.

• Demonstrable experience of enterprise cyber risk management, including quantification methodologies, risk register ownership, and reporting to Board and ExCo.

• Experience managing regulatory compliance obligations including GDPR and NIS2; working familiarity with DORA or equivalent financial or operational resilience frameworks.

• Experience leading third-party / supply-chain security programmes at scale, including risk-tiered assessment frameworks and ongoing assurance models.

• Track record delivering security awareness and culture change programmes across large, diverse, and geographically dispersed workforces.

• Experience producing Board-level cyber reporting packs and presenting to senior governance forums such as Audit, Risk, or Information Security Committees.

Knowledge & Skills

• Deep knowledge of cyber security governance frameworks – ISO/IEC 27001:2022, NIST CSF 2.0, CIS Controls – and their practical application in complex enterprise environments.

• Familiarity with continuous controls monitoring / CAASM tooling (e.g. Axonius, Qualys) and the ability to translate tool outputs into actionable, audience-appropriate MI.

• Strong understanding of UK/EU data protection law and operational resilience regulations; able to translate legal obligations into practical security controls.

• Excellent communication and influencing skills; able to translate complex technical risk into clear, compelling narratives for non-technical audiences up to and including Board level.

• Able to build trusted relationships and influence without authority across complex, federated organisational structures at pace.

Qualifications

• Degree-level education, or equivalent professional experience in a relevant discipline.

• Professional certification in cyber security or risk management: CISM, CISSP, or CRISC (or active equivalent).

Desirable

Experience

• Experience in a large FMCG, food & beverage, retail, or FTSE-listed organisation, ideally with exposure to OT or manufacturing security environments.

• Experience building a GRC or cyber assurance function from a low or inconsistent maturity baseline, including framework design, tooling selection, and team development.

• Leading or contributing to an ISO/IEC 27001 certification programme: ISMS design, gap analysis, internal audit, and management review.

• Coordinating or participating in cyber crisis exercises at enterprise level, including war-gaming against realistic, intelligence-led scenarios involving senior leadership.

• Direct engagement with supervisory authorities, data protection regulators, or national cyber agencies (e.g. ICO, NCSC, BSI).

Knowledge & Skills

• Practical knowledge of cyber risk quantification methodologies, including FAIR (Factor Analysis of Information Risk) or equivalent.

• Understanding of OT/ICS security considerations and the interaction between IT and operational technology risk in manufacturing or supply chain environments.

• Familiarity with GRC platforms (e.g. ServiceNow GRC, Archer) and their use for integrated risk register, policy, and audit finding management.

• Working experience across multiple regulatory jurisdictions simultaneously; multilingual capability is welcome given the global footprint.

Qualifications

• ISO/IEC 27001 Lead Auditor or Lead Implementer certification.

• Additional qualifications in privacy (CIPP/E, CIPM) or business continuity / resilience (CBCI, MBCI) are advantageous.

• Membership of a recognised professional body (ISACA, (ISC)², BCS, CIISec, or equivalent) is welcome.

]]>https://www.informationsecuritysolutions.com/job/head-of-cyber-assurance-193.aspxhttps://www.informationsecuritysolutions.com/job/head-of-cyber-assurance-193.aspxhttps://www.informationsecuritysolutions.com/job/head-of-cyber-assurance-193/apply.aspxWed, 10 Jun 2026 15:58:39 GMThttps://www.informationsecuritysolutions.com/job/head-of-cyber-assurance-193/apply.aspx193Head of Cyber Assurance338PermanentIT/Information/Cyber SecurityHead of Cyber AssuranceLondonWed, 10 Jun 2026 15:58:39 GMTWed, 24 Jun 2026 15:58:39 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 6090130000.00150000.00Per YearGBPUKCyber Architecture ManagerTitle: Cyber Architecture Manager

Reference No: 2158

Company: FTSE 100

Reports to Deputy Group CISO

Location: London

Working Pattern 37.5 hours per week, Monday – Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).

Salary: £84,000 - £100,000

Benefits Car allowance, Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on. A central challenge in a federated Group is translation: the work of turning Group-level standards, strategy, and expertise into something that actually lands and works inside each division’s unique context. That is precisely the purpose of the Cyber Advisory Services function. It bridges Group Cyber Security and the divisions – providing the technical advice, subject-matter expertise, specialist project support, and flexible consulting resource that enables divisions to understand, adopt, implement, leverage and operationalise the Group cyber standard.

Role Summary

Reporting to the Deputy Group CISO, the Cyber Architecture Manager is the most senior cyber security architect and the authoritative voice on all matters of security architecture across the Group. The role owns the Group’s cyber enterprise architecture, setting the standards, patterns, and principles that govern how security is designed, built, and integrated across all 11 divisions – whether through centrally delivered services, divisional programmes, or third-party technology. The role leads the Group cyber technical standards programme, defining the security technology baseline that all divisions are expected to achieve and maintain and is intrinsically aligned with the group technology office. It shapes the technology roadmap for the centrally delivered cyber services portfolio – encompassing the strategic platforms and capabilities that GCS operates on behalf of the Group – and ensures that investment decisions are grounded in sound architectural thinking and aligned to the long-term security strategy. Beyond Group-level ownership, the Cyber Architecture Manager provides architectural direction, advice, and technical guidance to divisional security and IT teams acting as a trusted adviser and challenge function to ensure that division-led initiatives are architecturally sound and consistent with Group standards. The role leads a blended team of permanent cyber architects and resources drawn from within Cyber Security and from the GCS flexible resourcing desk, deploying expertise where it is most needed across the transformation programme and business-as-usual demand.

Role Responsibilities / Accountabilities

Cyber Enterprise Architecture

• Own and maintain the Group cyber enterprise architecture, defining the security architecture principles, patterns, and reference models that provide the authoritative framework for how security is designed and implemented.

• Translate the Group cyber security strategy into a coherent, actionable architecture that spans all domains – network security, identity and access management, endpoint, cloud, OT, data protection, AI, and application security – ensuring consistency across a complex, federated estate.

• Act as the Group’s senior design authority for cyber security, providing architectural oversight and sign-off on significant technology investments, transformations, and programmes that have material security implications.

Group Cyber Technical Standards

• Lead the development, publication, and lifecycle management of the Group cyber technical standards library, covering all major security domains; ensure standards are technically rigorous, aligned to industry and regulatory best practise practically implementable, and kept current with the evolving threat and technology landscape.

• Work in close partnership with the Head of Cyber Assurance to ensure technical standards are enforceable, measurable, and directly underpinned by the policy framework; support their use as the basis for control assessment and compliance measurement.

• Define and maintain the technical baseline for the Group ISMS, ensuring security engineering requirements are fully integrated into the ISO/IEC 27001:2022 as well as compatible with other key frameworks such as NIS2, IEC62443, EU AI Act and NIST.

Strategic Technology Roadmap for Centrally Delivered Cyber Services

• Own and maintain the technology roadmap for the centrally delivered cyber services portfolio – encompassing the strategic platforms and capabilities that GCS operates on behalf of the Group, including (but not limited to) identity and access management, SIEM/SOAR, endpoint protection, cloud security, network security, and OT security.

• Provide architectural input to the GCS investment planning cycle, ensuring technology decisions are grounded in sound architectural thinking, aligned to the long-term security strategy, and capable of delivering the required security outcomes at Group scale.

• Lead technology evaluation and selection for strategic cyber platforms, conducting market assessment, proof-of-concept oversight, and architectural due diligence to ensure the organisation selects the right tools for the right problems at the right time.

• Drive platform consolidation and rationalisation across the Group, reducing complexity and vendor sprawl while improving security capability maturity and value for money.

Divisional Architectural Direction & Advisory

• Set the architectural direction for divisional cyber and IT security teams; provide a clear framework of Group-level patterns, approved reference architectures, and design principles that divisional teams are expected to adopt and adapt within.

• Act as the senior architectural resource and escalation point for divisional BISOs and IT security teams, providing expert guidance and challenge on division-led security technology initiatives, acquisitions, and significant infrastructure changes.

• Ensure that divisional security architectures are consistent with Group standards and enterprise architecture principles; identify and remediate architectural debt and divergence across the estate in a risk-proportionate and pragmatic manner.

• Provide architectural input to acquisition due diligence, integration planning, and divestiture activities, ensuring cyber security risks and architectural implications are identified and addressed at the earliest opportunity.

Cyber Technology Advice, Guidance & Direction

• Ensure Full alignment with the Group Technology office (CTO); Wider technology frameworks and other architectural functions across the group.

• Serve as the foremost cyber technology authority, providing authoritative advice and direction to the Deputy CISO, Group CISO, senior business stakeholders, and divisional leadership on the security implications of technology choices, emerging threats, and market developments.

• Maintain awareness of the evolving cyber technology landscape – including developments in AI-driven security, zero trust, cloud-native security, OT/IT convergence, and identity-centric architectures – and translate that intelligence into timely, actionable recommendations.

• Manage relationships with strategic technology vendors and partners; provide architectural oversight of vendor engagements and ensure that commercial commitments are consistent with the Group’s architectural direction and long-term interests.

Team Leadership & Resourcing

• Lead, develop, and inspire a blended team of permanent cyber architects and resources drawn from the GCS flexible resourcing desk; foster a high-performance, collaborative culture with clear standards of delivery and professional development.

• Manage the deployment of architecture resource across the transformation programme and BAU demand pipeline, working with the Deputy CISO and programme leadership to prioritise activity, balance workload, and deploy expertise where it delivers most value.

• Manage the flexible resourcing desk relationship for the architecture function, including defining resource requirements, briefing and onboarding contractors and specialist resources, and maintaining quality and consistency of output across permanent and flexible team members.

• Build and maintain a strong architectural community of practice across GCS and divisional teams, promoting knowledge-sharing, peer review, and continuous improvement in the quality of security design.

• Transformation Programme & Strategic Projects

• Provide senior architectural leadership to the GCS transformation programme, ensuring that new capabilities are designed to a consistent high standard, integrated effectively into the existing estate, and positioned to scale as the security maturity grows.

• Support major Group IT and business transformation programmes – including cloud migrations, ERP deployments, M&A activity, and operational technology modernisation – by embedding security architecture at the design stage rather than retrospectively.

• Work in close partnership with the GCS Leadership Team – including the Head of Cyber Assurance, Head of Security Operations, and programme leadership – to ensure architecture activity is integrated across all GCS workstreams and supports the delivery of the wider cyber strategy.

Experience, Knowledge, Skills & Attributes - Essential

Experience

• 10+ years in IT and Cyber security or information security, with a substantial portion spent in architecture roles of increasing seniority.

• Proven experience as a senior or lead security architect within a large, complex enterprise, with demonstrable ownership of enterprise security architecture across multiple security domains.

• Experience developing and maintaining a suite of technical security standards, design patterns, and reference architectures at Group or enterprise level.

• Track record of shaping and influencing a cyber security technology roadmap, including platform evaluation, vendor selection, and strategic investment decisions.

• Experience providing architectural guidance and challenge to divisional, business unit, or regional technology teams within a federated or decentralised organisation.

• Experience leading or line-managing a team of architects, including management of a blend of permanent staff and contractor or specialist resources.

• Experience providing architectural input to large-scale security transformation programmes, including involvement at the design authority or senior architect level.

Knowledge & Skills

• Broad and deep technical knowledge across core security domains: network and perimeter security, identity and access management (including PAM and IDAM), endpoint detection and response, cloud security (Azure, AWS, GCP), application security, data protection, and OT/ICS security.

• Strong working knowledge of enterprise security architecture frameworks and methodologies, including SABSA, TOGAF, NIST CSF 2.0, and zero trust architecture principles.

• Ability to develop compelling, clear, and technically rigorous architecture documentation – including strategy papers, reference architectures, design patterns, and technical standards – that can be understood and acted upon by both technical and non-technical audiences.

• Strong stakeholder engagement and influencing skills; comfortable advising C-suite and non-technical senior leadership on complex security technology matters in plain, business-relevant language.

• Ability to work pragmatically within the constraints of a federated organisation – setting standards that are ambitious but achievable, and providing guidance that enables rather than obstructs divisional teams.

Qualifications

• Degree-level education in computer science, information security, engineering, or a related technical discipline; or equivalent professional experience.

• Professional certification in security architecture or cyber security: CISSP, CISSP-ISSAP, SABSA Chartered Security Architect (SCF/SCP), or equivalent.

Experience, Knowledge, Skills & Attributes - Desirable

Experience

• Experience in a large FMCG, food and beverage, retail, or FTSE-listed manufacturing organisation, with exposure to the security challenges of OT, supply chain, and consumer data environments.

• Experience establishing a new architecture function or practice from scratch, including defining operating model, tooling, methodology, and governance processes.

• Hands-on experience with a large technology estate and equivalent enterprise-scale security tooling.

• Experience providing security architecture input to M&A due diligence, integration, and divestiture programmes at enterprise level.

• Experience managing a flexible or augmented resourcing model for a technical function, including working with managed service providers, specialist contractors, and staffing partners.

Knowledge & Skills

• Deep specialism in one or more of: OT/ICS security architecture (IEC 62443), identity-centric / zero trust architecture, cloud-native security design, or AI and ML security.

• Familiarity with enterprise architecture tools and repositories (e.g. ADOIT, Sparx EA, Ardoq, LeanIX) and their use in managing the security architecture landscape.

• Understanding of secure software development practices, DevSecOps pipelines, and the security implications of modern application delivery patterns including microservices and containerisation.

• Ability to engage productively with Group-level enterprise architecture (non-security) functions to ensure cyber architecture is well integrated into the broader IT and business architecture landscape.

Qualifications

TOGAF 9 or 10 certification, or equivalent enterprise architecture qualification.

Cloud security certification relevant to primary platform (e.g. Microsoft SC-100 / AZ-500, AWS Security Specialty, GCP Professional Cloud Security Engineer).

Membership of a recognised professional body (CIISec, BCS, ISACA, (ISC)²) is welcome.

]]>https://www.informationsecuritysolutions.com/job/cyber-architecture-manager-195.aspxhttps://www.informationsecuritysolutions.com/job/cyber-architecture-manager-195.aspxhttps://www.informationsecuritysolutions.com/job/cyber-architecture-manager-195/apply.aspxSun, 07 Jun 2026 20:48:06 GMThttps://www.informationsecuritysolutions.com/job/cyber-architecture-manager-195/apply.aspx195Cyber Architecture Manager338PermanentIT/Information/Cyber SecuritySecurity Architecture ManagerLondonSun, 07 Jun 2026 20:48:06 GMTSun, 21 Jun 2026 20:48:06 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609084000.00Per YearGBPUKSecurity Platform Engineering ManagerTitle: Security Platform Engineering Manager

Reference No: 2159

Company: FTSE 100

Reports to Deputy Group CISO

Location: London

Salary: £84,000 - £100,000

Benefits Car allowance, Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on.

A central challenge in a federated Group is translation: the work of turning Group-level standards, strategy, and expertise into something that actually lands and works inside each division’s unique context. That is precisely the purpose of the Cyber Advisory Services function. It bridges Group Cyber Security and the divisions – providing the technical advice, subject-matter expertise, specialist project support, and flexible consulting resource that enables divisions to understand, adopt, implement, leverage and operationalise the Group cyber standard.

Role Summary

Reporting to the Deputy Group CISO, the Security Platform Engineering Manager is the technical owner and custodian of the Group’s security tooling portfolio. Where the Cyber Architecture function sets the direction and standards for how security should be built, this role is responsible for what happens next: ensuring that the security platforms we operate are configured correctly, exploited fully, evolving continuously, and delivering genuine security outcomes and return on investment.

The role demands a particular mindset: a genuine passion for the tools under its care. The ideal person does not treat security products as black boxes to be deployed and forgotten – they are curious, hands-on, and proactive. They understand the full capability of each platform, stay ahead of vendor roadmaps, identify where a product’s untapped potential can solve a real problem, and build the relationships with vendors needed to get the most from every licence. The platforms in scope include Microsoft Defender (across the M365 Defender suite), Zscaler, Qualys, Abnormal Security, and Axonius, alongside other centrally managed security technologies as the portfolio evolves.

The Security Platform Engineering Manager works in close partnership with the Security Operations Centre and operations teams – ensuring platforms are tuned to support effective detection and response – with the Cyber Architecture Manager to align platform development to the architectural roadmap, and with the Group CTO function to ensure that security platform plans are integrated into the broader technology strategy. The role leads a small, focused team of permanent engineers and flexible resources, deploying expertise precisely where it is needed.

Role Responsibilities / Accountabilities

Security Platform Ownership & Technical Stewardship

• Act as the technical product owner for each platform in the GCS security tooling portfolio – including Microsoft Defender (M365 Defender suite), Zscaler, Qualys, Abnormal Security, and Axonius – taking personal accountability for their health, configuration, and ongoing development.

• Maintain deep, current, and expert-level technical knowledge of each platform under management: understand not just what each product does today, but what it is capable of, what is coming in the vendor roadmap, and what problems it could solve, that it is not yet being used to address.

• Ensure that each platform is configured to its optimal state for our environment: policies are correctly defined and enforced, licensable features that deliver security value are enabled and exploited, and no significant capability is left unused without a deliberate and documented reason.

• Proactively identify opportunities where a platform’s existing or emerging capability can be matched to a specific business or security problem – thinking creatively about novel applications of the tools already in the estate before new expenditure is considered.

• Technical Configuration, Policy & Security Standards Alignment

• Own and maintain the technical configuration baselines for all platforms in scope, ensuring configurations are documented, version-controlled, change-managed, and auditable; define platform-level policy configurations that translate Group cyber technical standards into enforceable product settings.

• Work closely with the Cyber Architecture Manager to ensure that platform configurations are consistent with the Group’s cyber enterprise architecture, reference patterns, and technical standards; flag and resolve any divergence between as-built and as-designed states.

• Provide expert technical advice to divisional IT and security teams on the configuration and deployment of centrally managed security platforms within their environments, ensuring local implementations meet Group standards while accommodating legitimate divisional requirements.

Platform Roadmap Development & Lifecycle Management

• Develop and own a rolling platform development roadmap for each product in the portfolio; plan the evolution of each platform in line with the Group’s cyber strategy, the vendor’s product roadmap, and emerging operational requirements from the SOC and business.

• Lead platform replacement or consolidation assessments when a product is approaching end of life, failing to meet evolving requirements, or where a better-fit alternative exists; work with the Cyber Architecture Manager to develop the business case and transition plan.

• Ensure that platform roadmaps are aligned and integrated with the Group CTO technology strategy and the GCS architecture roadmap; surface dependencies, conflicts, and opportunities early through structured engagement with both functions.

• Maintain a clear view of licence entitlements across all platforms; ensure the Group are consuming the features it is paying for, identify capability gaps and overlaps, and provide well-evidenced recommendations on licence optimisation and renewal decisions.

Vendor Engagement, Partnership & Return on Investment

• Build and maintain strong, productive working relationships with the technical and commercial teams at each strategic vendor; position the Group as an engaged, informed customer that vendors want to invest in – gaining early access to roadmap briefings, beta features, escalation paths, and best-practice guidance.

• Ensure the organisation extracts maximum value from every security platform investment; track and evidence return on investment, measuring security outcomes – not just uptime or feature counts – and presenting findings clearly to the Deputy CISO and senior stakeholders.

• Work with vendors to address product gaps and deficiencies; escalate issues effectively, influence vendor product direction through formal feedback channels where appropriate, and ensure support and professional services engagements deliver value.

• Provide commercially aware input to contract renewals, procurement decisions, and licence negotiations, drawing on operational evidence and an objective assessment of each platform’s value.

SOC, Operations & Stakeholder Alignment

• Work hand-in-glove with the SOC and security operations teams, ensuring that platforms are tuned and configured to support effective detection, investigation, and response; act as the primary technical escalation point for platform-related operational issues that affect SOC effectiveness.

• Participate actively in the platform and tooling prioritisation process alongside the SOC, operations, architecture, and GCS leadership teams; ensure that engineering effort is directed at the changes that will most improve the security posture and operational effectiveness.

• Maintain a structured engagement with the Group CTO function to ensure that security platform development plans are visible, understood, and integrated into the broader IT technology strategy and infrastructure roadmap; proactively surface platform interdependencies that span security and non-security technology.

• Collaborate with the Cyber Architecture Manager to ensure that platform engineering activity is grounded in and consistent with the Group’s cyber enterprise architecture; participate in design authority processes and provide engineering-level input to architectural decisions.

Team Leadership & Resourcing

• Lead, develop, and motivate a small, focused team of permanent security platform engineers and flexible resources drawn from the GCS resourcing desk; set clear expectations, foster a culture of technical excellence, and ensure each team member is growing their skills alongside the platforms they support.

• Manage the deployment of engineering resource across the platform portfolio and project demand pipeline; prioritise workload intelligently, balance BAU platform health against transformation delivery, and deploy flexible resource where it adds most value.

• Ensure that platform knowledge is not siloed in individuals; promote documentation, runbooks, and knowledge-sharing practices that make the team’s expertise resilient and accessible, and reduce dependency on key persons.

• Transformation, Continuous Improvement & Innovation

• Lead the engineering delivery component of the GCS transformation programme for platforms in scope; plan and execute platform deployments, upgrades, and capability enhancements with minimal disruption to the business and to SOC operations.

• Champion a continuous improvement ethos within the team: regularly review platform configurations and performance against security outcomes, identify what is not working, and drive incremental improvement as a matter of routine rather than exception.

• Stay current with developments in the security platform and product engineering landscape; bring relevant innovation and new thinking to the Deputy CISO and wider GCS leadership team in a structured, evidence-based way.

Experience, Knowledge, Skills & Attributes - Essential

Experience

• 8+ years in cyber security, with significant hands-on experience in security platform engineering, security operations technology, or a comparable technical security role.

• Demonstrable, deep technical expertise in at least two of the platform portfolio – Microsoft Defender / M365 Defender suite, Zscaler, Qualys, Abnormal Security, or Axonius – including practical configuration, policy management, and operational tuning experience.

• Experience as a platform or product owner for a security technology at enterprise scale, including managing configuration baselines, licence entitlements, vendor relationships, and a forward-looking development roadmap.

• Experience working in close operational partnership with a SOC or security operations function, with a clear understanding of how platform configuration directly affects detection quality, alert fidelity, and analyst effectiveness.

• Experience managing or leading a small technical team, including line management of permanent staff and direction of contractor or flexible resources.

• Experience managing vendor relationships for strategic security products, including participation in technical account reviews, escalation of product issues, and commercial input to renewal decisions.

Knowledge & Skills

• Genuine technical curiosity and product passion: the ability and instinct to go beyond surface-level familiarity with a platform, understand its full capability depth, and think creatively about how its features can be applied to novel business or security problems.

• Strong working knowledge of the Microsoft security stack, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, Sentinel integration patterns, and M365 security policy configuration.

• Understanding of security platform integration patterns – including API connectivity, SIEM/SOAR data feeds, and automation workflows – and the ability to design and implement integrations that improve operational efficiency and detection capability.

• Ability to communicate technical platform status, recommendations, and roadmap plans clearly to both technical peers and non-technical senior stakeholders; able to make the case for investment or change with evidence rather than opinion.

• Commercially aware; understands the relationship between licence terms, feature availability, and security outcomes, and can engage constructively and knowledgeably in commercial conversations with vendors and procurement teams.

Qualifications

• Degree-level education in computer science, information security, or a related technical discipline; or equivalent professional experience.

• Relevant professional certification: CISSP, CISM, CompTIA Security+, or a vendor-specific advanced certification in one or more of the platforms in scope (e.g. Microsoft SC-200, SC-300, Zscaler ZCCA-IA/ZCCA-PA, or equivalent).

Experience, Knowledge, Skills & Attributes - Desirable

Experience

• Experience in a large FMCG, food and beverage, retail, or FTSE-listed manufacturing organisation, with an appreciation of the breadth and complexity of securing a highly federated, multi-divisional estate.

• Experience managing the full platform lifecycle from procurement through deployment, steady-state operation, and planned replacement or consolidation for an enterprise security product.

• Prior experience as a technical lead or engineering manager within a managed SOC or MSSP environment, giving strong insight into how platform configuration decisions affect managed detection and response quality.

• Experience participating in formal M365 E5 or enterprise security platform deployment programmes, including migration from legacy tooling and consolidation of overlapping capability.

• Hands-on experience with security automation and orchestration: scripting (PowerShell, Python), API integrations between security platforms, or SOAR playbook development.

Knowledge & Skills

• Familiarity with OT/ICS security monitoring tooling (e.g. Claroty) and an understanding of the particular challenges of extending enterprise security platform coverage into operational technology environments.

• Understanding of CAASM (Cyber Asset Attack Surface Management) platforms such as Axonius and how they can be used to drive continuous controls visibility and improve the accuracy of the asset inventory underpinning security operations.

• Understanding of identity security concepts – including Entra ID, conditional access policy design, privileged identity management, and their interaction with Defender and Zscaler configurations.

• Awareness of the broader security technology estate – including DMARC Advisor and Fortinet – and the ability to consider platform engineering decisions in the context of the wider tool ecosystem rather than in isolation.

Qualifications

• Advanced vendor certifications across multiple platforms in the portfolio (e.g. Microsoft SC-100, Zscaler ZCCP, Qualys certifications, or equivalent).

• Membership of a recognised professional body (CIISec, BCS, ISACA, (ISC)²) is welcome.

]]>https://www.informationsecuritysolutions.com/job/security-platform-engineering-manager-196.aspxhttps://www.informationsecuritysolutions.com/job/security-platform-engineering-manager-196.aspxhttps://www.informationsecuritysolutions.com/job/security-platform-engineering-manager-196/apply.aspxSun, 07 Jun 2026 20:48:06 GMThttps://www.informationsecuritysolutions.com/job/security-platform-engineering-manager-196/apply.aspx196Security Platform Engineering Manager338PermanentIT/Information/Cyber SecuritySecurity Engineering ManagerLondonSun, 07 Jun 2026 20:48:06 GMTSun, 21 Jun 2026 20:48:06 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609084000.00Per YearGBPUKCyber Platform EngineerTitle: Cyber Platform Engineer

Reference No: 2160

Company: FTSE 100

Reports to Security Platform Engineering Manager

Location: London

Salary: £59,000 - £72,000

Benefits Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

The Security Platform Engineering function is central to that portfolio – responsible for ensuring that the security tools the Group invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value.

Role Summary

Reporting to the Security Platform Engineering Manager, the Cyber Platform Engineer is a hands-on technical specialist responsible for the day-to-day engineering, configuration, and operational health of one or more security platforms within the GCS portfolio. The role sits at the technical heart of the platform engineering function – doing the detailed, expert work that keeps the security tools performing at their best, configured to the right standards, and evolving in line with the Group’s needs and the vendor’s roadmap.

The platforms in scope include Microsoft Defender (across the M365 Defender suite), Zscaler, Qualys, Abnormal Security, and Axonius. The Cyber Platform Engineer will typically own deep expertise in one or two of these platforms and maintain solid working knowledge across the others. The role shares the mindset that defines the whole function: genuine curiosity about the tools under its care, a desire to understand and exploit their full capability, and an instinct to identify where existing platform features can be applied creatively to address new problems rather than defaulting to new tooling.

The Cyber Platform Engineer works closely with the SOC and security operations teams to ensure platforms are tuned for effective detection and response, and provides technical support and configuration guidance to divisional IT and security teams who are deploying or operating centrally managed platforms in their environments.

Role Responsibilities / Accountabilities

Platform Engineering & Technical Configuration

• Own the technical configuration and day-to-day engineering of assigned platforms within the GCS portfolio; maintain configurations to the approved baseline, apply updates and changes through the change management process, and ensure platform health is actively monitored and maintained.

• Develop and maintain detailed configuration documentation, runbooks, and change records for assigned platforms; ensure that configuration state is consistently documented, version-controlled, and auditable by the Security Platform Engineering Manager or by assurance functions.

• Utilising the Run team - Identify and implement improvements to platform configurations that improve security outcomes, reduce operational noise, or unlock additional capability; bring well-evidenced proposals to the Security Platform Engineering Manager for review before implementation.

• Maintain deep, current technical knowledge of assigned platforms; stay ahead of vendor releases, patch notes, and roadmap updates, and flag relevant developments to the Security Platform Engineering Manager with a view on their implications.

Policy Configuration & Standards Alignment

• Translate Group cyber technical standards into platform-level policy configurations; ensure that policy settings in assigned platforms enforce the correct security controls, are consistently applied across all in-scope environments, and align with the Group cyber enterprise architecture.

• Identify and report divergence between the approved configuration baseline and the as-built state of assigned platforms; investigate root causes, assess risk, and work with the Security Platform Engineering Manager to agree and implement remediation.

• Provide technical configuration guidance to divisional IT and security teams deploying or operating centrally managed platforms in their environments; act as the technical point of contact for platform-specific queries, ensuring divisional implementations meet Group standards.

SOC Support & Operational Tuning

• Work closely with the SOC and security operations teams to tune platform configurations for effective detection and response; adjust detection rules, alert thresholds, and data feeds in response to operational feedback, ensuring SOC analysts receive high-fidelity, actionable alerts.

• Act as the technical escalation point for platform-related operational issues raised by the SOC; diagnose platform problems, engage vendor support where required, and drive issues to resolution with minimal impact on SOC operational effectiveness.

• Develop and maintain platform integration configurations that connect assigned platforms to the SIEM, SOAR, and other operational tooling; ensure data feeds are reliable, well-formed, and provide the SOC with the visibility needed to detect and respond to threats effectively.

Platform Capability Development & Innovation

• Actively explore the full capability of assigned platforms; identify licensable features, beta capabilities, and underused functionality that could improve the security posture, and bring well-structured proposals to the Security Platform Engineering Manager for consideration.

• Design and implement automation and integration workflows that improve the efficiency and effectiveness of platform operations; develop scripts, API integrations, and orchestration logic that reduce manual effort and enable platform capabilities to be delivered at scale.

• Support the delivery of platform deployments, upgrades, and new capability rollouts as part of the GCS transformation programme; plan and execute engineering work with precision, minimising disruption to the business and to SOC operations throughout.

Vendor Engagement & Licence Management

• Maintain productive working relationships with vendor technical teams for assigned platforms; engage effectively with vendor support for issue resolution, participate in technical briefings and product roadmap sessions, and escalate product deficiencies through appropriate channels.

• Maintain accurate records of licence entitlements, feature adoption, and consumption for assigned platforms; flag any discrepancies, unused entitlements, or upcoming renewal milestones to the Security Platform Engineering Manager in a timely manner.

Experience, Knowledge, Skills & Attributes Essential

Experience

• 4+ years in a cyber security engineering or security operations technology role, with hands-on technical experience configuring and managing enterprise security platforms.

• Demonstrable, deep technical expertise in at least one platform from the portfolio – Microsoft Defender / M365 Defender suite, Zscaler, Qualys, Abnormal Security, or Axonius – including hands-on configuration, policy management, and operational tuning at enterprise scale.

• Experience working closely with a SOC or security operations team, with an understanding of how platform configuration decisions affect detection quality, alert fidelity, and analyst workflow.

• Experience maintaining configuration documentation and operating within a structured change management process for security platforms.

• Experience engaging with vendor technical support teams, logging and escalating issues effectively, and driving platform problems to resolution.

Knowledge & Skills

• Genuine technical curiosity: the instinct to explore platforms beyond surface-level familiarity, understand their full capability depth, and think creatively about how features can be applied to solve real security problems.

• Strong working knowledge of the Microsoft security stack, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and M365 security policy configuration.

• Understanding of security platform integration patterns, including API connectivity, SIEM/SOAR data feeds, and log forwarding; practical experience implementing or maintaining at least one such integration.

• Ability to produce clear technical documentation – configuration records, runbooks, change requests – to a consistent and auditable standard.

Qualifications

• Degree-level education in computer science, information security, or a related technical discipline; or equivalent professional experience.

• Vendor certification in at least one of the platforms in scope (e.g. Microsoft SC-200, SC-300, AZ-500; Zscaler ZCCA-IA or ZCCA-PA; Qualys certification; or equivalent).

Experience, Knowledge, Skills & Attributes Desirable

Experience

• Experience in a large FMCG, food and beverage, retail, or FTSE-listed organisation, with exposure to the complexity of securing a highly federated, multi-divisional estate.

• Experience working within a managed SOC or MSSP environment as a platform engineer or technical specialist, providing engineering support to security operations teams.

• Hands-on experience with security automation and scripting: PowerShell, Python, API integrations, or SOAR playbook development.

• Experience participating in a formal M365 E5 deployment or migration programme, including configuration of Defender workloads and integration with Sentinel

Knowledge & Skills

• Expertise in a second platform from the portfolio, providing broader coverage across the security tooling estate.

• Understanding of identity security concepts – Entra ID, conditional access policy design, privileged identity management – and their interaction with Defender and Zscaler configurations.

• Familiarity with CAASM concepts and Axonius as a platform for continuous asset visibility and controls monitoring.

• Awareness of OT/ICS security monitoring considerations and the challenges of extending enterprise platform coverage into operational technology network zones.

Qualifications

• Additional vendor certifications across a second or third platform in the portfolio (e.g. Microsoft SC-100, Zscaler ZCCP, or Qualys advanced certifications).

• CISSP, CISM, or CompTIA Security+ demonstrating broader security knowledge alongside platform-specific expertise.

]]>https://www.informationsecuritysolutions.com/job/cyber-platform-engineer-197.aspxhttps://www.informationsecuritysolutions.com/job/cyber-platform-engineer-197.aspxhttps://www.informationsecuritysolutions.com/job/cyber-platform-engineer-197/apply.aspxSun, 07 Jun 2026 20:48:06 GMThttps://www.informationsecuritysolutions.com/job/cyber-platform-engineer-197/apply.aspx197Cyber Platform Engineer338PermanentIT/Information/Cyber SecuritySecurity EngineerLondonSun, 07 Jun 2026 20:48:06 GMTSun, 21 Jun 2026 20:48:06 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609059000.0072000.00Per YearGBPUKCyber Security Platform Engineer – MicrosoftTitle: Cyber Security Platform Engineer – Microsoft

Reference No: 2161

Company: FTSE 100

Reports to Security Platform Engineering Manager

Location: London

Salary: £59,000 - £72,000

Benefits Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across) the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. This is a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus.

The Security Platform Engineering function is central to that portfolio – responsible for ensuring that the security tools the organisation invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value. Microsoft is the most strategically significant security platform, and the uplift and optimisation of the Microsoft security estate is one of the most consequential engineering challenges in the GCS transformation programme.

Role Summary

Reporting to the Security Platform Engineering Manager, the Cyber Security Platform Engineer – Microsoft is the Group dedicated technical authority for the Microsoft security platform. The role carries implied ownership of the full Microsoft security stack: the M365 Defender suite, the security-relevant capabilities of Microsoft Entra ID (conditional access, Privileged Identity Management, access packages, and least privilege), Intune, and the foundational configuration of the Microsoft 365 and Azure environments on which all of these depend. This is a role that extends beyond BAU platform management: a significant part of the initial mandate is to critically assess the current state of the Microsoft estate – spanning E3, Active Directory, Entra ID, Intune, and existing Defender deployments – identify the gaps against vendor-recommended best practice and the Group cyber standard, and build a prioritised strategy and plan to close them.

This role is the primary technical owner of that relationship on the GCS side – working directly with the Microsoft team to prioritise, plan, and drive the E5 deployment across the estate, and ensuring that the professional services and engineering resources available are directed at the highest-value activities. The role must navigate the realities of the federated organisation with skill: delivery will depend on partnership with divisional IT teams, and getting there will require excellent stakeholder management, a clear change communication approach, and an absolute commitment to end-user experience. Zero tolerance for avoidable downtime is not a preference – it is a non-negotiable operating constraint.

The role works in close partnership with the Cyber Architecture Manager, the Group CTO function, the IT Frameworks Director, Assurance leads, Divisional Security Leads, and the Identity Transformation team. It shares the defining mindset of the whole platform engineering function: genuine passion for the Microsoft platform, curiosity about its full capability, and the drive to get to a secure, consistent, vendor-recommended configuration as quickly and as safely as possible.

Role Responsibilities / Accountabilities

Microsoft Estate Assessment, Gap Analysis & Strategy

• Conduct a structured, critical assessment of the current Microsoft security estate, covering Active Directory, Microsoft Entra ID, Intune, M365 (E3 and current Defender deployments), and Azure security configuration; benchmark the current state against Microsoft’s secure score recommendations, vendor best practice, and the Group cyber technical standard, and produce a clear, evidence-based gap analysis.

• Develop a prioritised Microsoft security uplift strategy and delivery plan that sequences remediation and enhancement activity by risk reduction impact, operational feasibility, and alignment with the E5 migration roadmap; ensure the plan is realistic for federated environment and has clear milestones, owners, and success criteria.

• Maintain the Microsoft security uplift plan as a live document; track progress against milestones, report status to the Security Platform Engineering Manager, and adapt the plan to the Groups environment, the threat landscape, and the Microsoft product roadmap evolve.

Microsoft Defender Platform Ownership & Engineering

• Own the technical configuration, ongoing engineering, and operational health of the full M365 Defender suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and Microsoft Sentinel integration; maintain configurations to the approved baseline and drive continuous improvement against vendor-recommended configuration.

• Work closely with the SOC to tune Defender configurations for effective detection and response; adjust detection rules, custom detection queries, and alert thresholds in response to SOC operational feedback, ensuring analysts receive high-fidelity, actionable alerts with minimal noise.

• Develop and maintain detailed configuration documentation, runbooks, and change records for all Defender workloads; ensure configuration state is consistently documented, version-controlled, and auditable.

Entra ID Security & Identity Controls

• Own the security configuration of Microsoft Entra ID across the Group; take implied technical ownership of the security-relevant Entra capabilities including Conditional Access policy design and enforcement, Privileged Identity Management (PIM), access packages and entitlement management, Identity Protection, and the application of least privilege principles across the directory.

• Work with the Cyber Architecture Manager, the IT Frameworks Director, and Assurance leads to ensure that GCS policies – including BYOD, remote access, and privilege management policies – are correctly and completely manifested in Entra Conditional Access policies and Intune device compliance rules; maintain a clear mapping between policy intent and platform configuration.

• Support the Active Directory to Entra ID modernisation journey; identify legacy AD configurations and hybrid identity risks that need to be addressed as part of the E5 migration, and work with the Identity Transformation team to ensure Entra security configuration activity is co-ordinated with the broader identity programme.

• Own the Intune security configuration, maintain device compliance policies, configuration profiles, and security baselines; ensure Intune is configured to enforce the Group endpoint security standard and provides accurate device compliance data to Entra Conditional Access and the Defender estate.

E5 Migration, ECIF Engagement & Microsoft Relationship

• Act as GCS’s primary technical liaison to the Microsoft ECIF (Engineering Co-Investment Fund) team; plan, prioritise, and drive the E5 deployment programme in partnership with the ECIF team, ensuring that Microsoft engineering resources are directed at the highest-value activities and that the Organisation is getting the maximum benefit from the co-investment engagement.

• Manage the technical relationship with Microsoft across the security and identity platform; maintain active engagement with Microsoft technical account management, product specialists, and engineering teams; use the account relationship to gain early access to roadmap briefings, preview features, escalation paths, and best-practice guidance relevant to the organisations environment.

• Plan and manage the technical delivery of E5 capability rollout across the divisions; sequence deployment activity to maximise early security value, sequence it safely within the change management constraints, and ensure each phase is fully tested, documented, and supported before moving to the next.

• Maintain accurate records of Microsoft licence entitlements, feature adoption, and E5 deployment progress; ensure the Group is consuming the capabilities it is paying for, and provide the Security Platform Engineering Manager with clear, up-to-date visibility of licence utilisation and deployment status.

• Policy Manifestation, Standards Alignment & Assurance

• Translate Group cyber technical standards and security policies into enforceable Microsoft platform configurations; maintain a clear, auditable mapping between each policy requirement and its implementation in Defender, Entra, Intune, or other Microsoft controls, and ensure divergence is identified and remediated promptly.

• Work closely with the Director of Cyber Assurance and Assurance leads to support controls assessment of the Microsoft estate; provide technical evidence of configuration compliance, investigate gaps identified through continuous controls monitoring (including Axonius), and drive remediation of control failures to closure.

• Work with the Cyber Architecture Manager to ensure that Microsoft security configurations are consistent with the Group cyber enterprise architecture and approved reference patterns; flag and resolve any divergence between the configured state and the architectural design intent.

Divisional Engagement, Change Communication & End-User Focus

• Work directly with Divisional Security Leads to share emerging practice, gather direct and usable feedback on how Microsoft security configurations are landing in the business, and drive adoption of a consistent, vendor-recommended Microsoft configuration across all 11 divisions as quickly as the operating model allows.

Put end users at the heart of every configuration and deployment decision; maintain a zero-tolerance approach to avoidable downtime, design changes to minimise disruption to business operations, and ensure that user-impacting changes are thoroughly tested and piloted before broad rollout.

• Own the change communication approach for Microsoft platform changes; ensure that divisions, IT teams, and end users understand what is changing, why it is changing, and what they need to do – well in advance of any change taking effect; develop training and guidance materials that help users and IT teams adapt confidently to new security controls.

• Provide technical configuration guidance and support to divisional IT and security teams deploying or operating Microsoft security platforms in their environments; act as the technical authority for Microsoft platform queries across the Group, and help divisional teams reach and maintain compliance with the Group Microsoft security baseline.

Identity Transformation Alignment & Stakeholder Collaboration

• Work closely and continuously with the Identity Transformation team throughout the transformation programme; ensure that GCS Microsoft security configuration activity – particularly Entra ID, PIM, and Conditional Access – is aligned with and supportive of the broader identity transformation workstream, and that dependencies, conflicts, and sequencing decisions are surfaced and resolved early.

• Collaborate with the Group CTO function and IT Frameworks Director to ensure that Microsoft security platform plans are integrated into the broader IT technology strategy; surface platform interdependencies that span security and non-security technology and ensure they are managed proactively.

• Contribute actively to continuous improvement within the Security Platform Engineering function; document lessons learned from each phase of E5 delivery, share practice with other platform engineers, and help build the team’s collective Microsoft knowledge and capability over time.

Experience, Knowledge, Skills & Attributes Essential

Experience

• 5+ years in cyber security or Microsoft platform engineering, with demonstrable, hands-on depth across the Microsoft 365 security stack in a large enterprise environment.

• Proven hands-on experience configuring and managing the M365 Defender suite at enterprise scale, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Office 365.

• Substantive, practical experience with Microsoft Entra ID security configuration: Conditional Access policy design and enforcement, Privileged Identity Management, Identity Protection, and access package or entitlement management.

• Experience configuring and managing Microsoft Intune at enterprise scale, including device compliance policies, configuration profiles, and endpoint security baselines.

• Experience conducting a structured assessment of a Microsoft 365 environment and developing a gap analysis and remediation roadmap against vendor best practice or a defined security standard.

• Experience working with a SOC or security operations team as a platform engineer, tuning Microsoft Defender detection rules and data feeds to improve alert quality and operational effectiveness.

• Experience engaging directly with Microsoft technical account teams, ECIF programme teams, or Microsoft FastTrack / CSP engineers to drive platform deployment or optimisation activity.

Knowledge & Skills

• Genuine passion for the Microsoft security platform: the curiosity to explore its full capability, track its roadmap proactively, and identify where existing or emerging features can address real problems before defaulting to new tooling.

• Deep, current technical knowledge of the Microsoft 365 security architecture: how Defender workloads integrate with each other, with Entra ID, with Intune, and with Sentinel; how data flows between components; and where configuration choices in one product affect behaviour in others.

• Strong understanding of hybrid identity architecture: Active Directory / Entra ID synchronisation, managed vs federated authentication, hybrid join, and the security implications of common hybrid configurations.

• Excellent stakeholder engagement skills; able to work collaboratively and credibly across GCS, IT, and business functions, and to communicate technical configuration changes in terms that non-technical stakeholders can understand and act on – particularly around user-impacting changes.

• Able to produce clear, accurate technical documentation – configuration records, runbooks, gap analyses, deployment plans, change requests – to a consistent and auditable standard; able to present findings and proposals to the Security Platform Engineering Manager and senior stakeholders concisely and with evidence.

Qualifications

• Degree-level education in computer science, information security, or a related technical discipline; or equivalent professional experience.

• Microsoft certification in security operations or identity: SC-200 (Security Operations Analyst), SC-300 (Identity and Access Administrator), or AZ-500 (Azure Security Engineer); at least one of these is required, and ideally two or more. Experience

• Experience delivering a formal M365 E5 migration or deployment programme in a large enterprise, including uplift from E3, enabling Defender workloads in sequence, and managing user-impacting changes across a federated or multi-divisional organisation.

• Experience working directly with a Microsoft ECIF engagement, FastTrack programme, or Microsoft Unified Support team to plan and execute platform deployments or optimisation activities.

• Experience in a large FMCG, retail, food and beverage, or FTSE-listed manufacturing organisation, with direct exposure to the complexity of managing a heterogeneous, multi-divisional Microsoft estate.

• Experience contributing to a broader identity transformation or Active Directory modernisation programme, working alongside IAM or identity engineering teams.

• Experience designing and delivering user-facing change communication and adoption programmes for Microsoft security platform changes (e.g. MFA rollouts, Conditional Access enforcement, BYOD controls).

Experience, Knowledge, Skills & Attributes Desirable

Knowledge & Skills

• Microsoft Sentinel: KQL query development, analytics rule management, workbook creation, and SOAR playbook integration; experience building or tuning a Sentinel deployment to serve as the primary SIEM for a SOC.

• PowerShell and/or Microsoft Graph API scripting for automation of Entra, Intune, and Defender configuration tasks; experience using the Microsoft 365 DSC (Desired State Configuration) framework or similar tooling for configuration-as-code.

• Understanding of Microsoft Purview (Information Protection, DLP, Compliance Manager) and its relationship to the broader Microsoft security and governance configuration.

• Familiarity with Axonius or equivalent CAASM tooling and how it can be used to validate and evidence Defender and Intune configuration compliance across a large, distributed estate.

Qualifications

• SC-100 (Microsoft Cybersecurity Architect) demonstrating breadth across the Microsoft security portfolio at the design and strategy level.

• CISSP or CISM providing broader security leadership credentials alongside deep Microsoft specialism.

• Microsoft Certified: Identity and Access Administrator Associate (SC-300) if not already held as an Essential requirement.

]]>https://www.informationsecuritysolutions.com/job/cyber-security-platform-engineer-–-microsoft-198.aspxhttps://www.informationsecuritysolutions.com/job/cyber-security-platform-engineer-–-microsoft-198.aspxhttps://www.informationsecuritysolutions.com/job/cyber-security-platform-engineer-–-microsoft-198/apply.aspxSun, 07 Jun 2026 20:48:06 GMThttps://www.informationsecuritysolutions.com/job/cyber-security-platform-engineer-–-microsoft-198/apply.aspx198Cyber Security Platform Engineer – Microsoft338PermanentIT/Information/Cyber SecuritySecurity EngineerLondonSun, 07 Jun 2026 20:48:06 GMTSun, 21 Jun 2026 20:48:06 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609059000.0072000.00Per YearGBPUKCyber Advisor LeadTitle: Cyber Advisory Lead

Reference No: 2162

Company: FTSE 100

Reports to Cyber Advisory Services Manager

Location: London

Salary: £59,000 - £72,000

Benefits Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS sets the Group cyber standard, measures compliance against it across all the businesses, and delivers a portfolio of centrally managed security services that divisions can rely on.

The Cyber Advisory Services function is the critical bridge between Group standards and divisional reality – translating GCS expertise into practical, context-sensitive support that helps divisions understand, adopt, and embed the Group cyber standard in their specific environments.

Role Summary

Reporting to the Cyber Advisory Services Manager, the Cyber Advisory Lead is a senior individual contributor and the primary delivery resource within the advisory function. The role provides expert cyber security advice and guidance directly to the divisions, business units, and Group functions – operating as a trusted consultant who helps translate Group cyber standards into practical action on the ground. The Cyber Advisory Lead is the person divisions call when they need a credible, knowledgeable partner to work through a cyber security challenge with them: someone who understands both the Group standard and the operational reality of divisional environments.

The role delivers a wide range of advisory services including technical standards interpretation and guidance, firewall rule base and security policy review, security input to non-functional requirements for Group and divisional programmes, and advisory support to merger, acquisition, and divestiture activity. The Cyber Advisory Lead also plays a key role in managing and briefing flexible resources drawn from the GCS resourcing pool, ensuring they are deployed effectively and maintain the quality standards expected of the advisory function. This is a hands-on role that demands breadth, consulting confidence, and the ability to calibrate advice to the needs and maturity of each divisional audience.

Role Responsibilities / Accountabilities

Technical Standards Advisory & Interpretation

• Act as the primary advisory point of contact for divisions and business units seeking guidance on the interpretation and application of Group cyber technical standards; provide clear, practical, and risk-proportionate advice that helps divisions understand what compliance looks like in their specific environment.

• Translate Group technical standards into actionable divisional guidance; develop worked examples, implementation notes, and practical toolkits that make standards easier for divisional IT and security teams to adopt without losing the intent of the underlying requirement.

• Capture intelligence from advisory engagements – recurring questions, implementation blockers, divisional gaps – and feed it back to the Cyber Advisory Services Manager to inform improvements to standards, guidance materials, and the advisory service offering.

Rule Base Assessment & Security Policy Review

• Plan and conduct firewall rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and produce clear, risk-prioritised findings reports with actionable remediation guidance.

• Review and assess security policy change requests from divisions, evaluating proposed changes against Group standards and architectural principles and providing a clear recommendation with supporting rationale; act as a constructive challenge function rather than a bureaucratic gate.

• Support divisional teams in understanding and implementing remediation actions following rule base and policy reviews; track agreed actions to closure and provide follow-up assurance that improvements have been embedded sustainably.

Non-Functional Security Requirements

• Engage with Group and divisional programme teams to define and validate non-functional security requirements (NFRs); ensure that security properties – covering authentication, authorisation, encryption, logging, resilience, and data classification – are specified clearly and in a form that project and engineering teams can act on.

• Apply the Group NFR library to programme and project engagements, tailoring standard requirements to the specific technology context; identify where project proposals deviate from Group security expectations and work with project teams to find compliant or risk-accepted alternatives.

• Contribute to the ongoing development and maintenance of the Group NFR library; identify gaps, outdated requirements, and emerging security considerations that should be reflected in standard NFR content.

M&A, Project & Programme Advisory Support

• Provide cyber security advisory input to merger, acquisition, and divestiture activity, supporting the Cyber Advisory Services Manager in delivering the GCS M&A workstream; conduct cyber due diligence assessments, identify security risks associated with target entities, and develop recommendations for integration or separation.

• Support the delivery of cyber advisory input to Group and divisional strategic programmes – including technology transformations, cloud migrations, and ERP deployments – ensuring security considerations are raised and addressed at the right stage of each programme lifecycle.

• Produce high-quality advisory outputs – reports, briefing notes, findings summaries, and recommendations – that reflect well on GCS and provide divisional stakeholders with clear, actionable intelligence.

Flexible Resource Management & Divisional Engagement

• Support the Cyber Advisory Services Manager in managing the GCS flexible resourcing pool; brief and onboard flexible resources ahead of divisional deployments, maintain quality standards throughout engagements, and provide day-to-day direction to consultants and contractors working within the advisory function.

• Build and maintain trusted working relationships with divisional security leads, IT directors, and BISOs; position yourself as an accessible, credible, and practically-minded partner who divisions want to engage with rather than a compliance overhead.

• Act as an active intelligence gatherer during divisional engagements; identify common challenges, recurring themes, and emerging risks across the estate, and feed structured insight back to the Cyber Advisory Services Manager and the wider GCS Leadership Team.

Experience, Knowledge, Skills & Attributes Essential

Experience

• 6+ years in cyber security, with a significant portion in advisory, consulting, or technical security roles requiring breadth across multiple domains.

• Demonstrable experience delivering cyber security advisory services to business units or divisions within a large organisation, or to enterprise clients as an external consultant.

• Hands-on experience conducting firewall rule base reviews and security policy assessments, producing structured findings reports with risk-prioritised recommendations.

• Experience defining or reviewing non-functional security requirements for technology programmes, and the ability to translate security standards into specific, measurable project requirements.

• Experience providing cyber security input to M&A or other major business change programmes, including due diligence support and integration planning.

Knowledge & Skills

• Broad technical knowledge spanning the core cyber security domains – network security, identity and access management, endpoint protection, cloud security, application security, and data protection – sufficient to advise credibly across all of them.

• Strong consulting and communication skills: able to listen carefully, form a well-reasoned view, and articulate it clearly – whether in a written advisory report, a divisional workshop, or a one-to-one conversation with a BISO or IT director.

• Ability to translate Group technical standards into practical, context-sensitive guidance that maintains the intent of the standard while acknowledging legitimate operational constraints of the division.

• Strong written output skills; able to produce high-quality advisory reports and briefing materials that are accurate, clearly structured, and appropriate for a senior divisional or Group audience.

Qualifications

• Degree-level education in computer science, information security, or a related discipline; or equivalent professional experience.

• Professional certification in cyber security: CISSP, CISM, CompTIA Security+, or equivalent demonstrating technical breadth. Experience

• Experience within a Big Four, specialist cyber consultancy, or in-house advisory function of a large FTSE-listed organisation, delivering structured advisory engagements at pace.

• Experience in an FMCG, food and beverage, retail, or manufacturing environment, with an appreciation of the security challenges of a federated, operationally diverse estate.

• Experience directly supporting or delivering the cyber workstream of an M&A transaction, from initial due diligence through to integration planning.

• Experience directing or providing quality oversight to flexible resourcing or contractor teams within an advisory or consulting context.

Experience, Knowledge, Skills & Attributes Desirable

Experience

• Experience within a Big Four, specialist cyber consultancy, or in-house advisory function of a large FTSE-listed organisation, delivering structured advisory engagements at pace.

• Experience in an FMCG, food and beverage, retail, or manufacturing environment, with an appreciation of the security challenges of a federated, operationally diverse estate.

• Experience directly supporting or delivering the cyber workstream of an M&A transaction, from initial due diligence through to integration planning.

• Experience directing or providing quality oversight to flexible resourcing or contractor teams within an advisory or consulting context.

Knowledge & Skills

• Familiarity with firewall policy review tooling (e.g. Tufin, AlgoSec, FireMon) and structured methodologies for rule base analysis and optimisation.

• Working knowledge of: Microsoft E5/Defender, Zscaler, Qualys, Abnormal Security, Axonius, sufficient to provide advisory guidance without requiring specialist platform engineering support for routine questions.

• Knowledge of ISO/IEC 27001:2022 and NIST CSF 2.0, and how these frameworks underpin the Group technical standards and ISMS programme.

Qualifications

• ISO/IEC 27001 Lead Auditor or Lead Implementer, supporting familiarity with the standards framework underpinning the Group ISMS.

• Membership of a recognised professional body (CIISec, ISACA, (ISC)², BCS) is welcome.

]]>https://www.informationsecuritysolutions.com/job/cyber-advisor-lead-199.aspxhttps://www.informationsecuritysolutions.com/job/cyber-advisor-lead-199.aspxhttps://www.informationsecuritysolutions.com/job/cyber-advisor-lead-199/apply.aspxSun, 07 Jun 2026 20:48:06 GMThttps://www.informationsecuritysolutions.com/job/cyber-advisor-lead-199/apply.aspx199Cyber Advisor Lead338PermanentIT/Information/Cyber SecuritySecurity ConsultantLondonSun, 07 Jun 2026 20:48:06 GMTSun, 21 Jun 2026 20:48:06 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609059000.0072000.00Per YearGBPUKOT Security SpecialistTitle: OT Security Specialist

Reference No: 2163

Company: FTSE 100

Reports to OT and Manufacturing Security Manager

Location: London

Salary: £59,000 - £72,000

Benefits Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. The business, whose resilience depends on keeping production lines running, plants safe, and supply chains intact, the security of operational technology is fundamental.

The OT and Manufacturing Security team sits at the heart of that mission – setting the Group OT security standard, driving improvement across the global manufacturing estate, and ensuring that the people, processes, and technologies running the plants are protected against an evolving threat landscape.

Role Summary

Reporting to the OT and Manufacturing Security Manager, the OT Security Specialist is a hands-on technical expert who provides specialist OT security knowledge, assessment capability, and practical delivery support across the manufacturing and operational technology environments. The role sits close to the operational reality of its plants – engaging directly with divisional engineering teams, system owners, and plant management to assess OT security risks, support the implementation of security controls, and build security awareness in communities who may not have a traditional cyber background.

The OT Security Specialist combines deep technical knowledge of OT environments – SCADA, ICS, PLCs, DCS, and the protocols that connect them – with a practical understanding of how security improvements must be designed and sequenced to respect the availability, safety, and operational constraints of manufacturing environments. This is not a purely desk-based role: it requires regular site visits, direct engagement with plant engineers, and the ability to earn trust in a world where cyber security may be seen as a new and sometimes unwelcome intrusion.

The role supports the OT and Manufacturing Security Manager across the full range of OT security activities – from risk assessment and vulnerability management, through Claroty deployment and monitoring, to incident response support and the delivery of OT-specific security awareness programmes. The OT Security Specialist is a critical delivery resource within the team and a key technical interface between Group Cyber Security and the operational and engineering communities.

Role Responsibilities / Accountabilities

OT Security Assessment & Risk Management

• Conduct OT security assessments and risk reviews across the manufacturing sites and divisional OT environments; identify security gaps, assess risk against the Group OT security standard, and produce clear, risk-prioritised findings with practical remediation recommendations appropriate for the operational context.

• Support divisional teams in understanding and implementing OT security risk assessments; provide technical guidance on risk assessment methodology appropriate for OT environments, including consequence-based analysis that accounts for physical safety, process continuity, and environmental implications.

• Maintain and update the Group OT risk register in collaboration with the OT and Manufacturing Security Manager; track remediation activity against identified risks, monitor progress, and flag where risks are not being addressed within agreed timescales.

OT Vulnerability Management

• Monitor OT-specific vulnerability intelligence sources and vendor security advisories; assess the applicability and risk of vulnerabilities to the OT estate, and develop practical remediation or mitigation guidance that acknowledges the constraints of OT patching cycles and change management processes.

• Communicate vulnerability findings and recommended actions to divisional engineering teams and system owners in a form they can understand and act on; track remediation or compensating control implementation through to closure.

• Support the management of OT-relevant projects across the Group estate; review project proposals and change requests for security implications, provide technical OT security input to design reviews, and assure that security controls are implemented as intended.

OT Monitoring & Claroty Platform Support

• Support the deployment and ongoing operation of Claroty across the manufacturing sites; configure asset discovery and network monitoring capabilities, validate that the platform is providing accurate and complete OT asset inventory, and ensure that monitoring coverage extends to all in-scope environments.

• Manage and review OT security monitoring alerts from Claroty and other OT monitoring tooling; investigate anomalous activity, assess severity and operational impact, and escalate confirmed or suspected incidents to the OT and Manufacturing Security Manager and the SOC in line with the Group incident response process.

• Support integration of OT monitoring outputs into the Group SOC operational workflow; work with the SOC and Security Platform Engineering Manager to ensure that OT alerts are correctly classified, enriched, and handled by SOC analysts who may have limited OT context. This may include assisting with Playbooks and service design.

Divisional Engagement & Technical Guidance

• Engage directly with divisional engineering teams, plant managers, system owners, and BISOs to provide technical OT security guidance and practical support; build trusted working relationships with operational and engineering communities who may have limited prior exposure to cyber security, and develop a reputation as a helpful, knowledgeable, and operationally aware partner.

• Provide technical review and guidance on OT network architecture, IT/OT segmentation, secure remote access design, and system integration proposals; identify security concerns at the design stage and work constructively with engineering teams to address them without impeding operational delivery.

• Support the management of OT third-party relationships; assist in assessing the security posture of OT suppliers, system integrators, and remote maintenance providers, and ensure that access controls, network segmentation, and contractual security requirements are appropriately applied and enforced.

Incident Response Support & Crisis Readiness

• Provide technical OT security expertise in the event of a cyber incident affecting manufacturing or OT environments; support the OT and Manufacturing Security Manager and the Group incident response team with OT-specific situational awareness, technical analysis, and advice on response options that balance security with operational and safety imperatives.

• Support the development and maintenance of OT cyber incident response plans and playbooks; contribute to the design of OT-specific crisis exercises and help ensure that divisional engineering and operations teams are prepared to respond effectively when needed.

Awareness, Training & Continuous Improvement

• Develop and deliver OT-specific security awareness and training content for operational, engineering, and plant management audiences; create materials that are relevant, accessible, and appropriate for people whose primary expertise is engineering rather than cyber security.

• Stay current with developments in OT cyber security – emerging threats, vendor advisories, ICS-CERT publications, regulatory developments – and bring relevant intelligence to the OT and Manufacturing Security Manager in a timely and structured way.

Experience, Knowledge, Skills & Attributes Essential Desirable

Experience

• 5+ years in cyber security, with at least 3 years of hands-on experience in OT, ICS, or manufacturing security roles within an industrial or manufacturing organisation.

• Demonstrable, hands-on experience of real OT environments – SCADA, ICS, PLCs, DCS, or HMI – sufficient to engage credibly with plant engineers and system owners, and to make practical security recommendations that respect operational constraints and safety requirements.

• Experience conducting OT security assessments or risk reviews, producing structured findings reports, and providing remediation guidance appropriate for the operational context.

• Experience working directly with OT vulnerability intelligence sources and developing remediation or mitigation guidance that accounts for OT patching constraints and change management requirements.

• Experience engaging directly with engineering, operations, or plant management teams to deliver security guidance, conduct site assessments, or provide security design input to OT projects.

Knowledge & Skills

• Solid technical knowledge of OT environments: SCADA, ICS, DCS, PLCs, HMI systems, and OT-specific protocols including Modbus, OPC-UA, DNP3, and Profinet; able to interpret architecture diagrams, network designs, and vendor documentation for these environments.

• Working knowledge of OT security frameworks and standards: IEC 62443, NIST SP 800-82, and the Purdue Model; understanding of IT/OT network segmentation principles and common secure architecture patterns for OT environments.

• Understanding of OT asset discovery and network monitoring concepts; familiarity with passive and active monitoring approaches and the considerations for deploying monitoring tools safely in live production environments.

• Strong interpersonal and communication skills; able to build trust with engineering and operational teams who may be unfamiliar or initially sceptical of cyber security, and to explain technical security concepts clearly to non-security audiences.

• Genuine understanding of the safety-security interface: able to design and recommend security measures that do not compromise plant safety, process integrity, or operational availability.

Qualifications

• Degree-level education in engineering, computer science, information security, or a related technical discipline; or equivalent professional experience.

• Professional certification in OT or cyber security: GICSP, ISA/IEC 62443 CCST, CompTIA Security+, or equivalent. Experience

• Experience in a large FMCG, food and beverage, sugar, agricultural, or consumer goods manufacturing organisation, with direct exposure to food-grade, hygiene, or continuous process manufacturing environments.

• Hands-on experience deploying or configuring an OT network monitoring or CAASM platform (e.g. Claroty, Dragos, Nozomi Networks) in a live production environment.

• Experience providing OT security input to a significant manufacturing technology project, OT upgrade, or new site build, including design review and security requirements definition.

• Experience supporting or participating in an OT cyber security incident response, including real-time technical analysis and communication to operational stakeholders under pressure.

Experience, Knowledge, Skills & Attributes Desirable

Experience

• Hands-on experience deploying or configuring an OT network monitoring or CAASM platform (e.g. Claroty, Dragos, Nozomi Networks) in a live production environment.

• Experience providing OT security input to a significant manufacturing technology project, OT upgrade, or new site build, including design review and security requirements definition.

• Experience supporting or participating in an OT cyber security incident response, including real-time technical analysis and communication to operational stakeholders under pressure.

Knowledge & Skills

• Familiarity with a specific OT vendor ecosystem relevant to the manufacturing estate (e.g. Siemens, Rockwell Automation, Schneider Electric, ABB, or Honeywell) and the security implications of their platforms and architectures.

• Understanding of IT/OT convergence considerations arising from IIoT and Industry 4.0 deployments, and awareness of the new attack surfaces these introduce in manufacturing environments.

• Working knowledge of the broader IT security estate (Microsoft E5, Defender suite, Zscaler) and the considerations that arise when extending IT security controls into OT network zones.

• Awareness of health, safety, and environmental (HSE) regulatory frameworks as they intersect with OT security, and an appreciation of the physical safety and environmental consequences that can result from cyber incidents in manufacturing environments.

Qualifications

• ISA/IEC 62443 Cybersecurity Certificate or higher level qualification in OT security.

• CISSP or CISM for those looking to develop broader security leadership credentials alongside their OT specialism.

• Membership of a relevant professional body or industry group (CIISec, IET, ISA, BCS) is welcome.

]]>https://www.informationsecuritysolutions.com/job/ot-security-specialist-200.aspxhttps://www.informationsecuritysolutions.com/job/ot-security-specialist-200.aspxhttps://www.informationsecuritysolutions.com/job/ot-security-specialist-200/apply.aspxSun, 07 Jun 2026 20:48:05 GMThttps://www.informationsecuritysolutions.com/job/ot-security-specialist-200/apply.aspx200OT Security Specialist338PermanentOT SecurityOT Security AnalystLondonSun, 07 Jun 2026 20:48:05 GMTSun, 21 Jun 2026 20:48:05 GMTIain Sutherlandiain@informationsecuritysolutions.com020 7887 609059000.0072000.00Per YearGBPUKCyber Advisory Services ManagerTitle: Cyber Advisory Services Manager

Reference No: 2157

Company: FTSE 100

Reports to Deputy Group CISO

Location: London or Peterborough with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).

Working Pattern 37.5 hours per week, Monday – Friday.

Salary: £84,000 - £100,000

Benefits Car allowance, Bupa, Matched pension contributions.

The Role

Group Cyber Security Overview

Role Summary

Reporting to the Deputy Group CISO, the Cyber Advisory Services Manager leads the GCS consulting and advisory capability – the function that turns Group cyber standards and expertise into practical, tailored support for all the divisions. This is a role for a confident, credible cyber security generalist with strong consulting instincts: someone who is equally comfortable advising a divisional CIO on strategic security posture, reviewing a firewall ruleset for technical debt, or scoping the cyber workstream of a merger integration programme.

The role provides a broad portfolio of advisory services to the Group and its divisions, including: technical standards advice and interpretation; Security configuration, rule base assessment and policy change support; input to non-functional security requirements for Group and divisional programmes; cyber security input to mergers, acquisitions, and divestiture activity; and the deployment of specialist consulting resource into divisions that need temporary uplift in cyber capability. The role is a critical enabler for divisions that required augmentation or additional specialist to address all their cyber needs independently.

The Cyber Advisory Services Manager acts as an important feedback loop into GCS: gathering intelligence from divisional engagements that informs the evolution of Group standards, identifies emerging needs, and ensures that GCS remains relevant and responsive to the businesses it serves. The role works in close partnership with the Cyber Architecture Manager, the Head of Cyber Assurance, and the Security Platform Engineering Manager to ensure that advisory activity is consistent with and supportive of the broader GCS strategy

Role Responsibilities / Accountabilities

Technical Standards Advisory & Interpretation

• Provide authoritative advice to divisions, business units, and Group functions on the interpretation and practical application of the Group cyber technical standards and security policies; acting as the primary advisory interface between GCS and the divisions on matters of standards compliance, technology and implementation.

• Help divisions translate Group cyber standards into their specific operational context – providing pragmatic, risk-proportionate guidance on what good looks like in their environment, and a credible path from current state to compliant state.

• Feed intelligence from divisional advisory engagements back into the standards development process; identify where standards are unclear, impractical, or creating unintended barriers, and work with the Cyber Architecture Manager and Head of Cyber Assurance to drive improvements.

Rule Base Assessment & Security Policy Change

• Lead and deliver security configuration and rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and provide clear, prioritised remediation recommendations.

• Provide technical review and advisory support for security policy change requests from divisions, assessing proposed changes against Group standards and architectural principles, and providing a clear recommendation with appropriate justification.

• Develop and maintain a structured approach to rule base and policy review across the Group, including tooling, methodology, scheduling, and output standards, ensuring consistent and repeatable assessment quality across different divisional environments.

Non-Functional Security Requirements

• Provide security input to non-functional requirements (NFRs) for Group and divisional programmes and projects; define the security properties that technology solutions must meet – covering areas such as authentication, authorisation, encryption, logging, resilience, and data classification – in a form that is actionable by project and engineering teams.

• Maintain and evolve a Group-standard NFR library derived from the Group cyber technical standards, enabling consistent security requirements to be applied across the programme portfolio without reinventing them for each project; work with the Cyber Architecture Manager to ensure NFRs remain aligned to the enterprise architecture.

• Engage with divisional and Group programme teams at the point where security NFRs are being defined, ensuring security is embedded by design rather than added retrospectively; provide advisory support through the project lifecycle where security design decisions need to be revisited or refined.

Mergers, Acquisitions & Strategic Project Support

• Lead the GCS advisory contribution to mergers, acquisitions, and divestiture activity; scope and deliver the cyber workstream in M&A programmes, covering pre-deal due diligence support, integration planning, and the transition of acquired entities onto the Group cyber standard.

• Provide cyber advisory resource and expertise to other significant Group and divisional strategic programmes – including major technology transformations, ERP deployments, cloud migrations, and site openings or closures – ensuring security considerations are addressed at the right point in the programme lifecycle.

• Maintain a forward view of the M&A and strategic programme pipeline in collaboration with Group corporate development and divisional leadership, enabling advisory resource to be planned and mobilised proactively rather than reactively.

Divisional Resource Augmentation & Flexible Resourcing Pool

• Manage the GCS flexible resourcing pool as an advisory and consulting resource, deploying cyber consultants and specialist advisors into divisions that require temporary uplift in security capability – whether to support a programme, fill a capability gap, or accelerate compliance with Group standards.

• Work with divisional BISOs, CIOs, and IT security leads to understand their advisory and resource needs; define the scope and objectives of each deployment clearly, brief and onboard resources appropriately, and ensure that the output of each engagement meets the division’s needs and GCS quality standards.

• Manage the demand pipeline for advisory and flexible resource deployments; prioritise requests in line with Group risk priorities, balance supply against demand, and ensure that resourcing decisions are transparent and agreed with the Deputy CISO and relevant divisional stakeholders.

• Ensure that flexible resources deployed into divisions are competent, well-briefed on standards and culture, and set up to add genuine value from day one; maintain quality standards across the pool and build a pipeline of trusted specialists who understand the environment.

Divisional Engagement & GCS Intelligence Loop

• Build and sustain trusted relationships with divisional BISOs, security leads, CIOs, and IT directors across all 11 divisions; position the Cyber Advisory Services function as a valued, accessible, and practical source of cyber expertise – not a bureaucratic overhead.

• Use divisional advisory engagements as an active intelligence-gathering mechanism; identify common themes, recurring challenges, emerging risks, and capability gaps across the estate, and bring these insights back to the GCS Leadership Team to inform strategy, standards development, and investment priorities.

• Champion the GCS advisory model as a two-way relationship; ensure divisions feel heard and that their feedback genuinely influences how GCS operates, while maintaining the Group standards and non-negotiables that the advisory function exists to support.

Team Leadership, Quality & Continuous Improvement

• Lead and develop the permanent Cyber Advisory Services team; set clear standards of advisory quality, professional conduct, and output, and foster a culture where consultants take personal pride in the value they add to the divisions they support.

• Develop and maintain a service catalogue for the Cyber Advisory Services function that clearly articulates what the function offers, how to engage it, what divisions can expect, and how outcomes will be measured; make the function easy to access and straightforward to work with.

Work in close partnership with the Cyber Architecture Manager, Head of Cyber Assurance, and Security Platform Engineering Manager to ensure advisory activity is consistent with the GCS strategy, avoids duplication of effort, and is integrated into the broader GCS operating model.

Experience, Knowledge, Skills & Attributes - Essential

Experience

• 10+ years in cyber security, with a significant portion in advisory, consulting, or technical leadership roles requiring breadth across multiple security domains.

• Demonstrable track record of delivering cyber security advisory services in a complex, multi-entity, or federated environment – either in-house within a large group organisation or as an external consultant serving large enterprise clients.

• Hands-on experience conducting security configuration rule base reviews and security policy assessments, including use of relevant tooling and production of structured, risk-prioritised findings reports.

• Experience defining and reviewing non-functional security requirements for enterprise technology programmes, and the ability to translate Group security standards into specific, measurable, project-level requirements.

• Experience providing cyber security input to mergers, acquisitions, or divestiture programmes, including due diligence support and post-acquisition integration planning.

• Experience managing or coordinating a flexible or contract resourcing model for a technical function, including defining briefs, onboarding specialists, and maintaining quality of output across a pool of consultants.

• Experience leading or managing a small team of security consultants or advisors, with accountability for the quality and impact of advisory outputs.

Knowledge & Skills

• Broad technical knowledge spanning the key cyber security domains – network security, identity and access management, endpoint protection, cloud security, application security, and data protection – sufficient to advise credibly and independently across all of them.

• Excellent consulting and communication skills: the ability to listen carefully, understand context, form a well-reasoned view, and communicate it clearly and persuasively – whether in a written advisory report, a divisional workshop, or a conversation with a CIO.

• Ability to translate Group-level technical standards into practical, context-sensitive guidance that makes sense in a specific divisional environment – maintaining the intent and integrity of the standard while acknowledging legitimate operational constraints.

• Strong stakeholder management skills; able to build trust and credibility with senior divisional stakeholders, navigate organisational complexity with sensitivity, and influence without direct authority.

• Comfortable operating as a generalist at senior level: able to switch fluently between strategic advisory conversations and hands-on technical review, and to calibrate the depth of engagement to what each situation requires.

Qualifications

• Degree-level education, or equivalent professional experience in a relevant technical or business discipline.

• Professional certification in cyber security: CISSP, CISM, or equivalent demonstrating both technical breadth and professional credibility. Experience

• Experience within a Big Four, boutique cyber consultancy, or in-house advisory function of a large FTSE-listed or equivalent organisation, with demonstrable experience of structured advisory engagement delivery at pace.

• Experience in a large FMCG, food and beverage, retail, or manufacturing organisation, with an appreciation of the operational technology, supply chain, and consumer data considerations that shape security advisory in this sector.

• Direct experience leading the cyber workstream of a full M&A transaction lifecycle, from initial due diligence through to post-completion integration and standard adoption.

• Experience designing and operating a cyber advisory service catalogue, including definition of service offerings, engagement processes, SLAs, and satisfaction measurement.

• Experience working across multiple regulatory jurisdictions simultaneously, providing advisory guidance on how Group standards interact with local legal and regulatory requirements.

Desirable

Experience

• Direct experience leading the cyber workstream of a full M&A transaction lifecycle, from initial due diligence through to post-completion integration and standard adoption.

• Experience designing and operating a cyber advisory service catalogue, including definition of service offerings, engagement processes, SLAs, and satisfaction measurement.

• Experience working across multiple regulatory jurisdictions simultaneously, providing advisory guidance on how Group standards interact with local legal and regulatory requirements

Knowledge & Skills

• Familiarity with the security technology estate – including Microsoft E5 / Defender suite, Zscaler, Qualys, Abnormal Security, Claroty, and Axonius – sufficient to provide informed advisory guidance on standards compliance and configuration questions without requiring specialist platform engineering support for routine queries.

• Understanding of OT/ICS security considerations relevant to food and beverage manufacturing, distribution, and supply chain environments.

• Knowledge of firewall policy review tooling (e.g. Tufin, AlgoSec, FireMon) and structured approaches to rule base analysis and optimisation.

• Strong written communication skills; able to produce advisory reports, briefing papers, and engagement outputs to a consistently high standard that would reflect well on GCS in front of divisional leadership.

Qualifications

• Additional qualifications in security architecture (SABSA, CISSP-ISSAP) or risk (CRISC) that demonstrate depth alongside advisory breadth.

• ISO/IEC 27001 Lead Auditor or Implementer, demonstrating working familiarity with the standards framework that underpins the Group ISMS programme.

• Membership of a recognised professional body (CIISec, ISACA, (ISC)², BCS) is welcome.

]]>https://www.informationsecuritysolutions.com/job/cyber-advisory-services-manager-194.aspxhttps://www.informationsecuritysolutions.com/job/cyber-advisory-services-manager-194.aspxhttps://www.informationsecuritysolutions.com/job/cyber-advisory-services-manager-194/apply.aspxThu, 21 May 2026 10:27:16 GMThttps://www.informationsecuritysolutions.com/job/cyber-advisory-services-manager-194/apply.aspx194Cyber Advisory Services Manager338PermanentIT/Information/Cyber SecurityBusiness Information Security Officer (BISO)LondonThu, 21 May 2026 10:27:16 GMTSun, 05 Jul 2026 22:59:59 GMTCar allowance, Bupa, Matched pension contributions.Iain Sutherlandiain@informationsecuritysolutions.com020 7887 609084000.00Per YearGBPUK