Recruiting now
| Posted: | 17/04/26 | |
| Recruiter: | Exalto Consulting | |
| Reference: | 3098853487 | |
| Type: | Contract | |
| Disciplines: | Network Security | |
| Salary: | Competitive Negotiable depending on experience | |
| Location: | London | |
| Description: |
We urgently need a Cyber Security Manager for a a major national digital transformation programme to support a high profile online retail initiative as it moves through procurement and definition phases. This role will play a critical part in shaping a secure, resilient, and scalable digital retail platform used by millions of people. Required Skills & Experience - Strong technical expertise across application, infrastructure, cloud, and OS security, including modern web and API architectures. - Deep understanding of current threats and controls, including OWASP Top Ten (Web & API) - Experience with key standards and regulations: ISO 27001, PCI DSS, UK GDPR, and relevant government/industry frameworks. - Strong grounding in core security principles: defence in depth, least privilege, zero trust, security by design. - Hands on experience with threat modelling (eg, STRIDE) and risk management. - Proven ability to assess and assure third party supplier security within procurement processes. - Experience establishing security KPIs, governance, and assurance across delivery phases. - Excellent stakeholder engagement skills, able to influence both technical and non technical audiences. - Comfortable operating in a fast paced, complex, and ambiguous delivery environment. Key Responsibilities - Embed security by design across solution architecture, working closely with architects, technical leads, and security stakeholders. - Define and refine security, resilience, and non functional requirements for procurement. - Lead threat modelling and risk assessments across applications, integrations, data flows, and user journeys. - Provide actionable recommendations to influence design decisions and acceptance criteria. - Establish and maintain security governance, including KPIs, review gates, and assurance activities. - Support incident readiness planning and alignment with wider organisational security objectives. - Contribute to supplier evaluation through a structured security assessment framework. - Maintain a comprehensive security risk log, including inherited risks from existing systems and new build components. Please forward your CV for immediate consideration. | |