At a Glance
- Tasks: Lead cyber security assessments and ensure compliance with industry standards.
- Company: Join QBE, a leader in cyber security consulting with a collaborative culture.
- Benefits: Enjoy 30 days holiday, flexible working options, and a generous pension plan.
- Other info: Dynamic role with opportunities for growth in a global environment.
- Why this job: Make a real impact in cyber security while working with cutting-edge technologies.
- Qualifications: Experience in security standards like NIST and strong stakeholder management skills.
The predicted salary is between 70000 - 90000 £ per year.
Primary Details
- Time Type: Full time
- Worker Type: Employee
- Location: London
- Type: Permanent, full time
- Hybrid role, happy to talk flexible working
The Opportunity
QBE Europe is seeking a Cyber Security Consulting Lead to join our European Cyber Security team in our London Office. This role will provide Cyber Security Technology and Integration Assessment for QBE's IT Change Projects utilising a Secure Design Framework based on the NIST framework. The role will require the ability to work with Architects and Solution Design SMEs across a range of technologies to identify Cyber threats and gaps in controls and processes. The regular output across workstreams will be the production of the Secure by Design assessment, NFRs and supporting the project in identifying, remediating or raising relevant risks.
Your new role
- Lead security assurance, assessments, advisory for IT and Business projects (Cloud and On-prem) within EO and globally against the NIST 800-53 cyber security standard and compliance framework.
- Partner with the security architecture and other relevant teams to define security patterns and ensure that appropriate security controls are embedded within solutions.
- Develop non-functional security requirements and provide directions on how they should be integrated into solution designs.
- Carry out security risk assessments and provide the appropriate mitigation to identified risks.
- Collaborate, guide and influence IT and Business stakeholders in correcting non-compliant processes.
- Assist and contribute to strategic global, and regional security projects and initiatives and their deployment within EO and Global security teams.
About you
Security and Risk Expertise- Demonstrable experience applying security and risk-based standards, including ISO 2700X, ISO 31000, NIST 800, and PCI-DSS.
- Strong understanding of how to identify security weaknesses and take accountability for driving mitigations through to a secure outcome.
- Experience working across in-house and outsourced service models, multiple time zones, and multicultural environments.
- Able to work independently while seeking support when needed.
- Financial services experience would be advantageous with awareness of APRA, PRA, FCA.
- Certified Information Systems Security Professional (CISSP)
- Sherwood Applied Business Security Architecture (SABSA) or equivalent, highly regarded.
- Certified Cloud Security Professional (CCSP) or equivalent
- Certified Risk and Information Systems Controls (CRISC)
- Other security certifications such as Certified Information Security Manager (CISM)
Benefits
- 30 days holiday a year with the option to buy up to 2 additional days.
- Flexible working - balancing work and life is important, so our flexible working opportunities are open to all, this can include part-time, job share and compressed hours.
- Pension – you are automatically enrolled into the QBE pension plan, which entitles you to receive employer contributions of 10% of your basic salary.
- Client Counseling
- Commercial Acumen
- Conflict Management
- Critical Thinking
- Customer Service
- Cybersecurity
- Cyber Security Governance
- Cyber Security Management
- Information Security
- Information Security Risk Management
- Intentional collaboration
- Managing performance
- Problem Solving
- Quality Control (QC)
- Risk Management
Application Close Date: 17/07/2026 11:59 PM
Equal Employment Opportunity
QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.