Information Security Technical Lead

Information Security Technical Lead

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Asta Capital Limited

At a Glance

  • Tasks: Lead a team in driving Asta's information security programme and manage security incidents.
  • Company: Join Asta, a leader in innovative security solutions with a supportive culture.
  • Benefits: Enjoy flexible working, generous holidays, private medical insurance, and a competitive pension.
  • Other info: Opportunity for career growth and to work with top-tier clients in the industry.
  • Why this job: Make a real impact in cybersecurity while developing your skills in a dynamic environment.
  • Qualifications: 7+ years in cybersecurity with leadership experience and strong communication skills.

The predicted salary is between 60000 - 80000 £ per year.

The Information Security Tech Lead is responsible for owning and driving the end-to-end information security programme across Asta and its client base. This role is technical and leads a team of Engineers, providing authoritative security direction across PAM, EDR, SIEM, DLP, identity governance, vulnerability management and regulatory compliance.

Key Responsibilities

  • Security Leadership & Team Management
    • Lead a team of engineers, setting direction, managing workloads, and developing capability.
    • Act as the primary security escalation point across the Infrastructure function.
    • Own the InfoSec roadmap aligned to Asta’s IT transformation programme.
  • Infrastructure Security Engineering & Hardening
    • Implement and maintain security controls across infrastructure and systems.
    • Harden infrastructure by applying best practices for IAM, PIM, PAM encryption and network security.
    • Review and implement security tooling recommendations including AD hardening tools like Ping Castle and Semperis Lightening, as well as vendor solutions and systems.
    • Collaborate on implementing security controls into pipelines, including security scans, policy enforcement and dependency checking.
  • Security Monitoring & Incident Response
    • Monitor security alerts and events from SIEM, EDR, firewall, IDS/IPS and other security tools.
    • Triage and prioritise alerts based on severity and impact.
    • Investigate security incidents and suspicious activities using log analysis, packet captures and forensic techniques.
    • Lead containment, eradication and recovery during incidents.
    • Maintain alerting for security events and integrate with SIEM/SOAR platforms.
  • Security Strategy & Programme Delivery
    • Define, own and drive delivery of Asta’s end‑to‑end security programme spanning PAM, EDR, NDR, SIEM, penetration testing, DLP and compliance.
    • Translate regulatory obligations (FCA/PRA, Lloyd’s Principle 12, CBEST, ISO 27001, Cyber Essentials) into actionable technical controls and measurable outcomes.
  • Client Security Services
    • Provide security advisory and managed security services to 20+ syndicate and MGA clients including Carbon Underwriting, Dale Underwriting Partners and Beat Capital.
    • Conduct client security reviews, Secure Score assessments, Semperis/Entra evaluations and PAM deployment planning.
    • Act as the security escalation point for client‑facing incidents and assurance requests.
  • Threat Intelligence & Detection
    • Stay current with emerging threats, vulnerabilities, attack techniques and security trends.
    • Apply threat intelligence to improve detection capabilities, identify indicators of compromise and contribute to threat hunting activities and proactive monitoring.
  • Compliance & Documentation
    • Support compliance and audits for ISO 27001, NIST, SOC2, Lloyd’s Principle 12 and other standards.
    • Prepare incident reports, timelines, reviews and maintain event logs.
    • Contribute to security documentation, runbooks and standards.
    • Produce metrics and quarterly reports on security posture and incidents for senior management.
    • Coordinate Cyber Essentials certification and audits.
    • Handle security requests and data sharing from third parties.
  • Operational Resilience & Disaster Recovery
    • Support operational resilience and business continuity planning activities including scenario testing and disaster recovery exercises.
    • Participate in post‑incident reviews and implement lessons learned.
  • Phishing Campaign Management
    • Design, implement and manage simulated phishing campaigns to test and improve staff awareness of social engineering threats.
    • Analyse results, identify training needs and track metrics on phishing resilience and user security awareness.

Skills, Knowledge & Expertise

  • 7+ years of hands‑on experience, including at least 3–4 years in a lead, management or principal role in cybersecurity, combining security engineering, SOC operations or incident response within a regulated industry.
  • Demonstrable experience leading and developing a security team.
  • Confident communicator able to translate complex security risk into business language for C‑suite and board audiences.
  • Strong understanding of cybersecurity principles, attack vectors, defense strategies, OWASP Top 10 and the Mitre Attack framework.
  • Experience with cloud security (Azure/AWS), IAM, secrets management, encryption and certificate management.
  • Experience with the Microsoft 365 security suite including Microsoft Defender, Azure AD Identity Protection, threat analytics and security compliance tools.
  • Hands‑on experience with SIEM platforms such as Splunk, Crowdstrike Falcon, LogRhythm, Sentinel and Microsoft Defender.
  • Experience working with tools such as Varonis, Tenable, Pentera and external and internal SOC processes.

Job Benefits

  • At Asta, you’ll enjoy a market‑leading benefits package that puts your wellbeing, career development and financial future first.
  • We combine flexible working, strong family‑friendly policies and exceptional rewards to create a supportive, inclusive and high‑performing workplace.
  • Work‑life balance you can rely on: 35‑hour working week with hybrid and flexible working.
  • Generous holiday allowance that increases with service.
  • Your health & wellbeing covered: Private medical insurance with virtual GP access, annual health screening, dental cover and eye care, subsidised gym or sports club membership.
  • Support for you and your family: Enhanced maternity, paternity, adoption and shared parental pay.
  • Rewarding your contribution: Highly competitive pension with up to 13% employer contribution, life assurance and income protection, discretionary annual bonus scheme, interest‑free season ticket loan and salary sacrifice schemes.

Information Security Technical Lead employer: Asta Capital Limited

Asta is an exceptional employer, offering a dynamic work environment in London where innovation and security are at the forefront of our mission. With a strong focus on employee wellbeing, we provide a market-leading benefits package, including flexible working arrangements, comprehensive health coverage, and generous holiday allowances that promote a healthy work-life balance. Our commitment to professional growth ensures that team members have ample opportunities for development and advancement within a supportive and inclusive culture.

Asta Capital Limited

Contact Details:

Asta Capital Limited Recruitment Team

We think you need these skills to ace Information Security Technical Lead

Information Security Leadership
Team Management
Infrastructure Security Engineering
Security Controls Implementation
Security Monitoring
Incident Response
Regulatory Compliance