Cybersecurity Remediation Specialist in Macclesfield

Do you excel at turning complex security findings into scalable fixes that measurably reduce risk? Are you ready to orchestrate multi‑team remediation that protects critical platforms and accelerates the delivery of life‑changing medicines to patients? In this role, you will be the connective tissue between penetration testing outputs, domain experts, and governance decision‑makers. You will dissect vulnerabilities to uncover true root causes, translate them into practical remediation plans, and drive them to closure. Your work will directly strengthen the resilience of the technology our scientists and colleagues rely on every day, enabling the business to move faster without compromising safety. You will thrive at the intersection of analysis, execution, and communication‑working across networks, cloud, applications, infrastructure, and SaaS to land security‑by‑default outcomes. This is a hands‑on, outcomes‑focused role where progress is visible in dashboards, reduced risk curves, and fewer repeat findings.

Responsibilities

• Findings Analysis and Root Cause: Review penetration test and assessment findings, break down vulnerabilities to underlying control and process gaps, and identify the most effective remediation steps for each issue.
• Cross‑Domain SME Collaboration: Partner with experts across network, development, infrastructure, applications, cloud, SaaS, and security to co‑design and implement remediation solutions that land and scale.
• Remediation Solutioning and Deployment: Translate analysis into practical changes across configurations, code, and controls; align with organizational security requirements and best practices; drive remediation to closure.
• Governance Alignment and Exceptions: Map remediation plans to enterprise frameworks and guardrails; prepare decision records and exception rationales; support review boards to achieve secure‑by‑default outcomes.
• Risk‑Based Decisions and Communication: Recommend pragmatic remediations that balance security, usability, performance, and effort; quantify risk reduction and residual risk; tailor strategies and status updates for technical and non‑technical audiences, including senior leaders.
• Reporting and Transparency: Produce dashboards and executive summaries showing progress, blockers, and shifts in risk posture; drive cross‑functional visibility and timely decision‑making.
• Scale and Continuous Improvement: Convert recurring patterns into standards, playbooks, and runbooks to accelerate future remediation and reduce repeat findings.
• Security gap analysis and remediation solutioning: Demonstrated technical depth to interpret complex findings, identify root causes across controls and processes, and translate them into well‑designed remediation solutions.
• Identity, network, endpoint, and infrastructure remediation: Strong command of cross‑domain controls and common misconfigurations across IAM, network/segmentation and secure remote access, endpoint/server hardening and vulnerability management, and core cloud/on‑prem infrastructure.
• Cross‑domain control familiarity: Working knowledge of common issues and fixes across cloud platforms, Kubernetes/containers, SaaS, endpoints, servers, networks, and OT/IoT to partner effectively with SMEs.
• Relevant certifications: CISSP, CISM, CCSP, SABSA, TOGAF, AZ‑500, AWS Security Specialty.
• Remediation playbook development: Experience converting findings into stepwise remediation plans, standards updates, and operational runbooks executable at scale.
• Tooling for remediation: Familiarity with CNAPP/container security, EDR/XDR, SIEM/SOAR, API gateways/WAF, cloud posture management, configuration baselining, and enterprise SaaS administration to operationalize corrective actions.
• API and application issue mitigation: Understanding of OAuth2/OIDC, mTLS, token lifecycles, rate limiting, schema validation, WAF/gateway policies, and abuse detection to specify corrective steps.
• Program execution: Demonstrated orchestration of multi‑team remediation efforts, managing backlogs, SLAs, and dependencies to deliver outcomes amid competing priorities.
• Executive and technical communication: Ability to present options, constraints, and risks to senior leaders and SMEs; facilitate decisions and tailor messaging for executive, product, and engineering audiences.
• Insight to GRC and regulatory frameworks: ISO 27001/27002, NIST CSF/800‑53/800‑207, SOC 2, HIPAA, GDPR; control mapping, shared responsibility in cloud, and compliance/risk reporting.
• AI security and governance familiarity: data/model provenance, prompt‑injection defenses, output validation, privacy/PII safeguards, usage guardrails.
• Identity, Zero Trust, and PAM: Enterprise strategies for identity/federation, conditional access, continuous verification, privileged access, session/credential management, workload identities, and segmentation.
• Experience mapping attack chains: Ability to quantify risk reduction.
• Knowledge of legacy‑to‑modern migrations: hybrid identity, network segmentation, VDI/Citrix hardening and deprecation strategies for insecure configurations.
• Exposure to DevSecOps and automation: Policy‑as‑code, IaC/container scanning, golden pipelines, preventative guardrails, drift detection, and detections‑as‑code.