Security Specialist in Manchester

Salary: From £50,000 per annum (negotiable based on experience) + comprehensive benefits package

Jisc grade: TCY3

Job Type: Permanent

Hours: 35 hours per week

Reports into: Lead security specialist

Working style: Hybrid - A blend of working from home and your nominated hub office. We have hubs located in London, Bristol, Manchester and Oxford.

For 30 years Jisc has pioneered digital solutions for UK education and research, transforming how knowledge is created, shared and used. We are uniquely positioned to protect, promote and lead the sector in digital and data transformation, making a difference to students, communities and society. Together, we are working to build a better digital future for education and research.

The role: Join our dynamic Security Team within Group CTO, where we safeguard UK Education and Research from a broad spectrum of cyber threats and help our members strengthen their digital resilience. Our services span Protective (CSIRT, CTI, DDoS defence), Professional (Pen Testing, Cyber Security Assessment, Cyber Essentials certification), and Product teams (management, design, lifecycle). Our Architecture and Engineering team delivers critical infrastructure, including DNS and network time services. We launched our Security Operations Centre (SOC) in early 2025, offering SIEM, 24/7 monitoring, and endpoint detection and response. You will work to deliver assurance services to our members (UK colleges and universities), customers, and internally. In addition, you will liaise with security teams (including pen testing, cyber threat intelligence, and SOC) to enhance the quality of assurance services provided.

This position requires the successful candidate to undergo enhanced background screening checks, which include but is not limited to, Basic / Enhanced UK criminal record check, Credit check, international fraud and sanctions.

What you’ll be doing:

• Cyber Security Assessment work remotely or at member sites as necessary.
• Prepare and quality assure high quality reports for senior management and technical audiences.
• Enhance and develop best practice cyber security guidance for the educational sector and cyber department.
• Contribute to the promotion of cyber security best practices through the Jisc cyber security community, security conferences, and other relevant channels.
• Provide guidance on prioritising actions and remediations to meet risk, regulatory and compliance objectives.
• Provide appropriate briefings to a range of different management and leadership audiences, simplifying complex security data and provide guidance on suitable detection, prevention, protection and recovery methods.
• Enhancing your expertise by committing to continuing professional development and achieving relevant certifications.
• Supporting the delivery of Cyber Essentials certifications.

What we are looking for:

• Demonstrable experience in a Security Specialist / Security IT Operations / Penetration Testing or Cloud Security role.
• At least one of the following professional certifications: CISSP, CCSP, CRISC, CGEIT (or relevant penetration testing certifications).
• Experience and understanding of the requirements of working within ISO9001, ISO27001, CREST or similar environments.
• Familiarity and/or experience of working with CIS, NIST or CAF security frameworks.
• Proven experience of operating a range of industry standard tools for vulnerability scanning.
• Understanding and practical application of information security principles.
• Experience of producing high quality deliverables working alone and as part of a team.
• A high level of competence in effective use of productivity applications to produce high quality deliverables to meet tight timescales.

We know that sometimes people can be put off applying for a job if they think they can’t tick every box, so we encourage you to apply even if you do not meet 100% of the requirements, but if you feel this role is perfect for you. You may be just the right candidate for this or other roles!

Specific patterns for working in the office are not mandated, and the frequency of time worked in the office is agreed with your manager. Meeting in person is something we value, so you may need to travel on occasion to any of our hub offices.

Why work for us? At Jisc, every role is meaningful, and every individual is valued. We foster a culture of continuous learning and personal growth, offering opportunities to develop new skills and make a real impact in education and research. With a strong focus on work-life balance, we embrace flexible working that prioritises outcomes over hours, empowering you to create a rhythm that energises both your professional and personal life. Jisc’s culture is powered by our four guiding principles: putting customers first, driving innovation, creating impact, and championing inclusive collaboration to deliver sustainable outcomes and shape a better future.

Discover the amazing benefits we provide! Here’s what you can look forward to:

• Flexible work pattern, which can adapt to suit your schedules and personal commitments.
• 31 days annual leave (plus bank holidays) that includes three closure days over Christmas.
• Buy up to an additional 5 days leave during the flexible benefits window.
• A range of wellbeing lifestyle benefits including company paid health care cash plan, mental health first aiders and support.
• A company culture of continuous learning with access to thousands of LinkedIn Learning courses, and lots of resources and opportunities to support your development.
• Allocated allowance of up to £250 to equip your home office.
• Financial well-being support including access to preferential loan and savings plans, mortgage advice, will writing tools and support and resources to help you make the most of your money.
• A wide range of discounts and cashback from retailers and big-name high-street stores.
• Family friendly policies including enhanced parental, maternity and paternity and co-parental leave as well as opportunity for career breaks.
• Support your volunteering with up to 3 days volunteer leave.

Equity, diversity and inclusion: Jisc believe our people make all the difference in cultivating an inclusive culture that welcomes ideas, encourages innovation, and values belonging. We work hard to create an equitable experience for our candidates and workforce which embraces all aspects of their identity including race and ethnicity, religion and belief, sex, gender identity, sexual orientation, trans identities, age, class, disability, neurodivergence, or veteran status.

Application process: Please let us know how we can best accommodate you throughout the recruitment process. We’re committed to making our process accessible and comfortable for everyone - just tell us what works best for you. Just so you know, we review CVs as soon as we can and aim to provide an update on your application within 4 weeks of receiving it. However, you may hear from us a lot sooner, so please keep an eye out for our emails or calls! We’re really looking forward to getting to know the real you.

While we encourage the use of AI tools to help you get started on your CV or cover letter, we encourage you to review your application before submitting. Make sure it truly reflects your own voice, experiences, and personality.

If you are currently a Jisc employee, please apply through your Dayforce Employee profile. We have a thorough background screening process that verifies the details you share with us in your CV and your application. Any inaccurate information supplied during the application stages can lead to a job offer being withdrawn.

Sponsorship: Jisc has an active sponsor licence to recruit on a Skilled worker visa basis. Candidates wishing to apply who require sponsorship should determine the likelihood of obtaining a Certificate of Sponsorship for the role by assessing their circumstances against the relevant Home Office criteria. Jisc does not offer any financial re-imbursement towards the applicant costs, such as re-location, skilled worker visa and dependant costs or the immigration health charge.