Information Security Engineer in London

Location: London/Hybrid

Hours: 40 hours per week

Contract: Permanent - Salaried

At Merlin Entertainments, our purpose is simple but powerful: to bring joy, create connections and make memories. Merlin is embarking on an exciting Digital and Data Transformation focused on enhancing the end-to-end guest journey in our attractions. As we continue our ambitious global transformation journey, technology plays a critical role in enabling sustainable growth and unforgettable guest experiences across our iconic destinations.

As an Information Security Engineer at Merlin Entertainments, you will play a critical role in safeguarding our global IT infrastructure, networks, and sensitive data. Reporting to the Information Security Manager, you will design, implement, and maintain robust security controls to protect against cyber threats, ensuring the confidentiality, integrity, and availability of our systems. This is an exciting opportunity to contribute to the security of a dynamic, guest-focused entertainment company with a diverse digital footprint, including ticketing platforms, guest data management, and operational technologies across theme parks and attractions.

• Design, implement, and manage security solutions, including firewalls, intrusion detection/prevention systems, endpoint protection, and vulnerability management tools.
• Conduct regular security assessments, penetration testing, and vulnerability scans to identify and remediate risks in networks, applications, and cloud environments.
• Monitor systems for security incidents, investigate breaches, and lead response efforts in collaboration with the IT team.
• Develop and maintain security policies, standards, and procedures in line with industry best practices and compliance requirements (e.g., GDPR, PCI DSS, ISO 27001).
• Collaborate with cross-functional teams (IT, Operations, Development) to integrate security into new projects, system changes, and digital transformations.
• Perform threat modelling and risk assessments for emerging technologies and attraction-related systems.
• Stay up to date with the latest cyber threats, vulnerabilities, and security trends, providing recommendations to enhance our defences.
• Support security awareness training and educate staff on best practices.
• Participate in incident response planning, audits, and compliance reporting.

• Work closely with apps, data and DevOps teams to ensure that services and solutions meet the requirements of data integration, processing, and analytics workloads.
• Liaise with third-party vendors and managed service providers for escalations and issue resolution.

• Follow and enforce access control and identity management policies across platforms.

• Communicate clearly with internal stakeholders about planned maintenance, service issues, and enhancements.
• Provide documentation and contribute to knowledge bases for operational support and onboarding.

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• 3+ years of experience in information security engineering or a similar role.
• Strong technical knowledge of security tools and technologies (e.g., SIEM, firewalls, IDS/IPS, endpoint security, encryption).
• Experience with cloud security (e.g., AWS, Azure), network security, and vulnerability management.
• Relevant certifications such as CISSP, CompTIA Security+, CEH, or equivalent are highly desirable.
• Excellent problem-solving skills with the ability to analyse complex security issues and implement effective solutions.
• Strong communication skills to collaborate with technical and non-technical stakeholders.
• Ability to work in a fast-paced environment and manage multiple priorities.
• Passion for entertainment and a commitment to protecting guest experiences through secure systems.
• Organisational and project management skills, with a focus on delivering high-quality outcomes.
• Adaptability and a growth mindset, with a willingness to embrace new technologies and methodologies.

• ‘Enjoy the Ride’ Merlin Annual Passes – 6 in total per year, 1 for you, plus 5 to gift to loved ones!
• Merlin Magic Pass – 20 free tickets for you, your family and friends to enjoy all our Merlin Attractions across the world rising to 40 after a year's service.
• 33 days holiday.