Cyber Security Lead in City of London

Our client, one of the UKs biggest producers of ZERO CARBON energy, is seeking an experienced and confident Cyber Security Lead to provide strategic assurance, governance, and technical leadership across their cyber security programmes.

About the Role

This position sits at the heart of protecting critical infrastructure and ensuring the secure deployment, operation, and evolution of enterprise cyber capabilities across both physical and virtual estates. You will lead assurance activities across a diverse technology landscape including endpoints, virtual infrastructure, SaaS platforms, mobile devices, meeting room systems, and access control technologies. Working within a highly regulated environment, you will help shape cyber governance, ensure alignment with industry frameworks, and reduce organisational risk across a rapidly evolving threat landscape. This is a high-impact role where effective cyber assurance and governance directly influence operational resilience, regulatory compliance, and multi-million-pound programme outcomes.

Key Responsibilities

• Lead cyber assurance activities across deployed and planned cyber infrastructure and endpoint environments.
• Provide assurance over cyber configurations, security controls, access management, risks, and mitigations.
• Define and implement second-line assurance processes, reporting, and governance approaches.
• Ensure alignment with cyber security frameworks and standards including ISO27001, NIST, CIS, GDPR, and Cyber Essentials Plus.
• Act as an Intelligent Customer (IC) for cyber security requirements delivered by third parties and suppliers.
• Review, challenge, and approve supplier security designs and technical solutions.
• Establish and maintain secure operational processes across enterprise and SaaS environments.
• Ensure cyber risks are identified, logged, managed, and mitigated through appropriate governance mechanisms.
• Produce meaningful dashboards, reporting, and assurance evidence for security and leadership teams.
• Support vulnerability management, penetration testing activities, and baseline compliance assurance.
• Advise stakeholders on modern cyber tooling and security capabilities, particularly within Microsoft security ecosystems.
• Evaluate emerging cyber threats and vulnerabilities, recommending improvements to policies, controls, and attack surface reduction strategies.
• Collaborate with internal security teams, alliances, partners, and regulatory stakeholders within a dynamic project environment.

Essential Skills & Experience

• Strong experience in cyber security assurance, governance, and deployed control validation.
• Recognised cyber security certifications or established industry credentials.
• Good working knowledge of: ISO27001, NIST, CIS Controls, GDPR, Cyber Essentials Plus.
• Familiarity with risk assessment methodologies including ISO27005 and NIST frameworks.
• Experience with Microsoft security technologies including: Microsoft Defender, Defender for Cloud, Microsoft Purview, Microsoft Intune.
• Device deployment and management, endpoint patching and baseline assurance, conditional access and isolation controls, reporting and dashboard development.
• Knowledge of vulnerability management and penetration testing processes.
• Aware of NCSC and NPSA guidance and cyber frameworks.
• Strong stakeholder engagement and communication skills.
• Ability to operate effectively within complex and fast-paced environments.
• Excellent written and verbal communication skills.
• Eligible to obtain UK SC Clearance.

Desirable Experience

• Experience within the UK nuclear sector or other highly regulated industries.
• Experience working within complex project or programme delivery environments.
• Familiarity with formal change control and governance processes.
• Strong technical documentation and report writing capability.

Why Apply?

• Work on nationally significant critical infrastructure programmes.
• Influence cyber security strategy and assurance within a highly regulated environment.
• Collaborate with industry-leading security professionals and stakeholders.
• Opportunity to shape the future cyber posture of a major enterprise environment.
• Competitive salary and benefits package with long-term career progression opportunities.