Location: UK
Salary: £53,608.48 – 60,307.66 dependant on experience
Hours: Full Time, 35 hours per week
Key Responsibilities
- Lead Cyber Security Strategy & Oversight across MSI UK.
- Governance, Risk & Compliance: Ensure adherence to DSPT, CAF, CE+, ISO 27001, GDPR/DPA.
- Security by Design: Support secure architecture, systems design, and resilience planning.
- Incident Response: Act as primary escalation point; lead investigations and remediation.
- Policy & Process: Develop and enforce security policies and technical controls.
- Threat & Vulnerability Management: Monitor, identify, and oversee remediation of risks.
- Identity & Access Management: Ensure strong authentication and least‑privilege access.
- AI Governance: Support safe, compliant adoption of AI technologies.
- Third‑Party Risk: Assess and manage vendor and SaaS provider security.
- Security Awareness: Deliver training and promote a strong security culture.
- Reporting: Provide clear updates on risks, incidents, and improvements to leadership.
Skills & Experience
- 5+ years in cyber security with leadership or ownership of security functions.
- Strong knowledge of network, application, cloud (AWS/Azure), and endpoint security.
- Hands‑on experience with SIEM (e.g., Arctic Wolf), Fortinet firewalls, Nessus, and vulnerability remediation.
- Experience working with SOC teams and supplier security assessments.
- Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001.
- Understanding of healthcare data protection, ideally NHS/UK standards.
- Strong incident response, analytical, and problem‑solving skills.
- Knowledge of AI/ML risks and AI governance.
- Experience with phishing campaigns, penetration testing, and remediation.
- Excellent communication skills across technical and senior stakeholder groups.
- Organised, proactive, and committed to continuous learning.
