Information Security Senior Engineer in Coventry

To lead the organisation’s security assurance and standards capability. The role ensures that security controls are evidence‑led, audit‑ready and credible for customers and defence work, including Cyber Essentials Plus, IASME Defence Cyber Certification (DCC) and MoD supply‑chain requirements. The post holder will also strengthen network security capability across the function. To support the creation of security related policy, aligned with regulatory adherence, and assure the technical aspects of information protection and compliance.

Key Responsibilities

• Own the interpretation and day‑to‑day operation of relevant standards and assurance frameworks (Defence, CE/CE+).
• Maintain an evidence library and control narratives suitable for customer audits and formal assessments.
• Lead responses to customer security audit requests and new business Security Assurance Questionnaires (SAQs), working closely with technical colleagues.
• Strengthen the organisation’s network security assurance capability: challenge designs, validate controls, and support secure integration into enterprise facilities.
• Coordinate internal assurance activities supporting annual Cyber Essentials Plus including readiness reviews, remediation tracking and evidence pack quality.
• Support incident response governance: ensure playbooks, communications templates and post‑incident learning are maintained.
• Contribute to the cyber security communications channel: support awareness campaigns, targeted briefings and lessons‑learned messaging.
• Support the maintenance of ITSM, and address security governance and design related tickets.
• Play an active role in maintaining & contributing to Security related Dev Ops.

Working relationships

• Head of IT Security: Deputyship, assurance alignment, risk input and external engagement.
• Senior Security Engineer: Validate technical controls and network security posture; translate standards into practical implementation.
• Cyber Security Analyst: Draw on operational evidence for audits/SAQs; ensure detection/response metrics support assurance claims.
• Head of Infrastructure / Infrastructure team: Security decision and design support.
• Close relationship with technicians delivering network and classification services.
• Wider Digital Services and business stakeholders: influence secure practice in a hybrid/WFH environment.

Essential Experience And Skills

• Proven experience in information security assurance, governance or audit‑facing security roles.
• Strong understanding of network security principles and the ability to challenge and validate technical designs.
• Led enterprise classification approach, technically and assured.
• Demonstrable experience supporting customer audits and completing security questionnaires & bid assurance responses.
• Ability to produce clear, evidence‑led documentation that stands up to scrutiny.
• Strong influencing and communication skills.
• Self‑starting approach with high ownership.

Desirable

• Experience with defence supply‑chain cyber requirements (CSMv4/DefStan 05‑138).
• Familiarity with Microsoft security and Fortinet security services.
• Relevant professional certifications (e.g., CISSP, CISM, ISO 27001 lead implementer/auditor).

Personal attributes

• Credible, calm and pragmatic; comfortable being visible to customers and auditors.
• Confident communicator who can influence behaviour and standards adherence across the business.
• Organised and methodical, with a bias for evidence and measurable outcomes.
• Able to work autonomously and prioritise effectively without close supervision.

Reference Checks and Security Checks (where applicable)

Due to the nature of our business, all employment is subject to satisfactory references being obtained alongside a level of security clearance checks.