Cyber Security Engineer

This Cyber Security Engineer role sits within the Information Security function and focuses on designing, implementing, and continuously improving security controls across infrastructure, applications, and cloud environments. You will lead cyber security project deliverables, maintain and enhance existing cyber tools, and roll out new features and capabilities across banking and securities businesses under a dual-hat arrangement. Operating with equal authority across both entities, you will make independent, risk‑based decisions aligned to a shared governance framework, working closely with engineering and operations teams to embed robust security into all technology solutions.

Responsibilities

• Design, implement, and enhance enterprise security solutions across cloud, network, and endpoint environments.
• Lead security architecture reviews to ensure solutions align with security standards, regulatory expectations, and business requirements.
• Develop, operate, and maintain security monitoring, detection, and response capabilities to protect infrastructure, applications, and cloud services.
• Automate security processes wherever possible to improve efficiency, consistency, and responsiveness.
• Support and participate in incident response investigations, contributing technical analysis and remediation guidance.
• Collaborate with cross‑functional engineering teams to integrate security controls and best practices into products and services being rolled out across the organisation.
• Ensure compliance with relevant industry standards, internal policies, and security best practices across all security initiatives.
• Support the organisation's transition to a Zero Trust Architecture, contributing to design, planning, and implementation activities.
• Maintain and enhance enterprise security tooling, ensuring tools remain up to date, properly configured, and effectively used.
• Contribute to the design and implementation of security controls that support risk mitigation across infrastructure, applications, and cloud environments.
• Mentor junior team members, providing guidance, knowledge sharing, and support for their professional development.
• Contribute to the security strategy and roadmap, providing input based on risk, emerging threats, and technology trends.
• Write and maintain IT documentation, including security standards, procedures, and guidelines.
• Balance technical, business, and regulatory priorities when making security decisions, ensuring pragmatic and risk‑based outcomes.
• Manage multiple priorities and deliverables in a complex environment with high levels of responsibility and ambiguity.
• Apply strong risk and control understanding to assess, design, and implement effective security measures.
• Engage with stakeholders across technology and the wider business to explain security risks, controls, and decisions clearly.
• Operate with urgency when required, prioritising work effectively to meet tight deadlines and demanding situations.

Essential Skills

• Proven experience operating in complex environments, managing multiple priorities with ambiguity and high levels of responsibility.
• Strong background in cyber security assurance across technologies, policies, standards, and procedures.
• Broad expertise across key IT security domains, including Security Governance, Identity and Access Management, Access Controls, Threat Intelligence, Asset Management, Risk Management, Security Assessment and Testing, Security Incident Management, and Vulnerability and Patch Management.
• Experience working in cloud‑native or hybrid environments, with good knowledge of cloud security concepts and controls.
• Hands‑on experience with enterprise security tooling, such as security monitoring, endpoint protection, and related platforms.
• Experience collaborating with cross‑functional engineering teams to embed security into systems and services.
• Strong strategic and analytical thinking skills, with the ability to interpret complex technical and business information.
• Knowledge of Zero Trust Architecture principles and their practical application.
• Familiarity with compliance frameworks relevant to technology and information security.
• Good knowledge of network, endpoint, and cloud environments, including how they interoperate and are secured.
• Excellent communication and stakeholder management skills, with the ability to explain technical issues to non‑technical audiences.
• Proven ability to balance technical, business, and regulatory priorities when designing and implementing security controls.
• Collaborative, pragmatic, and outcomes‑driven leadership style, with the ability to influence without direct authority.
• Demonstrated experience in risk and controls, including the design and assessment of control effectiveness.
• Experience in writing and maintaining IT documentation, such as security standards, procedures, and guidelines.
• Understanding of strategic business and IT issues impacting financial services environments.
• Strong understanding of risk and its application across technology and the wider business.
• Results‑driven approach with a strong sense of accountability for outcomes.
• Proactive and motivated mindset, with the ability to identify and drive improvements.
• Ability to operate with urgency and prioritise work effectively in dynamic situations.
• Strong decision‑making skills with sound judgement, particularly in risk‑based decision‑making.
• Structured and logical approach to problem‑solving, with the ability to break down complex issues.
• Creative and innovative mindset, able to propose new ideas and approaches to security challenges.
• Excellent interpersonal skills, with the ability to build strong working relationships across teams.
• Ability to manage large workloads and tight deadlines while maintaining quality.
• High attention to detail and the ability to perform well under pressure in demanding environments.

Additional Skills & Qualifications

• Experience working within financial services or similarly regulated environments.
• Exposure to designing or supporting Zero Trust Architecture implementations.
• Experience contributing to security strategy and roadmap planning.
• Background in integrating security controls into modern engineering practices and tooling.
• Familiarity with a range of security, cyber security, and cloud technologies and platforms.

Location: London, UK