Information Assurance Technical Security Specialist
Join Thales UK as an Information Assurance / Technical Security Specialist to provide technical security advice and guidance on secure through‑life management of systems that use, process, store and transmit Thales information or data.
Reporting to the Deputy CISO, you will identify technical security requirements, implement cost‑effective controls and ensure through‑life continual security assurance across design, implementation, transition and operation of Thales IS environments.
What can we offer you?
* Competitive salary and bonus
* Half day every Friday (finishing around 13:00)
* Hybrid working model
* Pension scheme
* 28 days annual leave (plus bank holidays)
* Life cover and 24/7 employee assistance program
* Employee discounts on major brands and retailers
* Gym membership discounts
What will you deliver?
* Implement and enhance IS/IT technical security measures; deliver ongoing through‑life assurance and compliance programs.
* Act as the central point of contact for all technical security matters; support delivery teams and businesses throughout project lifecycles.
* Conduct security reviews of changes; manage risks, impacts and mitigations appropriately.
* Provide security guidance for secure deployment and use of Thales public cloud infrastructure and SaaS services (e.g., Azure).
* Ensure compliance with government policies (Cyber Essentials, DefStan 05‑138, UK GDPR, NCSC guidelines) and contractual frameworks.
* Maintain and review technical security documentation, policies and procedures for Thales IS/IT networks, systems and applications.
* Report, investigate and analyse security incidents and breaches; collaborate with the Incident management team to resolve issues quickly.
* Engage squads to embed data protection and security into new and existing IS/IT initiatives.
* Coordinate technical risk and compliance assessments; recommend remedial action where required.
* Assure and deliver secure delivery of Code of Connections (CoCos), cryptographic products and key material.
* Commit to continuous learning and develop less experienced staff.
Who are we looking for?
* Demonstrable experience of applying security principles within an agile delivery framework.
* Expertise in the evaluation and implementation of technical security products and solutions for public or private sector organisations.
* Experience in identifying, assessing and managing technical security risks; developing mitigation strategies; tracking residual risk.
* Knowledge of ISO 27001, Def‑Stan 05‑138, NIST SP 800‑*, NIST CSF and other security standards.
* Experience developing security assurance frameworks and governance models.
* Analytical skill to assess security implications of new and existing systems and recommend mitigations.
* Strong communication skills – explain technical security concepts verbally and in writing to all levels.
* Full understanding of security across the full stack (network, infrastructure, applications) for on‑premises and cloud‑hosted environments (Azure, AWS, Oracle, SaaS).
* Qualification: MSc (InfoSec), CISSP, CISM or equivalent CS credential.
Desirable
* Experience with Azure Stack security products.
* Current Cloud Security qualification (CCSK, CCSP).
* Knowledge of Office 365 security stack.
* Qualifications: AZ‑500, CCSP, CISSP, SABSA.
Security Clearance
This role requires SC Clearance. If you do not already hold clearance, you must undergo, achieve and maintain SC clearance during employment. SC clearance requires residence in the UK for the last 5 years (or 3 years in certain circumstances). For further details see the UKSV website and National Security Vetting Agency.
#J-18808-Ljbffr