Seeking a Senior Cyber Security Specialist for a permanent role in Bristol. The role will be responsible for critical activities across a broad range of domains. The Senior Cyber Security Specialist will operate across Cyber Operations and GRC, ensuring UK-specific compliance and security resilience.
Role:
* Security Incidents: Oversee incident management and response, including root cause analysis, impact assessment, and post-incident reviews.
* Threat Management: Develop and refine threat intelligence, threat hunting capabilities, and prevention/detection measures.
* Security Technologies: Configure, maintain, and optimise security platforms (SIEM/XDR, EDR, vulnerability management, Secure Email Gateway, Application Allowlisting etc.)
* Security Controls: Implement and maintain security controls, continuously improving detection, prevention, and remediation.
* Vendor Risk & Audit: Conduct vendor risk assessments, support internal and external audits (e.g. Cyber Essentials, ISO27001), and manage remediation actions.
* Cyber Security Program: Support the execution of the UK Cyber Security Program, contributing to the implementation of key security initiatives and enhancements aligned with UK business and regulatory requirements.
* Governance, Risk, and Compliance: Support compliance efforts related to UK cyber security regulations, including UK GDPR, Cyber Essentials, and any industry-specific security requirements.
Skills and Experience:
* 5–7 years' experience in security operations, engineering, or cyber threat management.
* Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls, and network security.
* Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials).
* Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing.
* Experience in risk management, vendor security assessments, and compliance.
* Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and GDPR.
* Ability to support internal/external audits and drive remediation efforts.