About the area
The Cybersecurity UK & CE team are responsible for the implementation, maintenance and improvement of the CIB Corporate Security programme in the UK and CE geographies. As part of the fast-growing CIB Engineering UK & CE Team, we work closely and cross-functionally with our colleagues to deliver exceptional value to the business.
Key Responsibilities
Security Operations Support:
* Assist in the application and assurance of endpoint and infrastructure security controls.
* Coordinate with the CERT CIB for incident triage and escalation.
* Support local investigation activities and contribute to evidence gathering where required.
* Validate that monitoring and logging configurations meet corporate expectations.
* Contribute to the improvement of alerting, detection coverage, and control effectiveness.
Security Engineering & Architecture Alignment:
* Provide technical input during system changes and infrastructure projects to ensure alignment with global security standards.
* Support the rollout of security hardening measures and configuration baselines.
* Ensure new technologies adopted in the region meet required control requirements and risk expectations.
* Collaborate with Head Office engineering and architecture teams to address technical risks and propose improvements.
Project Delivery & Security Change Implementation:
* Coordinate regional implementation of global security initiatives and tooling.
* Track progress, risks, dependencies, and follow-up actions across local and global teams.
* Work with IT and business stakeholders to ensure smooth adoption of new controls or processes.
* Produce clear communication on status, risks, and required actions.
Compliance, Governance & Reporting:
* Translate global security policies into practical requirements for local teams.
* Support audits by preparing technical evidence and verifying control implementation.
* Contribute data and insights to KPIs, KRIs, and regional reporting.
* Ensure documentation relating to controls and operational processes remains up to date.
Training & Awareness:
* Deliver targeted guidance to IT teams on secure configuration, monitoring expectations, and control usage.
* Support wider awareness initiatives in collaboration with Corporate Security.
What are we looking for?
Experience:
* Approx. 5+ years in cybersecurity engineering, SecOps, infrastructure security, or related technical roles.
* Experience in enterprise or regulated environments is advantageous.
Technical Skills:
* Broad understanding of endpoint, infrastructure, and monitoring controls.
* Ability to interpret security telemetry and assess whether controls are functioning effectively.
* Familiarity with security hardening principles, detection logic, and log management.
* Exposure to cloud or hybrid environments is beneficial but not required — willingness to learn is essential.
Professional Skills:
* Strong coordination and stakeholder management abilities.
* Confidence engaging with technical teams, vendors, and senior stakeholders.
* Clear communication skills, translating technical risks into business-relevant actions.
* Proactive, organised, and comfortable driving follow-up activities.
* Analytical mindset and a willingness to learn new technologies.
Qualifications:
* A degree in a STEM discipline.
* Relevant certifications (e.g., GIAC, CISSP, or equivalents) are benefici al but not mandatory.
* English proficiency required. Spanish capability is a plus.