Description
Overview of the role
King's College London seeks an accomplished security professional with excellent hands-on technology skills to join its Cyber Security Team.
King's College London provides advanced research computing through platforms like CREATE, offering HPC, cloud, secure data environments, and expert support in software engineering and bioinformatics. These services underpin data-driven research across faculties including Natural, Mathematical & Engineering Sciences (NMES), Life Sciences & Medicine, and Psychiatry, Psychology & Neuroscience, enabling scalable and secure analysis in areas such as AI, health, and digital humanities.
King's College London is amongst the leading universities in the world, renowned for its research activities, associated faculties, and teaching hospitals.
The successful candidate will work directly with highly skilled infrastructure and software engineers across multiple faculties to support and improve internal and external security standards.
The role holder will require industry experience and/or practical exposure across a range of infrastructure and security domains, including but not limited to:
* Infrastructure as Code (IaC) security, including secure provisioning and policy enforcement
* DevSecOps practices, integrating security into CI/CD and automation workflows
* Secrets and Identity Management using tools such as HashiCorp Vault and OpenBao.
* Network Segmentation and Environment Isolation for secure multi-tenant architectures
* Configuration Management using tools like Ansible or Puppet for consistent system state enforcement
Evidence of use, administration and security hardening of Linux platforms is required, with competency in other operating systems desired.
Travel will be required for meetings and training (predominately between KSC and university campuses in London).
Accountabilities
* Working under the direction of the Head of Cyber Security & Cyber Security Development Manager to maintain strategic security direction and close working with the research community.
* Liaise closely with e-Research team to: develop and lead security incident response for e-Research infrastructure platforms (HPC, private/public cloud, storage). To operate and improve the security controls and tooling for those platforms. Support e-Research specific security exercises such as: penetration tests, red teaming, tabletop incidents.
* Develop and lead security incident response for researcher managed platforms in collaboration with e-Research colleagues.
* Responsible for knowledge dissemination relating to distributed IT infrastructure security within the broader KCL Cyber/IT community
* Identifying new opportunities for security improvements and supporting the researchers with technical aspects of compliance requirements including Cyber Essentials, NHS Digital Toolkit & ISO/IEC 27001:2005.
* Understand the university environment and the information risks that research systems and activities are subject to.
* Develop and improve cyber security services offerings specific to research.
* Identify and report systemic weaknesses in control effectiveness.
* Vulnerability Assessment & Management – accountable for leading upon and assisting with all elements of an ongoing management programme to regularly and formally identify key vulnerabilities, report upon them and advise colleagues as necessary on remediation activities. Keeping proactively up to date with current & emerging threats and exploits which may impact on the KCL environment.
* Assess the significance of security advice from the NCSC, JISC CSIRT or other sources to own area of responsibility and make appropriate recommendations.
* Manage compliance in area of responsibility with organisational commitments to Codes of Connection with partners.
* Represent e-Research and contribute to development of relevant IT security policy.
* Aid and assist the Cyber Security SOC as necessary with investigations into IT security and operational incidents.
* Availability to support critical incidents as required.
* Responsible for identifying opportunities to reduce environmental impact and implementing improvements.
* Responsible for responding to customer improvement activity.
Key Skills & Experience Required
(E) – Essential
(D) – Desirable
SFIA Responsibility Level 4
IISP Skill Levels:
A3 – Information Security Strategy
A4 – Innovation & Business Improvement
D2 – Security Testing
E1 – Secure Operations Management
E2 – Secure Ops & Service Delivery
E3 – Vulnerability Assessment
F1 – Incident Management
* Expert contemporary knowledge and hands on experience with a broad range of security technologies such as (but not limited to) firewalls, IPS/IDS, Protective Monitoring, (SIEM/SOAR) Vulnerability scanning, Endpoint protections. (E)
* Demonstrable experience working with Linux based systems and utilities (e.g. tcpdump, iptables, strace) (E)
* Demonstrable experience working with open-source virtualisation technologies (e.g. OpenStack, KVM, ProxMox VE) (E)
* Experience working with web technologies (e.g. Apache, NGINX, LAMP, JS) (E)
* Strong understanding of TCP/IP networking fundamentals (E)
* Software development experience in any high-level programming language (e.g. Python, Java), preferably in professional setting (E)
* Experience of automating repetitive tasks with code (E)
* Contemporary understanding and ability to interpret for KCL, industry recognised, vendor neutral security best practice from the likes of ISC2, CIS, NIST, CSA, NCSC. (E)
* Contemporary understanding and ability to interpret for KCL compliance requirements including Cyber Essentials, NHS Digital Toolkit & ISO/IEC 27001:2005 (E)
* Good understanding and experience of using IT to support research activity, ideally within a Higher Education environment (E)
* Knowledge of IoT devices (complexities/limitations etc) and IoT security, preferably in a research environment (D)
* Real world experience of managing or leading technical security assessments and design work (D)
* Appreciation of the contemporary opportunities, problems and issues facing the Higher Education sector (D)
* Bachelors/Masters degree in Computer Science (or industry equivalent experience) including computer/network security modules (D)
* Familiarity with modern systems administration methods and tooling (e.g. Puppet, Ansible, Git, CI/CD, ELK) (D)
* Work experience in a university or research focused institution with a highly heterogenous IT estate (D)
Employee Benefits
* Hybrid Working - Minimum of 5 days per month in the office
* 10% Performance related bonus
* 30 Days holiday and maximum of 8 public holidays (pro-rata)
* Sick pay
* 4 Discretionary Christmas Closure Days
* Contributory pension scheme
* Life Assurance cover
* Service time - 3 Volunteer days per year
* Free onsite parking & Bike racks
* Annual leave purchase scheme - up to a maximum of 10 days (subject to national minimum wage requirements)
* Student Discount (access to Totum, Unidays & Student Beans)
* CycleScheme
* TechScheme
* Opportunities for formal training and professional certification
* Free access to Linkedin Learning
* Free access to Future Learn short courses
* Potential for internal promotion and advancement
Equality, diversity & inclusion
We are an inclusive and welcoming employer that encourages a wide range of applicants. We embrace diversity and want everyone to be able to bring their whole selves to work and succeed.
This is in line with King's College London (KCL).
About King's Service Centre
King's Service Centre is home to an innovative and forward thinking service team supporting the services of King's College London University.
We've brought highly skilled career opportunities to Cornwall since 2015, through recruiting locally, investing in staff training and development, and Apprenticeships.
King's Service Centre provides first-line support to the 50,000 strong King's College London community of students, academics, researchers and professional staff – 24 hours a day, 7 days a week, 365 days a year.
Support provided includes;
* Estates & Facilities Service Desk
* IT Service Desk
* HR & Payroll Service Desk
* Residences Service Desk
* Student Service's Service Desk
* IT Technical support
* Business Operations
The roles available at King's Service Centre are varied, from Service Desk Analyst and Business Administrator, to Network Engineer or Project Manager.
For all our roles we are open to discussing the possibility of part time work, reduced hours, hybrid working and flexible start and finish times. Unfortunately, we cannot promise to agree to your original request, but we do promise not to judge you for asking and to consider the possibility.