80 IT Security Specialist jobs in the United Kingdom

Internal use only - Grade D
About Us.
We are The Very Group and we're here to help families get more out of life. We know that our customers work hard for their families and have a lot to balance in their busy lives. That's why we combine amazing brands and products with flexible payment options on to help them say yes to the things they love. We're just as passionate about helping our people get more out of life too; building careers with real growth, a sense of purpose, belonging and wellbeing.

About The Role
The role of a Senior Security Specialist, reporting to the Head of Information Security, encompasses a broad range of responsibilities aimed at safeguarding the organisation's digital assets and ensuring compliance with security standards.

This position involves providing hands on security expertise to various business units, improving the overall security posture of the organisation by identifying and implementing security improvements to align with industry standards and ensuring adherence to security compliance requirements.

The Senior Security Specialist plays a crucial role in developing and implementing security strategies, policies, and procedures, while also collaborating with cross-functional teams to promote a culture of security awareness and best practices throughout the organisation.

Additionally, they support the Head of Information Security in leadership and strategic activities, contributing to the overall direction and vision of the security programme, and assisting in decision-making processes to enhance the organisation's security posture.

*Scope of Role *
This role impacts on all areas of the Group, including regulators, customers, employees, third parties and contractors. It involves being responsible for the implementation of new security defences and the operation of existing in accordance with best practices, company policy and regulatory requirements.

Key Responsibilities

• Safeguard the organisation's digital assets and ensuring compliance with security standards along with maintaining the security and integrity of the organisation's information systems.
• Works closely with different departments to understand their specific security needs and challenges. Ensuring that optimal security measures are implemented and aligned with the organisation's overall security strategy.
• Responsible for identifying areas of non-compliance across the group and using skills and expertise to realign any problem areas to improve security posture.
• Ensures that the environment is well prepared for security audits, working with internal teams to ensure a consistent base line approach to IT general controls is in place to facilitate and automated approach to audits.
• Ensures that access controls are effectively managed and that identity management processes are robust and secure.
• Implements and maintain security measures across cloud environments, ensuring alignment to best practices, improving the overall posture and ensuring compliance with relevant regulations.
• Supports the Head of Information Security in leadership and strategic activities. This involves contributing to the overall direction and vision of the security programme and assisting in decision-making processes to enhance the organisation's security posture.

The Senior Security Specialist provides strategic insights and recommendations based on their expertise and experience and works closely with the Head of Information Security to develop and implement long-term security plans. This requires strong analytical and strategic thinking skills, as well as the ability to influence and drive change at the executive level.

Essential Knowledge And Skills
Knowledge:

• A broad understanding of the Information Security industry, including UK regulations and compliance standards such as GDPR, ISO 27001, and PCI-DSS.
• In-depth knowledge of IDAM including authentication mechanisms, single sign-on (SSO), and multi-factor authentication (MFA).
• Familiarity with security measures for cloud platforms, particularly Oracle Cloud and Azure, Microsoft 365 (M365) Google Cloud and AWS.
• Understanding of securing end user devices and applications.
• Familiarity with the latest security threats, trends, and best practices.
• Understanding of agile methods of working and the Secure Software Development Lifecycle (SDLC).

Skills:

• Proven experience in IT security, with a focus on IAM, cloud security, and core IT infrastructure security.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.

Role-Specific Qualifications:

• Information Security and/or Information Technology industry qualifications such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager), or equivalent time served.
• A demonstrable hands-on background to improving security postures of organisations.

*Some of our benefits *

• Flexible, hybrid working model
• Inclusive culture and environment, check out our Glassdoor reviews
• £6500 flexible benefits allowance to suit your needs
• 30 days holiday + bank holidays
• Udemy learning access
• Bonus potential (performance and business-related)
• Up to 25% discount on
• Matched pension up to 6%
• More benefits can be found on our career site

How To Apply
Please note that the talent acquisition team are managing this vacancy directly, and if successful in securing this role, you will be required to undertake a credit, CIFAS, Right to Work checks and if a specific requirement of your role a DBS (criminal records) check. Should your application progress we require you to let the team know if there is anything you need to disclose in relation to any of these checks prior to them being undertaken, including any unspent criminal convictions.

What happens next?
Our talent acquisition team will be in touch if you're successful so keep an eye on your emails We'll arrange a short call to learn more about you, as well as answer any questions you have. If it feels like we're a good match, we'll share your CV with the hiring manager to review. Our interview process is tailored to each role and can be in-person or held remotely.

You can expect a two stage interview process after meeting the TA team,

First stage -
A one-hour face to face or MS Teams interview.

Second stage -
A final stage 1 hour session, likely to include a task for you to prepare for.

As an inclusive employer please do let us know if you require any reasonable adjustments.

If you'd like to know more about our interviews, you can find out here.

Equal opportunities
We're an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

What We Are Looking For

As a Red Team Specialist focused on GenAI models, you will play a critical role in safeguarding the security and integrity of commercial cutting-edge AI technologies. Your primary responsibility will be to analyze and test commercial GenAI systems including, but not limited to, language models, image generation models, and related infrastructure. The objective is to identify vulnerabilities, assess risks, and deliver actionable insights that strengthen AI models and guardrails against potential threats.

Key Responsibilities

• Execute sophisticated and comprehensive attacks on generative foundational models and agentic frameworks.
• Assess the security posture of AI models and infrastructure, identifying weaknesses and potential threats.
• Collaborate with security teams to design and implement effective risk mitigation strategies that enhance model resilience.
• Apply innovative testing methodologies to ensure state-of-the-art security practices.
• Document all red team activities, findings, and recommendations with precision and clarity.

Must-Have

• Proven track record in AI vulnerability analysis.
• Strong understanding of AI technologies and underlying architectures, especially generative models and frameworks.
• Minimum of 5 years of experience in offensive cybersecurity, with a focus on cloud and API security.
• Familiarity with agentic frameworks and hands-on experience in agentic development.
• Proficiency in Python.
• Exceptional analytical, problem-solving, and communication skills.
• Ability to thrive in a fast-paced, dynamic environment.

Nice-to-Have

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Demonstrated experience building production-quality pipelines and automations.
• Hands-on experience with machine learning development frameworks and environments.
• Advanced certifications in offensive cybersecurity (e.g., OSWE, OSCE3, SEC542, SEC522).
• Certifications or background in DevOps/ML domains.
• Webint / OSINT experience.

Cyber Specialist

6 Month Contract | Hybrid - Brighton (1x p/week) | £550 - 650/day Inside IR35

Harvey Nash are working with a large Government Agency who are looking for multiple Cyber Security Specialists to support on an initial 6 month contract basis.

This is a crucial role following an extensive Cyber Security Audit, with plenty of work to support on. We're looking for well-rounded Cyber Specialists with proven expertise within the Microsoft Ecosystem, including Azure Sentinel & Active Directory , as well as experience with SOAR .

Contract Details:

• Cyber Specialist
• 6 Months - extensions likely
• Hybrid - 1x per week in Brighton
• ASAP Start - as soon as Monday 13th October.
• £550 - 650/day
• Inside IR35

Please note - you must be willing to undertake & pass a DBS Check for this role.

If you're interested in this position, please apply now for consideration.

• Assist in the development, implementation, and maintenance of information security policies and procedures.
• Conduct regular security risk assessments and identify potential vulnerabilities across IT systems and data.
• Investigate and respond to security incidents, ensuring swift and effective resolution.
• Provide guidance and support on security best practices to staff and researchers.
• Ensure compliance with data protection regulations (e.g., GDPR) and institutional security standards.
• Monitor security logs and system alerts to detect and prevent malicious activities.
• Contribute to security awareness training programs for the institution.
• Evaluate and recommend security technologies and solutions.
• Collaborate with IT teams to integrate security into system design and architecture.
• Stay updated on emerging threats and security trends relevant to the academic sector.

• Proven experience in an Information Security role, preferably within higher education or research.
• Strong knowledge of cybersecurity frameworks, risk management, and incident response.
• Familiarity with data protection laws and compliance requirements (e.g., GDPR).
• Experience with security tools such as SIEM, vulnerability scanners, and firewalls.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills, with the ability to present technical information clearly.
• Relevant security certifications (e.g., CISSP, CISM, CompTIA Security+) are highly desirable.
• Ability to work independently and as part of a collaborative team.
• Bachelor's degree in Computer Science, Information Technology, or a related field is preferred.
• A proactive approach to identifying and mitigating security risks.

We are The Very Group and we’re here to help families get more out of life. We know that our customers work hard for their families and have a lot to balance in their busy lives. That’s why we combine amazing brands and products with flexible payment options on Very.co.uk to help them say yes to the things they love. We’re just as passionate about helping our people get more out of life too; building careers with real growth, a sense of purpose, belonging and wellbeing.

The role of a Senior Security Specialist, reporting to the Head of Information Security, encompasses a broad range of responsibilities aimed at safeguarding the organisation's digital assets and ensuring compliance with security standards.  

This position involves providing hands on security expertise to various business units, improving the overall security posture of the organisation by identifying and implementing security improvements to align with industry standards and ensuring adherence to security compliance requirements. 

The Senior Security Specialist plays a crucial role in developing and implementing security strategies, policies, and procedures, while also collaborating with cross-functional teams to promote a culture of security awareness and best practices throughout the organisation.  

Additionally, they support the Head of Information Security in leadership and strategic activities, contributing to the overall direction and vision of the security programme, and assisting in decision-making processes to enhance the organisation's security posture.  

This role impacts on all areas of the Group, including regulators, customers, employees, third parties and contractors.  It involves being responsible for the implementation of new security defences and the operation of existing in accordance with best practices, company policy and regulatory requirements. 

• Safeguard the organisation's digital assets and ensuring compliance with security standards along with maintaining the security and integrity of the organisation's information systems. 

• Works closely with different departments to understand their specific security needs and challenges. Ensuring that optimal security measures are implemented and aligned with the organisation's overall security strategy. 

• Responsible for identifying areas of non-compliance across the group and using skills and expertise to realign any problem areas to improve security posture. 

• Ensures that the environment is well prepared for security audits, working with internal teams to ensure a consistent base line approach to IT general controls is in place to facilitate and automated approach to audits. 

• Ensures that access controls are effectively managed and that identity management processes are robust and secure.  

• Implements and maintain security measures across cloud environments, ensuring alignment to best practices, improving the overall posture and ensuring compliance with relevant regulations. 

• Supports the Head of Information Security in leadership and strategic activities. This involves contributing to the overall direction and vision of the security programme and assisting in decision-making processes to enhance the organisation's security posture.

The Senior Security Specialist provides strategic insights and recommendations based on their expertise and experience and works closely with the Head of Information Security to develop and implement long-term security plans. This requires strong analytical and strategic thinking skills, as well as the ability to influence and drive change at the executive level. 

Knowledge: 

• A broad understanding of the Information Security industry, including UK regulations and compliance standards such as GDPR, ISO 27001, and PCI-DSS. 
• In-depth knowledge of IDAM including authentication mechanisms, single sign-on (SSO), and multi-factor authentication (MFA). 
• Familiarity with security measures for cloud platforms, particularly Oracle Cloud and Azure, Microsoft 365 (M365) Google Cloud and AWS. 
• Understanding of securing end user devices and applications. 
• Familiarity with the latest security threats, trends, and best practices. 
• Understanding of agile methods of working and the Secure Software Development Lifecycle (SDLC). 

Skills: 

• Proven experience in IT security, with a focus on IAM, cloud security, and core IT infrastructure security. 
• Excellent problem-solving and analytical skills. 
• Strong communication and interpersonal skills. 
• Ability to work independently and as part of a team. 

Role-Specific Qualifications: 

• Information Security and/or Information Technology industry qualifications such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager), or equivalent time served. 
• A demonstrable hands-on background to improving security postures of organisations. 

• Flexible, hybrid working model
• Inclusive culture and environment, check out our Glassdoor reviews
• £6500 flexible benefits allowance to suit your needs
• 30 days holiday + bank holidays
• Udemy learning access
• Bonus potential (performance and business-related)
• Up to 25% discount on Very.co.uk

• Matched pension up to 6%
• More benefits can be found on our career site

How to apply

Please note that the talent acquisition team are managing this vacancy directly, and if successful in securing this role, you will be required to undertake a credit, CIFAS, Right to Work checks and if a specific requirement of your role a DBS (criminal records) check. Should your application progress we require you to let the team know if there is anything you need to disclose in relation to any of these checks prior to them being undertaken, including any unspent criminal convictions.  

What happens next?

Our talent acquisition team will be in touch if you’re successful so keep an eye on your emails! We’ll arrange a short call to learn more about you, as well as answer any questions you have. If it feels like we’re a good match, we’ll share your CV with the hiring manager to review. Our interview process is tailored to each role and can be in-person or held remotely.

You can expect a two stage interview process after meeting the TA team,

First stage –  A one-hour face to face or MS Teams interview.

Second stage –  A final stage 1 hour session, likely to include a task for you to prepare for.

As an inclusive employer please do let us know if you require any reasonable adjustments.

If you'd like to know more about our interviews, you can find out here .

 Equal opportunities

We’re an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Make The Connection.

Vix Technology, a global leader in automatic fare collection, transit information, and transit analytics solutions, is seeking a highly skilled and experienced Cloud Engineer. With a presence in over 200 city and regional transport authorities worldwide, Vix has been at the forefront of transforming fare collection for more than 35 years. At Vix, we are committed to solving problems and delivering innovative solutions that are revolutionizing the world of public transit.

We're on the hunt for a motivated, engaged Cyber Security Specialist to support, maintain and improve/contribute to the management of real time security operations, including real time analysis and ongoing security management across Vix’s application suite. This opportunity will suit someone with similarly aligned experience, working closely with our Platforms and Engineering streams, with excellent collaboration and communications skills. This role is based in our Manchester office, where we prioritise in-person collaboration and teamwork. The role is on-site, Monday to Friday.

We regret that this position is only available for UK citizens/Residents with indefinite leave to remain in the UK, with current full time work rights for the United Kingdom, currently residing in the UK. This position will be located in Manchester, UK.

Requirements

What will you be responsible for?

• Management of vulnerabilities
• Analysis and development of security requirements, including their design and implementation
• Conduct forensic analysis and post-mortem reviews of security incidents
• Assist in the security certification and accreditation processes
• Engagements in engineering activities
• Enhance consistency and transparency in IT Security risk management efforts
• Respond to inquiries from internal and external audits and assessments
• Raise awareness regarding relevant regulatory standards, upstream risks, and industry best practices
• Inform our security engineers about emerging vulnerabilities and threats that need attention in our environments, advising on the appropriate prioritization for remediation.
• Facilitate and execute scanning procedures and utilize various tools
• Continuously analyze CI vulnerability data
• Forge strong partnerships with engineers to ensure a supportive platform for achieving our security objectives
• Engage with Vix Customers to provide guidance on security-related issues

What does our ideal candidate look like?

• Willing and available to work on-site in our Manchester offices, Monday to Friday, full time.

• Relevant certifications/qualifications and/or significant commercial experience within the cybersecurity discipline
• In-depth knowledge and technical proficiency in operational delivery within complex, dispersed on and off-prem infrastructure, including cloud and embedded systems
• Interest and ability to impart knowledge, support and mentor the whole business in the cybersecurity space, including knowledge transfer, best practice and ongoing training and support
• Pragmatic and personable, with great communication skills and ability to build rapport quickly.

Benefits

What’s in it for you?

Besides the opportunity to work for a global company that is customer and people focused, we offer:

• A focus on learning and development
• A great team of like-minded professionals
• Private Healthcare
• Income Protection Scheme
• Pension
• Group Life Assurance
• Cycle to Work Scheme
• Electric Car Benefit Scheme
• Employee Assistance Programme
• Eyecare and Spectacle Vouchers

Sounds good? Then apply now. Get on board today!

Add your resume and anything else to showcase why you would be a great addition to our team. We regret that this position is only available for UK&I citizens/Residents with indefinite leave to remain in the UK&I, with current full time work rights for the United Kingdom, currently residing in the UK.

No recruitment agencies, please! We won’t accept any introductions.

Vix Technology is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all people and want to build a workforce as diverse as the community we serve. We aim to have a work environment where everyone feels included and everyone can realise their full potential.