1,653 Rsa jobs in the United Kingdom

Security Risk Consultant – Financial Services (RSA Archer Essential)

Location: London (Hybrid)

Albany Beck is building out their Security Risk practice, and we’re looking for an experienced Security Risk Consultant to join our growing team. You’ll play a key role in shaping the security risk strategy for a major global Financial Services firm, contributing to the build-out of a mature, regulatory-aligned security function.

This is a high-impact role where your expertise will directly influence the operational and strategic approach to cyber risk across a complex and regulated environment.

Key Responsibilities:

• Lead and support the implementation of security risk management processes aligned with NIST and other regulatory frameworks.
• Act as a subject matter expert on RSA Archer – configuring, managing, and optimising the platform for enterprise risk use cases.
• Develop and deliver high-quality risk assessments, technical documentation, and executive-level business reports.
• Collaborate cross-functionally with IT, security, and business stakeholders to ensure risk posture is clearly communicated and understood.
• Provide regular updates to senior leadership and manage expectations through clear, concise reporting.
• Drive continuous improvement of cyber risk governance, reporting, and stakeholder engagement strategies.

What We’re Looking For:

• Mandatory: Strong hands-on experience with RSA Archer – this is essential for the role.
• Ideally 8+ years experience in similar roles
• In-depth understanding of NIST frameworks and security risk methodologies.
• A Cyber Risk Management mindset, with a practical and business-oriented approach to risk.
• Excellent attention to detail and a methodical, highly organised working style.
• Strong written and verbal communication skills – able to craft technical documentation as well as articulate risk in plain business language.
• Demonstrated stakeholder management experience at all levels within large, complex environments.

Senior Information Security Engineer - Certified Security Auditor

UK Security Clearance Required (or eligibility)

What's in it for you?

Join a fast-growing, global technology leader with a proven track record of innovation in AI, cloud, and digital solutions. This is a career-defining opportunity where you'll benefit from:

• Competitive Salary 85,000 + 8% annual bonus + 10% pension.
• Hybrid working - 2 days onsite, 3 days remote. London or Southampton.
• Excellent long-term career prospects with global opportunities.
• Exposure to high-profile, enterprise-level security projects.

The Role

We're looking for a Senior Information Security Engineer with a certified security auditor background and eligibility for UK Security Clearance. You'll be responsible for designing, implementing, and maintaining security measures to protect enterprise systems, networks, and SaaS products. This is a hands-on, high-impact role in a collaborative, cross-functional environment.

Key Responsibilities:

• Security Tooling: Deploy, maintain, integrate, and configure security tools.
• Vulnerability Management: Conduct security assessments, penetration testing, and vulnerability scans.
• Incident Response: Lead investigations, mitigate breaches, and maintain response plans.
• Security Operations: Monitor logs, investigate incidents, and enhance security posture.
• Identity & Access Management: Oversee access controls, authentication, and identity systems.

About You

• 5+ years' experience in information security engineering & operations.
• In-depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP).
• Strong understanding of frameworks such as PCI, NIST, and ISO 27001.
• Hands-on experience with SIEM, IDS/IPS, endpoint protection, and penetration testing tools.
• Certified Security Auditor (or equivalent) and UK Security Clearance eligibility.

Preferred Certifications:

• CISSP, CISM, CEH
• AWS Certified Security Specialist
• Azure Security Engineer Associate
• Google Professional Cloud Security Engineer

The Company

A market disruptor with 10k+ employees across 30 countries, serving some of the world's biggest brands. They set the highest standards in cybersecurity and innovation - and exceed them.

Apply today to join a world-class security team where your expertise will directly shape the protection of mission-critical systems.

Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.

Senior Information Security Engineer - Certified Security Auditor

UK Security Clearance Required (or eligibility)

What's in it for you?

Join a fast-growing, global technology leader with a proven track record of innovation in AI, cloud, and digital solutions. This is a career-defining opportunity where you'll benefit from:

• Competitive Salary 85,000 + 8% annual bonus + 10% pension.
• Hybrid working - 2 days onsite, 3 days remote. London or Southampton.
• Excellent long-term career prospects with global opportunities.
• Exposure to high-profile, enterprise-level security projects.

The Role

We're looking for a Senior Information Security Engineer with a certified security auditor background and eligibility for UK Security Clearance. You'll be responsible for designing, implementing, and maintaining security measures to protect enterprise systems, networks, and SaaS products. This is a hands-on, high-impact role in a collaborative, cross-functional environment.

Key Responsibilities:

• Security Tooling: Deploy, maintain, integrate, and configure security tools.
• Vulnerability Management: Conduct security assessments, penetration testing, and vulnerability scans.
• Incident Response: Lead investigations, mitigate breaches, and maintain response plans.
• Security Operations: Monitor logs, investigate incidents, and enhance security posture.
• Identity & Access Management: Oversee access controls, authentication, and identity systems.

About You

• 5+ years' experience in information security engineering & operations.
• In-depth knowledge of networking protocols, operating systems, and cloud technologies (AWS, Azure, GCP).
• Strong understanding of frameworks such as PCI, NIST, and ISO 27001.
• Hands-on experience with SIEM, IDS/IPS, endpoint protection, and penetration testing tools.
• Certified Security Auditor (or equivalent) and UK Security Clearance eligibility.

Preferred Certifications:

• CISSP, CISM, CEH
• AWS Certified Security Specialist
• Azure Security Engineer Associate
• Google Professional Cloud Security Engineer

The Company

A market disruptor with 10k+ employees across 30 countries, serving some of the world's biggest brands. They set the highest standards in cybersecurity and innovation - and exceed them.

Apply today to join a world-class security team where your expertise will directly shape the protection of mission-critical systems.

Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.

**Our Purpose**
_Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential._
**Title and Summary**
Senior Information Security Engineer
Who is Mastercard?
Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential.
Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all.
Overview
The Data Security Team team is looking for a Senior Information Security Engineer to drive several key initiatives associated with data protection and related cutting edge technology. The ideal candidate will join Emerging Corporate Security Solutions, an engineering-focused group with the critical mission of protecting Mastercard data, with a focus on classification, labeling, encryption, and data loss prevention (DLP). In addition, testing and creating best practices for monitoring and use of appropriate, safe and secure AI will be a key initiative.
Role
The core mission for this role is providing security requirements, standards, and related engineering of solutions associated with:
- Bringing clarity, consistency, and standards to Mastercard data
- Ensuring alignment with the Zero Trust Maturity Model (and related workflows)
- Executing various projects and initiatives to solve for and lower risks associated with complex data types (PCI, PII, Source Code, various types of customer and user data) and their storage & transfer
- Ensuring alignment with related standards and associated business units such as Access, Privacy, Insider Threat, Security Operations Center, Desktop Support
- Contributing to solutioning from an architecture and engineering perspective for necessary exceptions to security standards
- Helping develop security awareness communications and training to educate employees about data security and protection efforts and standards
- Helping establish and run continuous monitoring processes and alerting pursuant to data security policies to identify and respond to threats
- Staying current with Industry Trends (ISO, NIST, Regulations, Best Practices as they potentially or actually impact Data Security standards and execution of the same)
The Ideal candidate for this position should have:
- Working knowledge of basic security controls validation on applications, systems, networks, platforms, environments including on-prem and cloud
- Exposure to Data Security Standards efforts (labeling, classification, data protection)
- Working knowledge of the Zero Trust framework, with a focus on the Data Pillar
- Working knowledge of data protection technologies such as:
o Microsoft Purview Information Protection / Azure Information Protection
o DLP technologies like, Symantec DLP
o Data Security Posture Management (DSPM) tools and usage
o EDR tools (like Microsoft Defender)
o Cloud security tools (like Microsoft Defender for Cloud Apps)
o Data transfer tools (FTP, Citrix FileShare, others)
- Familiarity with data storage technologies such as, but not limited to:
o Relational Databases such as SQL Server, Oracle DB, IBM DB
o Non-Relational Databases such as MongoDB, Redis
o Data Warehouse and Data Lake tools such as Snowflake, Hadoop
o File servers, NAS, Isilon, Cloud Drives
- Ability to work collaboratively with key stakeholders (Data & Analytics group, Data Strategy & Management team, Access, Network and Security Architects, various Security Engineers) as well as coordinate with vendors to evaluate, test and deploy new technology solutions
Corporate Security Responsibility
Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must:
- Abide by Mastercard's security policies and practices;
- Ensure the confidentiality and integrity of the information being accessed;
- Report any suspected information security violation or breach, and
- Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.
NOTE: Candidates go through a thorough screening and interview process. There is no need to include all preferred skills in the job description.
**Corporate Security Responsibility**
All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must:
+ Abide by Mastercard's security policies and practices;
+ Ensure the confidentiality and integrity of the information being accessed;
+ Report any suspected information security violation or breach, and
+ Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.

Our client, a growing technology firm in **Bradford, West Yorkshire, UK**, is seeking a highly experienced Senior Information Security Engineer to bolster their cybersecurity defences. This role is predominantly remote, with occasional requirements for on-site meetings. You will be responsible for designing, implementing, and managing advanced security solutions to protect the organisation's critical systems and sensitive data. This includes infrastructure security, network defence, application security, and ensuring compliance with relevant standards and regulations.

Key responsibilities:

• Design, implement, and manage enterprise-level security infrastructure, including firewalls, intrusion detection/prevention systems (IDPS), VPNs, and endpoint security solutions.
• Develop and enforce security policies, standards, and procedures to ensure a robust security posture.
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate risks.
• Lead incident response efforts, including the investigation, containment, eradication, and recovery phases of security breaches.
• Develop and maintain security architecture documentation and diagrams.
• Collaborate with IT operations and development teams to integrate security into the SDLC and infrastructure deployment processes.
• Manage and configure security information and event management (SIEM) systems.
• Stay current with emerging threats, vulnerabilities, and security technologies, and recommend appropriate countermeasures.
• Provide technical guidance and mentorship to junior security team members.
• Ensure compliance with industry regulations and standards such as ISO 27001, GDPR, and NIST.

The ideal candidate will possess a Bachelor's degree in Computer Science, Information Technology, or a related field, with a minimum of 7 years of experience in information security engineering. Professional certifications such as CISSP, CISM, or CCIE Security are highly preferred. You must have deep technical expertise in network security, cloud security (AWS, Azure), and endpoint protection. Proven experience with SIEM solutions, vulnerability management tools, and incident response frameworks is essential. Strong scripting skills (e.g., Python, PowerShell) and a solid understanding of secure coding practices are also beneficial. Excellent analytical, problem-solving, and communication skills are required for this role, which involves protecting assets in **Bradford, West Yorkshire, UK**.

Our client, a rapidly growing technology firm, is seeking a Senior Information Security Engineer to join their robust, fully remote cybersecurity team. This is a critical role focused on designing, implementing, and maintaining the security infrastructure that protects company data and systems from advanced threats.

As a Senior Information Security Engineer, you will be responsible for architecting and deploying security solutions across the organisation's network and cloud environments. This includes firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, endpoint security solutions, and security information and event management (SIEM) systems. You will conduct regular security assessments, penetration testing, and vulnerability scanning to identify and remediate security weaknesses. Collaboration with IT and development teams will be essential to embed security best practices throughout the software development lifecycle and infrastructure management. You will also play a key role in developing and executing the incident response plan, analysing security incidents, and leading recovery efforts.

The ideal candidate will possess a minimum of 5-7 years of progressive experience in information security engineering, with a strong background in network security, cloud security (AWS, Azure), and system hardening. Proven expertise in implementing and managing a wide array of security technologies is essential. You should have a deep understanding of security principles, attack vectors, and mitigation strategies. Excellent analytical, problem-solving, and communication skills are required, along with the ability to work autonomously and collaboratively in a remote setting. Relevant certifications such as CISSP, CCSP, or GIAC certifications are highly desirable. This role demands a proactive individual committed to staying ahead of emerging threats and ensuring the highest level of security for the organisation.

Responsibilities:

• Design, implement, and manage security solutions and infrastructure.
• Conduct vulnerability assessments, penetration testing, and risk analysis.
• Develop and maintain security policies, standards, and procedures.
• Configure and monitor security tools, including firewalls, IDS/IPS, and SIEM.
• Lead incident response activities and forensic investigations.
• Collaborate with IT teams to ensure secure system configurations and deployments.
• Stay abreast of emerging threats and vulnerabilities and recommend countermeasures.
• Provide security awareness training and guidance to staff.

Qualifications:

• Minimum 5-7 years of experience in information security engineering.
• Strong knowledge of network security, cloud security, and endpoint security.
• Hands-on experience with firewalls, IDS/IPS, SIEM, and VPN technologies.
• Experience with vulnerability management and penetration testing.
• Excellent analytical and problem-solving abilities.
• Strong communication and interpersonal skills.
• Relevant security certifications (CISSP, CCSP, GIAC) are preferred.

Are you a seasoned Information Security Engineer with a passion for building and securing resilient systems? Our client, a rapidly expanding tech company, is seeking a Lead Information Security Engineer to join their dynamic, fully remote team. Based remotely, you will play a critical role in designing, implementing, and maintaining the organisation's security infrastructure. This position requires a deep technical understanding of cloud security, network security, and application security. You will lead security initiatives, mentor junior engineers, and collaborate with development and operations teams to embed security best practices throughout the software development lifecycle. This is an excellent opportunity to drive security strategy in a forward-thinking, remote-first organisation.

Key Responsibilities:

• Design, implement, and manage security solutions across cloud platforms (AWS, Azure, GCP) and on-premise infrastructure.
• Develop and enforce security policies, standards, and procedures.
• Lead the implementation and maintenance of security tools such as firewalls, WAFs, IDS/IPS, SIEM, and endpoint protection solutions.
• Conduct security architecture reviews and provide recommendations for hardening systems.
• Oversee vulnerability management programs and ensure timely remediation of identified risks.
• Respond to and manage security incidents, conducting root cause analysis and implementing preventative measures.
• Collaborate with software development teams to ensure secure coding practices and application security.
• Automate security tasks and processes using scripting languages (e.g., Python, Bash).
• Mentor and guide junior security engineers, fostering a culture of continuous learning.
• Stay current with emerging security threats and technologies, adapting defences accordingly.

Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
• Minimum of 7 years of experience in information security engineering roles.
• Proven experience in cloud security (AWS, Azure, or GCP) and container security.
• Expertise in network security principles, including firewall management, VPNs, and intrusion detection/prevention systems.
• Strong understanding of security frameworks (e.g., ISO 27001, NIST CSF).
• Experience with scripting and automation tools.
• Excellent problem-solving, analytical, and communication skills.
• Ability to work independently and collaboratively in a remote team environment.
• Relevant security certifications such as CISSP, CCSP, or OSCP are highly desirable.

Join our client and be at the forefront of protecting critical digital assets. This role offers the flexibility of remote work and the chance to make a significant impact on the security posture of a growing organisation.

Our client, a forward-thinking financial services company based in **Norwich, Norfolk, UK**, is seeking an experienced Senior Information Security Engineer to join their expanding team. This hybrid role offers a compelling opportunity to contribute to the protection of critical data and systems within a highly regulated industry. You will be responsible for designing, implementing, and maintaining advanced security controls, conducting risk assessments, and leading the response to security incidents. Your expertise will be vital in identifying vulnerabilities, developing remediation strategies, and ensuring compliance with stringent data protection standards. This role requires a deep understanding of network security, endpoint protection, cloud security, and secure development practices. Proactive threat hunting and a commitment to staying ahead of evolving cyber threats are key.

Key responsibilities include:

• Designing, implementing, and managing enterprise-level security solutions (firewalls, SIEM, IDS/IPS, EDR).
• Conducting comprehensive vulnerability assessments and penetration testing.
• Developing and executing incident response plans, including forensic analysis.
• Implementing and maintaining security policies, standards, and procedures.
• Providing expertise on cloud security (AWS, Azure, GCP) and secure configurations.
• Collaborating with IT and development teams to embed security into the SDLC.
• Monitoring security alerts and responding to potential threats in a timely manner.
• Staying current with emerging cybersecurity threats and technologies.
• Developing and delivering security awareness training to employees.
• Ensuring compliance with relevant regulations such as GDPR and PCI DSS.

The ideal candidate will possess a Bachelor's degree in Computer Science, Information Security, or a related field, coupled with significant professional experience in information security engineering. Relevant certifications such as CISSP, GIAC, or CCSP are highly preferred. Excellent analytical, problem-solving, and communication skills are essential for this role.

Our client is a rapidly expanding cybersecurity firm seeking a seasoned Senior Information Security Engineer to bolster their technical capabilities. This is a fully remote position, allowing you to contribute to our mission from the comfort of your home office anywhere in the UK. You will be instrumental in designing, implementing, and maintaining robust security infrastructure and solutions to protect our organization and its clients. This involves a deep dive into threat landscapes, developing proactive defense strategies, and leading incident response efforts. The ideal candidate will possess advanced technical expertise in cybersecurity domains, strong leadership qualities, and a proven ability to architect and deploy secure systems.

Key Responsibilities:

• Design, implement, and manage comprehensive security solutions including firewalls, IDS/IPS, VPNs, endpoint security, and SIEM systems.
• Develop and maintain security architecture and roadmaps to align with business objectives and emerging threats.
• Conduct advanced threat hunting, vulnerability assessments, and penetration testing.
• Lead incident response activities, including investigation, containment, eradication, and recovery.
• Create and enforce security policies, standards, and procedures across the organization.
• Evaluate and integrate new security technologies and tools to enhance defensive capabilities.
• Provide technical guidance and mentorship to junior security team members.
• Ensure compliance with relevant industry regulations and best practices.
• Automate security processes and responses where possible to improve efficiency and effectiveness.
• Collaborate with IT and development teams to embed security into the software development lifecycle (SDLC) and infrastructure deployment.
• Perform security reviews of system designs and configurations.

The ideal candidate will demonstrate exceptional analytical and problem-solving skills, a proactive mindset, and the ability to remain calm and effective under pressure. Strong communication skills are essential for collaborating with cross-functional teams and presenting technical information to various stakeholders. Experience in cloud security (AWS, Azure, GCP) is highly advantageous.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent work experience.
• Minimum of 7 years of experience in information security engineering or architecture.
• In-depth knowledge of network security, system security, cryptography, and risk management.
• Hands-on experience with multiple security technologies and platforms.
• Proficiency in scripting languages (e.g., Python, Bash) for automation.
• Relevant security certifications such as CISSP, CISM, CCIE Security, or GIAC are highly preferred.
• Demonstrated experience in leading security initiatives and projects.
• Ability to work autonomously in a remote environment, managing projects and tasks effectively.