3,202 Security Specialist jobs in the United Kingdom

Red Team Operators & Leads (Financial Services Focus) - REMOTE - Applicants must have lived in the UK for the last 5 years - £100k + benefits

Are you an experienced Red Teamer looking to take on high-impact engagements in the financial services sector? I am looking for Red Team Operators and especially Red Team Leads to join a growing offensive security team.

You’ll play a critical role in delivering regulatory red team engagements—particularly in environments governed by frameworks like TIBER , CBEST , CSTAR , and DORA . If you thrive on leading complex assessments, developing creative attack paths, and engaging with clients at the highest levels—this role is for you.

What You'll Do

• Lead and deliver advanced red team and penetration testing engagements
• Work on regulatory red team exercises in the financial services sector
• Manage complex client engagements , reporting to stakeholders, and working with internal blue teams
• Bring new ideas and techniques to your engagements, from initial access to post-exploitation
• Collaborate across teams and mentor junior members of staff

What We’re Looking For

Must-Have Skills:

• 5+ years of penetration testing experience (more is welcome)
• Significant hands-on red team experience
• Strong consultancy background – comfortable in client-facing roles
• Familiarity with multiple scripting/programming languages

Strong Pluses (at least one of the following):

• Prior red teaming experience in the financial services sector
• Experience with SOC/SIEM/EDR tooling and methodologies
• Exposure to TIBER, CBEST, CSTAR , or other regulatory red teaming standards
• Involvement in DORA readiness or related compliance work
• Holder (or previous holder) of CREST CCSAS, CCRTS, or CCSAM
• Experience developing novel initial access techniques or custom tooling

Why Join?

You'll be part of a seasoned, high-performing red team delivering engagements that truly matter—working with major financial institutions to test and improve their resilience against real-world threats.

We offer:

• A flexible and supportive work environment
• Cutting-edge projects in the regulatory space
• Opportunities to lead, innovate, and grow your technical and leadership skills

Ready to make an impact? Apply now or message us directly to learn more.

Job Overview:

• Experience of risk management and controls, applying risk principles to challenging business situations.
• Develop and implement comprehensive management strategies.
• Guide teams and foster a culture of security within the organisation.
• Conduct thorough risk assessment and identify potential cyber security weaknesses in projects.
• Articulate security controls, policies and procedures in a language which the Business can understand.
• Navigate stakeholders and foster strong stakeholder relationships at all levels.
• Cyber Strategy development and implementation.

Internal use only - Grade D
About Us.
We are The Very Group and we're here to help families get more out of life. We know that our customers work hard for their families and have a lot to balance in their busy lives. That's why we combine amazing brands and products with flexible payment options on to help them say yes to the things they love. We're just as passionate about helping our people get more out of life too; building careers with real growth, a sense of purpose, belonging and wellbeing.

About The Role
The role of a Senior Security Specialist, reporting to the Head of Information Security, encompasses a broad range of responsibilities aimed at safeguarding the organisation's digital assets and ensuring compliance with security standards.

This position involves providing hands on security expertise to various business units, improving the overall security posture of the organisation by identifying and implementing security improvements to align with industry standards and ensuring adherence to security compliance requirements.

The Senior Security Specialist plays a crucial role in developing and implementing security strategies, policies, and procedures, while also collaborating with cross-functional teams to promote a culture of security awareness and best practices throughout the organisation.

Additionally, they support the Head of Information Security in leadership and strategic activities, contributing to the overall direction and vision of the security programme, and assisting in decision-making processes to enhance the organisation's security posture.

*Scope of Role *
This role impacts on all areas of the Group, including regulators, customers, employees, third parties and contractors. It involves being responsible for the implementation of new security defences and the operation of existing in accordance with best practices, company policy and regulatory requirements.

Key Responsibilities

• Safeguard the organisation's digital assets and ensuring compliance with security standards along with maintaining the security and integrity of the organisation's information systems.
• Works closely with different departments to understand their specific security needs and challenges. Ensuring that optimal security measures are implemented and aligned with the organisation's overall security strategy.
• Responsible for identifying areas of non-compliance across the group and using skills and expertise to realign any problem areas to improve security posture.
• Ensures that the environment is well prepared for security audits, working with internal teams to ensure a consistent base line approach to IT general controls is in place to facilitate and automated approach to audits.
• Ensures that access controls are effectively managed and that identity management processes are robust and secure.
• Implements and maintain security measures across cloud environments, ensuring alignment to best practices, improving the overall posture and ensuring compliance with relevant regulations.
• Supports the Head of Information Security in leadership and strategic activities. This involves contributing to the overall direction and vision of the security programme and assisting in decision-making processes to enhance the organisation's security posture.

The Senior Security Specialist provides strategic insights and recommendations based on their expertise and experience and works closely with the Head of Information Security to develop and implement long-term security plans. This requires strong analytical and strategic thinking skills, as well as the ability to influence and drive change at the executive level.

Essential Knowledge And Skills
Knowledge:

• A broad understanding of the Information Security industry, including UK regulations and compliance standards such as GDPR, ISO 27001, and PCI-DSS.
• In-depth knowledge of IDAM including authentication mechanisms, single sign-on (SSO), and multi-factor authentication (MFA).
• Familiarity with security measures for cloud platforms, particularly Oracle Cloud and Azure, Microsoft 365 (M365) Google Cloud and AWS.
• Understanding of securing end user devices and applications.
• Familiarity with the latest security threats, trends, and best practices.
• Understanding of agile methods of working and the Secure Software Development Lifecycle (SDLC).

Skills:

• Proven experience in IT security, with a focus on IAM, cloud security, and core IT infrastructure security.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.

Role-Specific Qualifications:

• Information Security and/or Information Technology industry qualifications such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager), or equivalent time served.
• A demonstrable hands-on background to improving security postures of organisations.

*Some of our benefits *

• Flexible, hybrid working model
• Inclusive culture and environment, check out our Glassdoor reviews
• £6500 flexible benefits allowance to suit your needs
• 30 days holiday + bank holidays
• Udemy learning access
• Bonus potential (performance and business-related)
• Up to 25% discount on
• Matched pension up to 6%
• More benefits can be found on our career site

How To Apply
Please note that the talent acquisition team are managing this vacancy directly, and if successful in securing this role, you will be required to undertake a credit, CIFAS, Right to Work checks and if a specific requirement of your role a DBS (criminal records) check. Should your application progress we require you to let the team know if there is anything you need to disclose in relation to any of these checks prior to them being undertaken, including any unspent criminal convictions.

What happens next?
Our talent acquisition team will be in touch if you're successful so keep an eye on your emails We'll arrange a short call to learn more about you, as well as answer any questions you have. If it feels like we're a good match, we'll share your CV with the hiring manager to review. Our interview process is tailored to each role and can be in-person or held remotely.

You can expect a two stage interview process after meeting the TA team,

First stage -
A one-hour face to face or MS Teams interview.

Second stage -
A final stage 1 hour session, likely to include a task for you to prepare for.

As an inclusive employer please do let us know if you require any reasonable adjustments.

If you'd like to know more about our interviews, you can find out here.

Equal opportunities
We're an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

What We Are Looking For

As a Red Team Specialist focused on GenAI models, you will play a critical role in safeguarding the security and integrity of commercial cutting-edge AI technologies. Your primary responsibility will be to analyze and test commercial GenAI systems including, but not limited to, language models, image generation models, and related infrastructure. The objective is to identify vulnerabilities, assess risks, and deliver actionable insights that strengthen AI models and guardrails against potential threats.

Key Responsibilities

• Execute sophisticated and comprehensive attacks on generative foundational models and agentic frameworks.
• Assess the security posture of AI models and infrastructure, identifying weaknesses and potential threats.
• Collaborate with security teams to design and implement effective risk mitigation strategies that enhance model resilience.
• Apply innovative testing methodologies to ensure state-of-the-art security practices.
• Document all red team activities, findings, and recommendations with precision and clarity.

Must-Have

• Proven track record in AI vulnerability analysis.
• Strong understanding of AI technologies and underlying architectures, especially generative models and frameworks.
• Minimum of 5 years of experience in offensive cybersecurity, with a focus on cloud and API security.
• Familiarity with agentic frameworks and hands-on experience in agentic development.
• Proficiency in Python.
• Exceptional analytical, problem-solving, and communication skills.
• Ability to thrive in a fast-paced, dynamic environment.

Nice-to-Have

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• Demonstrated experience building production-quality pipelines and automations.
• Hands-on experience with machine learning development frameworks and environments.
• Advanced certifications in offensive cybersecurity (e.g., OSWE, OSCE3, SEC542, SEC522).
• Certifications or background in DevOps/ML domains.
• Webint / OSINT experience.

Cyber Security Specialist - Security Assurance Coordinator (SAC)

Location: Corsham (Hybrid)

Salary: £60,000 - £70,000 depending on experience plus an excellent benefits package, plus a Yearly Bonus (Tax Free)

Due to the nature of the work you will be involved in, you must hold an SC Clearance minimum and be happy to go through DV Clearance if you don not hold this.

Our client, a leader in Defence IT consulting, is looking for an experienced Security Assurance Coordinator (SAC).

As the Security Assurance Consultant, you will be working closely with external stakeholders and collaborate with security team. You will be required to support a range of MoD programmes primarily in Corsham.

As the Cyber Security Specialist within Security Assurance will be responsible for maintaining and improving all aspects of system security capability and compliance while also delivering continuous system and service accreditation.

You will review documents for complex systems and assuring compliance against strict standards, advising on JSP policies, producing RMADS and PIA documentation, chairing security working groups, scoping vulnerability assessments and penetration testing activities, this will challenge you to grow your technical knowledge as well as use your current capabilities.

Main duties:

• Ensuring project compliance to MOD JSP Policy and guidelines
• Ensure that cyber and information security controls are properly embedded within project on the implementation and operation of security measures
• Providing technical security support from project start
• Stakeholder management
• Construction of accreditation documentation
• Risk identification and management

Required Skills:

• Information Security Standards and technical knowledge
• MOD Accreditation policy and practices; experience with DART
• Understanding of MOD Security Policy Framework
• Experience developing RMADs and SyOPs
• Experience of managing risk at programme and project level
• Experience at applying different risk models
• Proven management of compliance with standards and frameworks
• Strong verbal and written communication skills
• Ability to engage and influence internal and external stakeholders
• Experience working within the Defence sector
• CISM OR CISSP qualified
• CRISC qualified
• ISO27001 qualified

Cyber Specialist

6 Month Contract | Hybrid - Brighton (1x p/week) | £550 - 650/day Inside IR35

Harvey Nash are working with a large Government Agency who are looking for multiple Cyber Security Specialists to support on an initial 6 month contract basis.

This is a crucial role following an extensive Cyber Security Audit, with plenty of work to support on. We're looking for well-rounded Cyber Specialists with proven expertise within the Microsoft Ecosystem, including Azure Sentinel & Active Directory , as well as experience with SOAR .

Contract Details:

• Cyber Specialist
• 6 Months - extensions likely
• Hybrid - 1x per week in Brighton
• ASAP Start - as soon as Monday 13th October.
• £550 - 650/day
• Inside IR35

Please note - you must be willing to undertake & pass a DBS Check for this role.

If you're interested in this position, please apply now for consideration.