119 Senior Cybersecurity Positions jobs in the United Kingdom

At Fyxer, we’re building something bold: an AI Executive Assistant that genuinely takes work off your plate.

Imagine opening your laptop and finding your emails written, your meetings scheduled, your follow-ups sent, and your inbox under control all without you lifting a finger. That’s what we do.

We’re not a SaaS product with a bolt-on chatbot. We're a pure-play AI company using cutting-edge techniques (think fine-tuned open source models, retrieval augmented generation, intelligent tool use) to actually automate real work, not just create more of it.

And it works:

• Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS
• Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001
• Perform and support Security Risk Assessments (SRA) across CIS assets
• Coordinate and track remediation activities with technical teams
• Ensure systems meet NATO operational and cybersecurity requirements
• Deploy occasionally in support of NATO operations (fitness and readiness required)

• Proven experience in cybersecurity vulnerability assessment and risk management
• Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL)
• Hands-on experience with vulnerability management tools
• Certifications such as CISSP, CISM, CRISC, or CAP (required)
• ITIL v4 Foundation or higher
• Strong communication skills for working across multinational teams
• Ability to travel and work in operational environments (including aboard NATO vessels)

• Work on a high-impact NATO programme at the forefront of international cybersecurity
• Apply both your technical expertise and compliance knowledge in a challenging environment
• Be part of a team ensuring that critical systems remain secure, accredited, and mission-ready

• Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS
• Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001
• Perform and support Security Risk Assessments (SRA) across CIS assets
• Coordinate and track remediation activities with technical teams
• Ensure systems meet NATO operational and cybersecurity requirements
• Deploy occasionally in support of NATO operations (fitness and readiness required)

• Proven experience in cybersecurity vulnerability assessment and risk management
• Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL)
• Hands-on experience with vulnerability management tools
• Certifications such as CISSP, CISM, CRISC, or CAP (required)
• ITIL v4 Foundation or higher
• Strong communication skills for working across multinational teams
• Ability to travel and work in operational environments (including aboard NATO vessels)

• Work on a high-impact NATO programme at the forefront of international cybersecurity
• Apply both your technical expertise and compliance knowledge in a challenging environment
• Be part of a team ensuring that critical systems remain secure, accredited, and mission-ready

Your new company
We are working with a large, diverse organisation who are considering making a legal hire in Cybersecurity. They are exploring the possibility of expanding their Cybersecurity Legal Team with a forward-thinking legal professional who thrives in fast-paced, complex environments. If you have a strong foundation in legal analysis, problem-solving, and communication, and you're curious about how these skills could be applied in a global financial context, this opportunity might be worth considering.

Your new role

• Advising internal teams on how to navigate cybersecurity incidents, including legal considerations around notifications, contractual obligations, and risk mitigation.
• Supporting responses to regulatory inquiries and investigations involving cyber and information security matters.
• Providing legal insight into the design and implementation of cybersecurity programs, governance frameworks, and compliance strategies.
• Tracking and interpreting emerging cybersecurity regulations, such as those impacting financial services in the UK, EU, and other jurisdictions, and helping to inform internal policy and compliance approaches.
• Collaborating with legal and product teams to assess new technologies, applications, and initiatives from a cybersecurity legal perspective.
• Contributing to the development of training materials, tabletop exercises, and internal presentations to raise awareness and preparedness.
• Assisting in the review and refinement of cybersecurity-related policies, playbooks, and procedures.

What you'll need to succeed

• Have experience advising on cybersecurity or working closely with information security teams.
• They are proactive, pragmatic, and comfortable managing multiple priorities under pressure.
• Communicate clearly and build trusted relationships across diverse teams.
• Hold a law degree and are qualified to practice in the UK (or an equivalent jurisdiction).
• Have a keen interest in financial services and regulatory frameworks.

What you'll get in return

• A hybrid working model with flexibility to work from home.
• Competitive compensation, generous holiday allowance, and a wide range of benefits including private medical insurance, pension plans, and paid parental leave.
• Access to learning and development resources to support your growth.
• A workplace culture that values diversity, inclusion, and authenticity.

What you need to do now
If you would like to talk about this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Our client is seeking a Cybersecurity Threat Handler to join the Engineering and Technology Information Security team.

3 days in office in London

Salary is up to £80k base

Responsibilities

• Acting as a hands-on expert and builder for cloud-based technologies, ensuring security, performance, operability, and scale.
• Assisting as an internal specialist, facilitating the implementation of modern Front End technologies within technology and business teams.
• Building strong relationships with developers, technology teams, solution teams, and business application owners.
• Implementing and maintaining industry-standard protocols to strengthen our security measures.
• Developing and implementing innovative and differentiating cloud technologies.
• Collaborating and consulting with key technical experts, technology teams, and external industry groups to resolve complex technical issues and achieve our goals.

Required Qualifications

• Bachelor's degree or higher in MIS, CS, or a related field, or equivalent combination of education and work experience.
• 5+ years of experience in engineering and technology, preferably in Financial Services, Technology, or a related field.
• Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK.
• Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem.
• Strong knowledge of AWS Security, specifically in areas such as IAM, KMS, and Network Infrastructure.
• Expertise in analyzing security events from Microsoft Windows endpoints with a deep understanding of operating system security.
• Experience handling incidents originating from Microsoft cloud-based services like Azure and Microsoft 365.

Preferred Qualifications

• Familiarity with AWS threat detection and logging services such as GuardDuty and CloudTrail, as well as industry standard Cloud SIEMs like DataDog.
• Proficiency in analyzing security events within endpoint protection platforms like CrowdStrike Falcon.
• Ability to liaise effectively with SOC Analysts and Threat Hunters from our Managed Detection and Response vendor.
• Understanding of current cybersecurity threats, typical signs of attacks, and approaches to prevent and mitigate such incidents.
• 2+ years of experience with AWS or other hyperscale cloud provider implementation.

Our client is seeking a Cybersecurity Threat Handler to join the Engineering and Technology Information Security team.

3 days in office in London

Salary is up to £80k base

Responsibilities

• Acting as a hands-on expert and builder for cloud-based technologies, ensuring security, performance, operability, and scale.
• Assisting as an internal specialist, facilitating the implementation of modern Front End technologies within technology and business teams.
• Building strong relationships with developers, technology teams, solution teams, and business application owners.
• Implementing and maintaining industry-standard protocols to strengthen our security measures.
• Developing and implementing innovative and differentiating cloud technologies.
• Collaborating and consulting with key technical experts, technology teams, and external industry groups to resolve complex technical issues and achieve our goals.

Required Qualifications

• Bachelor's degree or higher in MIS, CS, or a related field, or equivalent combination of education and work experience.
• 5+ years of experience in engineering and technology, preferably in Financial Services, Technology, or a related field.
• Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK.
• Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem.
• Strong knowledge of AWS Security, specifically in areas such as IAM, KMS, and Network Infrastructure.
• Expertise in analyzing security events from Microsoft Windows endpoints with a deep understanding of operating system security.
• Experience handling incidents originating from Microsoft cloud-based services like Azure and Microsoft 365.

Preferred Qualifications

• Familiarity with AWS threat detection and logging services such as GuardDuty and CloudTrail, as well as industry standard Cloud SIEMs like DataDog.
• Proficiency in analyzing security events within endpoint protection platforms like CrowdStrike Falcon.
• Ability to liaise effectively with SOC Analysts and Threat Hunters from our Managed Detection and Response vendor.
• Understanding of current cybersecurity threats, typical signs of attacks, and approaches to prevent and mitigate such incidents.
• 2+ years of experience with AWS or other hyperscale cloud provider implementation.

ABOUT TOSCA

Tosca is a global leader in reusable packaging and pooling solutions that service the supply chain end to end. Re-use is the key word as Tosca facilitates moving away from single use packaging towards a circular model of reusable packaging with its robust portfolio of plastic containers, pallets, bins, crates and more. We focus on optimizing the flow of perishables, eliminating waste at every turn – product, packaging, labor and transportation waste. Our reusable plastic products improve the quality of product delivered, create more efficient supply chains, and are more sustainable than single-use packaging.

To strengthen our IT-department at our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager.

Position purpose

The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response, and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills.

This is a full-time role based in Dudley, UK, with travel up to 30% of the time.

Responsibilities

• Implement security protocols and manage information security programs
• Report performance, exceptions, and outages to all audiences transparently.
• Align disaster recovery with business continuity plans.
• Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS.
• Identify risks, develop a comprehensive security plan.
• Test cyber-attacks regularly to address vulnerabilities.
• Monitor security trends, adapt strategies.
• Oversee incident monitoring, detection, response via SOC and MSSPs.
• Manage security tools like SIEM and endpoint protection.
• Lead incident response and post-incident analysis.
• Enforce policies for data privacy (GDPR & NIST).
• Conduct regular security audits.
• Manage vendor relationships and negotiate contracts.
• Report service performance to stakeholders.
• Coordinate with other Tosca functions for effective implementation.
• Other relevant responsibilities as required.

Requirements, Experience & Education

• Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field; a Master's degree is preferred.
• At least 7-10 years of experience in information security, specifically within security operations, with proven experience in a leadership or management role.
• Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable.
• Strong knowledge of security frameworks (e.g., ISO 27001, COBIT), security technologies, tools, and best practices across EU, UK, and USA
• Proficiency in risk management processes, vulnerability assessments, and incident response strategies.
• Current technical and hands-on experience with security tools and technologies, including Rapid7, Rubrik, Sentinel, and endpoint protection solutions like Microsoft Defender.
• Excellent analytical, problem-solving, and decision-making skills, with the ability to conduct post-incident analysis and implement corrective actions.
• Strong communication and interpersonal skills, capable of working effectively with diverse teams and stakeholders.
• Ability to stay current with security trends, emerging threats, and best practices in the cybersecurity landscape.
• Experience of manufacturing and/or supply chain industry is preferred.
• Able to operate in a multinational corporation with several locations.

Competencies

• You have expertise within Customer/Relationship Management.
• You have excellent communication skills. You excel in conveying ideas clearly and effectively.
• You possess specialized knowledge and skills in your field.
• You have a collaborative spirit. You thrive in teamwork and enjoy working with others.
• You can analyze situations and make informed decisions
• You think ahead and plan for long-term success.

Our Offer

You will have a permanent contract with a competitive remuneration package in line with your knowledge and experience.

We continuously invest in your personal and professional development through our training & coaching programs.

You will join a dynamic and fast growing company that is part of a strong international group. We take pride in our green service and encourage our employees to participate in our growth and help us co-define the path to success. You will work in a fun environment with a supportive team that cares about each other and encourages collaboration at all levels.

Interested?

We cultivate a tight-knit team of smart people who care about their work and their colleagues. We believe this is a really exciting opportunity for someone who is up for a fast-paced challenge and is eager to become an integral member of our team.

Send us your CV and your letter of motivation in English. We’re looking forward to meeting you!

We value diversity and equal opportunity. Applicants are welcomed on the basis of their individual merits as we do not discriminate on the grounds of age, sex, disability, ethnic or racial origin, religion or belief, or sexual orientation. With both customers and employees around the world, we are committed to ensuring our team reflects the unique communities around us.

External recruitment services/agencies will not be used for this position.