Senior Information Security Engineer
A leading global investment firm is looking for a Senior Information Security Engineer to join its Information Security team. This position plays a key role in strengthening the organisation's security posture by providing expert guidance and driving improvements across network, cloud, data, and system security.
The successful candidate will act as an escalation point for Security Operations, ensuring complex security issues are effectively analysed and resolved. The role includes overseeing security across critical IT projects, leading threat modelling for complex systems, auditing key platforms for vulnerabilities, and developing automated capabilities to continuously validate control effectiveness and system resilience. This position offers the opportunity to lead security initiatives and shape the broader security roadmap.
Key Responsibilities:
- Strengthen security across core areas including network, system, email, cloud, and data protection
- Act as a security advisor on IT projects, ensuring risks are identified and mitigated
- Manage and optimise security tooling to ensure effective deployment and maintenance
- Design and implement security architectures to protect critical assets
- Provide second-line support to Security Operations
- Conduct threat modelling and risk assessments to identify and mitigate vulnerabilities
- Oversee relationships with MDR providers to ensure effectiveness and continuous improvement
- Deliver against the security roadmap, aligned to business priorities and emerging threats
- Collaborate cross-functionally to embed security into business processes
Required Experience:
- 7+ years' experience in an information security role (e.g. security engineering, architecture, operations, or application security)
- Hands-on experience with threat modelling, security testing (including penetration testing), and automated validation
- Strong understanding of cloud, network, and systems security principles
- Scripting experience (Python and/or PowerShell preferred)
- Familiarity with tools such as EDR, DLP, vulnerability scanners, firewalls, and email gateways
- Ability to communicate effectively with both technical and non-technical stakeholders
- Degree in Computer Science, Engineering, or a related STEM field
Nice to Have:
- Experience with risk assessment methodologies
- Knowledge of security best practices across AWS, Azure, and GCP
- Experience reviewing code and identifying application security risks (static/dynamic analysis)
- Familiarity with regulatory and security frameworks (e.g. GDPR, SEC, MAS TRM, NFA guidance)
- Relevant security certifications
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.Â
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.Â
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.