2 of 2 Information Security Jobs in Cambridge

Application Security Specialist (DevOps) Hybrid – Cambridge, UK (1 day a week in office) We're looking for an experienced Application Security Specialist to join a growing cyber security team and play a key role in shaping a world-class application security programme. This role will give you the chance to work closely with engineering and development … teams, embedding security into the development lifecycle, driving automation, and influencing remediation plans that have real impact. What you'll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the SDLC. Designing and … integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability workflows, including bug bounty findings. Supporting incident response activities when needed. Monitoring and reporting on application security metrics, KPIs, and emerging threats. Automating processes for vulnerability detection and integrating tools into the pipeline. Note: this position includes participation in More ❯

Join a Leading Semiconductor Company as a GRC & Cyber Risk Manager Our client is at the forefront of secure, scalable computing. As part of our Enterprise Security team, you'll play a pivotal role in shaping how we manage cyber risk across their global operations and supply chain. This is a high-impact contract role for a technical risk … Contract Length: 6 months (with potential extension) Daily Rate: £700 per day (inside IR35) Location: Cambridge (hybrid – twice per week on-site) Key Responsibilities Lead and enhance Arm's Information Security Risk Management Framework within ServiceNow IRM. Act as technical SME for ServiceNow IRM, embedding frameworks and best practices. Oversee third-party cyber risk assessments, contract reviews, and … lessons learned into the control environment. Develop and monitor Key Risk and Control Indicators to inform decision-making. Collaborate across Enterprise IT and Engineering to identify and manage service security risks. Support AI and automation initiatives to streamline GRC processes. Key Requirements Proven hands-on experience with ServiceNow IRM and risk quantification methodologies. Strong knowledge of ISO 27001, NIST More ❯