and regulatory requirements (ISO 27001, NIST, GDPR). Proactively monitor, detect, and respond to security threats, vulnerabilities, and breaches, leading incident response and forensic investigations. Conduct regular security audits, penetrationtesting, and risk assessments, implementing corrective actions to strengthen defences. Oversee firewalls, IDS/IPS, endpoint protection, encryption, and secure access controls to safeguard data and systems. Ensure More ❯
cyber security solutions. Their expertise includes risk and threat assessments, ensuring robust security measures for existing and new technologies. They promote a security-focused mindset within DevOps teams, coordinate penetrationtesting, and document security risks. They foster effective teamwork and manage client relationships, driving new business opportunities through established contacts. In this role you will be responsible for More ❯
Stockport, Greater Manchester, UK Hybrid / WFH Options
WeDo
You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built. You’ll have impact and visibility: Reporting to the CIO, with close collaboration with the Head of Information Security (compliance), you’ll shape … You’ll Be Doing: Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling Thinking creatively and adversarially – “breaking the app” to protect it Performing penetrationtesting, threat modelling, and secure code reviews Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline Advising on product and architectural design … culture that prioritises customer trust and system integrity What We’re Looking For: Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities A proven background in credit cards, payments, or financial transaction systems Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure) Familiarity with OWASP More ❯
