Information Security Engineer

Information Security Engineer - Flexible location Bibby Financial Services have an exciting opportunity available for an Information Security Engineer to join our team, working in any of our UK locations . You will join us on a full time, permanent basis and in return, you will receive a competitive salary of £70,000 – £80,000 per annum. We've supported small and medium-sized enterprises (SMEs) since 1982 and today we support more than 12,000 businesses worldwide. We are proud to help businesses, both big and small to grow and thrive in domestic and international markets. Why us? We're in the business of relationships. We know real value lies in real people, and it takes a motivated mindset and can-do attitude to belong here. It can be fast-paced and full-on, but we can handle it. We're a collective of “got your back”, we collaborate together, take ownership and deliver for our clients every time. That way, everybody wins. In return, we're all empowered to get the job done because we're trusted to get it right. It's why we were hired in the first place. We want you to make the choices you believe in – we'll believe in them too. As our Information Security Engineer, we will reward you and your hard work with: Company car allowance Private healthcare for you and your family Company pension scheme Wide range of flexible benefits, such as gym membership, technology, or health assessments Access to an online wellbeing centre Range of discounts from many businesses 25 days holiday The Information Security Engineer will provide proactive and provide expert guidance and lead the development of secure design principles to address the security and privacy needs of our business and colleagues. This role is pivotal in ensuring the secure delivery of technology across BFS. The Information Security Engineer will safeguard our colleagues, clients, and partners from cyber threats by proactively managing cybersecurity measures. This role requires balancing the need to protect BFS with the need to conduct business effectively, ensuring we remain within our risk appetite while adapting to new threats. Your key duties as our Information Security Engineer will include: Designing and implementing secure infrastructures, ensuring robust protection against potential threats in BSF cloud platforms – for example: Azure, AWS and Microsoft 365 environments. Utilise threat intelligence to stay informed about emerging threats and vulnerabilities, and integrate this information into security strategies Designing and implementing network set-up and control environment, including the implementation of Zero Trust policies. Develop, maintain, and enforce security policies, procedure and standards including those related to Azure and Microsoft 365. Have the ability to be able to explain the rationale for policies to the wider business when required. Ensures and controls compliance with corporate security standards and requirements. Enhancing our existing suite of tools and controls to keep pace with changing threats. Collaborate with the managed SOC provider to ensure timely and effective response to security incidents. Assist in the development and maintenance of the organisation's incident response plan. Collaborate in assessing and closing out any actions from pen testing assessments Actively engage in assessing current security related tooling and emerging technologies Be an internal part of any advance treat based and scenario based testing Collaborate with IT Services and Operations and business stakeholders to integrate security considerations into project lifecycle. What we are looking for in our Information Security Engineer: Technical security qualifications such as AZ-500 or MS-500 Proven experience of working in a technical Information Security role (at least 5 years), ideally in financial services organisations, although experience in other sectors will be considered. Deep understanding of technical architecture and security aspects of infrastructure/networking, application, web, and cloud technologies. Hands-on experience with Azure and Microsoft 365 security. Knowledge of AI security risks, including prompt injection, adversarial attacks, and AI red teaming. Knowledge of relevant legislation, regulatory compliance, such as GDPR and FCA obligations. Proven track record of ensuring that security is suitably incorporated in IT and Business projects. The ability to take complicated, technical, or logical concepts and translate them into a clear, easy to understand messages. Strong problem solving and analytical skills. If you would like to join us, please click ‘apply' today to be considered as our Information Security Engineer – we would love to hear from you! We're absolutely committed to being a truly inclusive place to work, where everyone has an equal opportunity to reach their true potential. Let us know if you need adjustments to support you through any stage of the recruitment process. No agencies, please. ADZN1_UKTJ