Lead InfoSec Engineer
Reporting to: Head of Engineering
Based: Hybrid 2+/ East Croydon
Here at The Gym Group we believe we are simply the best in our industry! Our amazing teams have skills, abilities and can-do attitudes that make this a great place to work!
We have strong, embedded values and an easy-going culture which ensures we put our people first. We pride ourselves on being fun, innovative, inclusive and engaging. We are now on the lookout for anLead InfoSec Engineerto join our amazingTech Team.
So, what’s stopping you? Apply today and know that We’re With You every step of the way.
What you need to know about us…
The Gym Group is not like your average gym! To our members we’re the lowest cost nationwide 24/7 Gym with over 230 gyms and counting! To our teams we are fun, welcoming, engaging and inclusive. We challenge our limits and push ourselves to impact positive change with our goals and initiatives. We take steps into new areas with a real and authentic purpose - It’s our mission to break down barriers to fitness for all.
We’re #1 in our industry when it comes to our values, our culture and our people – check out Glassdoor if you don’t believe us. We offer a fantastic place to work in a great working culture and were recognised as #25 in the Top 50 places to work in the UK in 2022! We may be one of the leading budget gym chains in the UK but there’s nothing budget about our investment into our people. We have retained GOLD in our investors in people award for the last 6 years and silver in wellbeing last year. We’re recognised as a disability confident and inclusive employer which is something we are truly proud of. We have a brilliant team and opportunities for development and growth with support for success. Having recently undertaken some huge projectsfrom a digital point of view and our plans are to keep being innovative, creative and agile in all that we do.
That’s what you’re looking for right? We’re With You! So let us tell you more.
What you need to know about the role…
The Lead InfoSec Engineer at The Gym Group is responsible for creating and managing the company-wide information security program to ensure that information assets are properly protected. This role includes the design and execution of policies, procedures, and technology to secure and protect The Gym Group systems and data.
Main Job Activities
•Risk Assessment and Management•Security Policy Development•Incident Response•Security Awareness and Training•Security Architecture•Network Security•Access Control•Data security•Security Audits and Assessments:•Security Documentation:•Security Monitoring
So let us tell you what we are looking for…
Our nextLead InfoSec Engineer will have the following:
Essential
•At least 5 years’ experience in an Information Security position in a UK-wide or international digital business.•Strong expertise with implementing security solutions and tools for cloud-native distributed systems (ideally Azure, Kubernetes)•Comprehensive knowledge of Information Security Management Systems and tools. •Ability to deal with highly complex and high-risk problems across the diverse range of IT security threats.•Strong understanding of key aspects of data security including encryption methods, access management, data warehouse/data lake security etc.•Strong experience working in fast-paced agile environments.•Experience with tools like PowerBI, Nessus, CrowdStrike and Sentinel or similar.•Experience in leading internal security audits and developing and embedding comprehensive infosec strategies across the business.•Experience of managing cyber incident response processes and working with specialist partners.•Well-connected in the cyber-security community.•Experience with SQL-based data warehouse solutions.•Understanding of network-level security principles and practices.•Ability to translate highly complex technical matters into user friendly language. •Ability to lead with innovative ideas, and proactively create and drive a ‘business benefits’ approach•Life-long learner.Experience in system technology security testing (vulnerability scanning and penetration testing, facilitating red team exercise etc.).
Desirable
•Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CompTIA Security+. •Experience with multi-site business operation.•Experience with physical security solutions.•Good understanding of project management principles•Experience with FreshService Service Management platform.
So, we’ve told you all about us and our amazing new opportunity; now it’s your turn to hit ‘Apply’ and tell us about YOU. We get that not everyone wants a 9 - 5 and here at The Gym Group we are pretty flexible. Talk to us about your requirements during the process and explore the many options including flex hours, a condensed working week or even part-time contracts.
If you have a disability or condition that makes it difficult for you to complete your application online please email your cv to or alternatively call the TGG Recruitment team on and someone will be more than happy to support you. We also want to put it out there that we actively encourage applications from a diverse demographic and we are passionate about your culture and value alignment. We want this to be a match that challenges your limits and works for you as much as for us. When we say We’re With You we really do mean it!