Cyber Security Generalist – Information Assurance & Security Strategy

Location: Hybrid – Bristol or Cheltenham

Salary: Up to £80,000 (depending on experience) + 10% bonus + £5,500 car allowance

NOTE: Due to the nature of this client's work, candidates must be eligible to undergo UK Security Clearance.

Role Overview

We are seeking an experienced Cyber Security Generalist with a strong information assurance foundation and technical background to join a high-performing cyber security team operating in complex, regulated environments.

This role is well-suited to a security professional who combines governance, risk and compliance expertise with hands-on technical understanding, and who is comfortable operating across security operations, security architecture, and security strategy.

You will play a key role in ensuring the organisation aligns to recognised industry best practices and frameworks, while providing authoritative security advice to senior stakeholders.

Key Responsibilities

Security Governance & Information Assurance

• Develop, implement and maintain security policies, standards and control frameworks
• Ensure adherence to recognised standards such as ISO 27001, NIST and related frameworks
• Conduct and support security audits, assessments and assurance activities
• Ensure compliance with regulatory, contractual and organisational security requirements

Security Operations & Technical Oversight

• Provide best-practice guidance to Security Operations and SOC teams
• Support the development and execution of SecOps strategies
• Conduct maturity assessments, threat hunting and vulnerability management activities
• Advise on incident response frameworks and operational resilience

Security Strategy & Architecture

• Contribute to the development and evolution of security strategy aligned to business objectives
• Provide security architecture input across new and existing systems
• Define and support security roadmaps and long-term capability development
• Act as a trusted advisor to stakeholders, translating technical risk into business impact

Consultancy & Stakeholder Engagement

• Deliver clear, pragmatic security advice to technical and non-technical audiences
• Support clients and internal teams in improving overall security posture
• Influence senior stakeholders through credible, experience-led guidance

Skills & Experience Required

• 5+ years commercial experience in this industry
• Broad background in cyber security, with demonstrable experience across information assurance and technical security domains
• Strong knowledge of ISO 27001, NIST, and related governance frameworks
• Experience operating within security operations environments, including SOC interaction
• Proven involvement in security strategy development and delivery
• Solid understanding of security technologies (e.g. SIEM, vulnerability management, IDS/IPS)
• Excellent communication skills, with the ability to engage confidently at all levels

Desirable:

• Professional certifications such as CISSP, CISM, or equivalent
• Experience performing security maturity assessments
• Consultancy or client-facing experience in complex environments

If you are a cyber security generalist with a strong information assurance mindset and the technical credibility to influence strategy and operations, apply today.