Information Security Advisor

| Overview<br><br>Skipton International is seeking a knowledgeable and proactive Information Security Advisor to join our IT team. This multi-faceted role is critical in ensuring that change is delivered securely, security best practices are embedded across the organisation, and our internal processes and tooling remain fit for purpose.<br><br><br><br>You'll act as a subject matter expert across a wide range of cyber security domains, supporting both strategic initiatives and day-to-day operations. This is an exciting opportunity to influence the security posture of a growing financial institution and contribute to a culture of continuous improvement.<br><br><br><br>Key Accountabilities<br><ul><li>Lead information security input into change delivery, ensuring solutions are 'secure by design'</li><li>Advise on physical, procedural, and technical security controls across the organisation</li><li>Collaborate with stakeholders to identify and support change initiatives using both traditional and agile methodologies</li><li>Provide expertise in cloud security, application security, identity and access management, and industry standards</li><li>Work closely with architecture teams to ensure security principles remain relevant and effective</li><li>Monitor emerging technologies, threats, and vulnerabilities, applying insights to internal initiatives</li><li>Conduct threat modelling, vulnerability assessments, and risk evaluations, delivering clear, actionable reports</li><li>Champion continuous improvement within the Information Security function</li><li>Support knowledge sharing and coaching within the team</li><li>Produce and peer-review reports for governance groups, acting as a subject matter expert</li></ul><br><br><br>Requirements<br><br>Essential:<br><ul><li>4-5 years of experience in Information/Cyber Security</li><li>At least 2 years of hands-on experience securing Azure environments</li><li>Experience with DevSecOps and agile delivery environments</li><li>Hold a recognised security qualification (e.g., CISSP, CISA, CISM or equivalent)</li><li>Strong understanding of enterprise-wide security threats, controls, and principles</li><li>Excellent written and verbal communication skills</li><li>Self-directed, detail-oriented, and enthusiastic with a positive attitude</li><li>Strong time management, analytical, and problem-solving abilities</li><li>Collaborative and pragmatic approach to stakeholder engagement</li><li>Comfortable navigating ambiguity and making informed decisions</li><li> </li></ul><br>Desirable<br><ul><li>Experience with threat modelling and control effectiveness reviews</li><li>Familiarity with industry governance and compliance frameworks</li><li>Interest in mentoring and cross-training within the team</li></ul><br><br><br>This is a fantastic opportunity to make a meaningful impact in a forward-thinking organisation. If you're passionate about cyber security and thrive in a collaborative environment, we'd love to hear from you.<br><br><br><br>For a full job description and to apply please visit |
| --- |