Aviva
Cyber Security Specialist

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Cyber Security Specialist
Location: Norwich/Bristol (Flexible / Hybrid)
Contract Duration: 9 Months Initially
Inside IR35:
This is a contract opportunity for someone who has strong hands-on information security experience and can quickly integrate into a complex enterprise environment. This role would suit an experienced security professional who is comfortable providing pragmatic security guidance, working autonomously, and partnering with both technical and business stakeholders to manage security risks across operational IT services.
The successful contractor will be able to hit the ground running, supporting security operations, risk management activities, security assurance, and continuous improvement initiatives across a range of platforms and services. They will be confident operating at pace, influencing stakeholders, and delivering outcomes in a dynamic environment.
Key Responsibilities
- Act as the primary security liaison between IT operational teams, platform teams, service owners, and other key stakeholders.
- Provide timely, practical, and risk-based security guidance to support operational, change, and release activities.
- Identify security gaps, vulnerabilities, issues, and risks across IT platforms and services.
- Recommend appropriate risk treatment and remediation actions and track delivery through to completion.
- Support security assurance activities, including penetration testing, compliance assessments, and control effectiveness reviews.
- Participate in regular security governance activities such as log reviews, access reviews, and security monitoring processes.
- Review and challenge security considerations within architectural and technical designs.
- Drive continual improvement in security processes, standards, and operational practices.
- Produce clear security reporting, documentation, and recommendations for both technical and non-technical audiences.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Skills and Experience
- Significant information security experience, ideally 5+ years within complex enterprise environments.
- Strong understanding of modern IT infrastructure and security technologies, including Microsoft Azure and cloud platforms.
- Experience with security technologies such as firewalls, web application firewalls (WAF), and web-based technologies.
- Sound knowledge of secure development principles and industry security standards, including ISO 27001, Cyber Essentials, and related frameworks.
- Experience identifying, assessing, and managing information security risks.
- Ability to assess and critique the security aspects of technical and architectural designs.
- Excellent stakeholder management, communication, and reporting skills.
- Ability to work independently, prioritise effectively, and deliver high-quality outcomes in a fast-paced environment.
- Professional security certifications such as CISSP, CISM, or equivalent practical experience are desirable.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Please ensure that you attach an up-to-date CV to your application.
We flex locations, hours and working patterns to suit our customers, the business and you. Most of our people smart‑work, spending at least 50% of their time in an Aviva office each week.
We’d love you to apply online. If you need a different way to apply, or have questions, please contact me at Katyayani.pathak@aviva.com
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location