Rodeo
ResourcesPartnersSign in

Davies

Information Security Technical Lead

City of London
Posted 7 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Information Security Technical Lead

Application Deadline: 10 July 2026 Department: IT Employment Type: Permanent – Full Time Location: London, UK Reporting To: Hussain Anjum

About the Role

The Information Security Tech Lead is responsible for owning and driving the end-to-end information security programme across Asta & its client base. This technical leadership role involves taking authority over PAM, EDR, SIEM, DLP, identity governance, vulnerability management, and regulatory compliance.

The successful candidate will:

  • Strengthen Asta’s security posture through hands-on security engineering, continuous monitoring, and operational resilience
  • Lead decisions during security incidents, including prioritising alerts, coordinating containment actions, and recommending remediation strategies
  • Foster collaboration across development teams, infrastructure teams, compliance, and clients
  • Drive security automation, threat detection, incident response, and risk reduction across the enterprise platform stack

Key Responsibilities

Security Leadership & Team Management

  • Lead a team of engineers, setting strategic direction, workload management, and capability growth
  • Act as the primary security escalation point for the Infrastructure function
  • Own the InfoSec roadmap and align it with Asta’s IT transformation programme

Infrastructure Security Engineering & Hardening

  • Implement and maintain security controls across infrastructure & systems
  • Apply best practices for:
    • IAM (Identity & Access Management)
    • PIM (Privileged Identity Management)
    • PAM (Privileged Access Management)
    • Network security
    • Encryption, hardening tools (e.g. Ping Castle and Semperis Lightning)
  • Collaborate on automated security scans, policy enforcement, and dependency checks in pipelines

Security Monitoring & Incident Response

  • Monitor security alerts from multiple sources, including:
    • SIEM platforms
    • EDR (Endpoint Detection & Response)
    • Firewalls
    • IDS/IPS (Intrusion Detection & Prevention Systems)
  • Triage, prioritise, and investigate incidents using:
    • Log analysis
    • Packet captures
    • Forensic techniques
  • Lead containment, eradication, and recovery efforts during incidents
  • Maintain integrated alerting with SOAR/SIEM platforms

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Security Strategy & Programme Delivery

  • Define and drive end-to-end security programmes covering:
    • PAM, EDR, NDR (Network Detection & Response)
    • SIEM
    • Penetration testing
    • DLP (Data Loss Prevention)
    • Compliance requirements
  • Translate regulatory obligations into actionable technical controls (e.g., FCA/PRA, Lloyd’s Principle 12, CBEST, ISO 27001, Cyber Essentials)
  • Produce metrics and reports for executive leadership (e.g., security posture, incidents, cybersecurity maturity)

Client Security Services

  • Provide security advisory and managed security services to 20+ clients, including:
    • Carbon Underwriting
    • Dale Underwriting Partners
    • Beat Capital
  • Conduct client security reviews, Secure Score assessments, Semperis/Entra evaluations, and PAM deployment planning
  • Serve as the critical escalation point for client-facing incidents and assurance requests

Threat Intelligence & Detection

  • Stay current with emerging threats, vulnerabilities, attack techniques, and security trends
  • Apply threat intelligence to refine detection capabilities
  • Contribute to proactive threat hunting and monitoring

Compliance & Documentation

  • Support audits and certification for:
    • ISO 27001
    • NIST
    • SOC2
    • Lloyd’s Principle 12
  • Maintain:
    • Incident reports
    • Foreign procedure manuals (runbooks)
    • Standards and security documentation
  • Coordinate Cyber Essentials certification and vendor compliance

Operational Resilience & Disaster Recovery (DR)

  • Support business continuity planning, including scenario testing and disaster recovery exercises
  • Analyze post-incident reviews for lessons learned

Phishing Campaign Management

  • Design, implement, and manage simulated phishing campaigns to assess staff awareness of social engineering
  • Analyze phishing results and identify training needs
  • Track phishing resilience metrics and user security awareness trends

Requirements & Skills

Experience & Expertise

  • 7+ years of hands-on experience in cybersecurity, with 3–4 years in a lead, management, or principal role
  • Experience in:
    • Security engineering
    • SOC operations
    • Incident response
    • Regulated industries (e.g., financial services)
  • Demonstrated capability to lead and develop a security team
  • Confident communicator with the ability to:
    • Translate complex security risks into business‐aligned strategies
    • Present to C-suite and board-level executives

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Technical & Functional Knowledge

  • Strong proficiency in cybersecurity principles, including:
    • Attack vectors with Mitre framework expertise
    • Defence strategies aligned with OWASP Top 10
  • Hands-on experience with:
    • Cloud security (Azure/AWS)
    • IAM, secrets management, encryption
    • Certificate management
    • Microsoft 365 Security Suite, including:
      • Microsoft Defender
      • Azure AD Identity Protection
      • **AD hardening tools (e.g., Ping Castle and Semperis Lightning)
  • Experience with SIEM platforms such as:
    • Splunk
    • CrowdStrike (Falcon)
    • Microsoft Sentinel
    • LogRhythm
  • Familiarity with tools such as:
    • Varonis
    • Tenable
    • Pentera
    • External and internal SOC processes

Job Benefits

Asta offers a market-leading benefits package designed to support growth, well-being, and work-life balance. Key benefits include:

Work-Life Balance

✔ 35-hour workweek, with options for hybrid and flexible working ✔ Generous holiday allowance increasing with tenure ✔ Enhanced family support policies

Health & Wellbeing

  • Private medical insurance, including virtual GP access
  • Regular annual health screenings, dental coverage and eye care
  • Subsidised gym or sports club membership
  • Mental health support programmes

Career & Financial Growth

✔ Competitive pension (up to 13% employer contribution) ✔ Income protection and life assurance ✔ Discretionary annual bonus scheme ✔ Salary sacrifice schemes for sports & lifestyle benefits

✔ Interest-free season ticket loan

Asta fosters a supportive, inclusive workplace where ambition is matched with opportunity—you’re encouraged to rise.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Security Leadership
Infrastructure Hardening
Incident Response
SIEM
EDR
PAM
Identity Governance
Vulnerability Management
Cloud Security
Microsoft 365 Security
Threat Intelligence
Regulatory Compliance
Risk Management
Security Automation
Forensic Techniques
Phishing Campaign Management

Location

City of London, England, United Kingdom

Sign up to applySee more jobs like this