I'm currently partnering with a leading international organisation headquartered in London that's undergoing a major transformation of its security landscape. As part of this growth, they're looking to appoint a Principal Information Security Engineer to strengthen their enterprise and cloud security posture.

The Role

This is a critical technical leadership position focused on implementing and optimising security controls across complex hybrid environments. You'll be responsible for driving Zero Trust architecture, network segmentation, and championing secure-by-design practices in collaboration with engineering, cloud, and business teams.

Key Responsibilities:

• Lead end-to-end threat assessments and influence secure architecture across enterprise projects
• Deploy and optimise core security tools (EDR, PAM, AV, DNS, DLP, Cloudflare)
• Conduct threat modelling, risk assessments, and proactively hunt for threats
• Collaborate with IT teams to roll out segmentation and extend Zero Trust across environments
• Take ownership of attack surface reduction, including Red Teaming and vulnerability management
• Contribute to compliance efforts across GDPR, NIS, ISO 27001

The following experience/skills are essential:

• Strong hands-on experience across operating systems (Windows & Linux), cloud security (AWS, Azure), and enterprise security tooling
• Practical knowledge of MITRE ATT&CK, TTPs, and Red Team/Blue Team tactics
• Experience in Scripting (PowerShell, Python, Bash) and tools like Metasploit, Burp Suite, Rapid7 InsightVM, and Nmap NSE
• Background in telco or highly regulated environments preferred (eg, familiarity with UK Telecom Security Act)
• Relevant security certifications such as CISSP, CCSP, GCIH or similar are highly desirable

Salary: Up to £95,000 + bonus + package

Location: London (good work from home options available)

If you are interested in this Principal Information Security Engineer position and meet the above requirements please apply immediately.