Infrastructure Security Manager

Function: CIO

Location: London or Edinburgh - Hybrid Working

At TSB, we aim to give money confidence to our customers and communities. Working at TSB means making a real difference to your career, our business, and the wider community.

We are transforming our services with technology at the forefront. This exciting change involves investing in an enhanced in-house capability. If you are a forward-looking and innovative IT professional, this is your opportunity to help us build the future of banking.

We seek a passionate individual focused on understanding and securing the infrastructure supporting TSB's services and operations. You will work within a team of cybersecurity SMEs, leading vulnerability assessments, remediation, and secure build and configuration of assets across our data centres, cloud, networks, and branches. You will support the implementation of Infrastructure & Cloud security strategies, policies, controls, services, metrics, and compliance, including vulnerability management, WAF, DDoS, and firewall strategies for both on-premise and cloud environments.

• Recent experience in offensive/defensive security techniques and familiarity with frameworks such as OWASP, CVSS.
• Leadership in the delivery and maintenance of network security devices on-premise and in cloud environments.
• Practical knowledge of DDoS and WAF protection measures.
• Experience in infrastructure vulnerability management, evaluation, and prioritisation.
• Understanding of micro-segmentation concepts.
• Technical skills to operate and optimise security tooling for Vulnerability, Firewall, WAF, and DDoS solutions.
• Proven hands-on delivery experience at a lead level.
• Experience managing a team of security professionals, prioritising workloads to meet business goals.
• Relevant degree or certifications such as CISM, CISSP, CSSLP, or equivalent.
• Ability to track, report, and drive remediation of non-compliance issues.
• Experience assessing vulnerabilities and impacts based on risk concepts.
• Ability to communicate security status effectively to both technical and non-technical stakeholders.

• Hybrid and flexible working arrangements.
• Attractive rewards and benefits package.
• Diverse, energising, and collaborative environment.
• Opportunities for career growth.

We are committed to inclusion and diversity, believing that diverse teams help us deliver Money Confidence. We welcome candidates who meet some requirements and have an open, curious mindset.