Cyber Security Engineer (3918)

We make it our mission to ensure more genuine people have digital access to opportunities, and businesses have access to more genuine people. Our technology draws on diverse and reliable data to create a single point of truth for identity and address verification.

With over 30 years of experience behind us our team and technology are focused on enabling safe and rewarding digital lives for everyone. Regardless of age, location or background, genuine people everywhere should be able to digitally prove who they are and where they live.

Information & Cyber Security Teams

GBG’s Information & Cyber Security teams consist of c30 team members, enable delivery of GBG’s business strategy by ensuring GBG is secure and trusted. The team provides four core capabilities:

• Governance, Risk and Compliance.
• Cyber Defence.
• Product Security.
• Security Architecture.

Cyber Security Engineer

This role is responsible for the design, implementation, and continuous improvement of security controls across our technology estate, helping to protect the organisation from evolving cyber threats.

You will work closely with product security, security operations, and governance risk and compliance teams to ensure security is embedded across infrastructure, applications, and cloud environments

What you will do

• Design, implement, and maintain security controls across on-premise and cloud environments (e.g., Azure, AWS, GCP).
• Evaluate and recommend security technologies, tools, and configurations to enhance the organisation’s security posture.
• Collaborate with IT and development teams to integrate security into systems and services from the ground up.
• Conduct technical risk assessments and support threat modelling activities.
• Provide subject matter expertise in areas such as identity and access management, endpoint protection, and network security.
• Support the response to security incidents and contribute to root cause analysis and remediation planning as required.
• Stay up to date with emerging threats, vulnerabilities, and security trends, and assess their relevance to the organisation.
• Contribute to the development and maintenance of security standards, procedures, and technical documentation.

• Proven experience in cyber security engineering or a similar technical security role.
• Strong understanding of security frameworks and best practices (e.g., NIST, ISO 27001, CIS Controls).
• Hands‑on experience with security technologies such as firewalls, SIEM, EDR, IAM, and cloud‑native security tools.
• Experience securing cloud environments (Azure, AWS, or GCP).
• Familiarity with DevSecOps practices and secure software development lifecycle (SSDLC).
• Strong analytical and problem‑solving skills.
• Ability to communicate technical concepts clearly to both technical and non‑technical audiences.
• Desired but not essential industry certifications such as CISSP, CISM, CompTIA Security+, or cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer Associate) would be beneficial
• Experience with automation and scripting would be beneficial but not essential (e.g., PowerShell, Python, Terraform).
• Knowledge of regulatory and compliance requirements would compliment the role but is not essential (e.g., GDPR, PCI DSS, DORA).

As an equal opportunity employer, we are dedicated to creating a diverse and inclusive workplace where everyone feels valued and empowered. Please inform your GBG Talent Attraction Partner if you require any reasonable adjustments to the interview process.

To chat to the Talent Attraction team and find out more about our benefits and why we’re a great place to work, drop an email to behired@gbgplc.com and we’ll be in touch. You can also find out more about careers at GBG and check out our current opportunities at gbgplc.com/careers.

Unleash your potential and be part of our mission to power safe and rewarding digital lives.