Birmingham City Council logo

Senior Security Engineer

Birmingham City Council

United Kingdom£45,091Full timeCloses: 2026-07-02T22:59:00+00:00

Senior Security Engineer

Permanent

Grade D - £45,091 – £53,460 

Consultation grade - subject to formal evaluation under the Equal Pay Programme

Working 36.5 hours per week

Job Overview  
As a Senior Security Engineer of a small and highly specialised team responsible for safeguarding the Council's cybersecurity posture, you will play a key role in protecting the organisation's networks, systems, and information assets. The role carries significant responsibility for providing strategic and operational leadership across cybersecurity activities, while supporting the development and performance of colleagues within the team.

You will lead on the development, implementation, and continuous improvement of cybersecurity policies, standards, and procedures, ensuring compliance with regulatory requirements and industry best practice. You will oversee critical technical functions, including vulnerability management, penetration testing, risk assessment, and incident response activities, providing expert guidance and assurance to senior stakeholders.

A key aspect of the role involves building strong relationships across Digital and Technology Services and the wider Council, influencing decision-making, and communicating complex cybersecurity risks and recommendations through reports, presentations, and briefings to senior managers and leadership teams.

Working closely with the Council's outsourced Security Operations Centre (SOC) and other strategic partners, you will oversee the investigation and management of potential threats, vulnerabilities, and security incidents, ensuring timely and effective responses to minimise risk and protect Council services, data, and users.

In addition, you will provide leadership, mentoring, and people management responsibilities within the team, fostering a culture of continuous improvement, professional development, and collaborative working. You will support workforce planning, performance management, and the development of cybersecurity capability, helping to ensure the Council maintains a resilient and effective security function.
 

What we are about  
The team has various obligations to ensure the security of the council's IT systems. This includes conducting regular vulnerability scans, coordinating with other departments to address any issues promptly, and providing assistance to new and ongoing projects to implement robust security measures at the outset, which may require arranging penetration tests for new web applications. Additionally, you will oversee the council's phishing testing and awareness program and report the outcomes to senior management.

What you will do  

  • Provide strategic leadership in the development, implementation, and ongoing governance of the Council's cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry best practice, and organisational objectives.
  • Act as the senior point of escalation and subject matter expert for all cybersecurity-related matters, providing professional advice, guidance, and assurance to senior leaders, managers, and operational teams across the Council. Build strong stakeholder relationships and influence decision-making to ensure security risks are effectively managed and mitigated.
  • Lead the operational management and oversight of the Council's security monitoring capabilities, ensuring that security tools, controls, and processes are operating effectively. Direct and coordinate the investigation, prioritisation, and resolution of security incidents, vulnerabilities, and emerging threats, escalating significant risks and incidents to senior management where appropriate.
  • Provide leadership and management to cybersecurity staff, fostering a high-performing team culture through mentoring, coaching, performance management, workload prioritisation, and professional development. Support succession planning and the continuous enhancement of the Council's cybersecurity capability.
  • Participate in and oversee the out-of-hours cyber incident response and escalation process, including involvement in the on-call rota. Act as a senior escalation point for incidents identified by the Security Operations Centre (SOC), ensuring timely decision-making, stakeholder communication, and effective incident resolution to minimise operational and reputational impact.
  • Lead the continuous review and enhancement of the Council's cybersecurity framework, policies, and controls to address the evolving threat landscape. Ensure that emerging risks, legislative changes, technological developments, and lessons learned from incidents are incorporated into security strategies and operational practices.
  • Prepare and present cybersecurity reports, risk assessments, and performance updates to senior management, governance boards, and other key stakeholders, providing assurance on the Council's security posture and recommendations for improvement.
     

Essential Skills

  • Knowledge of security issues relating to hardware and software, with 
  • Experience of the Microsoft technology stack.
  • Knowledge and skills in the use of network and database security tools.
  • Understanding of ISO27001 and other information security best practice standards.
  • Storage area network (SAN) security.
  • Cloud security.
  • Patch management.
  • Application security services.
  • DevOps/SecOps practices and culture and associated methods.
  • Network security.
  • Infrastructure security
  • Experience and knowledge of monitoring tools and the ability to configure and use the reporting and auditing facilities.
  • Practical experience in using Network/Internet audit/monitoring software tools.

We will support you with  

  • An environment that values curiosity, autonomy and working in the open  
  • An engaged and supportive leadership with a clear vision  
  • Training and development opportunities to help you progress and be the best you can be  
  • An inclusive workplace committed to reflecting the public we serve  
  • A benefit package designed to promote a great work life balance
  • Exposure to all digital and technology teams and services areas across the council 
     

Please upload your up-to-date CV via the attachments part of your application, this is required for shortlisting. Unfortunately, we cannot consider any applications without a CV attached 

Birmingham City Council is an accredited Disability Confident Leader employer, and we are committed to employing, retaining and developing all of our people.

We want to ensure your recruitment journey with us is a positive and equitable one, so please let us know if there are any reasonable adjustments, additional support, accessibility needs, or if there is any way in which we can support you through your application.

For any informal enquires please contact: Resourcing@birmingham.gov.uk

Quoting reference 4402

A Disclosure and Barring Service (DBS) check will be undertaken.

Proof of Right to work in the UK will be required for all applicants in accordance with UK Home Office requirements, before any employment offer can be confirmed.

Birmingham City Council is committed to safeguarding and promoting the welfare of our citizens and expects all staff and volunteers to share this commitment. You can view our Corporate Safeguarding Policy | Birmingham City Council here. 

Sponsorship is not available for this post. Applicants must have the right to work in the UK that des not require employer sponsorship for the duration of the appointment.

Job Description and Person Specification https://enre.fa.em3.oraclecloud.com/cs/idcplg?IdcService=GET_FILE&dID=43971792&dDocName=UCMFA43923792&allowInterrupt=1

 

Apply on employer site