Security Engineer

As a Senior Security Engineer of a small and highly specialised team responsible for safeguarding the Council's cybersecurity posture, you will play a key role in protecting the organisation's networks, systems, and information assets. The role carries significant responsibility for providing strategic and operational leadership across cybersecurity activities, while supporting the development and performance of colleagues within the team. You will lead on the development, implementation, and continuous improvement of cybersecurity policies, standards, and procedures, ensuring compliance with regulatory requirements and industry best practice. You will oversee critical technical functions, including vulnerability management, penetration testing, risk assessment, and incident response activities, providing expert guidance and assurance to senior stakeholders. A key aspect of the role involves building strong relationships across Digital and Technology Services and the wider Council, influencing decision-making, and communicating complex cybersecurity risks and recommendations through reports, presentations, and briefings to senior managers and leadership teams. Working closely with the Council's outsourced Security Operations Centre (SOC) and other strategic partners, you will oversee the investigation and management of potential threats, vulnerabilities, and security incidents, ensuring timely and effective responses to minimise risk and protect Council services, data, and users. In addition, you will provide leadership, mentoring, and people management responsibilities within the team, fostering a culture of continuous improvement, professional development, and collaborative working. You will support workforce planning, performance management, and the development of cybersecurity capability, helping to ensure the Council maintains a resilient and effective security function. What we are about The team has various obligations to ensure the security of the council's IT systems. This includes conducting regular vulnerability scans, coordinating with other departments to address any issues promptly, and providing assistance to new and ongoing projects to implement robust security measures at the outset, which may require arranging penetration tests for new web applications. Additionally, you will oversee the council's phishing testing and awareness program and report the outcomes to senior management. What you will do

• Provide strategic leadership in the development, implementation, and ongoing governance of the Council's cybersecurity policies, standards, and procedures, ensuring alignment with regulatory requirements, industry best practice, and organisational objectives.
• Act as the senior point of escalation and subject matter expert for all cybersecurity-related matters, providing professional advice, guidance, and assurance to senior leaders, managers, and operational teams across the Council. Build strong stakeholder relationships and influence decision-making to ensure security risks are effectively managed and mitigated.
• Lead the operational management and oversight of the Council's security monitoring capabilities, ensuring that security tools, controls, and processes are operating effectively. Direct and coordinate the investigation, prioritisation, and resolution of security incidents, vulnerabilities, and emerging threats, escalating significant risks and incidents to senior management where appropriate.
• Provide leadership and management to cybersecurity staff, fostering a high-performing team culture through mentoring, coaching, performance management, workload prioritisation, and professional development. Support succession planning and the continuous enhancement of the Council's cybersecurity capability.
• Participate in and oversee the out-of-hours cyber incident response and escalation process, including involvement in the on-call rota. Act as a senior escalation point for incidents identified by the Security Operations Centre (SOC), ensuring timely decision-making, stakeholder communication, and effective incident resolution to minimise operational and reputational impact.
• Lead the continuous review and enhancement of the Council's cybersecurity framework, policies, and controls to address the evolving threat landscape. Ensure that emerging risks, legislative changes, technological developments, and lessons learned from incidents are incorporated into security strategies and operational practices.
• Prepare and present cybersecurity reports, risk assessments, and performance updates to senior management, governance boards, and other key stakeholders, providing assurance on the Council's security posture and recommendations for improvement.
  
  Knowledge of security issues relating to hardware and software, with
• Experience of the Microsoft technology stack.
• Knowledge and skills in the use of network and database security tools.
• Understanding of ISO27001 and other information security best practice standards.
• Storage area network (SAN) security.
• Cloud security.
• Patch management.
• Application security services.
• DevOps/SecOps practices and culture and associated methods.
• Network security.
• Infrastructure security
• Experience and knowledge of monitoring tools and the ability to configure and use the reporting and auditing facilities.
• Practical experience in using Network/Internet audit/monitoring software tools.
  
  Working for Birmingham City Council is more than just a job; it's about making life better for the 1 million plus people who live and work in the city., The Council is a fantastic place to work. You will find an organisation that is both challenging and supportive; with a leadership impatiently adventurous in its pursuit of excellence.
There is a clear vision which is ensuring that the Council is working for communities today and building for tomorrow, we focus our resources on five key priorities:
• A Prosperous Birmingham: through a focus on inclusive economic growth, tackling unemployment, attracting inward investment, and maximising the benefits of the Commonwealth Games.
• An Inclusive Birmingham: through a focus on tackling poverty and inequality, empowering citizens, promoting diversity and civic pride, and supporting and enabling all children and young people to thrive.
• A Safe Birmingham: through a focus on making the city safer, safeguarding vulnerable citizens, increasing affordable housing, and tackling homelessness.
• A Healthy Birmingham: through a focus on tackling health inequalities, encouraging physical activity and healthy living, supporting mental health, and improving outcomes for adults with disabilities and older people.
• A Green Birmingham: through a focus on street cleanliness, improving air quality, continuing the route to net zero, and becoming a city of nature.
We see the Council's role as providing strategic leadership - that's being able to visualise a new future for the city and equipping others to share our vision. We want to ensure the provision of services for all, so we can support those least able to support themselves by working with partners and putting citizens and neighbourhoods at the heart of our decision-making. We are always looking for people who put the customer at the centre of their approach, with a commitment to excellence to help us achieve our vision. We will support you to develop and thrive in your role, building a pathway for long-term success, with lots of development opportunities, such as apprenticeships.


• An environment that values curiosity, autonomy and working in the open
• An engaged and supportive leadership with a clear vision
• Training and development opportunities to help you progress and be the best you can be
• An inclusive workplace committed to reflecting the public we serve
• A benefit package designed to promote a great work life balance
• Exposure to all digital and technology teams and services areas across the council
Please upload your up-to-date CV via the attachments part of your application, this is required for shortlisting. Unfortunately, we cannot consider any applications without a CV attached Birmingham City Council is an accredited Disability Confident Leader employer, and we are committed to employing, retaining and developing all of our people. We want to ensure your recruitment journey with us is a positive and equitable one, so please let us know if there are any reasonable adjustments, additional support, accessibility needs, or if there is any way in which we can support you through your application., In return, we offer you excellent terms and conditions, generous annual leave, a great pension scheme, well-being support, annual travel passes and discounts at a number of city centre establishments.