Cyber Security Specialist
Croda
Croda is a FTSE100 organisation where we truly believe our people are our difference and this, along with our values of Innovative, Responsible and Together, create ‘our Purpose, Smart science to improve lives’. With over 5,000 employees globally, we specialise in the research and development of innovative ingredients for the Life Science and Consumer Care markets.
We are focused on developing our inclusive culture through accountability, collaboration and innovation. By joining Croda, you will be part of a team who are using smart science to create a more sustainable future.
As we deliver our ambitious 2030 Growth Strategy, we’re looking for a Cyber Security Specialist to report into the Group Information Security Director
About The Role
This role is a hands-on cyber security generalist responsible for translating Croda’s security policies and standards into practical, effective controls across the organisation.
You will play a key role in incident response, provide pragmatic day-to-day security guidance to IT and business teams, and help ensure that security controls are implemented in a way that is proportionate, workable, and aligned to commercial priorities.
This position suits someone who enjoys solving real-world problems, working across multiple areas of cyber security, and bridging the gap between policy and implementation.
Who We’re Looking For
Experience working in a cyber security
Strong understanding of core security principles and how to apply them in real-world environments
Experience supporting or participating in incident response activities
Ability to provide clear, practical security guidance to technical and non-technical stakeholders
Familiarity with common security technologies (e.g. monitoring platforms, endpoint security, cloud controls, vulnerability tools)
Understanding of security frameworks such as NIST CSF, ISO 27001, or similar
Pragmatic and risk-aware, with the ability to balance security and business needs
Comfortable working across a broad range of technologies rather than specialising in a single area
Strong problem-solving and decision-making skills
Effective communicator who can influence and collaborate across teams
Able to prioritise and manage competing demands in a dynamic environment
Desirable (but Not Essential)
Relevant security certifications (e.g. CISSP, CISM, GCIH or similar)
Experience in regulated or enterprise-scale environments
Exposure to cloud platforms, enterprise IT environments, or security operations tooling
Experience in manufacturing environments
What You’ll Be Doing
Security Controls
Translate information security policies and standards into practical controls, processes, and ways of working
Work with IT and business teams to ensure security controls are implemented effectively and proportionately
Support ongoing improvement and maturity of security controls across the organisation
Incident Response
Act as a core member of the cyber incident response capability, coordinating or leading response activities where required
Support the full incident lifecycle including detection, triage, containment, eradication, and recovery
Work with stakeholders to ensure clear communication and effective resolution during incidents
Drive improvements through post-incident reviews and lessons learned
Tactical Security Guidance
Provide pragmatic, day-to-day security advice to IT, engineering, and business teams
Act as a trusted advisor on projects, ensuring security is considered and embedded in a practical and proportionate way
Support secure design decisions across infrastructure, applications, and cloud services
Operational Security
Support vulnerability management activities, including identification, prioritisation, and remediation guidance
Help teams understand and address security risks in line with business priorities and risk appetite
Investigate and respond to security alerts from internal tools, users, and third parties
Contribute to threat intelligence awareness and ensure relevant risks are assessed and acted upon
Governance
Provide security input into change management (e.g. CAB) and project delivery processes
Work with internal teams, vendors, and partners to improve security outcomes
Support internal audit activities and remediation of security findings
Contribute to the ongoing development of security processes and ways of working
What Success Looks Like
Security policies are consistently translated into practical, working controls
Incidents are handled effectively with clear coordination and continuous improvement
IT and business teams receive clear, actionable, and proportionate security guidance
Security controls are understood, adopted, and embedded into day-to-day operations
What We Offer
Defined benefit pension scheme
25 days paid holiday allowance (plus bank holidays)
Private medical insurance
Free lunch in on-site restaurant
Access to share plans
Cycle to work scheme
Car leasing scheme
Generous parental leave
Retail platform benefits
Free car parking on Croda sites
Flexible working arrangements
Additional Information
This is a hybrid role.
If you require any reasonable adjustments during the hiring process or experience any issues with our online application process, please email ***email_hidden***.
Why Croda?
At Croda, we believe our people are our difference. We are people-led, driven by the desire to do good and deliver value, a unifying principle shaped by all the great people that have travelled through Croda since our beginning in 1925. We pride ourselves on bringing together diverse teams and talents from across the globe and, guided by our values of Responsible, Innovative, and Together, we are passionate about building an inclusive, collaborative, and diverse organisation with innovation and customer focus underpinning all that we do.
Croda is an equal opportunities employer and positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, marriage or civil partnership, pregnancy or maternity, religion or belief.
