Information Security M&A Specialist

Information Security M&A Specialist

The Technical M&A Specialist plays a key role in supporting the organisation’s global acquisition strategy by delivering technical due diligence, cybersecurity assessments, and integration of readiness evaluations. The successful candidate will provide expert technical insight across OSI Layers 2–7, ensure technology and security standards are met, and communicate findings effectively to diverse stakeholders across multiple regions. This role requires exceptional communication skills, technical depth, and the ability to engage with stakeholders whose first language may not be English. Clear spoken English diction and excellent written communication are essential. This position will be on a 6/12 month FTC.

• 
  
• Technical Due Diligence & Assessment
  Conduct detailed technical cybersecurity assessments of acquired or prospective entities, covering infrastructure, network architecture, identity platforms, endpoints, cloud environments, and application layers. Review and assess documentation such as technical questionnaires, due‑diligence reports, architecture diagrams, and security artefacts. Identify potential security, operational, or architectural gaps that could impact integration timelines or organisational risk posture.
  
• Cybersecurity Risk Analysis & Advisory
  Evaluate the cybersecurity maturity of target organisations and identify areas requiring uplift. Provide structured, actionable recommendations to improve security posture. Present technical findings in a clear, business‑aligned format suitable for senior leadership and non‑technical audiences.
  
• Integration Planning Support
  Contribute to planning activities for technology integration including M365, cloud identity, endpoint security, and network consolidation. Collaborate with security, architecture, engineering, GRC, and programme teams to ensure alignment with corporate standards. Support the development of integration roadmaps, risk logs, and readiness documentation.
  
• Stakeholder Engagement
  Liaise with acquired entities’ technology teams to clarify expectations, dependencies, timelines, and technical requirements. Facilitate technical workshops, knowledge‑sharing sessions, and deep‑dive discussions. Maintain effective communication with internal stakeholders across multiple regions and time zones.
  
• Communication & Documentation
  Prepare formal reports, technical assessments, and executive‑ready presentations. Deliver clear and concise verbal briefings, ensuring concepts are communicated in accessible and structured English. Maintain high documentation standards consistent with organisational governance requirements.
  

• 
  
• Technical Requirements
  Proven experience in technical M&A, IT due diligence, cybersecurity assessment, or technical integration. Strong understanding of networking and cybersecurity across OSI Layers 2–7, including routing, switching, DNS, encrypted traffic inspection, identity, and application behaviour. Hands‑on familiarity with tools such as EDR/XDR, SIEM, DLP, IAM/PAM, logging platforms, and vulnerability management technologies.
  
• Communication & Interpersonal Skills
  Excellent written communication and professional report‑writing ability. Clear, fluent spoken English with strong diction — essential for communication with teams where English is not the first language. Strong presentation skills and experience engaging senior stakeholders.
  
• General Requirements
  Bachelor’s degree in Computer Science, Cybersecurity, Engineering or equivalent professional experience. Strong analytical and problem‑solving abilities, with attention to detail. Ability to work in a high‑paced environment and manage multiple concurrent assessments.
  

• 
  
• Advanced technical certifications, such as GIAC: GSEC, GCIA, GPEN, GREM, GCIH, GCFA; Offensive Security: OSCP, OSWP, OSEP; Cisco: CCNA, CCNP Security, CCIE Security; Microsoft: Azure Security Engineer (AZ‑500), Cybersecurity Architect (SC‑100); AWS: Security Specialty.
  
• Experience using EDR/XDR, SIEM, DLP, NGFW/WAF, IAM/PAM, packet analysis, and cloud security tooling.
  
• Strong understanding of network protocols, traffic analysis, packet capture inspection, and encrypted traffic inspection concepts.
  
• Experience with cloud identity technologies, tenant‑to‑tenant migrations, and identity federation (SAML, OAuth, OIDC).
  
• Knowledge of endpoint hardening and secure configuration baselines across Windows, Linux, and network devices. xcfaprz
  
• Ability to technically validate remediation, uplift, and integration configurations at network, identity, cloud, and endpoint levels.