Photon

A technology firm in Glasgow is seeking a skilled developer to support the modernization of legacy WCF services. The role involves developing and maintaining RESTful WebAPI endpoints and producing clear technical documentation. Ideal candidates will have strong skills in C#, WebAPI, and a solid understanding of OOP concepts and design patterns. Additionally, experience with MS SQL Server and strong communication abilities are essential. This position offers a unique opportunity to engage in impactful projects and collaborate with diverse teams.

Support the WCF end of life workstream by modernising and replacing legacy WCF services. Develop and maintain RESTful WebAPI endpoints and refactor existing service logic. Produce clear technical documentation and collaborate with developers, QA and SMEs to deliver stable replacements. Must have C#, WebAPI Strong understanding of OOP and design patterns Knowledge of .NET Framework 3.5+ Good understanding of CI/CD practices and tooling Experience with MS SQL Server (T SQL, Stored Procedures, Triggers, Functions, SSIS), XML/ETL frameworks, data warehousing Strong written and verbal communication skills Ability to draft technical specifications and justify design decisions with stakeholders

Responsibilities Infrastructure as Code (IaC) Design, implement, and manage infrastructure as code using Terraform for GCP environments. Ensure infrastructure configurations are scalable, reliable, and follow best practices. GCP Platform Management Architect and manage GCP environments, including compute, storage, and networking components. Collaborate with cross functional teams to understand requirements and provide scalable infrastructure solutions. Vertex AI Integration Work closely with data scientists and AI specialists to integrate and optimize solutions using Vertex AI on GCP. Implement and manage machine learning pipelines and models within the Vertex AI environment. BigQuery Storage Design and optimize data storage solutions using BigQuery Storage. Collaborate with data engineers and analysts to ensure efficient data processing and analysis. Wiz Security Control Integration Integrate and configure Wiz Security Control for continuous security monitoring and compliance checks within GCP environments. Collaborate with security teams to implement and enhance security controls. Automation and Tooling Implement automation and tooling solutions for monitoring, scaling, and managing GCP resources. Develop and maintain scripts and tools to streamline operational tasks. Security and Compliance Implement security best practices in GCP environments, including identity and access management, encryption, and compliance controls. Must understand the Policies as a Code in GCP. Perform regular security assessments and audits. Requirements Bachelor's Degree Bachelor's degree in Computer Science, Information Technology, or a related field. GCP Certification GCP Professional Cloud Architect or similar certifications are highly desirable. Infrastructure as Code Proven experience with Infrastructure as Code (IaC) using Terraform for GCP environments. Vertex AI and BigQuery Hands on experience with Vertex AI for generative AI solutions and BigQuery for data storage and analytics. Wiz Security Control Experience with Wiz Security Control and its integration for continuous security monitoring in GCP environments. GCP Services In depth knowledge of various GCP services, including Compute Engine, Cloud Storage, VPC, and IAM. Automation Tools Proficiency in scripting languages (e.g., Python, Bash) and automation tools for GCP resource management. Security and Compliance Strong understanding of GCP security best practices and compliance standards. Collaboration Skills Excellent collaboration and communication skills, with the ability to work effectively in a team oriented environment.

Job Summary We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and mitigate potential threats in our cloud-based infrastructure. The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands on experience in AWS security, threat modeling, and a passion for securing cloud native applications. Key Responsibilities Threat Modeling & Risk Assessments Lead the development of threat models for AWS based applications and infrastructure. Conduct regular threat assessments and risk analyses for new and existing systems. Collaborate with development, architecture, and DevOps teams to design security into the cloud native architecture. Create detailed reports, diagrams, and other documentation to communicate threat models, risk levels, and mitigation strategies. Security Architecture & Best Practices Define security requirements for cloud based applications and infrastructure, ensuring alignment with AWS security best practices. Work closely with engineering teams to integrate security controls throughout the software development lifecycle (SDLC). Evaluate and recommend security tools, platforms, and frameworks for effective threat detection, prevention, and response. Cloud Security Leadership Serve as the subject matter expert on AWS security and threat modeling methodologies. Provide guidance on cloud security principles, including identity and access management (IAM), data protection, network security, and incident response in AWS environments. Stay current on the latest cloud security trends, AWS security features, and emerging threats. Collaboration & Cross-functional Communication Partner with other security leaders to ensure security considerations are integrated into all stages of development and deployment. Assist in building a culture of security awareness across engineering and operations teams. Lead workshops and training sessions to raise security awareness and improve threat modeling practices within the organization. Incident Response & Vulnerability Management Lead post incident reviews related to security breaches or vulnerabilities in AWS infrastructure. Assist in the identification and resolution of security vulnerabilities related to AWS resources. Collaborate with the Incident Response team to help identify root causes and implement lessons learned. Required Qualifications Education: Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications or equivalent practical experience is a plus. Experience: 7+ years of experience in information security, with a focus on AWS cloud security, threat modeling, and risk management. Proven experience leading threat modeling exercises and designing secure systems within AWS. Proven experience with Wiz, Turbot, Custom Rego Policies, Custom Org Constraints, and AWS GraphQL. Deep knowledge of AWS security services (e.g., AWS IAM, VPC, KMS, GuardDuty, Security Hub, Inspector). Hands on experience with cloud native security tools, frameworks, and standards (e.g., CIS AWS Foundations Benchmark, NIST, OWASP). Experience with secure SDLC practices and DevSecOps methodologies. Technical Skills: Strong knowledge of threat modeling methodologies (e.g., STRIDE, PASTA, OCTAVE). Familiarity with cloud native security tools for monitoring, vulnerability management, and threat detection. Understanding of encryption, tokenization, and data protection strategies in the cloud. Expertise in IAM and access controls, including role based access control (RBAC), policies, and permissions in AWS. Certifications (Preferred): AWS Certified Security - Specialty. Certified Information Systems Security Professional (CISSP). Certified Cloud Security Professional (CCSP). Certified Information Security Manager (CISM).

Photon is seeking an Infrastructure Engineer to design and manage infrastructure as code using Terraform for GCP. You will work closely with cross-functional teams to implement and optimize GCP environments, including Vertex AI and BigQuery. The ideal candidate has a Bachelor's degree in Computer Science and experience with automation tools and security best practices in GCP. Excellent collaboration skills are essential for this role.

Photon is seeking a passionate QA Engineer to ensure the quality and security of Google Cloud Identity. The role involves designing and executing test plans, manual and automated testing across various platforms, and collaborating with developers to enhance IAM solutions. The ideal candidate has 3+ years of experience in software testing, strong analytical skills, and excellent communication abilities. Join Photon to play a crucial role in delivering robust security solutions.

Photon in the United Kingdom is looking for a Senior Jira Administrator to design, build, and maintain solutions across the Atlassian platform. You will integrate tools with enterprise systems and advise on platform strategy. The role requires proven experience with Atlassian products, strong analytical skills, and excellent communication abilities. Join a dynamic team focused on enhancing collaboration and innovation through technical solutions.

Job Description We are seeking a skilled and experienced DevSecOps Engineer with a strong specialization in Google Cloud Platform (GCP) to join our dynamic team. In this role, you will play a pivotal role in ensuring the security and integrity of our software development processes on GCP. Your expertise in GCP, Rego policies, and Terraform will be instrumental in building a secure and efficient development pipeline. Responsibilities Develop, implement, and maintain Rego policies to enforce security controls and compliance standards within our GCP infrastructure and applications. Collaborate with development and operations teams to integrate security into the GCP-focused CI/CD pipeline, ensuring security checks and scans are automated and seamlessly incorporated. Leverage your GCP expertise to architect and implement secure microservices and containerized applications, ensuring compliance with GCP security best practices. Design and implement infrastructure-as-code (IaC) using Terraform to define and manage GCP resources securely and efficiently. Perform thorough security assessments on GCP environments, utilizing GCP-specific security tools and technologies, to identify and address potential vulnerabilities. Conduct threat modeling and risk assessments for GCP deployments, designing effective security solutions tailored to GCP services. Collaborate with cross-functional teams to respond to GCP-specific security incidents promptly, conduct root cause analysis, and implement corrective actions. Stay current with GCP advancements, industry security trends, and best practices, sharing knowledge and insights with team members. Drive a culture of security awareness specific to GCP environments, ensuring security considerations are integrated throughout development. Requirements Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). Proven experience as a DevSecOps Engineer with a strong focus on GCP Expertise in Rego policies and policy-as-code practices especially with implementation in GCP. THIS IS AN ABSOLUTE MUST In-depth understanding of GCP services, security controls, and best practices. Proficiency in using GCP-specific security tools, vulnerability scanners, and penetration testing tools. Experience with Wiz and its integration for continuous security monitoring in GCP environments. Strong experience with infrastructure-as-code (IaC) using Terraform for GCP resource provisioning and management. Familiarity with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI/CD) with GCP integrations. Solid knowledge of GCP security frameworks, standards, and compliance requirements. Strong understanding of container security in GCP and experience securing microservices. Excellent communication and collaboration skills, with a proven ability to work effectively in cross-functional teams. Relevant GCP certifications such as Google Professional DevOps Engineer, Google Professional Cloud Security Engineer, or similar certifications are highly advantageous. If you're enthusiastic about combining your GCP expertise, Rego policies knowledge, and Terraform skills to shape a secure GCP development environment, we invite you to join our team and drive our GCP-focused software security initiatives forward.

Photon is seeking a skilled DevSecOps Engineer specializing in Google Cloud Platform (GCP). You will ensure software security through Rego policies, automated CI/CD pipeline integration, and infrastructure-as-code using Terraform. Ideal candidates have proven GCP experience, strong knowledge of security best practices, and relevant GCP certifications. Join us to drive secure software development initiatives in a dynamic team environment focused on GCP solutions.