The Infrastructure team resides within the innovative and progressive Digital and Technology Directorate and is embedded in a major and exciting three year legacy displacement programme. The directorate is a welcoming group of over 100 multidisciplinary professionals, all focused on building, delivering and supporting secure, modern and efficient digital and technology services. This role leads the infrastructure team with responsibility for the design, implementation, administration and support of infrastructure and digital solutions and services and the effective deployment of resources. About the Role We are looking for an accomplished Digital and Technology Infrastructure Services Manager to join us and lead a team of engineers and their workload. You'll mentor, coach and help develop the team as well as work-load manage business as usual with projects. This is a great opportunity for you to apply your broad skills across a range of systems and services and to provide technical leadership, working collaboratively with key stakeholders and external parties in supporting and working closely with Digital and Technology teams, security advisors and senior management to provide solutions design, expertise and assurance to projects and programmes. You will help develop and maintain Digital and Technology infrastructure and platform policies and procedures, and work with senior management to develop the cyber security strategy. SC-level Security Clearance or willingness to obtain SC clearance is mandatory for this role and requires that you have lived in the UK for the last 3 years. The length of required residency may depend on individual circumstances. About You We are looking for a self-motivated and enthusiastic senior manager who will play a major role in the delivery of Digital and Technology services, from legacy system improvements / replacements through to digital and IT transformation. You will work closely with the various Digital teams and the Cyber Security team to design, create and improve new and existing products and services and you will work with business users, delivery teams and suppliers to identify and resolve issues and user needs. You must have very good, broad experience and knowledge of working in a Digital and Technology support environment using a variety of tools to support the management and delivery of production services. You should have experience across all IT service delivery activities including service management, incident management, change management, release management, configuration management, continual service improvement and customer satisfaction as well as playing a role in ensuring the highest levels of operational service delivery. A key part of this role is core infrastructure lifecycle management, ensuring clear and effective roadmaps and taking responsibility for their upgrades or replacements as required. Aligned with this is working with partners to help deliver the service and contract management of these third parties, including support and maintenance contract renewals. The role incorporates budget responsibility for the infrastructure and associated services, working alongside Finance and Procurement colleagues on renewals and supplier performance management. In addition to the activities outlined above, you must have people management experience to lead a team of infrastructure engineers, delivering a range of IT services. Benefits • You will be based in a beautiful setting by the River Thames in Kew with staff parking and good transport links. • An opportunity to work a hybrid working pattern • A comprehensive benefits scheme including a generous Civil Service pension, a subsidised on-site coffee shop and restaurant, season ticket loans, on-site gym and clubs. • 25 days leave rising incrementally to 30 days after six years (plus 10.5 days public and privilege holidays each year) • Excellent training and development opportunities tailored to your role and an agreed development plan. • Influencing the strategic objectives and the opportunity to define, design and implement improvements. • An opportunity to use or learn a wide range of skills. This is a full time post. However, requests for part-time working, flexible working and job share will be considered, taking into account at all times the operational needs of the Department. A combination of onsite and home working is available and applicants should be able to regularly travel to our Kew site for a minimum of 60% of their work time. Application Process: Interviews: Interviews will be held onsite, no earlier than week commencing 4th May Applications: You will be asked to provide answers to 5 questions relating to the key requirements for the role, and to provide your work history. Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please visit the Civil Service Careers website where you can find further information on the use of AI in the application guidance section. Sponsorship: We are unable to offer sponsorship for this role.
02/04/2026
Full time
The Infrastructure team resides within the innovative and progressive Digital and Technology Directorate and is embedded in a major and exciting three year legacy displacement programme. The directorate is a welcoming group of over 100 multidisciplinary professionals, all focused on building, delivering and supporting secure, modern and efficient digital and technology services. This role leads the infrastructure team with responsibility for the design, implementation, administration and support of infrastructure and digital solutions and services and the effective deployment of resources. About the Role We are looking for an accomplished Digital and Technology Infrastructure Services Manager to join us and lead a team of engineers and their workload. You'll mentor, coach and help develop the team as well as work-load manage business as usual with projects. This is a great opportunity for you to apply your broad skills across a range of systems and services and to provide technical leadership, working collaboratively with key stakeholders and external parties in supporting and working closely with Digital and Technology teams, security advisors and senior management to provide solutions design, expertise and assurance to projects and programmes. You will help develop and maintain Digital and Technology infrastructure and platform policies and procedures, and work with senior management to develop the cyber security strategy. SC-level Security Clearance or willingness to obtain SC clearance is mandatory for this role and requires that you have lived in the UK for the last 3 years. The length of required residency may depend on individual circumstances. About You We are looking for a self-motivated and enthusiastic senior manager who will play a major role in the delivery of Digital and Technology services, from legacy system improvements / replacements through to digital and IT transformation. You will work closely with the various Digital teams and the Cyber Security team to design, create and improve new and existing products and services and you will work with business users, delivery teams and suppliers to identify and resolve issues and user needs. You must have very good, broad experience and knowledge of working in a Digital and Technology support environment using a variety of tools to support the management and delivery of production services. You should have experience across all IT service delivery activities including service management, incident management, change management, release management, configuration management, continual service improvement and customer satisfaction as well as playing a role in ensuring the highest levels of operational service delivery. A key part of this role is core infrastructure lifecycle management, ensuring clear and effective roadmaps and taking responsibility for their upgrades or replacements as required. Aligned with this is working with partners to help deliver the service and contract management of these third parties, including support and maintenance contract renewals. The role incorporates budget responsibility for the infrastructure and associated services, working alongside Finance and Procurement colleagues on renewals and supplier performance management. In addition to the activities outlined above, you must have people management experience to lead a team of infrastructure engineers, delivering a range of IT services. Benefits • You will be based in a beautiful setting by the River Thames in Kew with staff parking and good transport links. • An opportunity to work a hybrid working pattern • A comprehensive benefits scheme including a generous Civil Service pension, a subsidised on-site coffee shop and restaurant, season ticket loans, on-site gym and clubs. • 25 days leave rising incrementally to 30 days after six years (plus 10.5 days public and privilege holidays each year) • Excellent training and development opportunities tailored to your role and an agreed development plan. • Influencing the strategic objectives and the opportunity to define, design and implement improvements. • An opportunity to use or learn a wide range of skills. This is a full time post. However, requests for part-time working, flexible working and job share will be considered, taking into account at all times the operational needs of the Department. A combination of onsite and home working is available and applicants should be able to regularly travel to our Kew site for a minimum of 60% of their work time. Application Process: Interviews: Interviews will be held onsite, no earlier than week commencing 4th May Applications: You will be asked to provide answers to 5 questions relating to the key requirements for the role, and to provide your work history. Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please visit the Civil Service Careers website where you can find further information on the use of AI in the application guidance section. Sponsorship: We are unable to offer sponsorship for this role.
Vacancy at Subsea Technology & Rentals (STR) Details Summary Due to continued growth we are seeking a commercially focused IT Manager to lead global technology and systems with a strong emphasis on vendor and outsourced service management. Reporting to the CFO, you will ensure reliable, secure, and scalable IT services across multiple locations. You will act as the central orchestrator of IT delivery, driving supplier performance and maintaining robust infrastructure and cyber security standards. This newly created role is key to supporting business growth through efficient, cost effective technology and system solutions. Principal Accountabilities Overseeing the planning and maintenance of networks and cloud services to ensure high availability for solutions, which are critical for business operations. Ensuring international multi-site standardisation for hardware and connectivity. Managing global data protection and implementing disaster recovery plans to mitigate risks across different regulatory jurisdictions. Overseeing the IT department's budget, focusing on cost-efficiency and ROI for hardware and software licensing. Negotiating and managing global contracts with third-party providers and ensuring strictly imposed SLAs. Conduct monthly performance reviews. Ensure an integrated Level 1 (Helpdesk), Level 2 (Technical) and Level 3 (Expert) support model is in place and effective for IT infrastructure and systems. Maintain a library of 'How-To' guides. Ensure new starters receive appropriate information and training. Act as a gatekeeper for changes. Ensure release and change governance (testing, change approval) have been followed. Maintain an IT infrastructure and services blueprint to allow rapid onboarding of new international acquisitions. Manage suppliers in the implementation of new site setup. Requirements of Role 3+ years IT management experience in asset-heavy or logistics sector (rental, construction, transport) Outsource experience: proven track record of managing MSP contracts. Technical knowledge: understanding of Cloud infrastructure (e.g. Azure) Supporting a geographically diverse operation from a UK base. Benefits Private medical insurance , including dental and vision Wellbeing package such as additional paid leave day per year, enhanced sick pay and lunch and learns. Comprehensive, ongoing training and development programmes such as STR Academy Charity/community events
19/05/2026
Full time
Vacancy at Subsea Technology & Rentals (STR) Details Summary Due to continued growth we are seeking a commercially focused IT Manager to lead global technology and systems with a strong emphasis on vendor and outsourced service management. Reporting to the CFO, you will ensure reliable, secure, and scalable IT services across multiple locations. You will act as the central orchestrator of IT delivery, driving supplier performance and maintaining robust infrastructure and cyber security standards. This newly created role is key to supporting business growth through efficient, cost effective technology and system solutions. Principal Accountabilities Overseeing the planning and maintenance of networks and cloud services to ensure high availability for solutions, which are critical for business operations. Ensuring international multi-site standardisation for hardware and connectivity. Managing global data protection and implementing disaster recovery plans to mitigate risks across different regulatory jurisdictions. Overseeing the IT department's budget, focusing on cost-efficiency and ROI for hardware and software licensing. Negotiating and managing global contracts with third-party providers and ensuring strictly imposed SLAs. Conduct monthly performance reviews. Ensure an integrated Level 1 (Helpdesk), Level 2 (Technical) and Level 3 (Expert) support model is in place and effective for IT infrastructure and systems. Maintain a library of 'How-To' guides. Ensure new starters receive appropriate information and training. Act as a gatekeeper for changes. Ensure release and change governance (testing, change approval) have been followed. Maintain an IT infrastructure and services blueprint to allow rapid onboarding of new international acquisitions. Manage suppliers in the implementation of new site setup. Requirements of Role 3+ years IT management experience in asset-heavy or logistics sector (rental, construction, transport) Outsource experience: proven track record of managing MSP contracts. Technical knowledge: understanding of Cloud infrastructure (e.g. Azure) Supporting a geographically diverse operation from a UK base. Benefits Private medical insurance , including dental and vision Wellbeing package such as additional paid leave day per year, enhanced sick pay and lunch and learns. Comprehensive, ongoing training and development programmes such as STR Academy Charity/community events
Requirements People who thrive at Flagright: Have been knocked down before and gotten back up Are resourceful-they figure things out with whatever tools are available Have strong opinions and can defend them Learn fast because they're hungry Want to work with no-BS people building something important A strong B2B SaaS content strategist and writer-editor, not a generic blog manager Experience in complex products or regulated categories such as fintech, regtech, fraud, AML, risk, infrastructure, cybersecurity, or similar Strong at interviewing subject matter experts, challenging vague inputs, and extracting concrete insights quickly Brings strong editorial judgment and understands what makes content credible to enterprise buyers Focused on creating decision shaping assets, not high volume, low impact content Comfortable owning both strategy and execution in an early stage environment Works effectively cross functionally without requiring constant direction Capable of setting editorial standards and scaling quality, including mentoring additional writers over time (Desirable) Background in paralegal work, compliance research, investigative journalism, analyst research, or another research intensive environment (Desirable) Experience writing from primary sources such as regulations, policy documents, enforcement actions, technical docs, product data, or customer interviews (Desirable) Exposure to fintech, financial crime, payments, banking infrastructure, or trust heavy B2B categories What the job involves Our Marketing team drives our brand presence across target markets. From customer engagements to integrated campaigns, they champion Flagright's story, drive pipeline acceleration, and help customers discover our value through strategic, impactful programs We are hiring a Technical Content Lead to lead and elevate how we communicate with enterprise buyers. You will turn product depth, customer reality, and market insight into content that shapes decisions, not just generates traffic You will work closely with internal teams to extract real insight and convert it into high quality assets that are accurate, differentiated, and useful in live deals You will raise the bar across all content, bring structure to content production, and ensure publications reflects the level of rigor and clarity expected by technical and enterprise audiences Manage editorial strategy for technical and commercial content across enterprise and selected mid market priorities Translate GTM narratives, product capabilities, launches, and buyer pain points into high quality assets used by both buyers and sales teams Lead creation of flagship content, including client stories, technical explainers, thought leadership, reports, and webinar scripts Partner closely with GTM, Product, Sales, and Solutions team to extract insights and convert them into clear, accurate, and commercially relevant content Elevate existing content by rewriting weak pages, sharpening messaging, and improving how technical value is communicated Build and manage the content production system, including briefs, editorial calendar, review workflows, source gathering, and publishing standards Develop a repeatable approach to client proof, including case studies, quotes, proof points, and sales enablement assets Ensure all content is accurate, differentiated, and valuable for enterprise evaluation, not generic traffic driven output Collaborate with distribution teams to ensure flagship content is effectively packaged and promoted post publication
19/05/2026
Full time
Requirements People who thrive at Flagright: Have been knocked down before and gotten back up Are resourceful-they figure things out with whatever tools are available Have strong opinions and can defend them Learn fast because they're hungry Want to work with no-BS people building something important A strong B2B SaaS content strategist and writer-editor, not a generic blog manager Experience in complex products or regulated categories such as fintech, regtech, fraud, AML, risk, infrastructure, cybersecurity, or similar Strong at interviewing subject matter experts, challenging vague inputs, and extracting concrete insights quickly Brings strong editorial judgment and understands what makes content credible to enterprise buyers Focused on creating decision shaping assets, not high volume, low impact content Comfortable owning both strategy and execution in an early stage environment Works effectively cross functionally without requiring constant direction Capable of setting editorial standards and scaling quality, including mentoring additional writers over time (Desirable) Background in paralegal work, compliance research, investigative journalism, analyst research, or another research intensive environment (Desirable) Experience writing from primary sources such as regulations, policy documents, enforcement actions, technical docs, product data, or customer interviews (Desirable) Exposure to fintech, financial crime, payments, banking infrastructure, or trust heavy B2B categories What the job involves Our Marketing team drives our brand presence across target markets. From customer engagements to integrated campaigns, they champion Flagright's story, drive pipeline acceleration, and help customers discover our value through strategic, impactful programs We are hiring a Technical Content Lead to lead and elevate how we communicate with enterprise buyers. You will turn product depth, customer reality, and market insight into content that shapes decisions, not just generates traffic You will work closely with internal teams to extract real insight and convert it into high quality assets that are accurate, differentiated, and useful in live deals You will raise the bar across all content, bring structure to content production, and ensure publications reflects the level of rigor and clarity expected by technical and enterprise audiences Manage editorial strategy for technical and commercial content across enterprise and selected mid market priorities Translate GTM narratives, product capabilities, launches, and buyer pain points into high quality assets used by both buyers and sales teams Lead creation of flagship content, including client stories, technical explainers, thought leadership, reports, and webinar scripts Partner closely with GTM, Product, Sales, and Solutions team to extract insights and convert them into clear, accurate, and commercially relevant content Elevate existing content by rewriting weak pages, sharpening messaging, and improving how technical value is communicated Build and manage the content production system, including briefs, editorial calendar, review workflows, source gathering, and publishing standards Develop a repeatable approach to client proof, including case studies, quotes, proof points, and sales enablement assets Ensure all content is accurate, differentiated, and valuable for enterprise evaluation, not generic traffic driven output Collaborate with distribution teams to ensure flagship content is effectively packaged and promoted post publication
Requirements 10 to 15 years of relevant experience (e.g., Software vendor Architect, CTO at a top consulting firm, or Enterprise Architect at a customer) Proven ability to think strategically, connecting technical solutions to business value and customer objectives Excellent written and verbal communication skills, with a proven track record of presenting complex technical concepts and strategic visions to C-level executives Demonstrated experience in Capability Mapping, Enterprise Modernization, and a strong understanding of Agentic AI Strong understanding of cloud-native architectures, SaaS solutions, ERP (SAP Salesforce, Dynamics CRM, ServiceNow), cybersecurity posture fundamentals, API ecosystems, along with legacy on-premise enterprise architectures Strong background in Data Architecture, Integrations patterns, and a development background in data-related languages (SQL, Python, etc.) Strong technical background with a focus on system integrations, data operations, and automation capabilities The ability to comfortably switch from explaining an architecture diagram to an environment where you have coded or assembled a demo of that architecture MSc degree in Computer Science or an equivalent in an Information Technology-related field Fluency in English is required; an additional language such as Spanish, German, French or Italian is a strong advantage (Desirable) Celonis Certifications and Experience with OCPM and Case Centric Data Pipelines (Desirable) AWS/Azure/GCP Certifications (Desirable) ESB / ETL Certifications (Mulesoft, Oracle, SAP, Talend, Informatica) (Desirable) TOGAF/Zachmann Certification (Desirable) Experience in at least two domains among: Finance, Manufacturing, Supply Chain, Customer/Consumer Management (Service, Order Management, Sales), HR, Procurement (Desirable) Experience in at least two industries among: Consumer Goods, Banking, Pharma, Aerospace, Telco, Transport What the job involves We are looking for a curious, smart, and "learn it all" Architect with proven experience and a passion for designing transformative solution architectures for our prospects and customers This high-impact role demands a unique blend of deep technical expertise and executive presence, requiring you to confidently present to C-level executives and translate their strategic goals into actionable technical plans You will work with technical teams at our prospects and customers to design architectures that drive enterprise modernization, leveraging techniques like capability mapping and exploring innovative solutions with Agentic AI Your primary goal is to support our growing sales team in achieving revenue goals by unlocking technical blockers and partnering closely with our Sales, Value Engineering, Product Management, Data Ops, and Information Security teams You will be responsible for supporting engagements with new prospects as well as existing customers that look to expand their footprint. Measures of success include new customer acquisition rates, retention, up-selling, and contribution to overall sales team and business success Lead and define the overall architecture, data, and cloud strategy for our largest client accounts, leveraging expertise like enterprise modernization and capability mapping Confidently engage with and present to customer C-level executives, aligning their strategic objectives with the Celonis technical strategy Drive innovation by identifying and architecting solutions that leverage emergent technologies, including Agentic AI Be the bridge between our product & engineering teams within Celonis and the client's teams to provide the best technical services Assess the IT landscape maturity of our customer installed base for the region Participate in pre-Sales and post-Sales phases by engaging with customer Architecture and security teams Coach and guide Celonis consulting teams and ecosystem partners on technical implementation issues such as architecture, integration, performance, and scalability Develop re-usable assets for the consulting teams on projects Develop customer-facing position papers, assets, and thought leadership presentations on architecture and innovation with Celonis Create technical designs and presentations for internal and client stakeholders
19/05/2026
Full time
Requirements 10 to 15 years of relevant experience (e.g., Software vendor Architect, CTO at a top consulting firm, or Enterprise Architect at a customer) Proven ability to think strategically, connecting technical solutions to business value and customer objectives Excellent written and verbal communication skills, with a proven track record of presenting complex technical concepts and strategic visions to C-level executives Demonstrated experience in Capability Mapping, Enterprise Modernization, and a strong understanding of Agentic AI Strong understanding of cloud-native architectures, SaaS solutions, ERP (SAP Salesforce, Dynamics CRM, ServiceNow), cybersecurity posture fundamentals, API ecosystems, along with legacy on-premise enterprise architectures Strong background in Data Architecture, Integrations patterns, and a development background in data-related languages (SQL, Python, etc.) Strong technical background with a focus on system integrations, data operations, and automation capabilities The ability to comfortably switch from explaining an architecture diagram to an environment where you have coded or assembled a demo of that architecture MSc degree in Computer Science or an equivalent in an Information Technology-related field Fluency in English is required; an additional language such as Spanish, German, French or Italian is a strong advantage (Desirable) Celonis Certifications and Experience with OCPM and Case Centric Data Pipelines (Desirable) AWS/Azure/GCP Certifications (Desirable) ESB / ETL Certifications (Mulesoft, Oracle, SAP, Talend, Informatica) (Desirable) TOGAF/Zachmann Certification (Desirable) Experience in at least two domains among: Finance, Manufacturing, Supply Chain, Customer/Consumer Management (Service, Order Management, Sales), HR, Procurement (Desirable) Experience in at least two industries among: Consumer Goods, Banking, Pharma, Aerospace, Telco, Transport What the job involves We are looking for a curious, smart, and "learn it all" Architect with proven experience and a passion for designing transformative solution architectures for our prospects and customers This high-impact role demands a unique blend of deep technical expertise and executive presence, requiring you to confidently present to C-level executives and translate their strategic goals into actionable technical plans You will work with technical teams at our prospects and customers to design architectures that drive enterprise modernization, leveraging techniques like capability mapping and exploring innovative solutions with Agentic AI Your primary goal is to support our growing sales team in achieving revenue goals by unlocking technical blockers and partnering closely with our Sales, Value Engineering, Product Management, Data Ops, and Information Security teams You will be responsible for supporting engagements with new prospects as well as existing customers that look to expand their footprint. Measures of success include new customer acquisition rates, retention, up-selling, and contribution to overall sales team and business success Lead and define the overall architecture, data, and cloud strategy for our largest client accounts, leveraging expertise like enterprise modernization and capability mapping Confidently engage with and present to customer C-level executives, aligning their strategic objectives with the Celonis technical strategy Drive innovation by identifying and architecting solutions that leverage emergent technologies, including Agentic AI Be the bridge between our product & engineering teams within Celonis and the client's teams to provide the best technical services Assess the IT landscape maturity of our customer installed base for the region Participate in pre-Sales and post-Sales phases by engaging with customer Architecture and security teams Coach and guide Celonis consulting teams and ecosystem partners on technical implementation issues such as architecture, integration, performance, and scalability Develop re-usable assets for the consulting teams on projects Develop customer-facing position papers, assets, and thought leadership presentations on architecture and innovation with Celonis Create technical designs and presentations for internal and client stakeholders
Working hours: 35 hours per week, Monday to Friday Duration: Permanent Location: Gloucester Job Ref: 204987 About the role Benefact Group are looking for a Operational Resilience Manager to join our Gloucester office. To lead the ongoing evolution, optimisation and practical application of the company's Operational Resilience framework. This role ensures the organisation is prepared to prevent, respond to, recover and learn from disruptive incidents, in compliance with regulatory requirements and alignment with industry best practices. This includes aligning to the spirit and direction of FCA/PRA expectations across a multi-entity group. Why join us? Join a collaborative and inclusive culture that's committed to making a difference and building a more sustainable future. Ranked amongst the UK's 15 Best Big Companies to Work For in 2025, we offer fantastic career and development opportunities within a rapidly growing, innovative Group - where all profits go to charity and good causes. What you'll be doing Lead the ongoing evolution of the Operational Resilience framework, ensuring alignment with regulatory standards, horizon scanning and organisational strategy. Own and run the annual Operational Resilience cycle ensuring outputs are robust, evidenced and ready for Board, Audit and Regulatory scrutiny, including the review and documentation of Important Business Services, Impact Tolerances and end to end service mapping and analysis. Design and deliver advanced resilience testing programmes; including severe but plausible scenario tests, and crisis simulations to assess and strengthen resilience capabilities. Ensure that exercises are challenging, well documented and drive change. Coordinate incident response and post incident reviews, providing clear insights and ensuring lessons learned translate into measurable improvements. Build strong relationships with service owners and enhance capability and organisation wide resilience awareness through training, guidance and expert support. Provide constructive challenge and expert guidance to stakeholders across the organisation. What you'll need to have Proven experience in leading Operational Resilience functions within general insurance or financial services (Business Continuity & Crisis Management desirable). Deep understanding of Operational Resilience principles and methodologies Familiarity with IT resilience concepts including cyber security, data protection and technology recovery Experience of crisis management and incident response during disruption events Experience in/ capable of working and communicating with colleagues at all levels, including Senior Management, using knowledge, experience and credibility to influence and lead change Strong analytical and project management capabilities Degree in Risk Management, Business, IT, or related field Professional certifications such as CBCI, MBCI, ISO 22301 Lead Implementer or Auditor. Ability to travel occasionally & willingness to participate in out of hours crisis response as required What makes you stand out Strong knowledge of UK regulatory requirements (FCA, PRA, Solvency II) Experience working with third party risk and supply chain resilience Insurance qualifications What we offer A competitive salary - let's discuss it Hybrid working Group Personal Pension - up to 12% employer contribution Generous annual bonus scheme: on target bonus between 7.5% and 30% 28 days annual leave plus bank holidays, and a holiday buy and sell scheme An array of health and wellbeing benefits, including private healthcare, income protection and life assurance £200 annual personal grant to a charity of your choice Encouraged to take at least one volunteering day per year Employee Assistance Programme Full study support to gain professional qualifications Access to virtual GP Enhanced maternity and paternity pay Hear from the hiring manager "This is a key opportunity to lead and continuously enhance the organisation's Operational Resilience framework, ensuring we can withstand, respond to and recover from disruption while meeting evolving regulatory expectations. You'll play a central role in strengthening resilience capabilities across the business, shaping strategy, influencing senior leaders to develop a more robust and resilient organisation." About us Benefact Group is a unique international financial services Group made up of over 30 businesses. We are owned by a charity and have been the 3rd largest UK corporate donor over a decade , having given away £250 million since 2014. We have ambitious plans to become the UK's number one corporate donor, with strategic objectives in place to double the Group's size. We believe it's essential to attract, empower, grow and reward talented people, offering fantastic opportunities for career and personal development. Our giving ethos, 135-year history and the diversity of what we do, has enabled us to build a culture of kindness, great ambition, and of passionate people driven to do better and be better. At Benefact Group, we are committed to creating an inclusive culture and building an environment where each and every one of us feels valued and respected. We are a community made up of people with a range of different backgrounds, abilities, perspectives, beliefs and interests and we value the strength this brings to us as a Group. We welcome applications from everyone. If you need any additional support during the recruitment process, then please let us know. Directory of Social Change's UK Guides to Company Giving 2017-26
19/05/2026
Full time
Working hours: 35 hours per week, Monday to Friday Duration: Permanent Location: Gloucester Job Ref: 204987 About the role Benefact Group are looking for a Operational Resilience Manager to join our Gloucester office. To lead the ongoing evolution, optimisation and practical application of the company's Operational Resilience framework. This role ensures the organisation is prepared to prevent, respond to, recover and learn from disruptive incidents, in compliance with regulatory requirements and alignment with industry best practices. This includes aligning to the spirit and direction of FCA/PRA expectations across a multi-entity group. Why join us? Join a collaborative and inclusive culture that's committed to making a difference and building a more sustainable future. Ranked amongst the UK's 15 Best Big Companies to Work For in 2025, we offer fantastic career and development opportunities within a rapidly growing, innovative Group - where all profits go to charity and good causes. What you'll be doing Lead the ongoing evolution of the Operational Resilience framework, ensuring alignment with regulatory standards, horizon scanning and organisational strategy. Own and run the annual Operational Resilience cycle ensuring outputs are robust, evidenced and ready for Board, Audit and Regulatory scrutiny, including the review and documentation of Important Business Services, Impact Tolerances and end to end service mapping and analysis. Design and deliver advanced resilience testing programmes; including severe but plausible scenario tests, and crisis simulations to assess and strengthen resilience capabilities. Ensure that exercises are challenging, well documented and drive change. Coordinate incident response and post incident reviews, providing clear insights and ensuring lessons learned translate into measurable improvements. Build strong relationships with service owners and enhance capability and organisation wide resilience awareness through training, guidance and expert support. Provide constructive challenge and expert guidance to stakeholders across the organisation. What you'll need to have Proven experience in leading Operational Resilience functions within general insurance or financial services (Business Continuity & Crisis Management desirable). Deep understanding of Operational Resilience principles and methodologies Familiarity with IT resilience concepts including cyber security, data protection and technology recovery Experience of crisis management and incident response during disruption events Experience in/ capable of working and communicating with colleagues at all levels, including Senior Management, using knowledge, experience and credibility to influence and lead change Strong analytical and project management capabilities Degree in Risk Management, Business, IT, or related field Professional certifications such as CBCI, MBCI, ISO 22301 Lead Implementer or Auditor. Ability to travel occasionally & willingness to participate in out of hours crisis response as required What makes you stand out Strong knowledge of UK regulatory requirements (FCA, PRA, Solvency II) Experience working with third party risk and supply chain resilience Insurance qualifications What we offer A competitive salary - let's discuss it Hybrid working Group Personal Pension - up to 12% employer contribution Generous annual bonus scheme: on target bonus between 7.5% and 30% 28 days annual leave plus bank holidays, and a holiday buy and sell scheme An array of health and wellbeing benefits, including private healthcare, income protection and life assurance £200 annual personal grant to a charity of your choice Encouraged to take at least one volunteering day per year Employee Assistance Programme Full study support to gain professional qualifications Access to virtual GP Enhanced maternity and paternity pay Hear from the hiring manager "This is a key opportunity to lead and continuously enhance the organisation's Operational Resilience framework, ensuring we can withstand, respond to and recover from disruption while meeting evolving regulatory expectations. You'll play a central role in strengthening resilience capabilities across the business, shaping strategy, influencing senior leaders to develop a more robust and resilient organisation." About us Benefact Group is a unique international financial services Group made up of over 30 businesses. We are owned by a charity and have been the 3rd largest UK corporate donor over a decade , having given away £250 million since 2014. We have ambitious plans to become the UK's number one corporate donor, with strategic objectives in place to double the Group's size. We believe it's essential to attract, empower, grow and reward talented people, offering fantastic opportunities for career and personal development. Our giving ethos, 135-year history and the diversity of what we do, has enabled us to build a culture of kindness, great ambition, and of passionate people driven to do better and be better. At Benefact Group, we are committed to creating an inclusive culture and building an environment where each and every one of us feels valued and respected. We are a community made up of people with a range of different backgrounds, abilities, perspectives, beliefs and interests and we value the strength this brings to us as a Group. We welcome applications from everyone. If you need any additional support during the recruitment process, then please let us know. Directory of Social Change's UK Guides to Company Giving 2017-26
Overview Expleo is a trusted partner for end to end, integrated engineering, quality services, and management consulting for digital transformation. We support organisations in harnessing technological change to deliver innovation, improve resilience, and operate securely within regulated and operationally critical environments. As part of the Expleo UK Cybersecurity Practice, you will support clients in the delivery of complex cyber and security portfolios aligned to regulatory frameworks, critical national infrastructure expectations, and long term investment programmes. The role provides senior technical leadership and delivery assurance across cyber and security initiatives, acting as a trusted advisor and technical authority to client leadership teams. You will ensure cyber initiatives are securely designed, effectively mobilised, appropriately governed, and delivered in line with organisational risk appetite, regulatory obligations, and operational priorities. This is a senior, client facing consulting role requiring autonomy, strong technical credibility, clear communication, and the ability to provide concise, decision ready advice to senior stakeholders. Responsibilities Provide senior technical leadership and delivery assurance across client cyber and security portfolios. Act as the technical authority and delivery lead for agreed cyber initiatives. Ensure cyber programmes and projects are securely designed, mobilised, governed, and delivered in line with client risk appetite and regulatory expectations. Support large scale cyber investment programmes by providing technical direction across design, build, delivery, and transition into business as usual operations. Lead and coordinate CAF and eCAF readiness activities across cyber portfolios. Interpret and map CAF/eCAF control requirements, define remediation actions, and establish evidence led assurance approaches. Develop a clear technical view of target state, control gaps, remediation priorities, and assurance expectations. Provide technical input into cyber roadmaps, including sequencing, high risk dependencies, critical milestones, and delivery priorities. Work in partnership with project, programme, and transformation teams to shape delivery sequencing and manage dependencies. Ensure cyber initiatives align with governance, risk, compliance, and regulatory obligations. Embed required security controls into solution design, delivery activity, and operational handover. Provide technical oversight of suppliers and third parties delivering cyber capabilities. Support supplier mobilisation, validate deliverables, and confirm acceptance criteria and assurance obligations. Act as a senior technical coordination point across architecture, operations, transformation, and business stakeholders. Align technical priorities, manage trade offs, and elevate design, delivery, or assurance decisions as required. Provide portfolio level insight into cyber risks, dependencies, and constraints, highlighting resilience and regulatory impacts. Support senior decision making through clear, concise advice on cyber priorities, delivery risk, and investment trade offs. Support structured transition of cyber capabilities into operational teams, ensuring ownership, support models, and processes are clearly defined. Contribute to effective change management and adoption across technology, process, and people. Maintain appropriate documentation and evidence based assurance mechanisms across cyber portfolios. Operate independently as a subject matter expert, determining delivery approach, stakeholder engagement, and cadence required to achieve outcomes. Qualifications Relevant education or industry recognised certifications in cybersecurity, information security, technology delivery, risk management, or programme delivery. Suitable qualifications may include BSc, MSc, CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, NCSC CAF experience, Security+, CySA+, PRINCE2, MSP, Agile, or equivalent professional experience. Experience working in regulated, operationally critical, or critical national infrastructure environments is highly beneficial. Essential skills Strong experience leading or assuring cyber delivery across complex portfolios or transformation programmes. Strong understanding of cyber governance, risk, compliance, and assurance in regulated environments. Practical knowledge of CAF and/or eCAF readiness, control interpretation, evidence management, and remediation planning. Ability to provide technical leadership from mobilisation through to transition into BAU. Ability to define and validate cyber scope, priorities, dependencies, risks, and control expectations. Strong understanding of security architecture, technical assurance, and control implementation. Ability to translate regulatory and risk requirements into practical delivery actions and measurable outcomes. Experience contributing to cyber roadmaps, delivery plans, milestone sequencing, and portfolio level decision making. Strong supplier and third party oversight capability. Strong stakeholder management skills, including influencing senior stakeholders and managing trade offs. Ability to produce high quality written outputs, assurance material, executive briefings, and decision papers. Strong delivery discipline and ability to operate with minimal supervision. Experience supporting sustainable transition into BAU, including ownership, support models, and operational readiness. Desired skills Experience supporting large scale regulated investment programmes or resilience initiatives. Experience operating as a senior technical partner to CIOs, Heads of Cyber, or IT Transformation leadership. Experience developing cyber portfolio views, assurance dashboards, or executive level reporting. Experience supporting cyber capability development or strategic security platform implementation. Experience embedding evidence led assurance mechanisms across delivery. Experience supporting organisational change, adoption, and cyber capability transition. Experience working within secure collaboration and documentation environments. Experience handling confidential client information in line with security, data protection, and NDA requirements. Experience Proven experience in senior cyber delivery, cyber assurance, or cyber technical authority roles. Experience supporting cyber portfolios or transformation programmes in regulated or operationally critical environments. Experience with CAF, eCAF, NIS, ISO 27001, NIST CSF, or equivalent frameworks. Experience defining technical priorities, roadmaps, control gaps, and remediation activities. Experience supporting regulatory, audit, or assurance readiness. Experience working with senior IT, cyber, architecture, operations, and transformation stakeholders. Experience managing cyber risks, dependencies, constraints, and delivery trade offs at portfolio or programme level. Experience overseeing suppliers or delivery partners implementing cyber capabilities. Experience supporting transition into BAU, including operating models, handover planning, and service ownership. Benefits Collaborative working environment - we stand shoulder to shoulder with our clients and ourpeers through good times and challenges We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects ExpleoAcademy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses Competitive company benefits Always working as one team, our people are not afraid to think big and challenge the status quo As a Disability Confident Committed Employer we have committed to: Ensure our recruitment process is inclusive and accessible Communicating and promoting vacancies Offering an interview to disabled people who meet the minimum criteria for the job Anticipating and providing reasonable adjustments as required Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people "We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age". We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive
19/05/2026
Full time
Overview Expleo is a trusted partner for end to end, integrated engineering, quality services, and management consulting for digital transformation. We support organisations in harnessing technological change to deliver innovation, improve resilience, and operate securely within regulated and operationally critical environments. As part of the Expleo UK Cybersecurity Practice, you will support clients in the delivery of complex cyber and security portfolios aligned to regulatory frameworks, critical national infrastructure expectations, and long term investment programmes. The role provides senior technical leadership and delivery assurance across cyber and security initiatives, acting as a trusted advisor and technical authority to client leadership teams. You will ensure cyber initiatives are securely designed, effectively mobilised, appropriately governed, and delivered in line with organisational risk appetite, regulatory obligations, and operational priorities. This is a senior, client facing consulting role requiring autonomy, strong technical credibility, clear communication, and the ability to provide concise, decision ready advice to senior stakeholders. Responsibilities Provide senior technical leadership and delivery assurance across client cyber and security portfolios. Act as the technical authority and delivery lead for agreed cyber initiatives. Ensure cyber programmes and projects are securely designed, mobilised, governed, and delivered in line with client risk appetite and regulatory expectations. Support large scale cyber investment programmes by providing technical direction across design, build, delivery, and transition into business as usual operations. Lead and coordinate CAF and eCAF readiness activities across cyber portfolios. Interpret and map CAF/eCAF control requirements, define remediation actions, and establish evidence led assurance approaches. Develop a clear technical view of target state, control gaps, remediation priorities, and assurance expectations. Provide technical input into cyber roadmaps, including sequencing, high risk dependencies, critical milestones, and delivery priorities. Work in partnership with project, programme, and transformation teams to shape delivery sequencing and manage dependencies. Ensure cyber initiatives align with governance, risk, compliance, and regulatory obligations. Embed required security controls into solution design, delivery activity, and operational handover. Provide technical oversight of suppliers and third parties delivering cyber capabilities. Support supplier mobilisation, validate deliverables, and confirm acceptance criteria and assurance obligations. Act as a senior technical coordination point across architecture, operations, transformation, and business stakeholders. Align technical priorities, manage trade offs, and elevate design, delivery, or assurance decisions as required. Provide portfolio level insight into cyber risks, dependencies, and constraints, highlighting resilience and regulatory impacts. Support senior decision making through clear, concise advice on cyber priorities, delivery risk, and investment trade offs. Support structured transition of cyber capabilities into operational teams, ensuring ownership, support models, and processes are clearly defined. Contribute to effective change management and adoption across technology, process, and people. Maintain appropriate documentation and evidence based assurance mechanisms across cyber portfolios. Operate independently as a subject matter expert, determining delivery approach, stakeholder engagement, and cadence required to achieve outcomes. Qualifications Relevant education or industry recognised certifications in cybersecurity, information security, technology delivery, risk management, or programme delivery. Suitable qualifications may include BSc, MSc, CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, NCSC CAF experience, Security+, CySA+, PRINCE2, MSP, Agile, or equivalent professional experience. Experience working in regulated, operationally critical, or critical national infrastructure environments is highly beneficial. Essential skills Strong experience leading or assuring cyber delivery across complex portfolios or transformation programmes. Strong understanding of cyber governance, risk, compliance, and assurance in regulated environments. Practical knowledge of CAF and/or eCAF readiness, control interpretation, evidence management, and remediation planning. Ability to provide technical leadership from mobilisation through to transition into BAU. Ability to define and validate cyber scope, priorities, dependencies, risks, and control expectations. Strong understanding of security architecture, technical assurance, and control implementation. Ability to translate regulatory and risk requirements into practical delivery actions and measurable outcomes. Experience contributing to cyber roadmaps, delivery plans, milestone sequencing, and portfolio level decision making. Strong supplier and third party oversight capability. Strong stakeholder management skills, including influencing senior stakeholders and managing trade offs. Ability to produce high quality written outputs, assurance material, executive briefings, and decision papers. Strong delivery discipline and ability to operate with minimal supervision. Experience supporting sustainable transition into BAU, including ownership, support models, and operational readiness. Desired skills Experience supporting large scale regulated investment programmes or resilience initiatives. Experience operating as a senior technical partner to CIOs, Heads of Cyber, or IT Transformation leadership. Experience developing cyber portfolio views, assurance dashboards, or executive level reporting. Experience supporting cyber capability development or strategic security platform implementation. Experience embedding evidence led assurance mechanisms across delivery. Experience supporting organisational change, adoption, and cyber capability transition. Experience working within secure collaboration and documentation environments. Experience handling confidential client information in line with security, data protection, and NDA requirements. Experience Proven experience in senior cyber delivery, cyber assurance, or cyber technical authority roles. Experience supporting cyber portfolios or transformation programmes in regulated or operationally critical environments. Experience with CAF, eCAF, NIS, ISO 27001, NIST CSF, or equivalent frameworks. Experience defining technical priorities, roadmaps, control gaps, and remediation activities. Experience supporting regulatory, audit, or assurance readiness. Experience working with senior IT, cyber, architecture, operations, and transformation stakeholders. Experience managing cyber risks, dependencies, constraints, and delivery trade offs at portfolio or programme level. Experience overseeing suppliers or delivery partners implementing cyber capabilities. Experience supporting transition into BAU, including operating models, handover planning, and service ownership. Benefits Collaborative working environment - we stand shoulder to shoulder with our clients and ourpeers through good times and challenges We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects ExpleoAcademy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses Competitive company benefits Always working as one team, our people are not afraid to think big and challenge the status quo As a Disability Confident Committed Employer we have committed to: Ensure our recruitment process is inclusive and accessible Communicating and promoting vacancies Offering an interview to disabled people who meet the minimum criteria for the job Anticipating and providing reasonable adjustments as required Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people "We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age". We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive
Specialist Platform Engineer Own the design and maintenance of scalable cloud infrastructure for Darktrace platform Location: Cambridge, Cambridgeshire, United Kingdom Job Tags: Software About The Role Darktrace Specialist Platform Engineer Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting nearly 10,000 organizations from unknown threats using its proprietary AI. The Darktrace Active AI Security Platform delivers a proactive approach to cyber resilience to secure the business across the entire digital estate - from network to cloud to email. Breakthrough innovations from our R&D teams have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world. As a Specialist Platform Engineer in R&D, you will design, build, and maintain the foundational infrastructure, tooling, and automation that product teams rely on to develop and deliver software efficiently. What will I be doing: As a Specialist Platform Engineer, you will be responsible for deploying and scaling our global cloud applications. Your expertise in container orchestration, particularly with Kubernetes and other cloud native tools, will be essential. You will support development teams in optimizing the use of public cloud resources and assist with the transition of new applications to production. Additionally, you will be responsible for: Collaborating with development teams to ensure infrastructure meets their requirements while promoting scalable application practices, Utilizing your knowledge of container orchestration tools to facilitate the seamless deployment of applications, focusing on reliability, observability, and performance, Staying current with technological advancements, introducing innovative solutions to the team, and addressing operational challenges through automation and optimization, Adapting software development approaches to meet business pressures, Informing security practices and coaching other users on best practices, Supporting specific activities to improve development processes, Designing solutions and services with security controls included, specifically engineered to mitigate security threats, Managing service components to ensure they meet business needs and key performance indicators, Liaising with other team members to coordinate changes across components. What experience do I need: You should have skills in scripting or application development, with proficiency in Python. Familiarity with infrastructure provisioning tools such as Terraform and CloudFormation, along with Infrastructure as Code (IaC) methodologies, is important. A good understanding of networking and security principles is crucial, as is the ability to solve problems and analyze patterns in behavior and logs. Additional qualifications include: Experience with continuous integration systems such as GitHub Actions, GitLab CI, and Jenkins, Proficiency in working with source control systems, Strong communication and interpersonal skills, with fluency in English both in written and verbal forms. Benefits: 23 days' holiday + all public holidays, rising to 25 days after 2 years of service, Additional day off for your birthday, Private medical insurance which covers you, your cohabiting partner and children, Life insurance of 4 times your base salary, Salary sacrifice pension scheme, Enhanced family leave, Confidential Employee Assistance Program, Cycle to work scheme.
19/05/2026
Full time
Specialist Platform Engineer Own the design and maintenance of scalable cloud infrastructure for Darktrace platform Location: Cambridge, Cambridgeshire, United Kingdom Job Tags: Software About The Role Darktrace Specialist Platform Engineer Darktrace is a global leader in AI for cybersecurity that keeps organizations ahead of the changing threat landscape every day. Founded in 2013, Darktrace provides the essential cybersecurity platform protecting nearly 10,000 organizations from unknown threats using its proprietary AI. The Darktrace Active AI Security Platform delivers a proactive approach to cyber resilience to secure the business across the entire digital estate - from network to cloud to email. Breakthrough innovations from our R&D teams have resulted in over 200 patent applications filed. Darktrace's platform and services are supported by over 2,400 employees around the world. As a Specialist Platform Engineer in R&D, you will design, build, and maintain the foundational infrastructure, tooling, and automation that product teams rely on to develop and deliver software efficiently. What will I be doing: As a Specialist Platform Engineer, you will be responsible for deploying and scaling our global cloud applications. Your expertise in container orchestration, particularly with Kubernetes and other cloud native tools, will be essential. You will support development teams in optimizing the use of public cloud resources and assist with the transition of new applications to production. Additionally, you will be responsible for: Collaborating with development teams to ensure infrastructure meets their requirements while promoting scalable application practices, Utilizing your knowledge of container orchestration tools to facilitate the seamless deployment of applications, focusing on reliability, observability, and performance, Staying current with technological advancements, introducing innovative solutions to the team, and addressing operational challenges through automation and optimization, Adapting software development approaches to meet business pressures, Informing security practices and coaching other users on best practices, Supporting specific activities to improve development processes, Designing solutions and services with security controls included, specifically engineered to mitigate security threats, Managing service components to ensure they meet business needs and key performance indicators, Liaising with other team members to coordinate changes across components. What experience do I need: You should have skills in scripting or application development, with proficiency in Python. Familiarity with infrastructure provisioning tools such as Terraform and CloudFormation, along with Infrastructure as Code (IaC) methodologies, is important. A good understanding of networking and security principles is crucial, as is the ability to solve problems and analyze patterns in behavior and logs. Additional qualifications include: Experience with continuous integration systems such as GitHub Actions, GitLab CI, and Jenkins, Proficiency in working with source control systems, Strong communication and interpersonal skills, with fluency in English both in written and verbal forms. Benefits: 23 days' holiday + all public holidays, rising to 25 days after 2 years of service, Additional day off for your birthday, Private medical insurance which covers you, your cohabiting partner and children, Life insurance of 4 times your base salary, Salary sacrifice pension scheme, Enhanced family leave, Confidential Employee Assistance Program, Cycle to work scheme.
National Energy System Operator Limited
Wokingham, Berkshire
Lead Security ArchitectApplylocations: Wokingham, RG41 5BN: Warwick, CV34 6DAtime type: Full timeposted on: Posted Yesterdaytime left to apply: End Date: May 25, 2026 (8 days left to apply)job requisition id: JR100250 About the Role National Energy System Operator (NESO) recognises the potential of bright and talented individuals, and we encourage you to join us as Great Britain's energy system undergoes an ambitious, exciting, and vital transformation. Together with industry, we are creating a cleaner, more sustainable energy future.The Lead Security Architect is responsible for overseeing and facilitating the daily operations and development of the security architecture function. This position ensures that enterprise security architecture standards are applied consistently, using a pragmatic and risk-based approach across solution design, delivery, shared technology platforms, and business initiatives. Additionally, the Lead Security Architect serves as the operational lead and primary escalation point for the security architecture function.Reporting to the Enterprise Security Architect, the Lead Security Architect helps turn strategic initiatives and direction into secure, practical, and repeatable designs that can be used by both architectural and delivery teams across the organisation.Why Join the Security Architecture Team at NESO? Help shape the future of the UK's energy network - securely! This role can be based from our offices in Wokingham or Warwick and we continue to offer hybrid working arrangements that allow for a blend of office and home working. This role is designated as requiring a National Security Vetting (NSV) clearance. The level of clearance associated with the role is Security Check (SC). You will usually need to have been a resident in the UK for the last five years to apply for an SC clearance. We would invite any applicants who do not currently meet this residency requirement to still express an interest in the role. Key Accountabilities Security Architecture Operations : Run the day-to-day security architecture function. Apply security standards consistently across all areas of the organisation. Turn enterprise security strategy into practical designs and patterns. Review and approve security aspects of technical and solution architectures. Provide security architecture guidance to architectural teams as part of the design, delivery and change. Technical Leadership: Design security across cloud, on-premises, hybrid and SaaS platforms. Define reusable security patterns and guardrails. Guide teams across identity, network, application, data and platform security. Assess emerging technologies for security impact. Stakeholder Engagement: Work closely with wider architectural, engineering, platform and delivery teams. Champion embedding security early in delivery lifecycles. Advise teams on risk and security considerations. Participate in architecture and governance forums. Risk, Compliance and Assurance: Work with the Security Assurance teams to ensure architecture designs meet regulatory and industry requirements. Support the identification of risk, assessing impact, and helping teams remain within the organisations risk appetite. Support threat modelling and security reviews. Team and Capability Development: Lead and mentor a team of security architects. Set quality standards and development plans to ensure the team stays current with the changing threat landscape and emerging technologies. Identify and improve processes, documentation and tooling. About You We're forging the path towards a sustainable energy future, and we know we can't do it alone. That's why we need visionary minds like yours to join us on this transformative journey. In this case, we're looking for someone with: Significant experience in security architecture or senior security engineering role Strong knowledge of cloud security architecture, identity and access management, network security and ideally application security. Experience in working in large, complex environments with multiple workstreams - ideally regulated industries. Strong communicator with excellent writing skills, capable of articulating complex technical concepts to both technical and non-technical stakeholders. Ability to collaborate effectively with cross-functional teams, demonstrating strong interpersonal skills and a team-oriented mindset. A proactive approach to problem-solving, with the ability to think critically and strategically about architectural challenges and opportunities. Must have a "can do" attitude when working in a fast-paced and high-pressured environment. Relevant cyber security qualification(s), for example Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) - CISSP preferred. What success looks like Security architecture is used consistently throughout the organisation, becoming an enabler an efficiency for supporting delivery. Design, delivery and change teams proactively engage security architects at the appropriate stages of development. Architectural risks are identified early, clearly understood and articulated and effectively managed and reduced. Don't meet every single requirement? Studies have shown that women and people of colour are less likely to apply for jobs unless they meet every single qualification. At NESO, we are committed to building a diverse, inclusive, and authentic workplace for everyone. So, if you're excited about this role but your experience or qualifications don't match the job description exactly, we encourage you to apply anyway. You might just be the right person for our growing business in this role or another one. What You'll Get A competitive salary of £75,000 - £85,000 dependent on experience and capabilityAs well as your base salary, you will receive a bonus of up to 15% of your salary for stretch performance, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.NESO's flexible benefits programme provides you with more flexibility around your helath, lifestyle and protection benefits, here's just a few available: - Flexible Bank Holidays & Holiday Trading - Additional Birthday Day Off - Cycle to Work Scheme, Retail & Gym Discounts - Private Medical Insurance, Critical Illness Insurance & Personal Accident Insurance About Us At the National Energy System Operator (NESO), we play a vital role in tackling climate change and securing Great Britain's energy future. We already operate the world's fastest decarbonising electricity system and are working towards our ambition to run it carbon-free for a short period this year - provided the market supplies electricity exclusively from renewable sources. Alongside this, we provide expert advice to government on how to deliver a clean power system by 2030. In autumn 2024, the Electricity System Operator (ESO) transitioned to become NESO - an independent, expert public corporation with a whole-system view across electricity, gas, and hydrogen. NESO operates independently and transparently, always actin in the best interests of all energy users. Licensed and regulated by Ofgem, we make impartial decisions that balance sustainability, affordability and security. Our organisation is fully independent from government, the regulator and all commercial interests, with a clear focus on system-wide benefit, long term thing and public value. The time to deliver is now. Join the energy transformation and help shape the future. Your energy. Our future. TogetherNational Energy System Operator (NESO) recognises the potential of bright and talented individuals, and we encourage you to join us as Great Britain's energy system undergoes an ambitious, exciting, and vital transformation. Together with industry, we are creating a cleaner, more sustainable energy future. More Information This role closes at 23:59, on the day before date shown above, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.Research shows that some people may hesitate to apply unless they meet every single requirement. At NESO, we believe potential comes in many forms and we're committed to a fair, inclusive recruitmentWe're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential. If this role sparks your interest but you're not sure you tick every box, we still want to hear from you. process where everyone has the opportunity to shoe their talents. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds.
19/05/2026
Full time
Lead Security ArchitectApplylocations: Wokingham, RG41 5BN: Warwick, CV34 6DAtime type: Full timeposted on: Posted Yesterdaytime left to apply: End Date: May 25, 2026 (8 days left to apply)job requisition id: JR100250 About the Role National Energy System Operator (NESO) recognises the potential of bright and talented individuals, and we encourage you to join us as Great Britain's energy system undergoes an ambitious, exciting, and vital transformation. Together with industry, we are creating a cleaner, more sustainable energy future.The Lead Security Architect is responsible for overseeing and facilitating the daily operations and development of the security architecture function. This position ensures that enterprise security architecture standards are applied consistently, using a pragmatic and risk-based approach across solution design, delivery, shared technology platforms, and business initiatives. Additionally, the Lead Security Architect serves as the operational lead and primary escalation point for the security architecture function.Reporting to the Enterprise Security Architect, the Lead Security Architect helps turn strategic initiatives and direction into secure, practical, and repeatable designs that can be used by both architectural and delivery teams across the organisation.Why Join the Security Architecture Team at NESO? Help shape the future of the UK's energy network - securely! This role can be based from our offices in Wokingham or Warwick and we continue to offer hybrid working arrangements that allow for a blend of office and home working. This role is designated as requiring a National Security Vetting (NSV) clearance. The level of clearance associated with the role is Security Check (SC). You will usually need to have been a resident in the UK for the last five years to apply for an SC clearance. We would invite any applicants who do not currently meet this residency requirement to still express an interest in the role. Key Accountabilities Security Architecture Operations : Run the day-to-day security architecture function. Apply security standards consistently across all areas of the organisation. Turn enterprise security strategy into practical designs and patterns. Review and approve security aspects of technical and solution architectures. Provide security architecture guidance to architectural teams as part of the design, delivery and change. Technical Leadership: Design security across cloud, on-premises, hybrid and SaaS platforms. Define reusable security patterns and guardrails. Guide teams across identity, network, application, data and platform security. Assess emerging technologies for security impact. Stakeholder Engagement: Work closely with wider architectural, engineering, platform and delivery teams. Champion embedding security early in delivery lifecycles. Advise teams on risk and security considerations. Participate in architecture and governance forums. Risk, Compliance and Assurance: Work with the Security Assurance teams to ensure architecture designs meet regulatory and industry requirements. Support the identification of risk, assessing impact, and helping teams remain within the organisations risk appetite. Support threat modelling and security reviews. Team and Capability Development: Lead and mentor a team of security architects. Set quality standards and development plans to ensure the team stays current with the changing threat landscape and emerging technologies. Identify and improve processes, documentation and tooling. About You We're forging the path towards a sustainable energy future, and we know we can't do it alone. That's why we need visionary minds like yours to join us on this transformative journey. In this case, we're looking for someone with: Significant experience in security architecture or senior security engineering role Strong knowledge of cloud security architecture, identity and access management, network security and ideally application security. Experience in working in large, complex environments with multiple workstreams - ideally regulated industries. Strong communicator with excellent writing skills, capable of articulating complex technical concepts to both technical and non-technical stakeholders. Ability to collaborate effectively with cross-functional teams, demonstrating strong interpersonal skills and a team-oriented mindset. A proactive approach to problem-solving, with the ability to think critically and strategically about architectural challenges and opportunities. Must have a "can do" attitude when working in a fast-paced and high-pressured environment. Relevant cyber security qualification(s), for example Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) - CISSP preferred. What success looks like Security architecture is used consistently throughout the organisation, becoming an enabler an efficiency for supporting delivery. Design, delivery and change teams proactively engage security architects at the appropriate stages of development. Architectural risks are identified early, clearly understood and articulated and effectively managed and reduced. Don't meet every single requirement? Studies have shown that women and people of colour are less likely to apply for jobs unless they meet every single qualification. At NESO, we are committed to building a diverse, inclusive, and authentic workplace for everyone. So, if you're excited about this role but your experience or qualifications don't match the job description exactly, we encourage you to apply anyway. You might just be the right person for our growing business in this role or another one. What You'll Get A competitive salary of £75,000 - £85,000 dependent on experience and capabilityAs well as your base salary, you will receive a bonus of up to 15% of your salary for stretch performance, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.NESO's flexible benefits programme provides you with more flexibility around your helath, lifestyle and protection benefits, here's just a few available: - Flexible Bank Holidays & Holiday Trading - Additional Birthday Day Off - Cycle to Work Scheme, Retail & Gym Discounts - Private Medical Insurance, Critical Illness Insurance & Personal Accident Insurance About Us At the National Energy System Operator (NESO), we play a vital role in tackling climate change and securing Great Britain's energy future. We already operate the world's fastest decarbonising electricity system and are working towards our ambition to run it carbon-free for a short period this year - provided the market supplies electricity exclusively from renewable sources. Alongside this, we provide expert advice to government on how to deliver a clean power system by 2030. In autumn 2024, the Electricity System Operator (ESO) transitioned to become NESO - an independent, expert public corporation with a whole-system view across electricity, gas, and hydrogen. NESO operates independently and transparently, always actin in the best interests of all energy users. Licensed and regulated by Ofgem, we make impartial decisions that balance sustainability, affordability and security. Our organisation is fully independent from government, the regulator and all commercial interests, with a clear focus on system-wide benefit, long term thing and public value. The time to deliver is now. Join the energy transformation and help shape the future. Your energy. Our future. TogetherNational Energy System Operator (NESO) recognises the potential of bright and talented individuals, and we encourage you to join us as Great Britain's energy system undergoes an ambitious, exciting, and vital transformation. Together with industry, we are creating a cleaner, more sustainable energy future. More Information This role closes at 23:59, on the day before date shown above, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.Research shows that some people may hesitate to apply unless they meet every single requirement. At NESO, we believe potential comes in many forms and we're committed to a fair, inclusive recruitmentWe're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential. If this role sparks your interest but you're not sure you tick every box, we still want to hear from you. process where everyone has the opportunity to shoe their talents. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds.
Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta's environment, proactively monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong expertise in incident response, digital forensics, threat hunting, and security monitoring technologies. You will collaborate across teams, contribute to detection engineering efforts, and participate in 24x7 on call rotations. The role reports to the Manager of Security Operations and Response. This role can be performed remotely anywhere in the UK, or from our London, UK office. We'd love for you to join us! Impact You'll Have Proactively monitor Marqeta's environment for cyber threat activity and manage day to day security alerts through timely analysis, triage, and appropriate response actions Serve as incident commander during security events, directing investigation strategies and coordinating cross functional response efforts Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from cybersecurity incidents Contribute to the maintenance and improvement of the Cybersecurity Incident Response Plan (CIRP), playbooks, runbooks, and standard operating procedures to ensure consistent and effective response operations Participate in 24x7x365 on call rotations, providing skilled guidance during security incidents and contributing to thorough post incident reviews Research threat intelligence sources and contribute to hypothesis driven threat hunting initiatives to uncover threats in corporate and production environments Work closely with Security Engineering to tune security solutions, enhance detection capabilities, and leverage business knowledge to improve security monitoring Design, develop, and maintain detection logic using a detections as code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat intelligence and business risk Coordinate with HR, law enforcement, response retainers, and cyber insurers as required, including support on cyber crime financial fraud use cases Support the development of less experienced security team members through knowledge sharing, pair investigations, and leading by example Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks Who You Are 5+ years of hands on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure Strong knowledge of the NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems Experience developing detections as code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks Working knowledge of MITRE ATT&CK and experience using it to assess detection coverage and map threat actor TTPs Experience contributing to post incident reviews and implementing security improvements based on lessons learned Solid understanding of threat actor TTPs and ability to apply threat intelligence to enhance detection and response capabilities Experience tuning security solutions and developing automation workflows to improve monitoring effectiveness and response efficiency Working knowledge of AWS cloud services and securing cloud environments Ability to effectively communicate with technical and non technical stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or elevate issues Willingness to mentor and support the growth of junior security professionals in incident response techniques Benefits Premium Private Medical and Dental coverage Generous time off program with additional "Floating Holiday days" Retirement savings program with company contribution Equity in a publicly traded company and an Employee Stock Purchase Program Monthly stipend to support our remote work model Annual development stipend to support our people's growth and development Family forming benefits and up to 20 weeks of Parental Leave Wellbeing programs (e.g., Modern Health, HealthKick and more) Marqeta is an equal opportunity employer committed to an inclusive workplace that fosters belonging. We do not discriminate based on race, color, religion, sex (including pregnancy, lactation, childbirth, or related medical conditions), veteran status or uniformed service member status, age, national origin or ancestry, citizenship or immigration status, physical or mental disability, gender identity, gender expression, sexual orientation, genetic information (including testing or characteristics) or any other characteristic protected by applicable law. We also consider qualified applicants with criminal histories, consistent with legal requirements. Marqeta endeavors to make reasonable accommodations for applicants with disabilities. Individuals requiring accommodation to submit this application, complete any pre employment testing, or otherwise participate in the selection process should submit a request detailing the specific accommodations needed.
19/05/2026
Full time
Senior Security Engineer - Detection & Response - EU/UK Remote, UK We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta's environment, proactively monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong expertise in incident response, digital forensics, threat hunting, and security monitoring technologies. You will collaborate across teams, contribute to detection engineering efforts, and participate in 24x7 on call rotations. The role reports to the Manager of Security Operations and Response. This role can be performed remotely anywhere in the UK, or from our London, UK office. We'd love for you to join us! Impact You'll Have Proactively monitor Marqeta's environment for cyber threat activity and manage day to day security alerts through timely analysis, triage, and appropriate response actions Serve as incident commander during security events, directing investigation strategies and coordinating cross functional response efforts Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from cybersecurity incidents Contribute to the maintenance and improvement of the Cybersecurity Incident Response Plan (CIRP), playbooks, runbooks, and standard operating procedures to ensure consistent and effective response operations Participate in 24x7x365 on call rotations, providing skilled guidance during security incidents and contributing to thorough post incident reviews Research threat intelligence sources and contribute to hypothesis driven threat hunting initiatives to uncover threats in corporate and production environments Work closely with Security Engineering to tune security solutions, enhance detection capabilities, and leverage business knowledge to improve security monitoring Design, develop, and maintain detection logic using a detections as code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat intelligence and business risk Coordinate with HR, law enforcement, response retainers, and cyber insurers as required, including support on cyber crime financial fraud use cases Support the development of less experienced security team members through knowledge sharing, pair investigations, and leading by example Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks Who You Are 5+ years of hands on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure Strong knowledge of the NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems Experience developing detections as code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks Working knowledge of MITRE ATT&CK and experience using it to assess detection coverage and map threat actor TTPs Experience contributing to post incident reviews and implementing security improvements based on lessons learned Solid understanding of threat actor TTPs and ability to apply threat intelligence to enhance detection and response capabilities Experience tuning security solutions and developing automation workflows to improve monitoring effectiveness and response efficiency Working knowledge of AWS cloud services and securing cloud environments Ability to effectively communicate with technical and non technical stakeholders during security incidents and investigations Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus Proven ability to work independently while demonstrating sound judgment about when to engage team members or elevate issues Willingness to mentor and support the growth of junior security professionals in incident response techniques Benefits Premium Private Medical and Dental coverage Generous time off program with additional "Floating Holiday days" Retirement savings program with company contribution Equity in a publicly traded company and an Employee Stock Purchase Program Monthly stipend to support our remote work model Annual development stipend to support our people's growth and development Family forming benefits and up to 20 weeks of Parental Leave Wellbeing programs (e.g., Modern Health, HealthKick and more) Marqeta is an equal opportunity employer committed to an inclusive workplace that fosters belonging. We do not discriminate based on race, color, religion, sex (including pregnancy, lactation, childbirth, or related medical conditions), veteran status or uniformed service member status, age, national origin or ancestry, citizenship or immigration status, physical or mental disability, gender identity, gender expression, sexual orientation, genetic information (including testing or characteristics) or any other characteristic protected by applicable law. We also consider qualified applicants with criminal histories, consistent with legal requirements. Marqeta endeavors to make reasonable accommodations for applicants with disabilities. Individuals requiring accommodation to submit this application, complete any pre employment testing, or otherwise participate in the selection process should submit a request detailing the specific accommodations needed.
Job Description:Senior Cloud Security EngineerLocation: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)Flexible / Hybrid working options.PermanentSalary: from £74,400 DOE10% Bonus+ fantastic benefitsFull time 37.5 hoursWe make health happenAt Bupa, we're passionate about technology. With colleagues, customers, patients and residents in mind you'll have the opportunity to work on innovative projects and make a real impact on their lives.Right from the start you'll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.As a Cloud Security expert with a strong engineering background, you'll play a vital role in protecting Bupa's cloud platforms and workloads throughout their lifecycle. Your technical expertise will help us embed security by design, ensuring our solutions remain resilient and secure.Reporting to the BGIUK Lead Cloud Security Engineer, you'll tackle complex challenges and deliver practical, secure solutions across BGIUK. You'll be responsible for implementing and supporting key technologies, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), Cloud Infrastructure Entitlement Management (CIEM), and Cloud Native Application Protection Platform (CNAPP).How you'll help us make health happen:Design, implement, and maintain Cloud Security technologies, including CSPM, CWPP, CIEM, and CNAPP.Provide expert guidance on complex cloud security design challenges, ensuring scalable and resilient solutions.Integrate cloud security tools with platforms, enterprise systems, and directories such as Active Directory and MS Entra.Develop and implement processes for deploying, monitoring, and maintaining cloud security tooling.Drive continuous improvement in security controls through product management and DevOps practices.Configure platforms to support least privilege and RBAC, aligned with regulatory and security standards.Support compliance and audit activities by maintaining evidence and reporting for internal and external assurance.Monitor and troubleshoot cloud security tools, managing incidents and escalating high-risk issues.Deliver automation and optimisation using scripts, APIs, and orchestration tools to enhance security processes.Stay current with emerging cloud security trends, threats, and best practices.Collaborate with stakeholders across technology, security, compliance, and business units to strengthen cloud security posture.Act as a trusted advisor, promoting best practices and supporting interpretation of security findings.Foster a culture of innovation, agility, and continuous improvement within cloud security.Report on performance metrics and support policy and strategy development for cloud security.Mentor and coach team members, promoting professional growth and a learning culture.Demonstrate integrity and professionalism in handling confidential matters and decision-making.Key Skills / Qualifications needed for this role:Strong expertise in designing, implementing, and operating CSPM, CNAPP, CWPP, and CIEM tools in cloud environments (e.g., Defender for Cloud, Wiz, Prisma Cloud).Deep understanding of cloud security best practices, including Well-Architected Frameworks and CIS compliance.Proven ability to manage infrastructure as code and define cloud controls as policy.Hands-on experience with coding and automation tools such as Terraform, PowerShell, Python, and REST APIs.Degree-level education or equivalent experience in IT, Cybersecurity, or a related field.Professional certifications such as CISSP, CISM, or CISA.Solid knowledge of regulatory compliance frameworks and security standards, including ISO 27001, NIST, and GDPR.Excellent problem-solving skills and ability to communicate complex cloud security concepts to both technical and non-technical audiences.BenefitsOur benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health - from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.Joining Bupa in this role you will receive the following benefits and more:25 days holiday, increasing through length of service, with option to buy or sellBupa health insurance as a benefit in kindAn enhanced pension plan and life insuranceAnnual performance-based bonusOnsite gyms or local discounts where no onsite gym availableVarious other benefits and online discountsWhy Bupa?We're a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose - helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.We encourage all of our people to "Be you at Bupa", we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That's why we especially encourage applications from people with diverse backgrounds and experiences.Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We'll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs themTime Type:Full timeJob Area:ITLocations:Angel Court, London, Bupa Place, Kirkstall Forge, Staines - Willow HouseCycle to work scheme, Financial planning services, Private medical insurance, Paid volunteer time, Private dental insurance, Gym membership, Company pension, Canteen, Additional leave, Referral programme, Employee mentoring programme, Health & wellbeing programme, Free flu jabs
19/05/2026
Full time
Job Description:Senior Cloud Security EngineerLocation: Salford (M50 3SP), Staines (TW18 3DZ), London (EC2R 7HJ), Leeds (LS5 3BF)Flexible / Hybrid working options.PermanentSalary: from £74,400 DOE10% Bonus+ fantastic benefitsFull time 37.5 hoursWe make health happenAt Bupa, we're passionate about technology. With colleagues, customers, patients and residents in mind you'll have the opportunity to work on innovative projects and make a real impact on their lives.Right from the start you'll become part of our digital & data strategy, joining us on our journey and developing yourself along the way.As a Cloud Security expert with a strong engineering background, you'll play a vital role in protecting Bupa's cloud platforms and workloads throughout their lifecycle. Your technical expertise will help us embed security by design, ensuring our solutions remain resilient and secure.Reporting to the BGIUK Lead Cloud Security Engineer, you'll tackle complex challenges and deliver practical, secure solutions across BGIUK. You'll be responsible for implementing and supporting key technologies, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), Cloud Infrastructure Entitlement Management (CIEM), and Cloud Native Application Protection Platform (CNAPP).How you'll help us make health happen:Design, implement, and maintain Cloud Security technologies, including CSPM, CWPP, CIEM, and CNAPP.Provide expert guidance on complex cloud security design challenges, ensuring scalable and resilient solutions.Integrate cloud security tools with platforms, enterprise systems, and directories such as Active Directory and MS Entra.Develop and implement processes for deploying, monitoring, and maintaining cloud security tooling.Drive continuous improvement in security controls through product management and DevOps practices.Configure platforms to support least privilege and RBAC, aligned with regulatory and security standards.Support compliance and audit activities by maintaining evidence and reporting for internal and external assurance.Monitor and troubleshoot cloud security tools, managing incidents and escalating high-risk issues.Deliver automation and optimisation using scripts, APIs, and orchestration tools to enhance security processes.Stay current with emerging cloud security trends, threats, and best practices.Collaborate with stakeholders across technology, security, compliance, and business units to strengthen cloud security posture.Act as a trusted advisor, promoting best practices and supporting interpretation of security findings.Foster a culture of innovation, agility, and continuous improvement within cloud security.Report on performance metrics and support policy and strategy development for cloud security.Mentor and coach team members, promoting professional growth and a learning culture.Demonstrate integrity and professionalism in handling confidential matters and decision-making.Key Skills / Qualifications needed for this role:Strong expertise in designing, implementing, and operating CSPM, CNAPP, CWPP, and CIEM tools in cloud environments (e.g., Defender for Cloud, Wiz, Prisma Cloud).Deep understanding of cloud security best practices, including Well-Architected Frameworks and CIS compliance.Proven ability to manage infrastructure as code and define cloud controls as policy.Hands-on experience with coding and automation tools such as Terraform, PowerShell, Python, and REST APIs.Degree-level education or equivalent experience in IT, Cybersecurity, or a related field.Professional certifications such as CISSP, CISM, or CISA.Solid knowledge of regulatory compliance frameworks and security standards, including ISO 27001, NIST, and GDPR.Excellent problem-solving skills and ability to communicate complex cloud security concepts to both technical and non-technical audiences.BenefitsOur benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health - from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.Joining Bupa in this role you will receive the following benefits and more:25 days holiday, increasing through length of service, with option to buy or sellBupa health insurance as a benefit in kindAn enhanced pension plan and life insuranceAnnual performance-based bonusOnsite gyms or local discounts where no onsite gym availableVarious other benefits and online discountsWhy Bupa?We're a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose - helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.We encourage all of our people to "Be you at Bupa", we champion diversity, and we understand the importance of our people representing the communities and customers we serve. That's why we especially encourage applications from people with diverse backgrounds and experiences.Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview/assessment to every disabled applicant who meets the minimum criteria for the role. We'll make sure you are treated fairly and offer reasonable adjustments as part of our recruitment process to anyone that needs themTime Type:Full timeJob Area:ITLocations:Angel Court, London, Bupa Place, Kirkstall Forge, Staines - Willow HouseCycle to work scheme, Financial planning services, Private medical insurance, Paid volunteer time, Private dental insurance, Gym membership, Company pension, Canteen, Additional leave, Referral programme, Employee mentoring programme, Health & wellbeing programme, Free flu jabs
Requirements Solid understanding of network protocols, operating systems, application layer protocols, and security best practices Understanding cybersecurity threats, and experience with incident response standards and procedures Ability to communicate security information to non-technical people Has a passion for Cyber Security Demonstrates comprehension of good security practices Knowledge of risk assessment tools, technologies and methods Knowledge of penetration testing methodologies, frameworks, and tools Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders Excellent Written and Verbal Communication Skills Computer Networking & Security Vulnerability Discovery and Analysis Operating System Internals Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.) 3-5 years of experience executing penetration tests, writing reports and delivering report debriefs to clients Knowledge of common Windows and Linux/Unix system calls and APIs Working knowledge of pentesting tools, such as Burpsuite, Metasploit framework, Caido Knowledge of programming and/or scripting languages (i.e., Python) One or more of the following certifications or other relevant certifications: eJPT, PJPT, PenTest+, OSCP, GPEN, PNPT, CEH, Security+ What the job involves Thrive is looking for a security engineer to join our Offensive Security team. This team focuses on advanced vulnerability management and Pentesting as a service and delivers strategic security insights to clients based on the findings of these services. This role will own the delivery of these services ensuring client satisfaction, timely and complete service delivery. The Security Engineer will work closely with the team to ensure the services are being delivered to clients effectively, and stay on top of industry's best practices as well as new features available from the tools. Additionally, the Security Engineer will coordinate with internal teams at Thrive and the primary contact for these services for clients. This role will meet with customers and explain the vulnerabilities found and/or exploited, and assist with steps for remediation. This Engineering position requires attention to detail and a commitment to maintaining high security standards and fostering client trust in our cybersecurity capabilities. Execution and analysis of vulnerability scans and determining remediation steps. Execution and analysis of Penetration Tests (manual and autonomous), writing reports, and delivery of reports to client stakeholders. Lead client meetings, offering expert advice and guidance as needed. Collaborate with clients to understand their business needs and requirements to best align remediation requirements to business outcomes. Creation and ongoing upkeep of materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders. Update client Security presentations and discuss findings with our clients. Maintain a leading edge on security events and techniques to keep our clients aware of new threats and attack techniques. Other duties as required.
19/05/2026
Full time
Requirements Solid understanding of network protocols, operating systems, application layer protocols, and security best practices Understanding cybersecurity threats, and experience with incident response standards and procedures Ability to communicate security information to non-technical people Has a passion for Cyber Security Demonstrates comprehension of good security practices Knowledge of risk assessment tools, technologies and methods Knowledge of penetration testing methodologies, frameworks, and tools Ability to analyze a large amount of data from various sources and use this information to solve complex problems and make good decisions. Must be able to work effectively in a team environment and collaborate within the team and other stakeholders Excellent Written and Verbal Communication Skills Computer Networking & Security Vulnerability Discovery and Analysis Operating System Internals Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.) 3-5 years of experience executing penetration tests, writing reports and delivering report debriefs to clients Knowledge of common Windows and Linux/Unix system calls and APIs Working knowledge of pentesting tools, such as Burpsuite, Metasploit framework, Caido Knowledge of programming and/or scripting languages (i.e., Python) One or more of the following certifications or other relevant certifications: eJPT, PJPT, PenTest+, OSCP, GPEN, PNPT, CEH, Security+ What the job involves Thrive is looking for a security engineer to join our Offensive Security team. This team focuses on advanced vulnerability management and Pentesting as a service and delivers strategic security insights to clients based on the findings of these services. This role will own the delivery of these services ensuring client satisfaction, timely and complete service delivery. The Security Engineer will work closely with the team to ensure the services are being delivered to clients effectively, and stay on top of industry's best practices as well as new features available from the tools. Additionally, the Security Engineer will coordinate with internal teams at Thrive and the primary contact for these services for clients. This role will meet with customers and explain the vulnerabilities found and/or exploited, and assist with steps for remediation. This Engineering position requires attention to detail and a commitment to maintaining high security standards and fostering client trust in our cybersecurity capabilities. Execution and analysis of vulnerability scans and determining remediation steps. Execution and analysis of Penetration Tests (manual and autonomous), writing reports, and delivery of reports to client stakeholders. Lead client meetings, offering expert advice and guidance as needed. Collaborate with clients to understand their business needs and requirements to best align remediation requirements to business outcomes. Creation and ongoing upkeep of materials documenting our security processes, procedures, and technologies, along with the generation of automated reports for relevant stakeholders. Update client Security presentations and discuss findings with our clients. Maintain a leading edge on security events and techniques to keep our clients aware of new threats and attack techniques. Other duties as required.
The role We're seeking a talented Solutions Architect specialising in Cloud Infrastructure to play a key role in our growing Architecture Team. The successful candidate will have a deep understanding of cloud technologies from both a hardware (provisioning) and software (consumption) perspective enabling them to design, implement, and maintain secure and scalable cloud solutions for our defence clients. They will have experience of working with multiple cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) and others. Ideally, they will have experience of securely integrating multiple cloud platforms across both Public and Private cloud instances. Key Responsibilities Lead the design secure, scalable, and reliable cloud infrastructure for mission-critical defence applications. Develop and drive cloud adoption strategies aligned with SNC MS UK's long-term vision and the specific needs of defence clients. Ensure that all cloud architectures meet the highest security standards and comply with relevant regulations (e.g., NCSC, HMGSPF and MoD standards like JSP440/604). Design and implement cloud infrastructure using tools like Terraform, Ansible, or AWS CloudFormation. Work closely with software development, network, and cybersecurity teams to ensure seamless integration of cloud solutions. Lead cloud migration projects, ensuring minimal disruption and optimised performance during transitions from legacy systems. Communicate with key stakeholders, including government clients and senior leadership, to present cloud solutions and ensure alignment with operational and business goals. Produce comprehensive documentation, including High Level Designs (HLDs) and Low Level Designs (LLDs), and presentations of solutions to technical and non-technical audiences. Keep up to date with the latest cloud technologies and trends, ensuring that SNC MS UK remains at the forefront of innovation in the defence sector. Provide cost estimates, continuously monitor and optimise cloud infrastructure costs while ensuring efficient use of cloud resources. Person Specification Qualifications & Experience Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Minimum of 5 years of experience in cloud architecture and engineering, with a strong preference for experience in the defence or government sectors. Strong expertise in one or more cloud platforms (e.g., AWS, Microsoft Azure, GCP). Proven experience with Infrastructure as Code (IaC) tools such as Terraform, Ansible, or AWS CloudFormation. Strong knowledge of cybersecurity principles, especially in a cloud environment, including experience with zero trust, data encryption, access control, and network security. Experience working with security compliance standards (NCSC, HMGSPF and MoD standards like JSP440/604) Familiarity with container orchestration technologies (e.g., Docker, Kubernetes) and CI/CD pipelines. Skills & Abilities Security-Focused: Deep understanding of cloud security principles and the ability to design solutions that meet strict defence security requirements. Problem Solving: Strong analytical and problem-solving skills with the ability to troubleshoot complex cloud architectures. Communication: Excellent communication skills with the ability to explain complex technical solutions to non-technical stakeholders. Team Collaboration: Proven ability to work in cross-functional teams, leading projects and collaborating with engineers, developers, and security specialists. Autonomy: Ability to work independently and take ownership of tasks and decisions when needed, ensuring timely and effective delivery of solutions. Organisational Skills: Capable of managing multiple projects simultaneously and prioritising tasks in a fast-paced environment. Innovative Mindset: Willingness to explore new technologies and approaches to stay ahead of the curve in cloud computing. Additional information Work Schedule: Full-time role based in South Wales/Southwest with occasional travel to customer sites and the United States. Hybrid working is available on occasion. Professional Development: SNC MS UK provides ample opportunities for training and development, working on cutting edge technologies and projects. Support for Armed Forces: SNC MS UK is a proud Armed Forces Covenant member and offers 15 days paid leave for reservists and 5 days paid leave for Cadet Forces Adult Volunteers. Please be aware that many roles at SNC MS UK are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Benefits: Salary Sacrifice Car Scheme, 28 days A/L, Sick Pay, Pension, EAP, Private Medical & Dental Scheme, Life Assurance, Income Protection, Bike to Work scheme, Performance & Pro rata bonus Solutions Architect St Athan, The Vale of Glamorgan, United Kingdom CF62 4AH From £55,513 DOE Performance & Pro rata bonus
19/05/2026
Full time
The role We're seeking a talented Solutions Architect specialising in Cloud Infrastructure to play a key role in our growing Architecture Team. The successful candidate will have a deep understanding of cloud technologies from both a hardware (provisioning) and software (consumption) perspective enabling them to design, implement, and maintain secure and scalable cloud solutions for our defence clients. They will have experience of working with multiple cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) and others. Ideally, they will have experience of securely integrating multiple cloud platforms across both Public and Private cloud instances. Key Responsibilities Lead the design secure, scalable, and reliable cloud infrastructure for mission-critical defence applications. Develop and drive cloud adoption strategies aligned with SNC MS UK's long-term vision and the specific needs of defence clients. Ensure that all cloud architectures meet the highest security standards and comply with relevant regulations (e.g., NCSC, HMGSPF and MoD standards like JSP440/604). Design and implement cloud infrastructure using tools like Terraform, Ansible, or AWS CloudFormation. Work closely with software development, network, and cybersecurity teams to ensure seamless integration of cloud solutions. Lead cloud migration projects, ensuring minimal disruption and optimised performance during transitions from legacy systems. Communicate with key stakeholders, including government clients and senior leadership, to present cloud solutions and ensure alignment with operational and business goals. Produce comprehensive documentation, including High Level Designs (HLDs) and Low Level Designs (LLDs), and presentations of solutions to technical and non-technical audiences. Keep up to date with the latest cloud technologies and trends, ensuring that SNC MS UK remains at the forefront of innovation in the defence sector. Provide cost estimates, continuously monitor and optimise cloud infrastructure costs while ensuring efficient use of cloud resources. Person Specification Qualifications & Experience Bachelor's or Master's degree in Computer Science, Information Technology, or a related field. Minimum of 5 years of experience in cloud architecture and engineering, with a strong preference for experience in the defence or government sectors. Strong expertise in one or more cloud platforms (e.g., AWS, Microsoft Azure, GCP). Proven experience with Infrastructure as Code (IaC) tools such as Terraform, Ansible, or AWS CloudFormation. Strong knowledge of cybersecurity principles, especially in a cloud environment, including experience with zero trust, data encryption, access control, and network security. Experience working with security compliance standards (NCSC, HMGSPF and MoD standards like JSP440/604) Familiarity with container orchestration technologies (e.g., Docker, Kubernetes) and CI/CD pipelines. Skills & Abilities Security-Focused: Deep understanding of cloud security principles and the ability to design solutions that meet strict defence security requirements. Problem Solving: Strong analytical and problem-solving skills with the ability to troubleshoot complex cloud architectures. Communication: Excellent communication skills with the ability to explain complex technical solutions to non-technical stakeholders. Team Collaboration: Proven ability to work in cross-functional teams, leading projects and collaborating with engineers, developers, and security specialists. Autonomy: Ability to work independently and take ownership of tasks and decisions when needed, ensuring timely and effective delivery of solutions. Organisational Skills: Capable of managing multiple projects simultaneously and prioritising tasks in a fast-paced environment. Innovative Mindset: Willingness to explore new technologies and approaches to stay ahead of the curve in cloud computing. Additional information Work Schedule: Full-time role based in South Wales/Southwest with occasional travel to customer sites and the United States. Hybrid working is available on occasion. Professional Development: SNC MS UK provides ample opportunities for training and development, working on cutting edge technologies and projects. Support for Armed Forces: SNC MS UK is a proud Armed Forces Covenant member and offers 15 days paid leave for reservists and 5 days paid leave for Cadet Forces Adult Volunteers. Please be aware that many roles at SNC MS UK are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Benefits: Salary Sacrifice Car Scheme, 28 days A/L, Sick Pay, Pension, EAP, Private Medical & Dental Scheme, Life Assurance, Income Protection, Bike to Work scheme, Performance & Pro rata bonus Solutions Architect St Athan, The Vale of Glamorgan, United Kingdom CF62 4AH From £55,513 DOE Performance & Pro rata bonus
Complaince Content Lead Are you a technical content lead, product content specialist, technical writer or customer education specialist who has worked with complex SaaS, technical or regulated content? We are working with a fast-growing, well-invested SaaS company helping organisations build business resilience across information security, data privacy and AI governance. Their global platform is used by more than 65,000 people worldwide and supports customers working through critical security, privacy and compliance challenges. This is a product content ownership role. You will take complex topics across security, privacy, governance, risk and compliance, and turn them into clear, structured guidance that helps customers understand what they need to do, why it matters and how to take action. The Role The platform already supports standards such as ISO 27001, ISO 27701 and ISO 42001, and the business is moving towards a unified controls model. You will play a key role in shaping how standards, frameworks and workflows are broken down, mapped and explained inside the product. You will work closely with Product, Professional Services and Customer Success, owning content across: Customer guidance and in-platform support Templates and policy frameworks Control content and implementation guidance Knowledge resources and documentation Video and e-learning content This is not a traditional documentation role. You will own how complex compliance and regulatory concepts are translated into practical, usable product content. What We're Looking For Hands-on experience working with ISO 27001 in a practical environment is essential Exposure to, or familiarity with, other frameworks such as GDPR, NIST, NIS 2 or AI-related standards would be highly beneficial Strong technical content, product content, customer education or technical writing experience Experience creating guidance, documentation, templates, training content, knowledge base content or e-learning Experience in SaaS, technology, cyber security, RegTech, GRC, compliance software or another complex product environment The ability to simplify complex information without losing accuracy Confidence working with Product and customer-facing teams An organised approach to content ownership, prioritisation and delivery Comfort using AI tools to improve content workflows while maintaining quality The Opportunity This is a standout opportunity to shape the content, methodology and customer experience behind a global SaaS platform. You will be working at the intersection of: Information security Data privacy AI governance Business resilience You will help define how organisations understand and implement complex standards in a practical, scalable way. Additional Information Full-time, permanent role within the Product team Fully remote within the UK Head office based in Brighton, with occasional team meetups encouraged 25 days' holiday plus bank holidays, increasing with service Nest pension with salary sacrifice option Perkbox benefits and recognition awards This role is ideal for someone who enjoys working with complex subject matter and wants to take ownership of how it is translated into real-world customer value.
18/05/2026
Full time
Complaince Content Lead Are you a technical content lead, product content specialist, technical writer or customer education specialist who has worked with complex SaaS, technical or regulated content? We are working with a fast-growing, well-invested SaaS company helping organisations build business resilience across information security, data privacy and AI governance. Their global platform is used by more than 65,000 people worldwide and supports customers working through critical security, privacy and compliance challenges. This is a product content ownership role. You will take complex topics across security, privacy, governance, risk and compliance, and turn them into clear, structured guidance that helps customers understand what they need to do, why it matters and how to take action. The Role The platform already supports standards such as ISO 27001, ISO 27701 and ISO 42001, and the business is moving towards a unified controls model. You will play a key role in shaping how standards, frameworks and workflows are broken down, mapped and explained inside the product. You will work closely with Product, Professional Services and Customer Success, owning content across: Customer guidance and in-platform support Templates and policy frameworks Control content and implementation guidance Knowledge resources and documentation Video and e-learning content This is not a traditional documentation role. You will own how complex compliance and regulatory concepts are translated into practical, usable product content. What We're Looking For Hands-on experience working with ISO 27001 in a practical environment is essential Exposure to, or familiarity with, other frameworks such as GDPR, NIST, NIS 2 or AI-related standards would be highly beneficial Strong technical content, product content, customer education or technical writing experience Experience creating guidance, documentation, templates, training content, knowledge base content or e-learning Experience in SaaS, technology, cyber security, RegTech, GRC, compliance software or another complex product environment The ability to simplify complex information without losing accuracy Confidence working with Product and customer-facing teams An organised approach to content ownership, prioritisation and delivery Comfort using AI tools to improve content workflows while maintaining quality The Opportunity This is a standout opportunity to shape the content, methodology and customer experience behind a global SaaS platform. You will be working at the intersection of: Information security Data privacy AI governance Business resilience You will help define how organisations understand and implement complex standards in a practical, scalable way. Additional Information Full-time, permanent role within the Product team Fully remote within the UK Head office based in Brighton, with occasional team meetups encouraged 25 days' holiday plus bank holidays, increasing with service Nest pension with salary sacrifice option Perkbox benefits and recognition awards This role is ideal for someone who enjoys working with complex subject matter and wants to take ownership of how it is translated into real-world customer value.
Information Security Manager Permanent - £60k - £65k + strong benefits Location: Hybrid - Salisbury Your new company: I am looking for an Information Security Manager to join a great defence organisation based in Wiltshire. You'll be walking into a strong position, being that there's already a good setup in place with ongoing upgrades and transformation across the business, especially within IT. The role responsibilities: Own and manage the Information Security requirements and compliance obligations. Develop, maintain and deliver the Information Security strategy, plans, policies, processes and best practices. Act as subject-matter expert for all Information Security matters, engaging with internal and external stakeholders (including SIRO, MoD security representatives and accreditors). Ensure compliance with Security Operating Procedures (SyOps) across all environments, escalating non-compliance where appropriate. Manage and maintain appropriate Information Security controls and tooling. Define Information Security awareness and training requirements, working with Learning & Development to ensure suitable content and completion. Line manage and develop the IT Security Officer, providing guidance, coaching and performance support. You will need: Strong demonstrable experience of IT and cyber governance, compliance, risk, and security within enterprise IT environments. Strong, in-depth understanding of information and cyber security. Proven experience defining and delivering Information Security best practice. Experience leading Information Security initiatives, including awareness programmes, training and phishing simulations. Good technical understanding of information security, including network architecture, SDLC, penetration testing, DLP tools, patching and vulnerability management. Working knowledge of National Cyber Security Centre (NCSC) guidance and best practice. Understanding of data governance, cyber security and data protection principles. Experience working with security audits and assurance activities. Strong Microsoft Office skills. Full UK driving licence Desirable: At least one of the following, ideally 2 - CISM / CISA / CIPT / ISO27001 Lead Auditor Experience working in a MoD restricted environment and knowledge of MoD security standards. Familiarity with the NIST/ CSM V4 framework. What you'll get in return: Salary of between £60k-£65k 25 days annual leave + bank holidays - additional gained with service Hybrid working 2 days just outside of Salisbury per week, ideally Up to 8% employer pension contribution And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
18/05/2026
Full time
Information Security Manager Permanent - £60k - £65k + strong benefits Location: Hybrid - Salisbury Your new company: I am looking for an Information Security Manager to join a great defence organisation based in Wiltshire. You'll be walking into a strong position, being that there's already a good setup in place with ongoing upgrades and transformation across the business, especially within IT. The role responsibilities: Own and manage the Information Security requirements and compliance obligations. Develop, maintain and deliver the Information Security strategy, plans, policies, processes and best practices. Act as subject-matter expert for all Information Security matters, engaging with internal and external stakeholders (including SIRO, MoD security representatives and accreditors). Ensure compliance with Security Operating Procedures (SyOps) across all environments, escalating non-compliance where appropriate. Manage and maintain appropriate Information Security controls and tooling. Define Information Security awareness and training requirements, working with Learning & Development to ensure suitable content and completion. Line manage and develop the IT Security Officer, providing guidance, coaching and performance support. You will need: Strong demonstrable experience of IT and cyber governance, compliance, risk, and security within enterprise IT environments. Strong, in-depth understanding of information and cyber security. Proven experience defining and delivering Information Security best practice. Experience leading Information Security initiatives, including awareness programmes, training and phishing simulations. Good technical understanding of information security, including network architecture, SDLC, penetration testing, DLP tools, patching and vulnerability management. Working knowledge of National Cyber Security Centre (NCSC) guidance and best practice. Understanding of data governance, cyber security and data protection principles. Experience working with security audits and assurance activities. Strong Microsoft Office skills. Full UK driving licence Desirable: At least one of the following, ideally 2 - CISM / CISA / CIPT / ISO27001 Lead Auditor Experience working in a MoD restricted environment and knowledge of MoD security standards. Familiarity with the NIST/ CSM V4 framework. What you'll get in return: Salary of between £60k-£65k 25 days annual leave + bank holidays - additional gained with service Hybrid working 2 days just outside of Salisbury per week, ideally Up to 8% employer pension contribution And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Senior IT Engineer (3rd Line) This is a great opportunity to join a growing firm where you will have the opportunity to develop a career, and uniquely have a say and share in the growth of the business. Due to continued expansion, they are looking for an experienced Senior IT / Project Engineer to join their team, working on varied projects and having the opportunity for continuous personal development and growth. They provide comprehensive IT support and project delivery services to SMB clients across all sectors, typically supporting organisations with 10-100 users. As part of a 20-strong engineering team, you'll work across a diverse portfolio of clients, delivering solutions in networking, Microsoft 365/Azure, security, and server infrastructure. The Role We're seeking an experienced Senior IT Engineer to join our 3rd Line support team. As one of the senior members of the team, you'll be a technical escalation point. This role requires someone who can diagnose complex issues, design solutions, and coordinate resources across the team to resolve challenging technical problems. You'll work predominantly from our office or working on client sites with occasional work-from-home flexibility . This is a hands-on role that combines technical depth with client-facing responsibilities. What You'll Be Doing Technical Leadership: Acting as a final escalation point for complex technical issues across networking, Microsoft 365/Azure, firewalls, and server infrastructure Solution Design & Delivery: Planning and implementing infrastructure projects for clients, from initial scoping through to deployment Client Support: Building strong relationships with clients, understanding their business needs, and translating these into technical solutions Team Collaboration: Working closely with 1st, 2nd and other 3rd line engineers, sharing knowledge and directing resources to resolve issues efficiently Continuous Improvement: Contributing to internal processes, standards, and security posture improvements Out-of-Hours Support: Participating in our on-call rota (1 week in 8) to provide emergency support when needed (rare) (additional pay when called) Essential Requirements Technical Skills You must have demonstrable experience in the following areas: Microsoft 365 & Azure: Administration, troubleshooting, and solution design Networking: Configuration, deployment, and troubleshooting of enterprise network infrastructure Firewalls: Configuration and management of both hardware and software firewalls Server Infrastructure: Windows Server management, troubleshooting, and optimisation Problem Solving: Proven ability to diagnose and resolve complex, multi-layered technical issues Certifications At least one Microsoft Expert-level certification (examples: Microsoft 365 Certified: Administrator Expert, Azure Solutions Architect Expert, or equivalent) Professional Attributes Strong communication skills with both technical and non-technical audiences Comfortable working independently and making technical decisions Pragmatic approach to problem-solving-knowing when to leverage external resources or vendor support Willing to travel to client sites across North West, North Wales and surrounding regions Full UK driving licence What We're Looking For The ideal candidate is someone who: Enjoys the variety of working across different technologies and client environments Takes pride in solving challenging problems that others can't Values continuous learning and staying current with evolving technologies Understands that great IT support is as much about communication as it is technical skill Thrives in a collaborative team environment while being comfortable working autonomously Professional Development We're committed to developing our engineers' skills: Full certification support: We provide all training materials and pay for exam fees Performance bonuses: Additional rewards for completing agreed certifications Career growth: As a growing company, we create opportunities for those who help us expand Supported learning paths: We'll work with you to develop expertise in areas that interest you, including: • Advanced Microsoft 365 and Azure certifications • Network+ certification • Cybersecurity specializations What We Offer Compensation & Benefits Salary: £40,000 - £45,000 depending on experience Pension: 5% employer contribution Holiday: 22 days annual leave, plus bank holidays, plus your birthday off, increasing by 1 day per year after 5 years (maximum 31 days) Mileage: 45p per mile when using your own vehicle (company vans available) Certification bonuses: Rewards for completing agreed qualifications Training budget: All exam fees and learning materials covered Work Environment Predominantly office/site-based with occasional WFH flexibility Collaborative team of 20 engineers across all support tiers Modern tooling and equipment provided On-call rota: 1 week in 8 (rare need) Career Progression You'll report to our 3rd Line Team Leader and work alongside other senior engineers. While we're currently a lean team, we're growing-and those who contribute to that growth will find opportunities to progress. This is a great opportunity to join a growing firm where you will have the opportunity to develop a career, and uniquely have a say and share in the growth of the business.
18/05/2026
Full time
Senior IT Engineer (3rd Line) This is a great opportunity to join a growing firm where you will have the opportunity to develop a career, and uniquely have a say and share in the growth of the business. Due to continued expansion, they are looking for an experienced Senior IT / Project Engineer to join their team, working on varied projects and having the opportunity for continuous personal development and growth. They provide comprehensive IT support and project delivery services to SMB clients across all sectors, typically supporting organisations with 10-100 users. As part of a 20-strong engineering team, you'll work across a diverse portfolio of clients, delivering solutions in networking, Microsoft 365/Azure, security, and server infrastructure. The Role We're seeking an experienced Senior IT Engineer to join our 3rd Line support team. As one of the senior members of the team, you'll be a technical escalation point. This role requires someone who can diagnose complex issues, design solutions, and coordinate resources across the team to resolve challenging technical problems. You'll work predominantly from our office or working on client sites with occasional work-from-home flexibility . This is a hands-on role that combines technical depth with client-facing responsibilities. What You'll Be Doing Technical Leadership: Acting as a final escalation point for complex technical issues across networking, Microsoft 365/Azure, firewalls, and server infrastructure Solution Design & Delivery: Planning and implementing infrastructure projects for clients, from initial scoping through to deployment Client Support: Building strong relationships with clients, understanding their business needs, and translating these into technical solutions Team Collaboration: Working closely with 1st, 2nd and other 3rd line engineers, sharing knowledge and directing resources to resolve issues efficiently Continuous Improvement: Contributing to internal processes, standards, and security posture improvements Out-of-Hours Support: Participating in our on-call rota (1 week in 8) to provide emergency support when needed (rare) (additional pay when called) Essential Requirements Technical Skills You must have demonstrable experience in the following areas: Microsoft 365 & Azure: Administration, troubleshooting, and solution design Networking: Configuration, deployment, and troubleshooting of enterprise network infrastructure Firewalls: Configuration and management of both hardware and software firewalls Server Infrastructure: Windows Server management, troubleshooting, and optimisation Problem Solving: Proven ability to diagnose and resolve complex, multi-layered technical issues Certifications At least one Microsoft Expert-level certification (examples: Microsoft 365 Certified: Administrator Expert, Azure Solutions Architect Expert, or equivalent) Professional Attributes Strong communication skills with both technical and non-technical audiences Comfortable working independently and making technical decisions Pragmatic approach to problem-solving-knowing when to leverage external resources or vendor support Willing to travel to client sites across North West, North Wales and surrounding regions Full UK driving licence What We're Looking For The ideal candidate is someone who: Enjoys the variety of working across different technologies and client environments Takes pride in solving challenging problems that others can't Values continuous learning and staying current with evolving technologies Understands that great IT support is as much about communication as it is technical skill Thrives in a collaborative team environment while being comfortable working autonomously Professional Development We're committed to developing our engineers' skills: Full certification support: We provide all training materials and pay for exam fees Performance bonuses: Additional rewards for completing agreed certifications Career growth: As a growing company, we create opportunities for those who help us expand Supported learning paths: We'll work with you to develop expertise in areas that interest you, including: • Advanced Microsoft 365 and Azure certifications • Network+ certification • Cybersecurity specializations What We Offer Compensation & Benefits Salary: £40,000 - £45,000 depending on experience Pension: 5% employer contribution Holiday: 22 days annual leave, plus bank holidays, plus your birthday off, increasing by 1 day per year after 5 years (maximum 31 days) Mileage: 45p per mile when using your own vehicle (company vans available) Certification bonuses: Rewards for completing agreed qualifications Training budget: All exam fees and learning materials covered Work Environment Predominantly office/site-based with occasional WFH flexibility Collaborative team of 20 engineers across all support tiers Modern tooling and equipment provided On-call rota: 1 week in 8 (rare need) Career Progression You'll report to our 3rd Line Team Leader and work alongside other senior engineers. While we're currently a lean team, we're growing-and those who contribute to that growth will find opportunities to progress. This is a great opportunity to join a growing firm where you will have the opportunity to develop a career, and uniquely have a say and share in the growth of the business.
IT Service Desk Analyst required by market leading, award winning, professional services organisation based in Salisbury. This is an excellent opportunity for someone with a passion for technology and customer service to develop their skills within a supportive environment, acting as the first point of contact for IT support across the business. The Role Working as part of a collaborative IT team and reporting to the IT Director, you will provide front-line support to users, ensuring issues are logged, diagnosed, and resolved efficiently. Key responsibilities include: Acting as the first point of contact for all IT support queries Logging, categorising, troubleshooting, and resolving technical issues Escalating more complex problems to 2nd line support where required Supporting a range of applications, including Microsoft 365 and other business systems Assisting with hardware and software installations, configurations, and upgrades Contributing to IT projects, including system upgrades and new implementations Delivering a high level of customer service with a positive and proactive approach This is a user-facing role , requiring strong communication skills and a professional, approachable manner. About You Previous experience in an IT support or helpdesk environment is desirable Good working knowledge of Windows 10/11 and Microsoft 365 (Word, Outlook, Excel, PowerPoint) Basic understanding of networking and desktop hardware Awareness of cyber security best practices Strong problem-solving skills and attention to detail Excellent communication skills, with the ability to explain technical issues to non-technical users A positive, team-oriented attitude with the ability to work independently Working Pattern Monday to Friday, 9:00am - 5:00pm (35-hour week) Fully onsite in Salisbury (5 days per week) Occasional travel to a secondary UK office may be required Some out-of-hours work for upgrades or critical support Benefits Annual bonus Private medical insurance (BUPA) Competitive pension scheme 25 days annual leave Additional travel-related benefit (e.g. train/parking support)
18/05/2026
Full time
IT Service Desk Analyst required by market leading, award winning, professional services organisation based in Salisbury. This is an excellent opportunity for someone with a passion for technology and customer service to develop their skills within a supportive environment, acting as the first point of contact for IT support across the business. The Role Working as part of a collaborative IT team and reporting to the IT Director, you will provide front-line support to users, ensuring issues are logged, diagnosed, and resolved efficiently. Key responsibilities include: Acting as the first point of contact for all IT support queries Logging, categorising, troubleshooting, and resolving technical issues Escalating more complex problems to 2nd line support where required Supporting a range of applications, including Microsoft 365 and other business systems Assisting with hardware and software installations, configurations, and upgrades Contributing to IT projects, including system upgrades and new implementations Delivering a high level of customer service with a positive and proactive approach This is a user-facing role , requiring strong communication skills and a professional, approachable manner. About You Previous experience in an IT support or helpdesk environment is desirable Good working knowledge of Windows 10/11 and Microsoft 365 (Word, Outlook, Excel, PowerPoint) Basic understanding of networking and desktop hardware Awareness of cyber security best practices Strong problem-solving skills and attention to detail Excellent communication skills, with the ability to explain technical issues to non-technical users A positive, team-oriented attitude with the ability to work independently Working Pattern Monday to Friday, 9:00am - 5:00pm (35-hour week) Fully onsite in Salisbury (5 days per week) Occasional travel to a secondary UK office may be required Some out-of-hours work for upgrades or critical support Benefits Annual bonus Private medical insurance (BUPA) Competitive pension scheme 25 days annual leave Additional travel-related benefit (e.g. train/parking support)
Technical Author - OT Cyber Security 6-12 Month Contract Remote A leading organisation within the energy industry is seeking an experienced Technical Author to support the development of operational technology (OT) cyber security documentation. This role will focus on converting complex security policies and regulatory requirements into practical, user-friendly operational procedures. The ideal candidate will possess strong knowledge of OT environments, industrial control systems, and the NIS regulatory framework. Technical Author Key Duties Produce and maintain detailed OT cyber security procedures in line with NIS obligations. Convert technical standards, policies, and security requirements into clear operational instructions. Collaborate with engineering, cyber security, and governance teams to create consistent working practices. Document the implementation of security measures across operational environments. Maintain clear alignment between compliance requirements, policies, and operational delivery. Assist with document governance, revision management, and audit preparation activities. Develop procedural documentation for a variety of OT technologies and platforms. Review existing processes to identify operational gaps and recommend improvements. Technical Author Required Experience Demonstrable background in technical documentation or technical writing roles. Strong understanding of the NIS regulatory framework and associated compliance requirements. Previous experience creating OT cyber security playbooks, procedures, or operational manuals. Knowledge of industrial control system environments including PLC, SCADA, DCS, HMI, SIS, and RTU technologies. Experience within power generation or other critical infrastructure sectors would be advantageous. Additional Information This Technical Author position is primarily remote; however, occasional travel to either Glasgow or Leeds may be required for stakeholder workshops and meetings. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We'll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment.
18/05/2026
Contractor
Technical Author - OT Cyber Security 6-12 Month Contract Remote A leading organisation within the energy industry is seeking an experienced Technical Author to support the development of operational technology (OT) cyber security documentation. This role will focus on converting complex security policies and regulatory requirements into practical, user-friendly operational procedures. The ideal candidate will possess strong knowledge of OT environments, industrial control systems, and the NIS regulatory framework. Technical Author Key Duties Produce and maintain detailed OT cyber security procedures in line with NIS obligations. Convert technical standards, policies, and security requirements into clear operational instructions. Collaborate with engineering, cyber security, and governance teams to create consistent working practices. Document the implementation of security measures across operational environments. Maintain clear alignment between compliance requirements, policies, and operational delivery. Assist with document governance, revision management, and audit preparation activities. Develop procedural documentation for a variety of OT technologies and platforms. Review existing processes to identify operational gaps and recommend improvements. Technical Author Required Experience Demonstrable background in technical documentation or technical writing roles. Strong understanding of the NIS regulatory framework and associated compliance requirements. Previous experience creating OT cyber security playbooks, procedures, or operational manuals. Knowledge of industrial control system environments including PLC, SCADA, DCS, HMI, SIS, and RTU technologies. Experience within power generation or other critical infrastructure sectors would be advantageous. Additional Information This Technical Author position is primarily remote; however, occasional travel to either Glasgow or Leeds may be required for stakeholder workshops and meetings. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We'll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment.
CREST Certified Penetration Tester (CRT) £50-60k Remote We're partnered with a well-established cyber security organisation that's continuing to invest heavily into its offensive security capability following sustained client growth across both commercial and regulated environments. As part of that growth, they're looking to hire a CREST-certified Penetration Tester to join a collaborative testing team delivering security assessments across a broad range of technologies and customer environments. This role would suit someone with around 2-3 years of hands-on penetration testing experience who is looking to continue developing within a highly technical and supportive environment. Salary: £50-60k DOE Working Structure: Remote with onsite client visits occasionally Security Clearance: Beneficial but not required (SC/DV) Certifications: CREST CRT, OSCP (Essential) The Role: You'll be involved in delivering: Web application penetration testing Infrastructure and internal network testing External vulnerability assessments Active Directory and privilege escalation testing Cloud security assessments across Azure/AWS Security reporting and remediation discussions with clients You'll work closely with senior testers and technical leads, gaining exposure to a wide variety of technologies, environments and engagement types. What They're Looking For: CREST Registered Tester (CRT) certification essential OSCP Certification Around 2-3 years of penetration testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud security certifications would be advantageous. If you're a CRT-certified Penetration Tester looking to continue developing your offensive security career within a strong technical environment, please apply or reach out for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
18/05/2026
Full time
CREST Certified Penetration Tester (CRT) £50-60k Remote We're partnered with a well-established cyber security organisation that's continuing to invest heavily into its offensive security capability following sustained client growth across both commercial and regulated environments. As part of that growth, they're looking to hire a CREST-certified Penetration Tester to join a collaborative testing team delivering security assessments across a broad range of technologies and customer environments. This role would suit someone with around 2-3 years of hands-on penetration testing experience who is looking to continue developing within a highly technical and supportive environment. Salary: £50-60k DOE Working Structure: Remote with onsite client visits occasionally Security Clearance: Beneficial but not required (SC/DV) Certifications: CREST CRT, OSCP (Essential) The Role: You'll be involved in delivering: Web application penetration testing Infrastructure and internal network testing External vulnerability assessments Active Directory and privilege escalation testing Cloud security assessments across Azure/AWS Security reporting and remediation discussions with clients You'll work closely with senior testers and technical leads, gaining exposure to a wide variety of technologies, environments and engagement types. What They're Looking For: CREST Registered Tester (CRT) certification essential OSCP Certification Around 2-3 years of penetration testing experience Strong understanding of web application and infrastructure testing methodologies Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, etc. Understanding of OWASP Top 10 and common attack vectors Strong report writing and communication skills Consultancy/client-facing experience beneficial Additional certifications such as CPSA or cloud security certifications would be advantageous. If you're a CRT-certified Penetration Tester looking to continue developing your offensive security career within a strong technical environment, please apply or reach out for a confidential conversation. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We're looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you'll focus on building high-impact detection capabilities, shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid / remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy: Lead projects from idea to deployment Innovation-driven: Develop cutting-edge detections beyond standard SIEM rules Collaborative: Work closely with internal teams and an outsourced SOC partner Mission-focused: Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You'll Bring Must-Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable / Nice-to-Have: Experience with Python, Terraform, or CI/CD pipelines Familiarity with Microsoft Purview, Entra ID, DLP, or Insider Risk tools Understanding of ISO 27001, Agile ways of working Knowledge of statistics, data science, or AI/ML applied to cybersecurity Relevant certifications (MS-500, AZ-500, SC-series, Security+, GSOC, CCSK) Perks & Benefits Hybrid / remote working options Flexible benefits package Opportunity to innovate and make a real impact in threat detection Work in a small, fast-paced, highly collaborative team Contribute to advancing precision healthcare using genomic data and AI Ready to build next-generation threat detection and protect life-changing data Apply today! Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Additional Resources will be acting in your best interest and may contact you in relation to the role, either by email, phone, or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please contact us. Additional Resources Ltd is an Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003.
18/05/2026
Full time
Join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare. We're looking for a Threat Detection Engineer who thrives on innovation and technical ownership. This role is not a traditional SOC position, you'll focus on building high-impact detection capabilities, shaping how security protects sensitive genomic and AI-driven data at scale. This role offers hybrid / remote working options, a salary range of £60,000 - £80,000 and benefits. Why This Role is Exciting High autonomy: Lead projects from idea to deployment Innovation-driven: Develop cutting-edge detections beyond standard SIEM rules Collaborative: Work closely with internal teams and an outsourced SOC partner Mission-focused: Protect critical healthcare data that supports precision medicine Key Responsibilities Design and develop threat-led detections using threat intelligence and threat-hunting outputs Create novel analytic techniques for incident detection Collaborate with an MSP SOC to maintain and tune the detection catalogue Build automated reporting dashboards using Microsoft Sentinel workbooks Support security initiatives including ISO 27001 activities and KQL-based tasks Ensure monitoring coverage across cloud platforms, SaaS apps, and internal systems Contribute to documentation of processes, tools, and detection logic What You'll Bring Must-Have Skills & Experience: Previously worked as a Threat Detection Engineer or in a similar role. Strong proficiency in KQL and hands-on experience with Microsoft Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable / Nice-to-Have: Experience with Python, Terraform, or CI/CD pipelines Familiarity with Microsoft Purview, Entra ID, DLP, or Insider Risk tools Understanding of ISO 27001, Agile ways of working Knowledge of statistics, data science, or AI/ML applied to cybersecurity Relevant certifications (MS-500, AZ-500, SC-series, Security+, GSOC, CCSK) Perks & Benefits Hybrid / remote working options Flexible benefits package Opportunity to innovate and make a real impact in threat detection Work in a small, fast-paced, highly collaborative team Contribute to advancing precision healthcare using genomic data and AI Ready to build next-generation threat detection and protect life-changing data Apply today! Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Additional Resources will be acting in your best interest and may contact you in relation to the role, either by email, phone, or text message. For more information see our Privacy Policy on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please contact us. Additional Resources Ltd is an Employment Business and an Employment Agency as defined within The Conduct of Employment Agencies & Employment Businesses Regulations 2003.
CHECK Team Leader Penetration Tester Security Cleared £80-90k Remote We're working with a leading cyber security consultancy looking to grow their penetration testing capability with the addition of a CHECK Team Leader (CTL) This is an opportunity to join one of the UK's largest CHECK-accredited, security-cleared testing environments, delivering high-impact testing across complex and highly secure customer estates. The role is primarily remote, with occasional onsite client engagements as required. Salary: £80-90,000 DOE Work Structure: Remote (with UK client visits) Security Clearance: Active or previously held DV clearance is essential. The Role: You'll be responsible for delivering high-quality penetration testing across a range of environments, while acting as a senior technical presence within the team. Engagements will include: Infrastructure penetration testing Web application testing Internal and external network testing Active Directory / privilege escalation assessments Cloud security testing Red team style activities and security assessments CHECK-based testing within highly secure environments You'll also be involved in scoping engagements, supporting clients through remediation discussions, and contributing to the continued growth and quality of the testing practice. What We're Looking For: Current CHECK Team Leader (CTL) certification Active DV clearance OR previously held DV clearance Strong hands-on penetration testing experience across infrastructure and applications Experience delivering testing within secure/government or high-assurance environments Strong client-facing communication skills Ability to write high-quality technical reports and communicate risk clearly Background working within a consultancy or dedicated security testing environment preferred Additional certifications such as CRT/CCT, OSCP, OSCE or similar are highly advantageous. If this sounds like you, apply now for immediate consideration. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
18/05/2026
Full time
CHECK Team Leader Penetration Tester Security Cleared £80-90k Remote We're working with a leading cyber security consultancy looking to grow their penetration testing capability with the addition of a CHECK Team Leader (CTL) This is an opportunity to join one of the UK's largest CHECK-accredited, security-cleared testing environments, delivering high-impact testing across complex and highly secure customer estates. The role is primarily remote, with occasional onsite client engagements as required. Salary: £80-90,000 DOE Work Structure: Remote (with UK client visits) Security Clearance: Active or previously held DV clearance is essential. The Role: You'll be responsible for delivering high-quality penetration testing across a range of environments, while acting as a senior technical presence within the team. Engagements will include: Infrastructure penetration testing Web application testing Internal and external network testing Active Directory / privilege escalation assessments Cloud security testing Red team style activities and security assessments CHECK-based testing within highly secure environments You'll also be involved in scoping engagements, supporting clients through remediation discussions, and contributing to the continued growth and quality of the testing practice. What We're Looking For: Current CHECK Team Leader (CTL) certification Active DV clearance OR previously held DV clearance Strong hands-on penetration testing experience across infrastructure and applications Experience delivering testing within secure/government or high-assurance environments Strong client-facing communication skills Ability to write high-quality technical reports and communicate risk clearly Background working within a consultancy or dedicated security testing environment preferred Additional certifications such as CRT/CCT, OSCP, OSCE or similar are highly advantageous. If this sounds like you, apply now for immediate consideration. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
