144 jobs found

Infrastructure Engineer Pay up to £52,442 plus 28.97% employer pension contributions, hybrid working, flexible hours, and great work life balance. DWP. Digital with Purpose. We are looking for experienced infrastructure engineers or cyber security professionals to assist us implementing security controls to protect our infrastructure and automate detection and response, to join our community of tech experts in DWP Digital. We're using fresh ideas and leading-edge tech to build and maintain digital solutions that will be used by nearly every person in the UK, every day and at key moments in their lives. DWP is the UK's largest government department. We help people into work and make payments worth over £195bn a year to support and empower millions of people. The scale of what we do is extraordinary, and our purpose is unique. We'd love you to join us. What skills, knowledge and experience will you need? Principles of Cyber Security Architecture. ITIL service management. IT infrastructure in on premise and cloud environments. Ability to design, build and maintain monitoring systems and processes to ensure the smooth operation of live services. Implementing security controls to help protect data, aligned to frameworks such as NIST or CIS Critical Security Controls. Infrastructure as code and DevOps principles. You and your role Our Security Platform Engineers help manage and develop the systems that keep our organisation secure. You'll work on the design and day-to-day running of enterprise-grade security platforms, making sure they're stable, resilient and aligned with industry standards like NIST and CIS controls. You'll be hands-on with a range of technologies, from cloud security and web application firewalls to threat intelligence, automation and vulnerability management. Your work will include managing platforms, solving problems, adding new features and creating alerts and controls to keep us protected If you enjoy working with cutting-edge security tools, collaborating with teams and making a real impact on cyber resilience, this is the role is for you. Details. Wages. Perks. Location: You'll join us in one of our brilliant digital hubs in Blackpool, Leeds, Manchester or Newcastle-upon-Tyne, whichever is convenient for you. Hybrid Working: We work a hybrid model - you'll spend some time working at home and some time collaborating face to face in a hub. Pay: We offer competitive pay of up to £52,442. Pension: You'll get a brilliant civil service pension with employer contributions worth 28.97%, worth over £12,000 per year. Holidays: A generous leave package starting at 26 days rising to 31 days over time. You can also take up to 3 extra days off a month on flexi-time. You'll also get all the usual public holidays. We have a broad benefits package built around your work-life balance which includes: Flexible working including flexible hours and flex-friendly policies Time off volunteering and charitable giving Bring your authentic self to work with 'I Can Be Me in DWP' Discounts and savings on shopping, fun days out and more Interest-free loans to buy a bike or a season ticket, so it's even easier for you to get to work and start making a difference Sports and social activities Professional development, coaching, mentoring and career progression opportunities. And we have an award-winning environment and culture: DWP have been recognised as 2024 Diversity Employer of the Year at the Computing Women in Tech Excellence awards Diverse and Inclusive Leadership at Digital Leaders Awards 2024 Commended as Best Place to Work in Digital category in the Computing Digital Technology Leaders awards 2025 Recognised as one of the Best Public Sector Employers at 2025 Women In Tech Employer Awards Process: We know your time is valuable, so our application and selection process is just two stages: Apply: complete your application on Civil Service Jobs. There'll be full instructions when you click through. Interview: a single stage interview online. CLICK APPLY for more information and to start your application. JBRP1_UKTJ

Senior Vulnerability Management Engineer Pontefract - 3 Days Onsite + Monthly Visit to Leicester HQ £50,000 - £68,000 - No sponsorship available VIQU have partnered with a leading FTSE-100 technology-driven retail organisation, operating on a major national and international scale. With vast warehouse operations, enterprise systems and a rapidly expanding digital footprint, the business is enhancing its Vulnerability & Threat Management function to protect a complex and ever-evolving technology landscape. As a Senior Vulnerability Management Engineer, you'll work within the Information Security team, taking ownership of vulnerability identification, validation, prioritisation and communication across the estate. You'll collaborate with engineering, incident response, threat intelligence and operational teams to provide actionable mitigation strategies, guide remediation efforts, and strengthen the overall security posture. This is a high-impact role in a proactive, forward-thinking security environment that values technical expertise, curiosity, and clear communication. The Role Administer and maintain vulnerability scanning and risk reporting platforms Lead on scoping, estimating and delivering major security projects Triage vulnerabilities, assess risk and support remediation teams with mitigation strategies Conduct security assessments and present findings to technical and senior stakeholders Manage and develop the organisation's Bug Bounty programme Produce high-quality reporting, dashboards and programme metrics Review and assess threat intelligence, advising on business impact and recommended countermeasures Support Incident Response during security incidents Participate in RvB exercises and validate threat intelligence findings Mentor junior team members and coordinate major remediation activities Stay ahead of emerging threats, attack techniques and industry trends About You Strong experience managing vulnerability management tools Deep understanding of malware, attack vectors, threat trends and vulnerability frameworks Solid IT background: network protocols, segmentation and server infrastructure Windows Server and/or Linux experience Excellent communication skills, with the ability to remain calm under pressure Experience with CVSS, CVE, CWE, OWASP, MITRE Analytical, detail-oriented and proactive Desirable: PCI-DSS/ISO27001, OT/SCADA, cloud fundamentals, TIP platforms, DevOps/code scanning, offensive security This role includes 3 days per week in the Pontefract office, plus a monthly visit to the Leicester site and additional onsite requirements as needed. Apply now to speak with VIQU IT in confidence. Or contact Aaron Chiverton via the VIQU IT website. Know someone great? Refer them and receive up to £1,000 if successful (terms apply). For more exciting roles and opportunities, follow us on IT Recruitment. JBRP1_UKTJ

Technical Operations Analyst Preston / Remote (onsite when needed) 12 months initially £41.94ph inside IR35 / Umbrella Working as part of a team safeguarding against cyber threats by developing and enhancing the Technical Operations capability across People, Process, and Technology, ensuring an efficient approach to all Cyber Operations. Proactively protecting the client through continual automation and testing of security controls. Continuously working toward organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. Core Duties Typical duties include (but are not limited to): Identification of process that can be automated to make the SOC more effective. Responsible for the overall delivery of the Technical Operations function by providing support to other members of the team to protect the client's systems against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets to construct actionable information to enhance the detection of suspicious activity within the business. On boarding new data sources to increase the visibility of security event information across multiple technologies. Creating security use cases to enable the wider SOC to respond to a wider array of threats. Identify where automation can assist the Incident Response team when investigating suspicious activity. Creation of analytic content to enable quantifiable metrics on SOC performance. Additional Accountabilities Able to lead a small Data project or support a larger project Work as a fully contributory member of the Cyber Security Team with the ability to delivery with limited guidance from the Line Manager. Expected to provide technical support to team members and provide support to individuals within specialist areas. Guides others in application of IM&T and Cyber processes. Manage own development including participating in on the job training and attending training programmes as appropriate. Provide support to others development, including the development of people within specialist areas. Responsible for training members of the team, monitoring their quality of work and contributing to pay decisions Knowledge, Skills and Qualifications A strong technical background with a detailed knowledge of cyber security, computer networks and operating systems. Broad and detailed experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDNs and Vulnerability Management. Analytical background, comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations. Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these. Knowledge and demonstrable experience of the MITRE ATT&CK framework. Good knowledge of enterprise computing technologies. Skills Understanding of enterprise networking and computing Knowledge of Python 3 programming language Demonstrable experience in using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform Knowledge of custom API's to leverage the SOAR's functionality Ability to communicate to other stakeholders across the business Technical documentation creation Mentoring junior members of the team The ability to obtain UK Government security clearance to SC Relevant industry and vendor qualifications such as CISSP, CISM, CompTIA security+ Cyber security framework knowledge such as MITRE ATT&CK Organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. JBRP1_UKTJ

Head of Cyber Security - Enterprise-wide Cyber & Information Security Location: London - 5 days on-site Salary: (phone number removed) per annum Type: Permanent My client is looking to recruit a Head of Cyber Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.

DevOps Engineer Akkodis are currently working in partnership with a leading service provider to recruit an experienced DevOps Engineer to join their leading cloud services team. Please note this is a hybrid role where you will be required to attend the office 2 days a week. The Role As ta DevOps Engineer you will be responsible for designing, building, and maintaining the infrastructure that powers our clients' cutting-edge platforms. In this role, you will be instrumental in automating the development pipeline and ensuring the reliability, scalability, and security of services within telecommunications and a managed service provider (MSP) environment. The Responsibilities CI/CD Pipeline Management: Design, implement, and manage continuous integration and continuous delivery (CI/CD) pipelines for all platforms, enabling rapid and reliable software releases. Infrastructure as Code (IaC): Develop and maintain cloud and on-premise infrastructure using IaC principles with tools like Terraform and Ansible. Containerization & Orchestration: Manage and scale containerized applications, ensuring high availability and efficient resource utilization in a multi-tenant environment. Automation & Scripting: Automate manual processes related to deployment, monitoring, and operations using scripting languages such as Python, Bash, or Go. Monitoring & Logging: Implement and manage robust monitoring, logging, and alerting solutions (e.g., Prometheus, Grafana, ELK Stack) to proactively identify and resolve system issues. Collaboration: Work closely with software developers, network engineers, and product managers to troubleshoot issues and optimize performance Security: Integrate security best practices (DevSecOps) into the development lifecycle, including vulnerability scanning, static code analysis, and compliance checks. The Requirements Hands-on experience in a DevOps, SRE, or similar role. Strong proficiency with at least one major cloud provider (AWS, Azure, or GCP). In-depth knowledge of container orchestration. Demonstrable experience with CI/CD tools like Jenkins, GitHub Actions, or Azure DevOps. Expertise in using tools like Terraform or Ansible. Proficiency in a scripting language such as Python or Bash. Solid understanding of networking principles (TCP/IP, DNS, HTTP/S, Firewalls If you are looking for an exciting new challenge to play a pivotal part in a market leading organisation please apply now. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Senior Infrastructure Engineer Duration: 12-month fixed-term staff contract (not contract), with a strong potential for conversion to a permanent role. Location: This role is office based ,located in Hammersmith, London + 1 day remote work per week We are looking for a highly motivated and experienced Senior Infrastructure Engineer to join our global IT team. The successful candidate will play a key role in designing, implementing, maintaining, and supporting our entire IT infrastructure, which supports our business operations across multiple international locations. This is a practical role requiring a combination of deep technical expertise in Microsoft, VMware, and Cloud technologies, strategic thinking, and the ability to work effectively in a fast-paced, international setting. The ideal candidate will be a proactive problem-solver, a mentor to junior team members, and a driving force in the ongoing improvement of our IT services. Key Responsibilities Infrastructure Management & Support: Design, build, and maintain the company's global IT infrastructure, including on-premises HPE/Dell server and storage hardware, co-located data centres, and cloud-based systems. Manage and administer our hybrid cloud environment, with a strong focus on Microsoft Azure, Entra ID, and Azure MDM for modern device management. Ensure the security of our infrastructure and data by managing on-premises and cloud security controls and working closely with the Security Operations Centre (SoC) to action vulnerability management and system patching. Manage and maintain our Windows and Linux (CentOS, Red Hat, Ubuntu) server estate, as well as core Microsoft services (AD, GPO, DNS, NPS/Radius, CA, SMTP Relay), and our extensive VMware vSphere/vCenter virtualisation platform. Administer and optimise our System Centre Configuration Manager (SCCM) hierarchy, including Primary/Secondary sites, Distribution Points, Cloud Management Gateway (CMG), and Azure integration for global software deployment and updates. Manage and maintain our VDI environment (VMware Horizon/Citrix/OLVM), ensuring a reliable experience for our global user base. Take ownership of the company's backup and disaster recovery solutions, primarily using Veeam, and manage our tape library infrastructure. Provide 3rd line support for complex technical issues, acting as an escalation point for the service desk and junior engineers. Plan and execute infrastructure projects, including upgrades, migrations, and new implementations. Act as a technical lead and mentor for junior infrastructure engineers, fostering a culture of knowledge sharing and professional development. Requirements Extensive experience in a senior infrastructure engineering role, preferably within a global or multi-site SME. Expertise in the Microsoft Stack: Cloud Technologies: System Centre Configuration Manager (SCCM): Virtualisation & VDI: Hardware Experience: Networking & Monitoring: Security & Asset Management: Server Operating Systems & Backups:

The closing date for applications is 11.59pm 7 Jan 2026 . First stage interviews over MS Teams will take place between January 2026. Second stage interviews will take place at our offices in Victoria on Wednesday 28 and Friday 30 January. What are the main responsibilities of this role? •Manage partners/suppliers to assure service continuity and supplier performance in terms of technical quality and performance metrics. •Responsible for EUC service delivery, ensuring availability, performance, and compliance. •Produce Statements of work for Suppliers to deliver to and manage delivery, assure success and technical quality of the work delivered. •Lead endpoint strategy, lifecycle planning, and BIOS/driver governance. •Manage Intune migration and endpoint refresh programmes. •Oversee AV device management (Surface Hubs, Cisco, Neat Boards). •Collaborate with InfoSec on endpoint security to ensure EUC estate is compliant. •Drive automation, standardisation, and proactive monitoring. •Act as escalation point for EUC-related incidents and problems. •Maintain structured documentation, SOPs, and CMDB accuracy. How does this align to the Government Digital Service DDaT Roles? This position aligns with the Digital, Data and Technology (DDaT) profession role of IT Service Manager within the Government Digital Service framework. While this serves as a reference point for capability and expectations, the responsibilities of this role extend beyond the standard DDaT definition. For further details, please refer to the official DDaT role description: IT Service Manager DDaT Capability Framework. Relationships: Reporting to: Head of Service Management Relationships: Part of a 3-person team alongside the Service Management Lead working under the Head of Service Management, which in turn works alongside the Infrastructure Operations team under the Head of Digital Operations. Internal: Working with all teams across Digital Services and Information Security (InfoSec). External: Multiple third-party support vendors. Resources Managed: None Security Clearance: NAO DS Operators at this level must be SC cleared as part of the onboarding process. Responsibilities: Organisational Admin & Management •Maintain structured documentation and SOPs for EUC services. •Support internal communications and cross-team knowledge sharing. •Contribute to CMDB accuracy and asset lifecycle governance. •Participate in team engagement and improvement workshops. •Lead and assurance of onboarding new devices and services. •Represent EUC operations in governance forums. Service Delivery •Ensure availability, performance, and SLA compliance across EUC platforms including supplier performance management. •Responsible for MDM tooling and endpoint refresh programmes. •Administer Windows Operating System, Office 365, and third-party applications. •Lead Video Conferencing/Audio-visual device management (Surface Hubs, Cisco, Neat, etc.) including peripherals and managing supplier who supports and develops. •Maintain accurate configuration and asset data in ITSM Tools. •Lead on service validation and testing for new deployments. •Manage vendors and suppliers to ensure service continuity and upgrades. •Monitor endpoint performance and identify improvement opportunities. •Manage patching, backup, and DR readiness for endpoint platforms. •Lead onboarding of EUC services into operational support. Strategic •Lead endpoint strategy, BIOS/driver/firmware governance, and app lifecycle planning. •Produce technology roadmaps to ensure architecture decisions for all EUC and AV services are fit for purpose. •Write Statements of work, engaging in supplier workshops to determine solutions where necessary. •Contribute to service catalogue evolution and governance frameworks. •Recommend tooling improvements and automation opportunities. •Provide input into training needs and capability uplift. •Liaise with senior stakeholders on EUC priorities. •Develop metrics and dashboards for EUC performance and risk. •Advocate for cost-effective and scalable endpoint solutions. Support •Act as escalation point for EUC-related incidents and problems. •Conduct root cause analysis and manage known error records. •Provide mentoring and guidance on structured troubleshooting. •Support resolution of ad hoc technical issues with a strategic approach. •Deliver remote support to Newcastle office and mobile users. •Collaborate with Problem Management Lead to remediate recurring issues. •Collaborate with Service Delivery Manager on queue management to ensure incidents are resolved within SLA/KPIs Security & Risk •Implement endpoint security controls and compliance policies. •Collaborate with InfoSec on vulnerability remediation and access governance. •Support change governance and compliance processes; provide evidence for GRC audits and align to industry certifications where applicable (including, but not limited to ISO 27001 & CE+). •Track and report on endpoint-related risk metrics and posture improvements. Development •Contribute to automation scripts and tooling enhancements. •Participate in pilots for new endpoint technologies and service improvements. Emergency Capacity •Provide capacity for major and urgent incidents. Working Environment & Requirements •You'll work on an agreed support rota to ensure coverage from 08 00, with core hours of 09 00, Monday to Friday, on-site in Victoria, London. Occasional attendance will be required at our Newcastle office with expenses paid for travel and accommodation. Due to the nature of the role, occasional (paid) weekend work as required, and Time-Off-In-Lieu offered for out-of-hours work during Mon-Fri. Key skills/competencies required Skills & Experience Leadership & Governance • Ability to govern EUC services, designing standards that ensure compliance aligned to strategic objectives. • Skilled in managing vendor relationships for endpoint and AV solutions, including SLA/OLA compliance and performance reviews. ITIL & Service Management Expertise • Strong command of ITIL practices: Change, Release, Problem, Knowledge, Configuration. • Collaborative, structured, and improvement-focused mindset. • Familiarity with SIAM and multi-supplier governance frameworks. Technical & Tooling Knowledge • Proven experience managing Windows Operating Systems, SCCM, Intune, Entra ID, and mobile platforms (iOS, Android). • Strong understanding of Windows as a Service (WaaS) and experience of managing patching, and endpoint lifecycle. • Familiarity with AV technologies (Surface Hubs, Cisco Desk Pros, Neat Boards). • Experience with MDM policy design and administration. • Skilled in PowerShell scripting and automation. Communication & Stakeholder Engagement • Strong communicator across technical and non-technical audiences. • Able to produce SOPs, runbooks, and user-facing guides. • Experience engaging suppliers, InfoSec, and project delivery teams. Desirable Certifications • ITIL 4 Foundation. • ITIL 4 Specialist: Monitor, Support & Fulfil (desirable). • PRINCE2 / AgilePM or equivalent delivery discipline (desirable). • Microsoft Certified: Modern Desktop Administrator Associate (MD-102) • Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) Key Behaviours • Work in accordance with the NAO s values and champion our diversity and inclusion strategy. • Demonstrate a strong commitment to their own self-development, to delivering the NAO s strategic objectives, and keep themselves up to date on office initiatives and information relevant to their work and specialism. • Use their knowledge and expertise to deliver high-quality work that supports their team objectives and contributes to organisational priorities. • Influence and add value by building their understanding and insight into the challenges and perspectives of stakeholders. • Look for innovative solutions for how we approach work and make suggestions for new ways for how we could deliver work and continuously improve our business processes to make them more efficient and effective. • Demonstrate an ability to balance tasks and priorities to lead a complex, challenging work package, including supporting the work of others. • Enable the NAO to lead by example in the delivery of high-quality, efficient business practices and support their teams to do so. • Comply with corporate responsibilities and support others to do so. • Take ownership of delivering high-quality work to time and quality standards. • Proactively look for ways we can improve our ways of working and make suggestions for how these could be implemented. • Engage confidently with colleagues and clients at all levels to support the delivery of work and build good relationships with key stakeholders. • Work flexibly to contribute to a range of topics and outputs and take ownership of driving work forward and responding to challenges.

My client, a Global organisation based in Newcastle city centre are seeking an experienced Head of IT Platform and Security to start ASAP. This pivotal role takes the lead in delivering breakthrough improvements in reliability and performance across technology platforms, ensuring our systems consistently exceed expectations. As the leading force behind our cyber security agenda, you will champion a step change in modern security controls-introducing cutting-edge measures that protect the business. You will lead four core technology towers, and inspire teams to set bold targets, measure progress, and celebrate success as we raise the bar for platform resilience, scalability, and security. Key Responsibilities: Strategic Leadership & Governance Define and drive the vision, strategy, and roadmaps for Platform towers, aligned with business objectives and risk appetite. Oversee integration and collaboration across the four core platform towers: Digital Workspace Services (DWS) Support and System Reliability Engineering (SSRE) Platform and Cloud Engineering (PaCE) Security & Network Operations (SNOPs) Establish and socialise the Cyber Security Strategy and Roadmap, ensuring alignment with enterprise resilience and regulatory requirements Cyber Security Leadership Shape the cyber security vision and build a corresponding technical roadmap which delivers a world class security controls across cloud infrastructure, networks, end points, identity & access management, application security, and threat detection. Collaborate closely with the SNOPs Lead to adapt the SNOPs roadmap priorities in line with shifts in industry, evolving threat landscape and regulatory requirements. Ensure effective 24/7 security operations (inc. security incident management) Collaborate closely with the Enterprise Resilience function (1st Line of Defence) to ensure integrated risk management and incident response. Promote stakeholder engagement and cross-functional collaboration to embed a culture of security awareness and ownership across the organisation. Operational Oversight Ensure high availability, performance, and security of all technology systems and infrastructure. Monitor and improve service levels, incident resolution times, and system reliability metrics. Lead cross-functional coordination for escalations, major incidents, and service continuity planning. Team Leadership & Development Provide leadership and direction to platform tower leads Foster a culture of continuous improvement, collaboration, and innovation across all teams. Support recruitment, onboarding, and capability development to meet evolving technology needs. Technology Platform Delivery Oversee the delivery and life cycle management of: Microsoft 365 and collaboration platforms Cloud platforms (design, automation, cost optimisation) Network and security operations (compliance, threat management) Monitoring, observability, and backup/recovery systems Ensure alignment with architectural standards and regulatory requirements (eg, DORA, Cyber Essentials Plus). Stakeholder Engagement Act as the escalation point for unresolved issues across platform towers. Collaborate with product teams, business units, and external vendors to ensure service excellence and alignment with user needs. Represent Technology in all relevant Information Security, Risk and project Committees, ensuring visibility and accountability for and robust management of cyber security risks. Represent Security and Platforms and in governance forums such as the Architectural Review Board (ARB). Essential Skills Proven leadership in managing cyber security and cross-functional technology teams in a complex, global environment. Deep understanding of IT infrastructure, cloud platforms (eg, Azure), and enterprise collaboration tools (eg, Microsoft 365). Strong grasp of ITIL-based service management, including incident, change, and problem management. Expertise in security and compliance frameworks, including DORA and Cyber Essentials Plus. Prior hands-on experience in delivering security solutions within enterprise environments Knowledge of disaster recovery, business continuity, and vulnerability management. Excellent communication, stakeholder management, and vendor negotiation skills. Qualifications Bachelor's degree in Computer Science, Information Systems, or a related field (Master's preferred). ITIL Foundation certification (Intermediate or Expert level desirable). Relevant cloud certifications (eg, Microsoft Certified: Azure Solutions Architect, AWS Certified Solutions Architect). Experience 10+ years in IT leadership roles, with at least 5 years managing platform or infrastructure services. Demonstrated success in leading digital transformation or cloud migration initiatives. Experience working in regulated environments with a strong focus on security and compliance The role is Hybrid working 3 office days a week in a central Newcastle location great for transport links by train, car or bus. Apply now for immediate consideration.

AVP - Internal Auditor (Cyber Security) London, Docklands (Hybrid) £85,000 - £90,000 per annum + annual discretionary bonus On behalf of a Leading financial services organisation, I am seeking an experienced Internal Auditor with a background in a Cyber Security environment. The internal auditor will be primarily focused on leading audits, continuous monitoring, issue validation, and leading on departmental improvement initiatives. The organisation offers hybrid working with a non-negotiable 2 days a week in their London office, therefore you must be within reasonable commuting distance to London. Responsibilities: Develop and maintain working relationships with peers across the organization. To monitor strategic developments within the business to highlight any unidentified risks or potential control issues. Perform continuous monitoring of the business through frequent stakeholder engagement, under the direction of the director, to identify emerging risks and issues and report to audit management. Identify areas for improvement within Internal Audit and play a leading role on department improvement initiatives. Support and provide input into the Internal Audit risk assessment process to inform the Audit Plan. Execution of planning and testing for complex technology, information security audits and high-level reviews, including designing test strategies, audit test papers and drafting of audit findings. Validation to confirm management's remediation of audit and regulatory issues. Management and tracking of businesses remediation activities. Actively contributing to the ongoing improvement of audit practices and methodology. Proactively maintain knowledge, skills, and disciplines, with on-going professional development. Identify and share useful learning opportunities for other Internal Audit team members. Maintain the professional standard of the Internal Audit function and work within its agreed Terms of Reference and IIA standards/guidelines, Charter, and Mandate. Demonstrate adaptability to ensure that the audit focus is maintained on key issues, under the guidance of audit senior management. Experience/Skills required: Experience working within Internal Audit in a financial services environment (ideally banking) and audit experience across a range of different information technology in a financial institution. Ability to provide technical subject matter expertise during integrated audits. Excellent communication skills, both written and verbal. Experience and understanding of regulatory requirements, eg, FRBNY, FCA. Strong IT security and technical knowledge with approximately 8 years of experience within the industry. Working experience with common security/technology risk frameworks, for instance, ISO 27000, NIST, CIS Critical Security Controls, COBIT, and IIA GTAGs. Working experience with regulatory standards/requirements (US, UK) ie, GDPR, BCBS 239, FFIEC 101, 3402, CHAP. Working experience and/or knowledge of Security domains including Access management, Threat management, Incident response and recovery, Data protection, Vulnerability management, Monitoring and logging, Physical security, and Security risk management and governance. Working experience and/or knowledge of cloud, block chain, high volume transaction systems. Working experience and/or knowledge of application controls, input/output, configuration, application controls. Working experience and/or knowledge of data analytics/predictive analytics, data governance. Understand policy/directives, and ability to assess risks across all types of IT systems and operations. Audit/Project Management Certifications (desirable) - CMIIA (UK), CIA (US), CISA, CGEIT, CISSP, CISM, CompTIA, SANS, ISC2, Prince2, Agile etc.

Security, Governance, Risk and Compliance Manager- £(phone number removed) + Bens Warrington/Hybrid Over the past ten years, Talos360 has firmly established itself as a market leader in talent software solutions and online recruitment media with our innovations in the HR software space, Talos ATS & Talos Engage solving todays talent challenges. 2024 was a year where our business was recognised as the number 1 Great Place to Work overall mid-sized company in the UK, and the number 1 Great Place to Work Mid-tech company in Europe. This year we were excited to welcome Appraisd, and their performance management software products to the Talos360 family, and we have exciting plans for 2026 and beyond. Talos360 is a company like no other, and we are extremely proud to be recognised in this way. We support over 900 companies UK wide and are growing quickly. We are a SaaS technology business, with massive growth plans and investment. We have an exciting new opportunity for a forward thinking, effective and passionate Security, Governance, Risk and Compliance Manager to join our team. Our new Security, Governance, Risk and Compliance Manager would be responsible for ensuring effective frameworks, policies, governance, and risk management are in place to protect the integrity and confidentiality of information within our award-winning cloud-based software. The role is key to developing and maintaining internal control framework and will guide the evolution of our control mechanisms and governance processes and will help maintain a suitable security posture. Security, Governance, Risk and Compliance Manager Responsibilities -Driving major change initiatives to facilitate the design and implementation of appropriate control mechanisms, security initiatives and governance processes to pragmatically reduce risk. -Developing, managing and reviewing the risk and security metrics and governance frameworks, standard operating procedures and other quality management documents -Conducting and hosting internal and external audits to ensure compliance is adhered to -Review the Talos360 processes to ensure they add value and contribute to mitigating risks -Overall responsibility for the information, security and management system to maintain ISO27001 compliance and deliver improvements -Supporting internal teams with GDPR compliance and improvements -Defining internal policies and procedures and working with different internal teams to implement -To build effective, supportive relationships with key stakeholders to facilitate and develop the company and regulatory culture Security, Governance, Risk and Compliance Manager Required Skills - Previous experience in the review or risk, security and governance frameworks. - Comfortable building relationships with stakeholders across multiple teams and levels within the business, defining internal policies and procedures. - Understanding of Infosec best practice and cybersecurity essentials and an understanding of vulnerability operations such as scanning, and remediation - Experience working with relevant regulations, standards, and requirements (ISO27001, GDPR, DSP Toolkit and Cyber Essentials+) - Ideally experienced with Microsoft Azure or similar - Previous experience within a similar role within a SAAS would be advantageous On offer is a highly competitive salary, hybrid working style (3 days from our office and 2 days from home per week) and additional benefits including many social and business events held throughout the business year. Apply now to be considered for our Security, Governance, Risk and Compliance Manager role and be a part of our amazing company.

Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3 6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end-to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Managerwith a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives, helping them meet regulatory and industry security standards. Cyber Security & Centralised Services Manager Key Skills & Experience: Proven experience in a 3rd Line / Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud security architectures. Hands-on experience with endpoint protection, EDR/MDR/XDR platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Strong communication skills with the ability to present technical and security findings to non-technical stakeholders and clients. Proactive mindset in threat hunting, risk assessments and continuous improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part of a technically strong, supportive and collaborative security-conscious team in central London. Play a key role in strategic security projects, incident response and continuous improvement initiatives. Access ongoing training, certifications and professional development in cybersecurity. Join a company that holds the core values of Honesty, Accountability, Commitment, Innovation, Expertise and Collaboration

The Job: Were delighted to be assisting our client with their need for a Senior IT Systems Engineer. This role is to support their clients managed IT Support client base and develop and drive forward new requirements. Its important to note that this isnt a project engineer role but to support their clients on their service desk as a Senior Engineer. You will be reporting into the Service Desk Engineer. Responsibilities will include: Acting as a technical escalation point to the IT service desk Assist with pre-sales technical support Providing technical support by way of support tickets and emails Answering the phone when needed Completing business as usual activities such as vulnerability management, patching, backend systems troubleshooting Acting as primary technical lead Training other members of the desk, or assisting non technical staff with support issues Answering to the service desk manager A broad skill set is required for this role as you are the escalation point for the service desk. It is a pre-requisite that you have Azure platform & cloud-based skill set, with a comprehensive knowledge of traditional systems, server operating systems. The Person: For this role, our client is seeking someone with the following skills and experience. Previous experience held in an MSP environment is ideal but essential Experience in Azure and Microsoft 365 Strong technical experience of Microsoft Server operating systems, Microsoft core applications, such as Exchange, Domain Services Strong skills supporting Microsoft AD, DNS and Remote Desktop Services Experience supporting network related technologies and equipment Strong skills diagnosing & resolving client application, connectivity, and hardware-based incidents Understanding of virtualisation technologies and concepts Understanding of backup and DR technologies Excellent people skills Have own transport and driving license (though role is predominantly office based) Will be expected to complete Microsoft training, most likely one or all of the following: AZ-104 AZ-304 AZ-700 AZ800 & 801 The Salary: £31-37,000 depending on experience The Hours: Monday Friday 9am 5.30pm The Location: Bristol Hybrid working (3 days in the office) The Benefits: Free Microsoft training and certifications with ongoing professional development, 24 days holiday + Bank Holidays which increase with experience, Car Parking, Pension JBRP1_UKTJ

Infrastructure Engineer Birmingham B6 Hybrid A leading UK technology and distribution group is seeking an Infrastructure Engineer to join its growing IT function. This is a key role supporting a multi-site environment, ensuring secure, resilient, and high-performing infrastructure across both on-premise and cloud platforms. The Role You will be responsible for the design, implementation, and ongoing maintenance of core IT infrastructure, including servers, storage, networks, security tools, and cloud services. Working as part of a collaborative IT team, you will take ownership of infrastructure projects, troubleshoot escalated issues, and contribute to strengthening the organisation s cyber security posture. The role is hybrid, with regular onsite presence required at the Birmingham office. Key Responsibilities • Design, build, and maintain on-premise and cloud infrastructure • Implement upgrades and support infrastructure improvement projects • Administer servers, storage systems (SAN/NAS), and Azure services • Manage networks across multiple locations, including switches, firewalls, and wireless • Monitor performance and availability, responding to issues rapidly • Support backups, disaster recovery planning, and security initiatives • Produce and maintain technical documentation • Contribute to vulnerability management and security enhancements Key Skills and Experience • Strong experience with Palo Alto firewalls (deployment and configuration essential) • Solid understanding of networking protocols, routers, switches, and firewalls • Experience with SAN/NAS technologies • Good knowledge of cyber security principles • Strong analytical problem-solving skills • Confident communicator who can work well with both technical and non-technical teams • Ability to manage multiple tasks, prioritise effectively and work under pressure Benefits • Bonus up to £5,000 • 25 days holiday increasing with service • Pension scheme with 5 percent employer contribution • Life assurance • Health and wellbeing cashback scheme • Discounts, rewards, long-service awards and wellbeing support • Hybrid working Birmingham B6 just off M6 junction 6 This is an excellent opportunity to join a well-established organisation with strong values, long-term vision, and a commitment to development and progression. If you have the right technical background, strong Palo Alto experience, and the ability to work onsite in Birmingham when required, we d love to hear from you.

Contract Cyber Security Architect Rate: £650 to £750 p d Clearance: SC or DV required Location: Hybrid with some client site time Ncounter are supporting a Defence programme building new cloud services on MODCloud, moving first onto GCP and later SCC. We are seeking a Cyber Security Architect to join a newly formed Agile Release Train and ensure the solution being delivered is secure, practical, and aligned to NIST and wider HMG standards. You will work across several scrums, providing clear technical guidance, shaping controls, and enabling secure design in a fast moving environment with limited runway. Key Responsibilities • Translate NIST controls into practical cloud design and implementation guidance. • Lead the design of an ABAC access model using Open Policy Agent. • Shape an IdP approach that links human identity to ABAC policies. • Advise on delegation of authority models for security systems. • Assure security decisions across the cloud architecture and delivery pipeline. • Produce clear, concise documentation to support accreditation and engineering teams. What You Bring • Strong cyber security architecture experience in Defence or complex public sector settings. • Knowledge across identity, PKI, vulnerability management, SIEM, cryptography and secure configuration. • Ability to guide teams in an agile environment and work across multiple scrums. • Flexible mindset and confidence dealing with evolving requirements. • Active SC or DV clearance. If you want to deliver meaningful impact on a major Defence programme and drive secure engineering from day one, we would like to speak with you. Send your CV to Ncounter for a confidential discussion.

Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)

Senior Security Engineer - Leeds - Up to 65,000 + Benefits A forward-thinking and rapidly scaling organisation in the UK FinTech space is seeking a Senior Security Engineer to play a pivotal role in shaping, implementing and maintaining security across its UK operations. You'll be the hands-on technical security lead for the UK arm of the business - working closely with global security teams, outsourced partners and UK subsidiaries to ensure best-in-class protection, compliance and operational excellence. You'll own technical approval processes, lead security delivery across projects, and act as a key escalation point for incidents. What you'll be doing: Maintaining and optimising security controls across firewalls, EDR, WAF, cloud posture management and encryption Leading patch, vulnerability and configuration management Overseeing IAM, privileged access and onboarding/offboarding controls Managing VPN, network and firewall security, including Zero Trust principles Ensuring secure baselines across endpoints, integrating MDM and supporting incident response Contributing to DevSecOps practices, CI/CD security integration and application testing Supporting compliance initiatives (ISO27001, Cyber Essentials Plus etc.) Promoting security awareness and collaborating with vendors, SOC and internal teams What you'll bring: A proactive and collaborative mindset, strong communication skills, and proven experience securing cloud-first environments, remote endpoints and identity frameworks. Knowledge of tools such as Palo Alto, OKTA/Entra ID, Trend Micro, Prisma, GlobalProtect or similar is advantageous. If you're excited by innovation, ownership and the chance to influence security from the ground up - we'd love to hear from you. People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.

Ready to take the next step in your penetration testing career and lead a high-performing team at a respected, fast-growing cybersecurity consultancy? This is your opportunity to join a CREST-certified organisation committed to excellence, innovation and integrity. As our new Penetration Testing Team Leader , you'll play a pivotal role in shaping cutting-edge testing services, developing talented testers, and helping protect clients across government, telecoms, finance, digital currencies and other critical sectors. With structured development, meaningful progression opportunities, and the chance to make a visible impact from day one, this is a role designed for a driven, highly skilled Team Lead who thrives on technical depth, leadership and solving complex security challenges. The Role at a Glance: Penetration Testing Team Leader Remote with travel to client sites and occasional meetings in London, UK or Channel Islands Up to £95,000 DOE Plus Benefits Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities. Growth: A structured career development plan and training Hours: 09:00 am to 17:30 pm Monday - Friday Development Opportunity: Career progression opportunities to develop a growing team of penetration testers and break new ground in testing. Company: Specialist information and cybersecurity consultancy and audit services Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose. Your Skills / Background: Existing CHECK Team Lead qualification and Team Lead experience. You will also be a tenacious problem solver and communicator with strong client-facing and leadership experience to lead engagements, mentor testers at all levels, and scope complex projects. The Penetration Testing Team Leader Opportunity: As Penetration Testing Team Leader, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. You will deliver hands-on technical penetration testing on a variety of projects and guide and direct the team. In return, you will benefit from an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects. This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans. Key Responsibilities: • Improve and develop penetration testing methodologies, guide project scoping and execution, establish new testing services, and shape the future direction of the testing function with senior management. • Deliver high-quality penetration tests across infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout scenarios, and cloud security assessments. • Work with client teams to research vulnerabilities and emerging attack vectors, plan assessments accordingly, and support clients during ongoing incidents. • Conduct vulnerability scans, unauthorised host discovery exercises, analyse findings, and translate results into actionable technical and business-risk recommendations. • Produce high-quality technical reports and create internal documentation, tooling, threat libraries, methodologies, and policies to ensure consistent, informed, and meaningful testing outcomes. • Provide technical presales support, contribute thought-leadership content (papers, articles, online posts, marketing material), and identify business development opportunities. • Mentor, coach, and help build the technical team, supporting their growth in knowledge, skills, and career development. About You: • A driven, battle-tested Team Leader, holding a current CHECK Team Leader qualification and proven senior-level experience • Extensive, hands-on penetration testing expertise backed by deep technical mastery • Fluent in a wide arsenal of security testing tools, using the right tech for maximum impact • Up-to-date, cutting-edge understanding of modern technologies, threats, and security trends • Well-versed in key industry bodies, frameworks, and security standards • Strong ability to translate vulnerabilities into real-world business risk, paired with standout reporting and client presentation skills • Proven track record in growing and developing technical teams, including reviews, appraisals, training plans, and long-term career progression • A credible, personable communicator who builds trust with clients, peers, and technical teams alike • Self-starter with a proactive mindset, comfortable taking initiative and driving outcomes • Genuinely passionate about penetration testing and nurturing teams across all skill levels • Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum but we are unfortunately not able to offer sponsorship) About Us: We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats. We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a Certifying Body • Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber Essentials • Training and awareness If you're a proven Penetration Testing Team Leader with CHECK TL status, a passion for advancing security testing, and the drive to mentor and grow a talented team, we'd love to hear from you. Step into a role where your expertise shapes real-world defence, your ideas influence future testing services, and your career continues to accelerate in a supportive, forward-thinking environment. Apply now and take the lead in a role that will challenge, inspire and reward you. Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

Ready to take the next step in your penetration testing career and lead a high-performing team at a respected, fast-growing cybersecurity consultancy? This is your opportunity to join a CREST-certified organisation committed to excellence, innovation and integrity. As our new Penetration Testing Team Leader , you ll play a pivotal role in shaping cutting-edge testing services, developing talented testers, and helping protect clients across government, telecoms, finance, digital currencies and other critical sectors. With structured development, meaningful progression opportunities, and the chance to make a visible impact from day one, this is a role designed for a driven, highly skilled Team Lead who thrives on technical depth, leadership and solving complex security challenges. The Role at a Glance: Penetration Testing Team Leader Remote with travel to client sites and occasional meetings in London, UK or Channel Islands Up to £95,000 DOE Plus Benefits Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities. Growth: A structured career development plan and training Hours: 09:00 am to 17:30 pm Monday Friday Development Opportunity: Career progression opportunities to develop a growing team of penetration testers and break new ground in testing. Company: Specialist information and cybersecurity consultancy and audit services Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose. Your Skills / Background: Existing CHECK Team Lead qualification and Team Lead experience. You will also be a tenacious problem solver and communicator with strong client-facing and leadership experience to lead engagements, mentor testers at all levels, and scope complex projects. The Penetration Testing Team Leader Opportunity: As Penetration Testing Team Leader, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. You will deliver hands-on technical penetration testing on a variety of projects and guide and direct the team. In return, you will benefit from an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects. This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans. Key Responsibilities: • Improve and develop penetration testing methodologies, guide project scoping and execution, establish new testing services, and shape the future direction of the testing function with senior management. • Deliver high-quality penetration tests across infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout scenarios, and cloud security assessments. • Work with client teams to research vulnerabilities and emerging attack vectors, plan assessments accordingly, and support clients during ongoing incidents. • Conduct vulnerability scans, unauthorised host discovery exercises, analyse findings, and translate results into actionable technical and business-risk recommendations. • Produce high-quality technical reports and create internal documentation, tooling, threat libraries, methodologies, and policies to ensure consistent, informed, and meaningful testing outcomes. • Provide technical presales support, contribute thought-leadership content (papers, articles, online posts, marketing material), and identify business development opportunities. • Mentor, coach, and help build the technical team, supporting their growth in knowledge, skills, and career development. About You: • A driven, battle-tested Team Leader, holding a current CHECK Team Leader qualification and proven senior-level experience • Extensive, hands-on penetration testing expertise backed by deep technical mastery • Fluent in a wide arsenal of security testing tools, using the right tech for maximum impact • Up-to-date, cutting-edge understanding of modern technologies, threats, and security trends • Well-versed in key industry bodies, frameworks, and security standards • Strong ability to translate vulnerabilities into real-world business risk, paired with standout reporting and client presentation skills • Proven track record in growing and developing technical teams, including reviews, appraisals, training plans, and long-term career progression • A credible, personable communicator who builds trust with clients, peers, and technical teams alike • Self-starter with a proactive mindset, comfortable taking initiative and driving outcomes • Genuinely passionate about penetration testing and nurturing teams across all skill levels • Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum but we are unfortunately not able to offer sponsorship) About Us: We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats. We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a Certifying Body • Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber Essentials • Training and awareness If you re a proven Penetration Testing Team Leader with CHECK TL status, a passion for advancing security testing, and the drive to mentor and grow a talented team, we d love to hear from you. Step into a role where your expertise shapes real-world defence, your ideas influence future testing services, and your career continues to accelerate in a supportive, forward-thinking environment. Apply now and take the lead in a role that will challenge, inspire and reward you. Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.