296 jobs found

OT Cyber Security Engineer Stone - Staffordshire (travel into the office once per week with the odd customer site visit in the UK) Permanent Up to 65k A leading company in operational technology and digital transformation is seeking an experienced Industrial Control Systems (ICS) Operational Technology (OT) Cyber Security Engineer to join their Service and Support team. The role involves designing and securing OT networks across various critical industries, conducting advanced threat analysis, penetration testing, and vulnerability assessments. The engineer will develop and implement cybersecurity solutions, lead risk mitigation efforts, mentor junior team members, and support project management and business development activities. The position requires travel to the office and customer sites across the UK. Essential Experience: Education & Experience : Bachelor's degree in computer/system science and 5+ years in cybersecurity, with 2+ years in critical infrastructure/ICS environments (e.g., SCADA, PLCs, RTUs). Industry Knowledge : Ability to work across sectors such as chemical, water, oil & gas, and energy. Technical Skills : Securing ICS communications protocols (e.g., MODBUS, OPC, DNP3). Designing/configuring secure networks (switching, routing, firewalls). Securing IT/OT communications and real-time/performance-sensitive systems. Documentation : Experience creating Functional Design and Cyber Security Specifications. Security Standards : Familiarity with frameworks such as NIST 800-53/800-82, ISO 27001, IEC 62433, NIS-R, etc. Stakeholder Management : Proven ability to manage relationships at all levels. Customer Focus : Commitment to customer service and performance culture. Clearance : Must be eligible for SC (Security Check) clearance. Desirable Experience: Experience in both engineering and non-engineering environments. Familiarity with customer satisfaction and retention initiatives. Knowledge of Lean and Agile tools (e.g., Microsoft Planner, JIRA, Confluence). Involvement in offensive cybersecurity (red teaming, use of tools like Metasploit, Nmap, etc.). Experience with physical security assessments aligned with NIS and NPSA standards. Expertise in Digital Forensics and Incident Response (DFIR) in industrial environments (e.g., VxWorks, RTOS, Embedded Linux, WinCC, PCS 7). Benefits: 28 days holiday plus bank holidays Flexible working, predominantly office based. Flexible Pension Scheme Life assurance policy Private health care (Rullion is a recruitment agency) Rullion celebrates and supports diversity and is committed to ensuring equal opportunities for both employees and applicants.

Information Security Engineer Birmingham Our client are a leading provider of care, education, and therapeutic services for vulnerable children and young people across the UK. They are passionate about creating safe, nurturing environments that transform lives. As part of their digital evolution, they are seeking a skilled Information Security Engineer / Analyst to help strengthen their cyber security posture and safeguard our systems and data. Reporting directly to the Head of IT this is a hands-on technical role focused on securing enterprise applications, infrastructure, and sensitive data. You'll be instrumental in implementing and maintaining robust security measures, conducting assessments, and responding to incidents. Collaboration across departments will be key to embedding security best practices throughout the organisation. Key Duties & Responsibilities Evaluate application architecture, source code, and third-party integrations for security risks Support secure software development lifecycle (SDLC) processes and promote secure coding standards Identify and remediate vulnerabilities using industry-standard tools Administer and configure security technologies (e.g., firewalls, SIEM, IDS/IPS, endpoint protection) Oversee access controls and identity management systems Conduct penetration testing and routine vulnerability scans Monitor networks and systems for threats; lead incident response efforts Perform root cause analysis and maintain incident response protocols Recommend enhancements to improve overall security posture Deliver security awareness training and ensure compliance with policies Produce monthly security reports and maintain documentation Required Skills & Experience 3-5+ years of experience in cybersecurity or information security roles Degree in Computer Science, Information Security, or equivalent practical experience Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, Cyber Essentials+ Hands-on experience with tools like Nessus, Qualys, SIEM, EDR, DLP, VPNs, and firewalls Strong understanding of network protocols (TCP/IP, DNS, HTTP, SSH) and segmentation Knowledge of Zero Trust architecture and cloud-native security practices Proficiency in identity and access management (Azure AD, MFA, SSO, RBAC) Skilled in log analysis, threat detection, and incident handling Excellent communication and stakeholder engagement abilities Certifications such as CEH, OSCP, CISSP, Security+, or GSEC are advantageous Salary/Package Basic salary of between £50k-£55k 4% Pension Life Insurance 3 x salary 25 days annual leave plus stautory - 1 x extra day every year for the first 3 years Blue Light Card Medicash - includes discounted gym memberships etc. Click apply now or speak with Chris Holliday for further information.

Contract Role - Security Analyst (Network & Endpoint) - England/Remote - 4+ Months Initial We are looking for a highly capable and technically skilled Security Analyst (Network & Endpoint) to join our cybersecurity team. This role focuses on network and endpoint security operations, threat intelligence, and incident response within a Security Operations Centre (SOC) environment. The successful candidate will have hands-on experience with leading security platforms and demonstrate the ability to operate at a team lead level. Role Overview: Job Title: Security Analyst (Network & Endpoint) Location: England/Remote Contract Type: Contract Duration: Contract till 31st Mar 26 Sector: Healthcare . Key Responsibilities: Network Detection & Response: Administer and optimise Darktrace for network threat detection, model tuning, and behavioural analysis. Investigate anomalies and escalate incidents based on network telemetry. Endpoint Protection: Deploy and manage CrowdStrike Falcon agents across enterprise endpoints. Maintain and update detection rules, ensuring alignment with threat intelligence. Security Operations Centre (SOC): Act as a Level 2 SOC Analyst and Incident Handler. Triage, investigate, and respond to security alerts and incidents. Collaborate with other SOC team members to ensure timely resolution and documentation. Threat Intelligence & Insider Threat Monitoring: Monitor threat feeds and manage Indicators of Compromise (IOCs). Conduct insider threat analysis and support investigations. Cloud & Identity Security: Use Microsoft Sentinel for incident investigation, alert correlation, and dashboard monitoring. Manage identity governance and conditional access policies via Microsoft Entra ID. Monitor Entra ID logs and integrate with Sentinel for rule-based alerting. Additional Technologies: Experience with Zscaler for secure web gateway and DLP. Exposure to Google SecOps is advantageous. Team Leadership: Operate at a team lead level, supporting junior analysts and coordinating operational tasks. Provide technical guidance and contribute to process improvement initiatives. Preferred Certifications: Essential: CompTIA Security+ Microsoft Certified: Security Operations Analyst Associate (SC-200) CrowdStrike Certified Falcon Administrator (CCFA) Darktrace Analyst Certification (if available) Desirable: GIAC Certified Intrusion Analyst (GCIA) EC-Council Certified Threat Intelligence Analyst (CTIA) Microsoft Certified: Identity and Access Administrator Associate (SC-300) CISSP or equivalent foundational certification Please feel free to contact myself - Daisy Nguyen at Gibbs Consulting for a confidential chat to know more details about the role. Please also note: Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.

A leading international specialty insurance and reinsurance group is seeking an experienced and forward-thinking Chief Information Security Officer (CISO) to lead and modernize its global cyber security function. The CISO will drive the evolution of its security strategy-from a compliance and risk-led model to a proactive, preventative, and business-aligned cyber program. What you'll do: Develop and execute a comprehensive global information security strategy aligned with business goals and growth plans, ensuring a proactive and preventative security posture. Establish and mature a global Security Operations Centre (SOC) to strengthen detection, monitoring, and incident response capabilities. Lead enterprise-wide threat management initiatives , addressing vulnerabilities, mitigating risks, and reducing the likelihood and impact of cyber threats and attacks. Act as the principal security SME , providing leadership and oversight across Cloud Security, Product Security, GRC, Enterprise Security, and IT. Partner with senior IT leadership and business executives to embed security principles within operations, digital transformation, and corporate strategy. Cyber Governance & Risk Management: Enhance and maintain the organisation's Information Security Management Framework (ISO27001, NIST). Oversee vulnerability management, audits, incident response, and disaster recovery processes. Ensure compliance with all applicable regulations and standards across global jurisdictions. Operations & Performance: Oversee selection, implementation, and monitoring of appropriate security technologies and controls. Deliver timely management information, risk analysis, and performance reports to support executive decision-making. Manage budgets effectively and monitor return on investment for all security initiatives. Key Outcomes & Success Measures Zero material cyber incidents impacting the business. Implementation of a proactive and preventative cyber security program. Measurable improvement in overall security posture and ROI on cyber investments. Positive stakeholder feedback and achievement of business plan targets. What you'll bring: Proven track record in leading enterprise-level information security functions, preferably in financial services or insurance sector Strong knowledge of ISO 27001, NIST, and international security compliance frameworks. Deep expertise in cloud, infrastructure, and enterprise security architecture. Exceptional leadership, communication, and stakeholder management skills. Eligibility to work in the UK Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

Gleeson Recruitment Group have just taken a brief for an experienced Infrastructure Manager to work with a Midlands based business. We are seeking an experienced Infrastructure Manager to lead and unify the businesses infrastructure functions, driving the performance, reliability, and scalability of their IT systems. This role will be responsible for managing a team of approximately 12 engineers and specialists across various infrastructure domains, including cloud, on-premise systems, networking, storage, security and platform operations. The ideal candidate is a hands-on leader with a strategic mindset, capable of aligning diverse technical teams into a cohesive, high-performing unit that supports the organisation's goals with stability, efficiency, and forward-thinking innovation. Key Responsibilities: Team Leadership & Development Lead, mentor, and develop a multidisciplinary infrastructure team of 12 professionals. Foster a collaborative, accountable, and high-performance culture across infrastructure functions. Set clear objectives, provide ongoing feedback, and conduct performance reviews. Unifying Infrastructure Functions Align and integrate disparate infrastructure teams into a single, cohesive unit. Standardise processes, tools, and best practices across infrastructure domains. Establish a shared vision and direction for infrastructure services within the organisation. Strategic Planning & Execution Develop and execute infrastructure strategies that support organisational growth and technology objectives. Identify and implement opportunities for automation, cost savings, performance improvement, and scalability. Own capacity planning, infrastructure budgeting, and vendor management. Operational Excellence Ensure high availability, performance, and security of all infrastructure services. Oversee incident response and root cause analysis for infrastructure-related issues. Monitor KPIs and SLAs, ensuring service delivery meets or exceeds expectations. Collaboration & Communication Work closely with cross-functional teams including DevOps, Security, Application Development, and Product to ensure infrastructure meets business needs. Serve as the escalation point for infrastructure issues and communicate updates to senior leadership. Requirements: Experience & Skills Proven experience (5+ years) in infrastructure leadership or management roles. Demonstrated success in leading and transforming infrastructure teams into high-performing units. Strong background in cloud (e.g. VMware), networking, storage, and/or platform operations. Experience managing hybrid environments (cloud and on-premise). Excellent organisational, communication, and interpersonal skills. Ability to manage multiple priorities in a fast-paced environment. At Gleeson Recruitment Group, we embrace inclusivity and welcome applicants of all backgrounds, experiences, and abilities. We are proud to be a disability confident employer.By applying you will be registered as a candidate with Gleeson Recruitment Limited. Our Privacy Policy is available on our website and explains how we will use your data.

Senior IT Security Specialist to lead and strengthen the cyber resilience of a complex public-sector programme. The postholder will play a pivotal role in developing, implementing, and governing security strategy, ensuring compliance with national standards, and embedding robust cyber practices across digital and IT estates. This is a senior strategic and technical leadership role, ideal for a seasoned security professional with a background in enterprise-scale or local government IT environments. £700pd gross umbrella. Key Responsibilities Strategic Planning and Governance Develop, review, and maintain the IT Security Strategy aligned to organisational objectives and statutory duties. Lead the creation and enforcement of cybersecurity governance frameworks. Align security objectives with enterprise architecture and digital transformation strategy. Advise senior management and boards on cyber risk posture, incidents, and mitigations. Identify and manage strategic risks - technical, legal, reputational, and financial. Evaluate emerging technologies (AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or oversee reviews of system architectures, applications, cloud services (IaaS, PaaS, SaaS), and network security. Assess IAM/PAM implementations and M365/Azure/Active Directory configurations. Conduct or oversee penetration testing, vulnerability assessments, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain an IT Security Assurance Framework. Lead internal and external audits, accreditation, and certification activities (e.g. PSN, Cyber Essentials Plus, ISO 27001). Monitor compliance with standards and respond to audit findings. Analyse SIEM outputs, threat intelligence feeds, and monitoring tools. Performance Monitoring and Reporting Define and track key security KPIs and metrics. Produce security performance and risk reports for executive and board audiences. Maintain security risk registers and oversee remediation activity. Stakeholder Engagement and Leadership Act as senior security advisor to leadership, IT programmes, and project boards. Influence project governance to embed security by design. Represent the organisation in regional and national cyber forums (e.g. WARP, NCSC, iNetwork). Training, Awareness, and Culture Lead and support cyber awareness campaigns and training. Promote a culture of security and resilience across the organisation. Collaborate with HR and L&D to embed cyber hygiene into inductions and ongoing learning. Incident Management and Business Continuity Oversee the development and testing of Incident Response, Disaster Recovery, and Business Continuity Plans. Provide senior escalation and leadership during security incidents. Conduct post-incident reviews and ensure lessons learned drive continuous improvement. Continuous Improvement and Innovation Stay informed on emerging threats and industry trends. Champion automation and innovation in security operations (e.g. SOAR, XDR). Drive security maturity assessments and roadmap development. Essential Experience Proven leadership in IT or cyber security at enterprise or local authority level. Strong understanding of security governance, risk management, and compliance. Hands-on experience with cloud, network, and identity security. Familiarity with UK public sector standards (e.g. PSN, NCSC, GDPR). Relevant certifications desirable (CISSP, CISM, ISO 27001 Lead Auditor, etc.).

Essential Roles & Responsibilities (Full job description on Claranet careers site) As a Senior SOC Analyst (Team Leader), you apply your advanced security operations expertise to lead a team of SOC Analysts while performing advanced investigations and, when required, first-line triage to maintain queue health and SLA compliance. You are responsible for high-quality service delivery through detailed analysis, evidence-led response actions, and operational leadership. In addition to handling escalated alerts, you provide line management, oversee ticket quality, contribute to training and onboarding, and drive continual improvement. You work core business hours with participation in the on-call rota, ensuring consistent service support for customers and operational continuity across teams. Key Responsibilities • Incident Investigation and Response - You take ownership of escalated incidents, performing detailed investigations and, when necessary, stepping into first-line triage to guarantee prompt alert handling and escalation. • Team Leadership - You provide day-to-day leadership and line management for a team of SOC Analysts, conducting performance reviews, appraisals, one-to-one meetings, and development planning. • Quality Assurance - You own QA for the team's outputs, ensuring consistency, accuracy, and completeness of incident handling and documentation across the team. • Training and Onboarding - You lead knowledge-transfer sessions, support structured onboarding of new team members, and coordinate internal training to drive skill development and reinforce SOC best practices. • Continual Improvement - You identify opportunities to optimise workflows, enhance detection logic, and contribute to service-improvement initiatives across the SOC, including backlog reduction, knowledge-base expansion, and feedback loops from lessons learned. • Customer Communications - You provide timely incident updates and lead bridging calls with customers during high-priority incidents, ensuring that communications are clear, evidence-led, and aligned to customer expectations. • Threat Hunting Oversight - You lead and coordinate proactive threat hunting across customer environments, using hypothesis-based approaches to identify undetected threats and validate detection coverage. Essential Duties • Advanced Investigation and Escalated Response o Perform in-depth investigations using correlated data from all available tooling. o Reconstruct attack chains and identify root causes using MITRE ATT&CK. o Recommend and coordinate response actions to mitigate impact during active incidents. • IOC and Threat Analysis o Investigate indicators of compromise using commercial and open-source threat intelligence. o Validate alerts and determine their relevance to customer environments, providing context on adversary behaviour and recommending follow-up actions when threats are confirmed. • Threat Hunting o Lead and participate in threat hunts using hypothesis-driven approaches mapped to TTPs and MITRE ATT&CK. o Leverage telemetry and queries in tooling to identify suspicious indicators not surfaced through existing detection logic. o Document hunting activities, findings, and detection coverage gaps to support tuning and continual detection improvement. • Team Oversight o Provide feedback and coaching on triage techniques, escalation decisions, and ticket quality. o Monitor performance, manage formal HR processes, and support professional development through regular one-to-ones and quarterly appraisals. o Provide concise on-call handovers and status reporting to maintain continuity between core and shift teams, escalating risks or operational issues as needed. • Documentation and Reporting o Ensure clear, evidence-based documentation of incidents and investigations, including rationale for response actions and IOC validation. o Perform case-closure quality assurance to confirm investigation completeness and capture lessons learned. o Support knowledge-base development and post-incident reporting activities, ensuring reusable insights are recorded to improve future incident handling and analyst onboarding. Position Specification Required Qualifications and Experience • You may be required to hold or obtain UK Non-Police Personnel Vetting (NPPV) and/or a Security Check (SC) clearance as part of this role. • A minimum of 4+ years of SOC operational experience, with demonstrated ability across security analysis, incident response, and working escalated cases. • Proven leadership capability with experience line managing analysts, conducting performance reviews, and overseeing HR-related duties. • Experience providing ticket quality assurance and training delivery. • Familiarity with leading SIEM, endpoint and XDR security platforms, in multi-tenant MSSP environments. • Willingness to obtain or hold relevant security certifications, such as SBT BTL2 and CREST CRIA.

Senior Isp It Security needed in Bradford, £503.72 per day PAYE - Reference: Senior ISP IT Security Role - Key Responsibilities and Activities Strategic Planning and Governance Develop, review, and maintain the IT Security Strategy in line with organisational goals and regulatory obligations. Lead the creation and enforcement of cybersecurity governance frameworks. Align security objectives with enterprise architecture and digital strategy. Participate in board-level or senior management discussions around cyber risk. Identify and manage strategic security risks (technical, legal, reputational, financial). Evaluate and advise on emerging technologies (e.g. AI, RPA, cloud, hybrid infrastructure) from a security perspective. Policy, Procedure, and Guidance Oversight Review and update security policies, procedures, standards, and guidance regularly (e.g., acceptable use, remote access, incident response, etc.). Ensure alignment with frameworks such as NCSC guidance, ISO 27001, NIST, Cyber Essentials, and GDPR. Develop and communicate clear roles and responsibilities for information security across departments. Support Information Governance and Data Protection with policy harmonisation and compliance efforts. Technical Review and Oversight Undertake technical reviews of: New and existing systems, applications, and infrastructure. Cloud service configurations (IaaS, SaaS, PaaS). Network architecture, including firewalls, VPNs, and segmentation. Identity and Access Management (IAM) implementations, including PIM/PAM. Security configurations in Microsoft 365, Azure, Active Directory, etc. Conduct or oversee vulnerability assessments, penetration tests, and threat modelling. Review and approve technical designs and solution architectures from a security standpoint. Assurance, Compliance, and Audit Develop and maintain the IT Security Assurance Framework. Lead or coordinate internal/external audits and security assessments. Track and report on compliance with standards and regulatory requirements. Work with internal and external partners to deliver accreditation or certification activities (e.g., PSN, Cyber Essentials Plus, ISO 27001). Monitor and respond to findings from SIEM, threat intelligence feeds, or monitoring tools. Performance Monitoring and Reporting Define and monitor key security performance indicators (KPIs). Produce regular security reports for senior management and boards. Track risk registers, exceptions, and remediation actions related to security. Stakeholder Engagement and Leadership Act as the senior security point of contact for internal and external stakeholders. Provide advice and consultancy to IT projects, business units, and leadership teams. Influence and guide project governance to embed security early in the lifecycle. Represent the organisation at regional and national forums (e.g., WARP, NCSC, iNetwork). Training, Awareness, and Culture Lead and support cybersecurity awareness and training campaigns. Build a security-conscious culture across the organisation. Work with HR and Learning & Development to embed cyber hygiene into inductions and role-based training. Incident Management and Business Continuity Develop and review the Disaster Recovery and Business Continuity Plans for IT Services and support the Disaster Recovery and Business Continuity for the services areas. Oversee and periodically test the incident response and disaster recovery plans. Provide strategic direction and escalation oversight during major incidents. Conduct post-incident reviews and feed findings into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and automation (e.g., SOAR, XDR). Evaluate and recommend security products and services. Lead or contribute to security maturity assessments and roadmaps. This is a Full time role on a temporary contract basis. If you are interested in the role please apply on our website with your CV, alternatively you can email your CV to quoting the reference number. Essential Employment is acting as an Employment Business in relation to this vacancy. Essential Employment is an Equal Opportunities Employer. All our roles may be subject to pre-employment checks including references so please be prepared. Due to high volumes of CVs received we are not able to respond to all unsuccessful applications. You will always however hear from us by phone if we are able to take your CV forward to the next stage. You can also follow us at Twitter/Facebook/LinkedIn or via our website .

Information Security Analyst - Leading UK Construction Company A leading UK construction and development firm is looking for a proactive Information Security Analyst to join their IT Infrastructure team. This is a key role focused on strengthening cybersecurity, managing key security platforms, and supporting compliance initiatives. Key responsibilities: Monitor and manage network defence and vulnerability testing tools. Administer the cybersecurity awareness training platform and drive engagement. Support data protection and compliance activities. Conduct infrastructure security reviews and risk assessments. Collaborate with internal teams and external partners to enhance security posture. Ideal experience: Background in information security or infrastructure engineering. Strong understanding of network security, threat detection, and incident response. Familiarity with vulnerability testing and security awareness tools. Knowledge of GDPR and ISO27001 frameworks. Relevant certifications (CISSP, CISM, or CompTIA Security+) beneficial. Location: Northampton - full-time, office-based Type: PermanentIf you're passionate about cybersecurity and want to make an impact within a forward-thinking construction environment, get in touch to find out more.

I am currently working with a Charity who are seeking a Head of Information Security and Compliance. You will join an ambitious, focused and dynamic team who are passionate about how technology can enable our staff to deliver incredible support to the armed forces community. Role Purpose: The Information Security and Compliance Manager is responsible for developing, implementing, and maintaining security policies, procedures, and controls to protect the data and systems. They will play a pivotal role in the management and containment of security incidents, ensuring continuous improvement in their security posture while raising awareness for staff, volunteer and member communities. The post holder will lead on activities that assess, report and mitigate risk associated with third parties with the focus being to protect the confidentiality, integrity, and availability of information assets. Key Responsibilities: Information Protection Take responsibility for their information and data protection policies, practices and settings to include sensitivity labels, data retention policies and data loss protection policies Collaborate with the Head of Risk, DPO and VCISO to identify and manage information security risks and mitigating controls Lead the wider business areas to ensure security policies and procedures are embedded in all business processes. Take an active role in in the containment and reporting of information security incidents, including detection, response, remediation and communication. Third Party risk management Lead on the design and implementation of robust processes for reviewing & addressing the data security posture of third-party suppliers. Take a leading role in managing relationships with vendors and service providers to assess compliance with security and data protection policies and standards. Policy, Audit & Reporting Take the lead on the review process for information security policies working to agreed re-view schedules. Ensure all policies are published and made available to all staff and volunteers increasing awareness among these groups. Develop policies and procedures in accordance with industry regulations and standards such as Data Protection Act 2018, PCI-DSS, and ISO27001. Monitor tools for data governance, data security, and compliance to manage information security risks and regulatory requirements and detect and investigate possible information security incidents. Knowledge & Experience Significant proven experience in information security and compliance management. Familiarity with ITIL practices and risk management methodologies. Significant proven experience with cyber security incident management and response Strong knowledge of security standards and regulations, such as GDPR, PCI-DSS, and ISO27001 Experience of delivering data protections specifically data loss prevention, sensitivity labelling and retention (using Microsoft Purview) Experience of managing projects through to completion Skills & Attributes Excellent problem-solving skills and the ability to provide technical expertise and advice - Strong all round technical skills Strong communication and collaboration skills & proven ability to work effectively with various departments including senior leaders. Ability to explain technical solutions to a non-technical audience Ability to manage and organise own workload and be flexible and ready to adapt to changing demands Strong analytical skills with the proven ability to (use) on the data available to inform decisions and actions Qualifications Certified in one of the following: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC)

Head of IT Security - West London - (Enterprise-wide Cyber & Information Security) Location: West London - 5 days on-site Salary: £90-100,000 per annum My client is looking to recruit a Head of IT Security to lead and shape their enterprise-wide security function. This is a senior leadership role offering the opportunity to define security strategy, strengthen governance, and protect critical systems, data, and operations. The Role: As Head of Security, you will own the strategic and operational delivery of all information and cyber security activities. You'll develop and implement robust security policies, oversee incident response, and ensure compliance with GDPR, PCI DSS, ISO 27001, and Cyber Essentials Plus. You will be the single point of accountability for all security matters, reporting directly to the executive team and influencing critical business decisions. Key Responsibilities: Develop, maintain, and deliver a 3-5 year Security Strategy and Roadmap covering technology, people, and processes. Embed security by design across projects, platforms, data flows, and product development. Lead enterprise-wide information, cyber, and data security governance. Define and implement security frameworks, policies, and operating models. Ensure compliance with GDPR, PCI DSS, Cyber Essentials Plus, and ISO/IEC 27001:2022 aligned practices. Lead Data Protection Impact Assessments (DPIAs), data mapping, classification, and retention programs. Oversee incident response, vulnerability management, patch compliance, and secure configuration baselines using SCCM, Ivanti, Intune, GPO, and Azure Defender. Drive SOC integration, threat intelligence, and monitoring to continuously improve detection and response capabilities. Manage hybrid environments, including Azure, AWS, Nutanix, and on-premise infrastructure. Support SD-WAN, cloud Firewalls, CASB, Zero Trust, and SASE architectures. Own enterprise security risk assessments, track key risk indicators (KRIs), and report on cyber maturity to executive leadership. Drive security culture through training, phishing simulations, and awareness programs. Partner with IT, Legal, HR, and business units to embed security in operations and service delivery. Provide security input for vendor assessments, third-party risk, and M&A due diligence. Candidate Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security tooling selection and implementation. Deep understanding of data protection legislation, risk management frameworks, and compliance requirements. Exceptional leadership, stakeholder engagement, and influencing skills.

Primary Details Time Type: Full time Worker Type: Employee SOC Principal Analyst Permanent London/ Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The Opportunity QBE Europe is currently recruiting a SOC Principal Analyst to join our cyber security team in our London Office. Reporting to regional team leads, the SOC Principal Analyst will be a key member of our rapidly growing Global Security Operations team. Your new role This is an exciting hands-on technical role in which the specialist will use their security skills and knowledge to perform advanced analysis on the collection of cyber threats using high-level proactive and reactive threat hunting methods, classifying, analysing, prioritising and remediating security alerts/events. The focus is to provide effective, proactive and a highly technical analytical response to cyber security-related incidents to prevent QBE from becoming compromised by modern attack methods and techniques. Main responsibilities: Act as point of escalation and mentor to junior SOC analysts. Translates business objectives into security objectives by providing support in design/architecture for new security applications to improve the current security posture globally for QBE. Recommends and implements initiatives, develops IR processes and procedures. Contribute to the ongoing development of security operations "best practice" and support continuous improvement. Provide guidance regarding security technical support, and influence peers in following best practice. Review new security products and ascertain their suitability for the QBE environment. Execute threat hunting activities using various proprietary and open source tools to identify current and emerging threats that pose a risk to QBE. Build strong relationships with internal and external stakeholders to maintain and improve QBE security and enhance knowledge and information sharing. Actively communicate with staff and third parties to correctly identify and resolve problems and manage their expectations. Document incidents, requests and problem management information to ensure required compliance standards/SLAs are achieved. Use security tools and resources to correlate suspicious events, providing context around the event, determine root cause and provide regular updates and recommend modifications to existing systems and procedures. Perform deep-dive incident analysis of various data sources by analysing and investigating security related logs against medium-term threats and IOCs Actively manage and apply the phases of Incident Response (preparation, identification, containment, eradication, recovery and lessons learned) Act as a point of reference to guide and advise others to ensure the sharing of knowledge and best practice throughout the team. About you Advanced technical expertise of security solutions and technologies, including: Windows, Linux, Networking, Security Architecture experience and knowledge of packet flow/TCP/UDP traffic, Firewall and proxy technologies, cloud solutions, anti-virus, static and dynamic malware analysis techniques Expert in performing analytics with different types of logs, i.e. network, active directory, database, DNS, firewall, proxies, host-based security, cloud and applications logs etc. Working experience in leading security incidents at all levels related to incident response Working experience in managing 2nd/3rd level security events Ability to manage strong relationships with global security operations colleagues and other departments, including network teams and incident managers. Demonstrated ability to make decisions on remediation and counter measures Be able to communicate effectively and update senior stakeholders globally Why QBE? At My Best? ?At QBE, we want our people to feel rewarded and inspired to perform at their best, that's why we have created "At My Best".It's our connection, our way of showing we have your back. We understand that one size doesn't fit all and that priorities can change depending on your life stage. That is why our blend of wellbeing initiatives and benefits offer flexibility to suit what matters most to you. It's in the culture of our business, our QBE DNA, to support our people. Everything we do is underpinned by our QBE DNA.

Senior Cyber Security Analyst Up to £60,000 + bonus + benefits Crewe, UK (Hybrid - 3 days in office) Permanent Full-time We're looking for an experienced Senior Cyber Security Analyst to play a key role in protecting our client's systems, networks, and data. This is an exciting opportunity to lead on threat detection, incident response, and vulnerability management , while driving continuous improvement across the organisation's security posture. You'll collaborate closely with infrastructure, development, and compliance teams to maintain high standards of cyber resilience and uphold key frameworks such as ISO 27001 and Cyber Essentials Plus . Key Responsibilities: Lead threat detection, incident response, and vulnerability management activities Strengthen cyber security posture across cloud, infrastructure, and applications Provide expert guidance to development teams on secure SDLC practices Maintain compliance with ISO 27001 and Cyber Essentials Plus standards Mentor junior analysts and support SOC process development Key Skills & Experience: Strong technical background in cyber security Experience with application, cloud (AWS) , and infrastructure security Proven hands-on experience with EDR/NDR tools , particularly CrowdStrike Proficient with Linux and databases such as MySQL , PostgreSQL , Apache , and PHP Knowledge of ISO 27001 , Cyber Essentials , and general security frameworks What you get in return: Up to £60,000 per annum + bonus + benefits Hybrid working (3 days in office) Opportunity to take ownership of key cyber initiatives Professional development and training support This company is an equal opportunity employer and values diversity. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Interested? Please submit your CV to Meg Kewley at DCS Recruitment via the link provided. DCS Recruitment and all associated companies are committed to creating a working environment where diversity is celebrated and everyone is treated fairly, regardless of gender, gender identity, disability, ethnic origin, religion or belief, sexual orientation, marital or transgender status, age, or nationality

Lead Information Security Engineer This is a hybrid role and can be based from either our Peterborough, Manchester, Stoke, Tunbridge Wells or Chesterfield office. Role Purpose: Reporting to the Head of Information Security to provide tactical technical security support. The Lead InfoSec Engineer will be responsible for technical governance to security standards, Identity and Access Management expertise across multiple platforms. The role will provide ongoing technical assurance to digital systems and data to ensure that these are safe and secure. Special projects support will include PCI compliance, Cyber Essentials and other technical support where required. Provide line manager duties within the Information Security Team. Key Accountabilities & Responsibilities: Be an SME for PCI DSS and Cyber Essentials technical assurance Contribute to business and technology audits with technical evidence and advice Engagement with 3rd party partners as a SME and to ensure due diligence process adherence Contribute to the delivery of the security roadmap and a continuous improvement model for security Ensure Information Security controls are operating effectively Ensure where gaps are identified that these have remediation plans agreed and delivered Ensure effective Information Security pen testing co-ordination along with Vulnerability Security assessments Help embed security best practices throughout the business and early in projects Assist in 3rd party assurance Skills, Experience and Knowledge: Strong experience as a technical security expert. Excellent Infrastructure Knowledge specifically around Server Technology. Cyber security experience within a large complex corporate environment working with multiple partners. Proven knowledge and experience of IT and information security policies, practices and standards. Knowledge of current technologies in the field and the ability to learn new ones. Incident management experience including investigations and response. Cloud security experience would be highly beneficial PCI and Cyber Essentials expertise would be advantageous Why us? Markerstudy Insurance Services Limited (MISL) is one of the largest Managing General Agents in the UK. With a strong presence in the UK motor insurance market, we specialise in niche motor cover, where our solid market knowledge and experience enables us to create highly targeted products. Our success is underpinned by our underwriting strategy to identify and apply special risk factors to the customers' advantage. That, and our skilled underwriting technicians who are friendly, accessible and empowered to make decisions. We only transact business through professional UK insurance intermediaries and we take pride in fostering excellent working relationships. Our products feature prominently on Aggregators' sites, such as Confused, Go Compare and Compare the Market, via our broker partners. What we offer in return? A collaborative and fast paced work environment Private medical health care plan 25 days annual leave plus of Bank Holidays and the ability to buy holiday A benefit scheme that offers discounts and cashback on shopping, restaurants, travel and more Life Assurance 4x annual salary

About ILF Scotland: ILF Scotland (Independent Living Fund Scotland) is a public body that supports disabled people with high or complex needs to live independently. Funded by the Scottish Government and Department of Health (NI), it provides financial support through schemes like the main Independent Living Fund, the Transition Fund for young people, and grants for technology and future planning. ILF Scotland helps individuals gain choice, control, and full participation in their communities. About the role: As IT Operations Support, the modern apprentice will work closely alongside the Service Delivery Lead and IT Support Officer to ensure the availability and day to day running and development of the infrastructure and support ILF Scotland staff in using it. Please note : This position is to start in January 2026. Responsibilities: First line support to staff to troubleshoot ICT hardware and software problems accessing and using the SCOTS network Liaise with the iTECS to log, escalate and monitor open support calls Maintain and monitor ICT hardware; search for replacement hardware as required and provide quotes for the Digital and Information Service Team Maintain and manage the device catalogue and support the IT Service Delivery Manager in prioritising replacement devices (phones, laptops, WIFI-dongles, printers, tablets) With the ICI support company and Service Delivery Lead, develop a basic knowledge of the core client database system and how the two portals connect to it (applications portal and assessor portal) Liaise with the ICI system provider (DDS) regarding any technical issues Assist with any staff training in ICT, information security and data protection Manage the office WIFI network and liaise with suppliers on availability issues Support the HR, communications and engagement teams in any ICT set up for events, workshops and training sessions Learn the business continuity requirements and response arrangements if the ICT infrastructure were to fail or be attacked and support the incident response team to resolve the incident Be the recorder/scribe for any incidents which may require the incident response team to act Shadow the IT Security Manager to learn the safeguards and monitoring systems in place Monitor and liaise with the IT Security Manager regarding any alerts via the Spycloud portal Desirable skills: Detail oriented and with a good eye on accuracy of data Friendly and helpful attitude Flexible and able to prioritise a changing to-do list Confident in managing and completing tasks to deadlines Self-motivated Ability to work independently and as part of a team Well-honed organisational, planning and time management skills PC literate including Word, Excel and databases Salary: £25,235 - £28,131 per annum Working hours: 9am - 5pm. This role is offered on a hybrid working arrangement with an office based in Livingston. Closing date: 5pm on November 6th 2025. Benefits: Competitive salary Flexible working options A good work-life balance Pension Continual development Interviews: We are a Disability Confident employer and offer a guaranteed interview for any disabled applicant who may wish to take up on this offer, where they meet the essential requirements for the role. In addition, the same applies to those applicants who are care experienced. Future prospects: 90% of QA apprentices secure permanent employment after completing: this is 20% higher than the national average. Important information: This vocational apprenticeship comprehensively supports your specific job role with this particular employer. Throughout your learning journey, you are fully supported by your dedicated QA skills coach and your mentor at work. They ensure you settle in, help you develop all the skills you need to be successful in your job role and pass your assessments, and can provide one to one support. Starting with insights into your current potential, they plan your growth in a programmatic way, close skills gaps with immersive training and ensure what you learn is applicable to what you do. They talk you through the specifics on the qualifications you gain and how they align in particular to your day to day role. On completion, as well as the valuable work experience you have gained, you get a nationally recognised qualification at SCQF Level 6. If you are interested in starting your career and receiving a work based qualification at the same time APPLY NOW! Please be advised that this advert may close prior to the closing date stated above if a high number of applications are received. If you are interested in this vacancy please apply below as soon as possible.

JOB TITLE: Head of IT LOCATION: Rugby SALARY: £70k - £80k + 15% bonus WAY OF WORKING: Hybrid THE BUSINESS: Our client is a market leading organisation working behind the scenes to support well-known household brands across multiple sectors. THE HEAD OF IT OPPORTUNITY: As Head of IT, you'll lead a high-performing team, shape support strategy, and drive continuous improvement across multiple service areas. You'll play a pivotal role in enhancing the customer experience and ensuring technology consistently delivers business value. RESPONSIBILITIES Develop delivery strategy that aligns with business goals and user needs. Oversee product support operations to ensure effective issue resolution. Set and monitor SLAs and KPIs to maintain high service standards. Report on performance, identify areas for improvement and drive corrective actions. Lead the response to product incidents and coordinate cross functional teams, and analyse root causes. Manage and develop a team of product support specialists. Provide guidance, coaching and clear objectives. Act as the key link between business users, technical teams and external partners. Champion process improvements and new tools to optimise efficiency. THE IDEAL CANDIDATE WILL HAVE: Proven experience in product support management Strong technical understanding of business systems, databases, and the software development lifecycle Experienced in incident management, troubleshooting, and rot cause analysis Skilled leader with the ability to inspire and develop teams Excellent communicator with a customer-focused mindset Stakeholder management skills Knowledge of ITIL principles and service management best practices Comfortable in fast moving, change-orientated environments BENEFITS Inclusive of company sick pay, private medical insurance, 25 days annual leave + bank holidays, and company car/allowance. If you are interested in the role, please send an application detailing proof of the above or contact Amy Burton in our office. C4S Search connect talent with leading organisations and we are always keen to hear from those who work in the tech industry.

Product Security Architect Permanent role Based in Bristol Offering circa £80,000 Do you have experience in Security Infrastructure? Do you have experience in Secure by Design? Do you want to work with an industry-leading company? If your answers are yes to these, then this could be the role for you! As the Product Security Architect, you will be working alongside a market-leading Defence and Aerospace company who are constantly growing and developing. They are always looking to bring on new talents such as yourself and further develop your skills to enable you to grow within the company and industry! Some of what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks. Collaborate with the product development teams to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa £80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.

Service Desk Manager - ITIL - Liverpool Service Desk Manager with proficient experience in leading a team of IT service desk analysts, ITIL / another service management framework and improving the Service Desk function is required by a leading firm in central Liverpool. They are looking for a proven Service Desk Manager who has experience in pushing through change, by identifying problems and coming up with solutions that improve the Service Desk function. Experience managing SLA's and monitoring KPI's is also essential & you will join an already established service desk team which offers hybrid working, so 3 days in the office, 2 days working from home. Essential Skills Required: Experience in managing a Service desk / IT helpdesk team Working with external customers within service delivery / service desk Proven experience in change management in a Service Desk / Service Delivery, and a track record of improving the Service Desk function ITIL experience or another service management framework is a must A good understanding of incident, problem, change, and release management processes. The ability to drive the best Service and have a passion for IT technology The ability to identify process improvement and areas that are inefficient or need upgrading Excellent communication, people and stakeholder management skills, somebody who can drive through change and improvements across a Service Desk Ideally, a background in supporting software applications and managing change requests. The role is due to the massive growth and changing IT landscape. You need to know what looks good when running an IT Service Desk? Do you have a track record of pushing through change and making improvements? Some of the Key Responsibilities: Lead and manage the Service Desk team, ensuring staff development & performance improvement across the team Oversee the daily operations of the service desk to ensure timely resolution of incidents, problems, requests, and change-related activities. Drive improvements to the Service Desk processes and systems, identifying weaknesses and making the appropriate changes, including helpdesk system workflow improvements. Monitor and ensure adherence to SLAs and KPIs related to incident response times, resolution rates, and customer satisfaction. Build strong relationships with external customers, acting as a point of contact for service-related and change management issues. Improve and change service desk processes so they are aligned with best practices for incident management. Analysing feedback, where the backlogs occur, change management data to identify trends & recurring issues, and identify areas for service and change management improvement. Regular performance reports to senior management, highlighting success but also areas for improvement. Lead initiatives to enhance efficiency across the service desk team Own the incident and problem management process, ensuring incidents are resolved & the issues are addressed. Strategic planning for service and change management improvements to allow further growth This is a great opportunity for an experienced service desk manager to have the chance to be part of an outstanding team and make a real difference through change. My client is looking for a service desk team manager who is a people person and is ready to jump into a fast-paced environment and gain exposure to the latest tools. You will have the opportunity to revamp an existing service desk, implement your own knowledge and influence the team's success. My client is paying a starting salary of between £45,000 - £50,000 + Hybrid working. To apply, press the "apply now" button or send your CV to Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter and LinkedIn - Circle Recruitment.

OT Cyber Security Engineer Stone, Staffordshire (Remote Working Available) £NEG (Enquire for Details) Systems Integration Consultancy SC Clearance Eligibility Required MERITUS are working with a leading Systems Integration Consultancy based in Stone, Staffordshire. They're looking for an Operational Technology Cyber Security Engineer with a background in Industrial Control Systems (ICS/SCADA) This is a fantastic opportunity to join a high-performing engineering team working on critical national infrastructure projects across the energy, utilities, water, renewables, and manufacturing sectors. This role offers home-based flexibility with UK-wide travel and the chance to lead high-impact security projects within complex OT environments. As a Senior ICS OT Cyber Security Engineer, you will take a lead role in securing operational technology networks, delivering threat modelling, penetration testing, and cyber risk mitigation strategies for industrial environments. You will work closely with key stakeholders to design secure architectures, provide technical leadership on live security projects, and guide junior engineers in best practice for OT cybersecurity. The role requires candidates to be eligible for SC Level Security Clearance. Main Responsibilities: Lead the design and implementation of secure OT network architectures across critical infrastructure environments. Conduct attack path analysis, penetration testing and adversary simulations within ICS/OT environments. Perform cybersecurity risk assessments and technical security audits aligned to recognised industry frameworks. Develop technical design specifications and security documentation including functional and infrastructure specifications. Act as a technical mentor, guiding and supporting junior engineers within the cyber and OT engineering teams. Required Skills: Proven experience securing ICS/SCADA, PLCs, RTUs and industrial communication protocols (MODBUS, OPC, DNP3, etc.). Strong background in designing and configuring secure networks including switching, routing, and firewalls. Solid knowledge of IT/OT segmentation and secure cross-domain communications. Experience delivering projects in sectors such as energy, water, oil & gas, or manufacturing. Demonstrable experience conducting security assessments aligned to frameworks such as NIST 800-53/82, ISO 27001, IEC 62443, NIS-D/NIS-R. Desirable Skills: Hands-on experience with offensive security tools and red teaming in OT environments. Exposure to Digital Forensics and Incident Response (DFIR) within industrial networks. Experience working with Agile project tools such as JIRA, Confluence or Microsoft Planner. Main Benefits: Negotiable salary (enquire for details) 28 days holiday (bank holidays on top) Remote & flexible working options Private medical insurance 6.5% pension matched Got your attention? If you believe that you have the skills and experience for the Quality Engineer role - then please get in touch. We also offer a referral scheme for any candidates whose details are passed to us that we successfully place. If you have any further questions then please contact Ryan Harris at MERITUS.

We are partnered with one of the leading IT Support companies in Cambridge, looking to hire a confident and capable IT Support Specialist into their growing operation. The successful applicant can be either an established IT professional experienced in all the aspects of the role, or an upcoming IT professional perhaps at 2nd line level but keen to progress on into a more senior IT role.Our client prides itself on great response times and first-class customer service, so it is vital that you have a friendly, can-do manner and can work well under pressure. They are experiencing strong growth, so for the right candidate there is potential for career progression within the company.As an IT Support Specialist, you will play a crucial role in resolving technical issues and providing exceptional IT support to their clients, both on and off-site. You will collaborate with other IT teams to find root causes and implement timely solutions, ensuring incidents and service requests are properly logged, categorised, prioritised and resolved within agreed service level agreements (SLAs). As well as providing remote technical support, you will be required to travel to client sites to resolve technical issues and oversee the configuration of new equipment. This can include installing, configuring, and troubleshooting hardware, software, and network components, conducting system audits and providing comprehensive reports on IT environments. In addition you will assist clients with IT infrastructure upgrades, migrations and new system deployments, whilst also providing on-site training to clients as needed. In order to succeed in this role, you must be able to drive, enjoy working with customers face to face, and have a friendly, outgoing nature and be competent at problem solving. This is a Monday to Friday position, normal office working hours with regular social meet ups, the company has a welcoming and relaxed working environment, and is made up of experienced IT professionals with a good sense of humour who you can learn from in order to build your career. Future progression opportunities will be available for candidates with the right attitude and work ethic.Zero Surplus is East Anglia's premier recruitment agency, based just outside Cambridge our recruiters source staff for small and international businesses across Northants, Milton Keynes, Cambridgeshire and the East of England. For registration purposes please could you let us know where you are currently based or which locations you are considering as well as your required salary and notice period. Please upload a Microsoft Word version of your CV where possible, excluding text boxes or images. Any data we collect from you will be stored and processed in accordance with Zero Surplus' Privacy Policy.