We are seeking a highly experienced and strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine deep technical expertise with strong leadership skills to shape the future of cybersecurity, identity, and data protection within the organization. This position is designated as a Senior Management Function (SMF) under the Financial Conduct Authority regime, carrying personal accountability for compliance, operational resilience, and security effectiveness. The Role: Strategic Leadership Define and execute the global strategy for Cyber Engineering, IAM, and DLP in alignment with the enterprise security and technology roadmap. Serve as a trusted advisor to the CISO, CIO, and executive leadership on emerging threats, secure architecture, identity, and data protection. Establish metrics and reporting to demonstrate effectiveness, risk reduction, and compliance with regulatory requirements (e.g., National Institute of Standards Cyber Security Framework (NIST CSF), Digital Operations Resilience Act (DORA), New Tork State Department of Financial Services (NYDFS), Sarbanes-Oxyley (SOX), and the Financia Conduct Authority(FCA). Cyber Engineering Oversight Lead engineering teams responsible for core security platforms, including endpoint protection, cloud security, network defense, vulnerability management, and DevSecOps integrations. Build and mature a comprehensive vulnerability management program, including continuous scanning, risk-based prioritization, remediation tracking, and Board-level reporting. Drive innovation by embedding security into cloud, hybrid, and modern application architectures ("Secure by Design" principles). Ensure the adoption of automation, orchestration, and advanced analytics to improve detection, response, and resiliency. Identity & Access Management Own enterprise-wide IAM strategy, including workforce and customer identity, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication (MFA). Lead initiatives to modernize and integrate IAM platforms to support cloud adoption, Zero Trust, and frictionless user experiences. Partner with business and technology leaders to enable secure digital transformation through robust identity services. Data Loss Prevention (DLP) Advance a comprehensive Data Loss Prevention program to safeguard sensitive information across endpoints, cloud, email, and collaboration platforms. Establish enterprise-wide policies and controls to prevent unauthorized data exfiltration, insider threats, and regulatory breaches. Implement monitoring, classification, and enforcement mechanisms that balance data protection with business enablement. Partner with business, compliance, and data governance teams to align DLP strategy with General Data Protection Regulation, Financial Conduct Authority, Prudential Regulation Authority, Sarbanes-Oxley, and other global data protection requirements. Provide executive and Board-level reporting on data protection risks, incidents, and mitigation efforts. Governance, Risk & Compliance Ensure IAM, DLP, and security engineering practices meet regulatory, audit, and policy requirements. Define and maintain standards for identity lifecycle, access controls, data handling, and information protection. Oversee risk assessments and remediation programs tied to IAM, DLP, and security engineering platforms. Senior Management Function (FCA Responsibilities) As an FCA-designated Senior Management Function (SMF) role, the position carries individual accountability under the Senior Managers & Certification Regime (SM&CR). Specific responsibilities include: Personal accountability for ensuring cyber, IAM, and DLP controls are effective, proportionate, and aligned with FCA expectations for operational resilience and financial sector stability. Maintaining robust governance, oversight, and risk management frameworks for engineering, identity, and data protection, ensuring risks are identified, escalated, and remediated in line with FCA and PRA requirements. Demonstrating reasonable steps have been taken to oversee outsourced arrangements, third-party providers, and cloud services related to IAM, DLP, and cyber platforms. Ensuring Board and regulators receive timely, accurate, and complete information on cyber, identity, and data protection risks, vulnerabilities, and remediation activities. Acting as the point of accountability for operational resilience in cyber engineering, IAM, and DLP, supporting FCA requirements around impact tolerance, scenario testing, and response planning. Requirements: Progressive experience in cybersecurity, with extensive experience in leadership roles across IAM, cyber engineering, and/or data protection. Proven track record of leading global security programs at scale in complex, regulated environments (financial services strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability to influence at Board and executive levels. Relevant certifications (CISSP, CISM, CCSP, CIPP/E, SABSA, or equivalent) preferred. We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email your recruiter.
05/12/2025
Full time
We are seeking a highly experienced and strategic senior leader to oversee our Cyber Engineering, Identity & Access Management (IAM), and Data Loss Prevention (DLP) functions. This role will be responsible for driving the design, delivery, and governance of enterprise-wide security engineering solutions, while ensuring secure, scalable, and resilient identity and data protection services. The ideal candidate will combine deep technical expertise with strong leadership skills to shape the future of cybersecurity, identity, and data protection within the organization. This position is designated as a Senior Management Function (SMF) under the Financial Conduct Authority regime, carrying personal accountability for compliance, operational resilience, and security effectiveness. The Role: Strategic Leadership Define and execute the global strategy for Cyber Engineering, IAM, and DLP in alignment with the enterprise security and technology roadmap. Serve as a trusted advisor to the CISO, CIO, and executive leadership on emerging threats, secure architecture, identity, and data protection. Establish metrics and reporting to demonstrate effectiveness, risk reduction, and compliance with regulatory requirements (e.g., National Institute of Standards Cyber Security Framework (NIST CSF), Digital Operations Resilience Act (DORA), New Tork State Department of Financial Services (NYDFS), Sarbanes-Oxyley (SOX), and the Financia Conduct Authority(FCA). Cyber Engineering Oversight Lead engineering teams responsible for core security platforms, including endpoint protection, cloud security, network defense, vulnerability management, and DevSecOps integrations. Build and mature a comprehensive vulnerability management program, including continuous scanning, risk-based prioritization, remediation tracking, and Board-level reporting. Drive innovation by embedding security into cloud, hybrid, and modern application architectures ("Secure by Design" principles). Ensure the adoption of automation, orchestration, and advanced analytics to improve detection, response, and resiliency. Identity & Access Management Own enterprise-wide IAM strategy, including workforce and customer identity, privileged access management (PAM), identity governance and administration (IGA), and multi-factor authentication (MFA). Lead initiatives to modernize and integrate IAM platforms to support cloud adoption, Zero Trust, and frictionless user experiences. Partner with business and technology leaders to enable secure digital transformation through robust identity services. Data Loss Prevention (DLP) Advance a comprehensive Data Loss Prevention program to safeguard sensitive information across endpoints, cloud, email, and collaboration platforms. Establish enterprise-wide policies and controls to prevent unauthorized data exfiltration, insider threats, and regulatory breaches. Implement monitoring, classification, and enforcement mechanisms that balance data protection with business enablement. Partner with business, compliance, and data governance teams to align DLP strategy with General Data Protection Regulation, Financial Conduct Authority, Prudential Regulation Authority, Sarbanes-Oxley, and other global data protection requirements. Provide executive and Board-level reporting on data protection risks, incidents, and mitigation efforts. Governance, Risk & Compliance Ensure IAM, DLP, and security engineering practices meet regulatory, audit, and policy requirements. Define and maintain standards for identity lifecycle, access controls, data handling, and information protection. Oversee risk assessments and remediation programs tied to IAM, DLP, and security engineering platforms. Senior Management Function (FCA Responsibilities) As an FCA-designated Senior Management Function (SMF) role, the position carries individual accountability under the Senior Managers & Certification Regime (SM&CR). Specific responsibilities include: Personal accountability for ensuring cyber, IAM, and DLP controls are effective, proportionate, and aligned with FCA expectations for operational resilience and financial sector stability. Maintaining robust governance, oversight, and risk management frameworks for engineering, identity, and data protection, ensuring risks are identified, escalated, and remediated in line with FCA and PRA requirements. Demonstrating reasonable steps have been taken to oversee outsourced arrangements, third-party providers, and cloud services related to IAM, DLP, and cyber platforms. Ensuring Board and regulators receive timely, accurate, and complete information on cyber, identity, and data protection risks, vulnerabilities, and remediation activities. Acting as the point of accountability for operational resilience in cyber engineering, IAM, and DLP, supporting FCA requirements around impact tolerance, scenario testing, and response planning. Requirements: Progressive experience in cybersecurity, with extensive experience in leadership roles across IAM, cyber engineering, and/or data protection. Proven track record of leading global security programs at scale in complex, regulated environments (financial services strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability to influence at Board and executive levels. Relevant certifications (CISSP, CISM, CCSP, CIPP/E, SABSA, or equivalent) preferred. We're committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email your recruiter.
Job Advert: Contract Cyber Engineer (DV Cleared) Newport 6-month contract + likely extension ? Fully onsite Up to £90 per hour (Umbrella) DV Clearance required / British Nationals only We're recruiting for an experienced Contract Cyber Engineer to join a major defence cyber security function. This role is ideal for someone who enjoys hands-on technical problem solving, acting as a senior point of escalation, and supporting a high-performance Security Operations Centre (SOC). You'll work within a specialist cyber defence organisation, supporting the smooth running of security tools, leading operational engineering activity, and ensuring that new security projects transition successfully into the live environment. The Role As a Contract Cyber Engineer, you will: Act as the senior escalation point for SOC engineering issues Support SOC Analysts and Engineers with toolset faults, troubleshooting and ongoing operational work Oversee toolset availability, performance, and capacity Support change and release management, including planned upgrades and deployments Ensure new systems introduced by the design team can be supported operationally Maintain a strong awareness of emerging cyber technologies, tools and best practice Work with the wider Airbus Cyber Defence Centre on tooling and security product improvements Provide technical input into documentation, processes, and service support activities This is a key position in a busy SOC environment, fully onsite, requiring strong communication skills and the ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM/Splunk, IDPS, Email/Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN/WAN, routing, switching) Experience with scripting or programming (PowerShell, Python, Bash etc.) Experience with Windows Server and RedHat (RHEL) administration, including CIS hardening Desirable Skills Experience with any of the following is beneficial: vCenter / VMware ESXi / vSAN Nessus / Tenable SQL / MariaDB CheckMK, Jira, Syslog management Patch management (WSUS etc.) AD / LDAP / PAM Backup/restore solutions Disaster recovery and service continuity ISO 27001 / Cyber Essentials
05/12/2025
Contractor
Job Advert: Contract Cyber Engineer (DV Cleared) Newport 6-month contract + likely extension ? Fully onsite Up to £90 per hour (Umbrella) DV Clearance required / British Nationals only We're recruiting for an experienced Contract Cyber Engineer to join a major defence cyber security function. This role is ideal for someone who enjoys hands-on technical problem solving, acting as a senior point of escalation, and supporting a high-performance Security Operations Centre (SOC). You'll work within a specialist cyber defence organisation, supporting the smooth running of security tools, leading operational engineering activity, and ensuring that new security projects transition successfully into the live environment. The Role As a Contract Cyber Engineer, you will: Act as the senior escalation point for SOC engineering issues Support SOC Analysts and Engineers with toolset faults, troubleshooting and ongoing operational work Oversee toolset availability, performance, and capacity Support change and release management, including planned upgrades and deployments Ensure new systems introduced by the design team can be supported operationally Maintain a strong awareness of emerging cyber technologies, tools and best practice Work with the wider Airbus Cyber Defence Centre on tooling and security product improvements Provide technical input into documentation, processes, and service support activities This is a key position in a busy SOC environment, fully onsite, requiring strong communication skills and the ability to work across engineering, operations, and cyber security functions. What You'll Need (Essential) Strong working knowledge of core SOC tooling e.g. SIEM/Splunk, IDPS, Email/Web security, Firewalls Hands-on experience with Cisco ASR, Palo Alto or Fortinet firewalls Excellent understanding of network technologies (LAN/WAN, routing, switching) Experience with scripting or programming (PowerShell, Python, Bash etc.) Experience with Windows Server and RedHat (RHEL) administration, including CIS hardening Desirable Skills Experience with any of the following is beneficial: vCenter / VMware ESXi / vSAN Nessus / Tenable SQL / MariaDB CheckMK, Jira, Syslog management Patch management (WSUS etc.) AD / LDAP / PAM Backup/restore solutions Disaster recovery and service continuity ISO 27001 / Cyber Essentials
Senior Android Engineer (Native Integration & Security) We are seeking an exceptional Senior Android Engineer to join a newly-founded joint venture backed by five of the world's leading telecommunications companies. Our mission is to restore trust in voice communication by building a network-native intelligence layer to combat the global epidemic of voice fraud and AI-driven scams. In this role, you will be the owner of our most critical, user-facing feature: the Telco-Verified Security Shield. You will be responsible for the magic moment of our product, delivering an instant, network-verified trust indicator to a user's device in the moments before they answer the call. This is not a standard mobile app role; it is a deep, Real Time systems challenge that requires you to architect and implement a high-performance, secure, and reliable solution that integrates directly with the Android operating system's native call-handling services. Your primary objective is to own the client-side implementation of our sub-500ms Time-to-Trust (TtT) metric. You will be the driving force behind the trust in our product, working at the intersection of native mobile engineering, Real Time data processing, and client-side security. This position offers a unique opportunity to build a category-defining security product from the ground up, leveraging proprietary, network-level data that no pure-OTT competitor can access. Key ResponsibilitiesNative OS Integration & Performance Architect, build, and own the entire native call interception flow using Android's CallScreeningService to intercept and analyze calls as they ring. Design and engineer the high-performance Trust Indicator overlay, obsessing over every millisecond of client-side processing to ensure we meet our strict sub-500ms Time-to-Trust (TtT) metric. Implement the client-side logic to consume and display Explainable AI reasoning (eg, Recent SIM Swap Detected, Verified Business) provided by our Back End services. Build a robust, efficient, and scalable client-side API integration layer to consume Real Time security signals (like our proprietary Scam_Score) from the AI Core. Security & Quality Implement and champion our mandatory Zero Trust security architecture at the client level, ensuring all network data and user PII are handled with the highest level of security. Define and enforce best practices for performance, code quality, and testing for the entire Android security stack. Work closely with the QA Engineer to build test harnesses and instrumentation to rigorously validate the sub-500ms latency target and ensure a false-positive rate of less than 1%. Cross-functional Collaboration Partner with the Senior Backend Engineer (Application & AI Orchestration) to define the API contracts and Real Time data flow needed to power the Security Shield. Collaborate with the UX/UI Designer to iterate on a seamless, intuitive, and trustworthy user experience for the trust indicator and its explanations. As a foundational engineering hire, you will help define our Android engineering culture, mentor future hires, and set the standard for technical excellence. Required QualificationsEducation & Experience Bachelor's degree in Computer Science, Engineering, or a related field. 5+ years of hands-on experience in native Android development, with a portfolio of high-performance, public-facing applications. Required Technical & Android Skills Expert-level, production-grade experience with native Android development (Kotlin required). Demonstrated, deep expertise with Android's native call-handling APIs, specifically the CallScreeningService framework. This is a critical, non-negotiable skill for this role. Proven experience building high-performance, Real Time user interfaces that are deeply integrated with the Android OS. Strong understanding of mobile security principles and best practices, including secure data storage, network communication (mTLS), and threat modelling. Proficiency in consuming RESTful APIs and Real Time data streams (eg, WebSockets) in a mobile environment. Strong understanding of Android performance profiling tools and techniques to debug and optimize for latency. Experience with multi-threaded and asynchronous programming on Android. Preferred Qualification Advanced Education & Industry Experience Master's degree in Computer Science or a related field. Previous experience in the telecommunications, cybersecurity, or anti-fraud/anti-spam industries. Experience building applications for a global audience with localization and compliance requirements. Experience with the Android NDK (C++) for performance-critical operations. Familiarity with Real Time audio processing on Android. Deep knowledge of mobile network protocols and security. Experience building or integrating SDKs. Advanced Systems & Security Expertise This is a permanent position with hybrid working of two days a week in the central London office and the rest WFH. The salary is very much Dependent on experience with a guide between £110k-£140K basic + package.
05/12/2025
Full time
Senior Android Engineer (Native Integration & Security) We are seeking an exceptional Senior Android Engineer to join a newly-founded joint venture backed by five of the world's leading telecommunications companies. Our mission is to restore trust in voice communication by building a network-native intelligence layer to combat the global epidemic of voice fraud and AI-driven scams. In this role, you will be the owner of our most critical, user-facing feature: the Telco-Verified Security Shield. You will be responsible for the magic moment of our product, delivering an instant, network-verified trust indicator to a user's device in the moments before they answer the call. This is not a standard mobile app role; it is a deep, Real Time systems challenge that requires you to architect and implement a high-performance, secure, and reliable solution that integrates directly with the Android operating system's native call-handling services. Your primary objective is to own the client-side implementation of our sub-500ms Time-to-Trust (TtT) metric. You will be the driving force behind the trust in our product, working at the intersection of native mobile engineering, Real Time data processing, and client-side security. This position offers a unique opportunity to build a category-defining security product from the ground up, leveraging proprietary, network-level data that no pure-OTT competitor can access. Key ResponsibilitiesNative OS Integration & Performance Architect, build, and own the entire native call interception flow using Android's CallScreeningService to intercept and analyze calls as they ring. Design and engineer the high-performance Trust Indicator overlay, obsessing over every millisecond of client-side processing to ensure we meet our strict sub-500ms Time-to-Trust (TtT) metric. Implement the client-side logic to consume and display Explainable AI reasoning (eg, Recent SIM Swap Detected, Verified Business) provided by our Back End services. Build a robust, efficient, and scalable client-side API integration layer to consume Real Time security signals (like our proprietary Scam_Score) from the AI Core. Security & Quality Implement and champion our mandatory Zero Trust security architecture at the client level, ensuring all network data and user PII are handled with the highest level of security. Define and enforce best practices for performance, code quality, and testing for the entire Android security stack. Work closely with the QA Engineer to build test harnesses and instrumentation to rigorously validate the sub-500ms latency target and ensure a false-positive rate of less than 1%. Cross-functional Collaboration Partner with the Senior Backend Engineer (Application & AI Orchestration) to define the API contracts and Real Time data flow needed to power the Security Shield. Collaborate with the UX/UI Designer to iterate on a seamless, intuitive, and trustworthy user experience for the trust indicator and its explanations. As a foundational engineering hire, you will help define our Android engineering culture, mentor future hires, and set the standard for technical excellence. Required QualificationsEducation & Experience Bachelor's degree in Computer Science, Engineering, or a related field. 5+ years of hands-on experience in native Android development, with a portfolio of high-performance, public-facing applications. Required Technical & Android Skills Expert-level, production-grade experience with native Android development (Kotlin required). Demonstrated, deep expertise with Android's native call-handling APIs, specifically the CallScreeningService framework. This is a critical, non-negotiable skill for this role. Proven experience building high-performance, Real Time user interfaces that are deeply integrated with the Android OS. Strong understanding of mobile security principles and best practices, including secure data storage, network communication (mTLS), and threat modelling. Proficiency in consuming RESTful APIs and Real Time data streams (eg, WebSockets) in a mobile environment. Strong understanding of Android performance profiling tools and techniques to debug and optimize for latency. Experience with multi-threaded and asynchronous programming on Android. Preferred Qualification Advanced Education & Industry Experience Master's degree in Computer Science or a related field. Previous experience in the telecommunications, cybersecurity, or anti-fraud/anti-spam industries. Experience building applications for a global audience with localization and compliance requirements. Experience with the Android NDK (C++) for performance-critical operations. Familiarity with Real Time audio processing on Android. Deep knowledge of mobile network protocols and security. Experience building or integrating SDKs. Advanced Systems & Security Expertise This is a permanent position with hybrid working of two days a week in the central London office and the rest WFH. The salary is very much Dependent on experience with a guide between £110k-£140K basic + package.
PAM Engineer, CyberArk London (Hybrid) To £100K + bonus and benefits Privileged Access Management (PAM) Engineer is required to join a prestigious financial services organisation with offices in the heart of the city of London. Within this pivotal role you will manage and optimise their enterprise-wide PAM solutions with a strong focus on the CyberArk Identity Security Platform (cloud). This is a fantastic opportunity to take ownership of a critical security function within a global organisation, working closely with senior stakeholders and technical teams to ensure the secure management of privileged access across complex hybrid environments. This organisation offers generous base salaries with excellent bonuses, benefits and opportunities for long term progression. Key Responsibilities Act as the operational owner and subject matter expert for the CyberArk Identity Security Platform (cloud) Implement and maintain PAM best practices, configurations, and integrations Manage day-to-day operations of CyberArk solutions including credential vaulting, policy updates, and session management Troubleshoot and resolve technical issues related to CyberArk components and integrations Collaborate with internal security, compliance, and infrastructure teams to uphold regulatory and security standards Support migration projects from on-premise PAS to the CyberArk ISP cloud platform Maintain technical documentation and operational procedures Stay informed on CyberArk product developments and emerging trends in identity security Experience and Skills Required At least seven years' experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and/or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing PAM in large enterprise or regulated environments Strong understanding of identity security and enterprise security architecture Experience supporting or leading migration projects to cloud-based platforms Familiarity with AWS or Azure environments and hybrid infrastructures Excellent analytical and problem-solving skills CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your CV to ARC IT Recruitment today.
05/12/2025
Full time
PAM Engineer, CyberArk London (Hybrid) To £100K + bonus and benefits Privileged Access Management (PAM) Engineer is required to join a prestigious financial services organisation with offices in the heart of the city of London. Within this pivotal role you will manage and optimise their enterprise-wide PAM solutions with a strong focus on the CyberArk Identity Security Platform (cloud). This is a fantastic opportunity to take ownership of a critical security function within a global organisation, working closely with senior stakeholders and technical teams to ensure the secure management of privileged access across complex hybrid environments. This organisation offers generous base salaries with excellent bonuses, benefits and opportunities for long term progression. Key Responsibilities Act as the operational owner and subject matter expert for the CyberArk Identity Security Platform (cloud) Implement and maintain PAM best practices, configurations, and integrations Manage day-to-day operations of CyberArk solutions including credential vaulting, policy updates, and session management Troubleshoot and resolve technical issues related to CyberArk components and integrations Collaborate with internal security, compliance, and infrastructure teams to uphold regulatory and security standards Support migration projects from on-premise PAS to the CyberArk ISP cloud platform Maintain technical documentation and operational procedures Stay informed on CyberArk product developments and emerging trends in identity security Experience and Skills Required At least seven years' experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and/or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing PAM in large enterprise or regulated environments Strong understanding of identity security and enterprise security architecture Experience supporting or leading migration projects to cloud-based platforms Familiarity with AWS or Azure environments and hybrid infrastructures Excellent analytical and problem-solving skills CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your CV to ARC IT Recruitment today.
This hands-on, senior role requires the design, implementation and administration of enterprise network, security and infrastructure solutions, as well as providing expert third-line support and guidance to colleagues and key stakeholders. Working as part of a small, collaborative team, the role will lead projects and support continuous service improvement. Client Details The hiring organisation is a well-established company within the FMCG industry. It operates on a large scale, providing quality products and services to a diverse customer base. They are committed to leveraging technology to maintain and improve their operational excellence Description Own SolarWinds monitoring alerting, and reporting; integrate with Splunk for observability Manage Cisco and Meraki licensing, support, and lifecycle (incl. CX Cloud Collector) Maintain accurate documentation for IP address plans, DNS/DHCP/forwarding, and structured cabling Administer NetApp support contracts for Milestone and Hikvision platforms Configure and operate Cisco C9200/C9300 access/core switches, Nexus, and UCS fabrics Manage intersite WAN, internet circuits, DMZ transit, guest networks, SIP, and L2 pseudo WAN connections Engineer and manage Get VPN routers, certificate servers, and site-to-site/remote VPNs Integration/admin of RADIUS/AAA across devices Own ASA firewall (DMZ), Cisco Firepower/FMC (edge security), user policies, outbound/inbound/NAT rules, TALOS Administer DUO MFA for VPN/admin access Enforce wired/wireless 802.1X/MAB standards and Identity Services Engine (ISE) configurations Maintain certificate management (PKI; device/user/VPN/GetVPN/ISE certs) Support UCS/Fabric Interconnects, ISE and Firepower servers, SolarWinds, NetApp storage Operational support for Milestone and Hikvision NVR platforms Administer and support IP CCTV platforms: Milestone, Hikvision, PoE cameras, ANPR, facial recognition Support Cisco video conferencing, Miracast, Extron controls, media conversion, wall screens, and streaming feeds Maintain high-quality and current documentation Participate in project management and continuous service improvement Adhere to security, data protection, and evidence handling policies Profile Network/Security CCNP-level knowledge (switching, routing, ISE, VPN/GetVPN) Strong Cisco switching (C9200/C9300/Nexus), routing, VLANs, STP, EtherChannel, HSRP/VRRP, QoS Advanced Firepower (FMC/FTD) & ASA with secure policy design, NAT, VPNs, TALOS Meraki (MR/AP, MX) multi-SSID management and enterprise authentication (802.1X/IPSK/MAB) Infrastructure/Operations SolarWinds administration and Splunk integration DNS/DHCP/IPAM and IPv4 subnetting WAN/MPLS & L2 circuits, DMZ, SIP, site-to-site VPNs, remote access UCS fabrics basics, NetApp video storage familiarity Security Architecture RADIUS/AAA, wired/wireless 802.1X and MAB, ISE policy sets, profiling, dACLs, and guest portals Certificate/PKI management (VPN, ISE/EAP-TLS, GetVPN) DUO MFA admin and device integration Adjacent Technologies CCTV: Milestone/Hikvision, hands-on incident evidence handling AV: Cisco VC, Extron programming, media conversion, wall screens Core electronics fault-finding and structured cabling knowledge Excellent Wireshark and troubleshooting aptitude Job Offer Competitive Salary Discretionary annual bonus of approximately one month's salary 25 days annual leave, rising to 28 days with service On site staff restaurant (fully subsidised), Defined contribution pension scheme (min. 3% employee, fixed 5% employer), Salary Extras discount scheme, including Cycle to Work Discounted Watch Purchase Scheme
05/12/2025
Full time
This hands-on, senior role requires the design, implementation and administration of enterprise network, security and infrastructure solutions, as well as providing expert third-line support and guidance to colleagues and key stakeholders. Working as part of a small, collaborative team, the role will lead projects and support continuous service improvement. Client Details The hiring organisation is a well-established company within the FMCG industry. It operates on a large scale, providing quality products and services to a diverse customer base. They are committed to leveraging technology to maintain and improve their operational excellence Description Own SolarWinds monitoring alerting, and reporting; integrate with Splunk for observability Manage Cisco and Meraki licensing, support, and lifecycle (incl. CX Cloud Collector) Maintain accurate documentation for IP address plans, DNS/DHCP/forwarding, and structured cabling Administer NetApp support contracts for Milestone and Hikvision platforms Configure and operate Cisco C9200/C9300 access/core switches, Nexus, and UCS fabrics Manage intersite WAN, internet circuits, DMZ transit, guest networks, SIP, and L2 pseudo WAN connections Engineer and manage Get VPN routers, certificate servers, and site-to-site/remote VPNs Integration/admin of RADIUS/AAA across devices Own ASA firewall (DMZ), Cisco Firepower/FMC (edge security), user policies, outbound/inbound/NAT rules, TALOS Administer DUO MFA for VPN/admin access Enforce wired/wireless 802.1X/MAB standards and Identity Services Engine (ISE) configurations Maintain certificate management (PKI; device/user/VPN/GetVPN/ISE certs) Support UCS/Fabric Interconnects, ISE and Firepower servers, SolarWinds, NetApp storage Operational support for Milestone and Hikvision NVR platforms Administer and support IP CCTV platforms: Milestone, Hikvision, PoE cameras, ANPR, facial recognition Support Cisco video conferencing, Miracast, Extron controls, media conversion, wall screens, and streaming feeds Maintain high-quality and current documentation Participate in project management and continuous service improvement Adhere to security, data protection, and evidence handling policies Profile Network/Security CCNP-level knowledge (switching, routing, ISE, VPN/GetVPN) Strong Cisco switching (C9200/C9300/Nexus), routing, VLANs, STP, EtherChannel, HSRP/VRRP, QoS Advanced Firepower (FMC/FTD) & ASA with secure policy design, NAT, VPNs, TALOS Meraki (MR/AP, MX) multi-SSID management and enterprise authentication (802.1X/IPSK/MAB) Infrastructure/Operations SolarWinds administration and Splunk integration DNS/DHCP/IPAM and IPv4 subnetting WAN/MPLS & L2 circuits, DMZ, SIP, site-to-site VPNs, remote access UCS fabrics basics, NetApp video storage familiarity Security Architecture RADIUS/AAA, wired/wireless 802.1X and MAB, ISE policy sets, profiling, dACLs, and guest portals Certificate/PKI management (VPN, ISE/EAP-TLS, GetVPN) DUO MFA admin and device integration Adjacent Technologies CCTV: Milestone/Hikvision, hands-on incident evidence handling AV: Cisco VC, Extron programming, media conversion, wall screens Core electronics fault-finding and structured cabling knowledge Excellent Wireshark and troubleshooting aptitude Job Offer Competitive Salary Discretionary annual bonus of approximately one month's salary 25 days annual leave, rising to 28 days with service On site staff restaurant (fully subsidised), Defined contribution pension scheme (min. 3% employee, fixed 5% employer), Salary Extras discount scheme, including Cycle to Work Discounted Watch Purchase Scheme
Contract PAM Engineer Key Highlights Contract role offering up to £470 per day, inside IR35 Hybrid model (3 days onsite, 2 remote) Opportunity to work on enterprise-scale PAM projects using tools such as CyberArk, BeyondTrust, and Delinea About the Client Our client is a forward-thinking organisation with a strong focus on security transformation and access management innovation. Their teams deliver high-impact technology initiatives that strengthen cyber resilience across complex environments. As part of continued investment in cybersecurity capabilities, they are now seeking an experienced PAM Engineer to join their growing team. The Benefits Hybrid working model promoting flexibility Opportunity to work with leading PAM technologies Collaborative, security-focused culture The PAM Engineer Role As a PAM Engineer, you will design, implement, and manage privileged access solutions to enhance enterprise security. You will play a crucial role in developing secure credential management practices, integrating PAM tools with wider security platforms, and ensuring compliance with key frameworks. This role involves collaboration across IT, DevOps, and Security teams to maintain a robust access management ecosystem. PAM Engineer Essential Skills Proven experience in PAM engineering or cybersecurity roles Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea Strong understanding of Active Directory, LDAP, and authentication protocols Scripting experience (PowerShell or Python) for automation and reporting Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR Excellent communication and problem-solving skills To Be Considered: Please either apply through this advert or email me directly at . For further information, please call me on . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. Key Skills: PAM Engineer, CyberArk, BeyondTrust, Delinea, Privileged Access, Active Directory, PowerShell, Python, Access Management, Cybersecurity, ISO 27001, NIST, GDPR, NSD
05/12/2025
Contractor
Contract PAM Engineer Key Highlights Contract role offering up to £470 per day, inside IR35 Hybrid model (3 days onsite, 2 remote) Opportunity to work on enterprise-scale PAM projects using tools such as CyberArk, BeyondTrust, and Delinea About the Client Our client is a forward-thinking organisation with a strong focus on security transformation and access management innovation. Their teams deliver high-impact technology initiatives that strengthen cyber resilience across complex environments. As part of continued investment in cybersecurity capabilities, they are now seeking an experienced PAM Engineer to join their growing team. The Benefits Hybrid working model promoting flexibility Opportunity to work with leading PAM technologies Collaborative, security-focused culture The PAM Engineer Role As a PAM Engineer, you will design, implement, and manage privileged access solutions to enhance enterprise security. You will play a crucial role in developing secure credential management practices, integrating PAM tools with wider security platforms, and ensuring compliance with key frameworks. This role involves collaboration across IT, DevOps, and Security teams to maintain a robust access management ecosystem. PAM Engineer Essential Skills Proven experience in PAM engineering or cybersecurity roles Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea Strong understanding of Active Directory, LDAP, and authentication protocols Scripting experience (PowerShell or Python) for automation and reporting Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR Excellent communication and problem-solving skills To Be Considered: Please either apply through this advert or email me directly at . For further information, please call me on . By applying for this role, you give express consent for us to process and submit (subject to required skills) your application to our client in conjunction with this vacancy only. Key Skills: PAM Engineer, CyberArk, BeyondTrust, Delinea, Privileged Access, Active Directory, PowerShell, Python, Access Management, Cybersecurity, ISO 27001, NIST, GDPR, NSD
This role is available on a permanent basis but we are also open to hiring a contractor for an initial 6 month period, working via agency. The role is inside IR35. Role and Responsibilities As a Senior Machine Learning Research Engineer in Speech/Audio/Gen-AI, you will: Drive the research, design, development, and evaluation of innovative AI algorithms and models, with a primary focus on audio and speech processing. Lead the development of robust and scalable software solutions for deployment on flagship mobile devices. Independently own and deliver significant components of complex research projects, from initial concept to production readiness. Design, implement, and maintain high-quality, well-documented code, adhering to best software development practices. Collaborate closely with a multi-disciplinary team of researchers and engineers, providing technical guidance and mentorship. Proactively identify and address technical challenges, proposing creative solutions and ensuring the successful delivery of projects. Contribute to the development of internal tools and infrastructure to support research and development efforts. Skills and Qualifications Required Skills MSc/PhD degree in Artificial Intelligence, Computer Science/Engineering, Electrical Engineering, Mathematics, or a related discipline. Professional software development experience with Python (experience with C++, Java, or Kotlin is a plus). Deep understanding of machine learning and deep learning fundamentals, including various architectures, training techniques, and evaluation metrics. Strong experience in audio/speech processing, including areas such as speech recognition, speech enhancement, audio analysis, text-to-speech synthesis, and natural language processing. Proficiency with machine learning frameworks such as TensorFlow or PyTorch. Solid understanding of software engineering principles, including version control (Git), CI/CD pipelines, and agile development methodologies. Excellent communication, collaboration, and problem-solving skills. Demonstrated ability to translate research ideas into practical, production-ready solutions. Desirable Skills Experience with in generative AI, particularly in the context of audio/speech technologies. A strong publication record in top-tier machine learning, artificial intelligence, or signal processing conferences and journals (e.g., ICML, NeurIPS, ICLR, CVPR, SysML, INTERSPEECH, ICASSP, IEEE/ACM TASLP, IEEE TPAMI, JMLR). Experience with open-source speech processing toolkits (e.g., Hugging Face Transformers, SpeechBrain, ESPnet, Kaldi, NeMo). Experience developing and deploying AI models on Android mobile platforms. Proven experience in building and maintaining large-scale, distributed training pipelines. Experience with cloud computing platforms (e.g., AWS, Azure, GCP).
04/12/2025
Contractor
This role is available on a permanent basis but we are also open to hiring a contractor for an initial 6 month period, working via agency. The role is inside IR35. Role and Responsibilities As a Senior Machine Learning Research Engineer in Speech/Audio/Gen-AI, you will: Drive the research, design, development, and evaluation of innovative AI algorithms and models, with a primary focus on audio and speech processing. Lead the development of robust and scalable software solutions for deployment on flagship mobile devices. Independently own and deliver significant components of complex research projects, from initial concept to production readiness. Design, implement, and maintain high-quality, well-documented code, adhering to best software development practices. Collaborate closely with a multi-disciplinary team of researchers and engineers, providing technical guidance and mentorship. Proactively identify and address technical challenges, proposing creative solutions and ensuring the successful delivery of projects. Contribute to the development of internal tools and infrastructure to support research and development efforts. Skills and Qualifications Required Skills MSc/PhD degree in Artificial Intelligence, Computer Science/Engineering, Electrical Engineering, Mathematics, or a related discipline. Professional software development experience with Python (experience with C++, Java, or Kotlin is a plus). Deep understanding of machine learning and deep learning fundamentals, including various architectures, training techniques, and evaluation metrics. Strong experience in audio/speech processing, including areas such as speech recognition, speech enhancement, audio analysis, text-to-speech synthesis, and natural language processing. Proficiency with machine learning frameworks such as TensorFlow or PyTorch. Solid understanding of software engineering principles, including version control (Git), CI/CD pipelines, and agile development methodologies. Excellent communication, collaboration, and problem-solving skills. Demonstrated ability to translate research ideas into practical, production-ready solutions. Desirable Skills Experience with in generative AI, particularly in the context of audio/speech technologies. A strong publication record in top-tier machine learning, artificial intelligence, or signal processing conferences and journals (e.g., ICML, NeurIPS, ICLR, CVPR, SysML, INTERSPEECH, ICASSP, IEEE/ACM TASLP, IEEE TPAMI, JMLR). Experience with open-source speech processing toolkits (e.g., Hugging Face Transformers, SpeechBrain, ESPnet, Kaldi, NeMo). Experience developing and deploying AI models on Android mobile platforms. Proven experience in building and maintaining large-scale, distributed training pipelines. Experience with cloud computing platforms (e.g., AWS, Azure, GCP).
Privileged Access Management (PAM) Engineer is required to join a prestigious financial services organisation with offices in the heart of the city of London. Within this pivotal role you will manage and optimise their enterprise-wide PAM solutions with a strong focus on the CyberArk Identity Security Platform (cloud). This is a fantastic opportunity to take ownership of a critical security function within a global organisation, working closely with senior stakeholders and technical teams to ensure the secure management of privileged access across complex hybrid environments. This organisation offers generous base salaries with excellent bonuses, benefits and opportunities for long term progression. Key Responsibilities Act as the operational owner and subject matter expert for the CyberArk Identity Security Platform (cloud) Implement and maintain PAM best practices, configurations, and integrations Manage day-to-day operations of CyberArk solutions including credential vaulting, policy updates, and session management Troubleshoot and resolve technical issues related to CyberArk components and integrations Collaborate with internal security, compliance, and infrastructure teams to uphold regulatory and security standards Support migration projects from on-premise PAS to the CyberArk ISP cloud platform Maintain technical documentation and operational procedures Stay informed on CyberArk product developments and emerging trends in identity security Experience and Skills Required At least seven years' experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and/or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing PAM in large enterprise or regulated environments Strong understanding of identity security and enterprise security architecture Experience supporting or leading migration projects to cloud-based platforms Familiarity with AWS or Azure environments and hybrid infrastructures Excellent analytical and problem-solving skills CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your CV to ARC IT Recruitment today.
04/12/2025
Full time
Privileged Access Management (PAM) Engineer is required to join a prestigious financial services organisation with offices in the heart of the city of London. Within this pivotal role you will manage and optimise their enterprise-wide PAM solutions with a strong focus on the CyberArk Identity Security Platform (cloud). This is a fantastic opportunity to take ownership of a critical security function within a global organisation, working closely with senior stakeholders and technical teams to ensure the secure management of privileged access across complex hybrid environments. This organisation offers generous base salaries with excellent bonuses, benefits and opportunities for long term progression. Key Responsibilities Act as the operational owner and subject matter expert for the CyberArk Identity Security Platform (cloud) Implement and maintain PAM best practices, configurations, and integrations Manage day-to-day operations of CyberArk solutions including credential vaulting, policy updates, and session management Troubleshoot and resolve technical issues related to CyberArk components and integrations Collaborate with internal security, compliance, and infrastructure teams to uphold regulatory and security standards Support migration projects from on-premise PAS to the CyberArk ISP cloud platform Maintain technical documentation and operational procedures Stay informed on CyberArk product developments and emerging trends in identity security Experience and Skills Required At least seven years' experience in PAM with five years hands-on experience in CyberArk Identity Security Platform (cloud) and/or Privileged Access Security (on-premise) Deep understanding of CyberArk components including Vault, CPM, PVWA, PSM, PTA, AIM and cloud equivalents Proven experience managing PAM in large enterprise or regulated environments Strong understanding of identity security and enterprise security architecture Experience supporting or leading migration projects to cloud-based platforms Familiarity with AWS or Azure environments and hybrid infrastructures Excellent analytical and problem-solving skills CyberArk certification (Defender, Sentry, Guardian) preferred Desirable Experience working with CyberArk Professional Services or certified partners Knowledge of financial regulatory frameworks such as ISO 27001, NIST, or GDPR Scripting experience using PowerShell or Python for automation and integration For a full consultation, send your CV to ARC IT Recruitment today.
Senior Network Engineer (DV Security Clearance) Position Description As a Senior Network Engineer at CGI, you will play a pivotal role in safeguarding and advancing the networks that power our clients' most critical missions. You will help shape resilient, secure, and scalable infrastructure while contributing to innovative integration and design projects that drive industry transformation. This role offers the chance to take meaningful ownership of complex challenges, collaborate with expert teams, and apply your creativity to deliver future-ready network solutions. Supported by CGI's strong engineering community, you'll make a lasting impact across high-value programmes while continuously growing your skills in a dynamic and trusted environment. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK 'Best Employer' by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Your future duties and responsibilities In this role, you will take ownership of complex network operations, ensuring high availability, stability, and security across critical infrastructures. You will apply your expertise to both support and enhance network environments, driving improvements that strengthen operational resilience and client outcomes. Working closely with multidisciplinary teams, you will contribute to the design and integration of new solutions, using your creativity and judgement to deliver scalable, future-proof capabilities. You will also play a key role in knowledge sharing and team development, offering guidance to colleagues while being supported by a collaborative engineering community. Your decisions and insights will directly influence service quality, network performance, and the success of mission-critical programmes. Key Responsibilities: Lead & Innovate: Provide advanced support and troubleshooting across Dell OS10, Sonic, Cisco, Palo Alto, and NSX-T technologies. Develop & Deliver: Contribute to network integration, solution design, and scalable infrastructure enhancements. Optimise & Automate: Manage BGP, VPN, spine-and-leaf architectures, and data centre patching to maintain high performance. Maintain & Enhance: Oversee IPAM and DNS, and optimise load-balancing solutions, particularly F5. Integrate & Secure: Support InfoBlox deployments and align network operations with wider infrastructure strategies. Collaborate & Guide: Mentor junior engineers and strengthen cross-team engagement. Support & Protect: Participate in the on-call rota to ensure fast, effective resolution of critical incidents. Required qualifications to be successful in this role To excel in this role, you should bring strong technical depth in enterprise and defence-grade networks, combined with the ability to troubleshoot, design, and integrate complex solutions. You should be confident working in high-availability environments and comfortable collaborating across teams to deliver secure, high-impact outcomes. Essential Qualifications: Proven experience in a senior network engineering role. Strong background in defence environments. Expertise with Dell OS10, Sonic, Cisco networking, Palo Alto firewalls, and NSX-T. Deep understanding of spine-and-leaf architecture, BGP, VPNs, and data centre patching. Strong knowledge of DNS, IPAM, load balancing; F5 and InfoBlox experience highly desirable. Excellent analytical, troubleshooting, and communication skills. Desired Qualifications: Understanding of cross-domain technologies (Tiger Traps, Garrison, OpsWat, NiFi). Familiarity with VMware infrastructure and Elastic monitoring. Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.
04/12/2025
Full time
Senior Network Engineer (DV Security Clearance) Position Description As a Senior Network Engineer at CGI, you will play a pivotal role in safeguarding and advancing the networks that power our clients' most critical missions. You will help shape resilient, secure, and scalable infrastructure while contributing to innovative integration and design projects that drive industry transformation. This role offers the chance to take meaningful ownership of complex challenges, collaborate with expert teams, and apply your creativity to deliver future-ready network solutions. Supported by CGI's strong engineering community, you'll make a lasting impact across high-value programmes while continuously growing your skills in a dynamic and trusted environment. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK 'Best Employer' by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Your future duties and responsibilities In this role, you will take ownership of complex network operations, ensuring high availability, stability, and security across critical infrastructures. You will apply your expertise to both support and enhance network environments, driving improvements that strengthen operational resilience and client outcomes. Working closely with multidisciplinary teams, you will contribute to the design and integration of new solutions, using your creativity and judgement to deliver scalable, future-proof capabilities. You will also play a key role in knowledge sharing and team development, offering guidance to colleagues while being supported by a collaborative engineering community. Your decisions and insights will directly influence service quality, network performance, and the success of mission-critical programmes. Key Responsibilities: Lead & Innovate: Provide advanced support and troubleshooting across Dell OS10, Sonic, Cisco, Palo Alto, and NSX-T technologies. Develop & Deliver: Contribute to network integration, solution design, and scalable infrastructure enhancements. Optimise & Automate: Manage BGP, VPN, spine-and-leaf architectures, and data centre patching to maintain high performance. Maintain & Enhance: Oversee IPAM and DNS, and optimise load-balancing solutions, particularly F5. Integrate & Secure: Support InfoBlox deployments and align network operations with wider infrastructure strategies. Collaborate & Guide: Mentor junior engineers and strengthen cross-team engagement. Support & Protect: Participate in the on-call rota to ensure fast, effective resolution of critical incidents. Required qualifications to be successful in this role To excel in this role, you should bring strong technical depth in enterprise and defence-grade networks, combined with the ability to troubleshoot, design, and integrate complex solutions. You should be confident working in high-availability environments and comfortable collaborating across teams to deliver secure, high-impact outcomes. Essential Qualifications: Proven experience in a senior network engineering role. Strong background in defence environments. Expertise with Dell OS10, Sonic, Cisco networking, Palo Alto firewalls, and NSX-T. Deep understanding of spine-and-leaf architecture, BGP, VPNs, and data centre patching. Strong knowledge of DNS, IPAM, load balancing; F5 and InfoBlox experience highly desirable. Excellent analytical, troubleshooting, and communication skills. Desired Qualifications: Understanding of cross-domain technologies (Tiger Traps, Garrison, OpsWat, NiFi). Familiarity with VMware infrastructure and Elastic monitoring. Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.
PAM Engineer (Privileged Access Management) - MUST HOLD ACTIVE SC CLEARANCE - Wokingham, Berkshire - 3-4 months + (PAM, Privileged Access Management, Security, Security Clearance, SC Cleared) Blue chip client is urgently looking for a PAM Engineer (Privileged Access Management). MUST HOLD ACTIVE SC CLEARANCE Location: Wokingham, Berkshire (60%) & Remote (40%) MUST BE PAYE THROUGH UMBRELLA - INSIDE IR35 MUST HAVE: recent PAM engineering experience (installation, configure, administration etc) and CyberArk certification (at least - CDE, CyberArk Sentry or CPC level) Role Description: Key Responsibilities - Design, deploy, and manage PAM solutions (eg, CyberArk, BeyondTrust, Delinea) - Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration - Provide technical support and troubleshooting for PAM-related issues - Stay current with industry trends, threats, and best practices in access management Required Skills & Qualifications - Experience in PAM engineering or cybersecurity roles - Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea - Strong understanding of Active Directory, LDAP, and authentication protocols - Experience with Scripting (PowerShell, Python) for automation and reporting - Familiarity with compliance frameworks (ISO 27001, NIST, GDPR) - Excellent problem-solving, communication, and documentation skills Preferred Qualifications - Relevant certifications (eg, CyberArk Defender, CISSP, CISM) - Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures - Knowledge of DevSecOps practices and CI/CD pipeline integration Please send CV for full details and immediate interviews. We are a preferred supplier to the client.
04/12/2025
Contractor
PAM Engineer (Privileged Access Management) - MUST HOLD ACTIVE SC CLEARANCE - Wokingham, Berkshire - 3-4 months + (PAM, Privileged Access Management, Security, Security Clearance, SC Cleared) Blue chip client is urgently looking for a PAM Engineer (Privileged Access Management). MUST HOLD ACTIVE SC CLEARANCE Location: Wokingham, Berkshire (60%) & Remote (40%) MUST BE PAYE THROUGH UMBRELLA - INSIDE IR35 MUST HAVE: recent PAM engineering experience (installation, configure, administration etc) and CyberArk certification (at least - CDE, CyberArk Sentry or CPC level) Role Description: Key Responsibilities - Design, deploy, and manage PAM solutions (eg, CyberArk, BeyondTrust, Delinea) - Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration - Provide technical support and troubleshooting for PAM-related issues - Stay current with industry trends, threats, and best practices in access management Required Skills & Qualifications - Experience in PAM engineering or cybersecurity roles - Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea - Strong understanding of Active Directory, LDAP, and authentication protocols - Experience with Scripting (PowerShell, Python) for automation and reporting - Familiarity with compliance frameworks (ISO 27001, NIST, GDPR) - Excellent problem-solving, communication, and documentation skills Preferred Qualifications - Relevant certifications (eg, CyberArk Defender, CISSP, CISM) - Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures - Knowledge of DevSecOps practices and CI/CD pipeline integration Please send CV for full details and immediate interviews. We are a preferred supplier to the client.
We are heading up a recruitment drive for a global consultancy that require a SC Cleared PAM Engineer to join them on a major government project that's based in in Wokingham. MUST HAVE: recent PAM engineering experience (installation, configure, administration etc) and CyberArk certification (eg, CDE). Role is inside iR35.
04/12/2025
Contractor
We are heading up a recruitment drive for a global consultancy that require a SC Cleared PAM Engineer to join them on a major government project that's based in in Wokingham. MUST HAVE: recent PAM engineering experience (installation, configure, administration etc) and CyberArk certification (eg, CDE). Role is inside iR35.
Locations : London Boston Gurgaon Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do The IT Secure Infrastructure Engineering (SIE) team is seeking an experienced Network Solution Architect. The individual in this role will be part of the team responsible for BCG's Infrastructure Strategy with a focus on the design, implementation, and optimization of enterprise-grade network solutions across the on-premises and multi-cloud environments. The ideal candidate will have deep expertise with Cisco Appliances, AWS and/or GCP networking, and a strong proficiency with Infoblox DNS, Palo Alto Firewalls, VeloCloud SD-WAN, Zero Trust solutions like Zscaler, and Azure networking. The role requires a strategic thinker that can translate business needs into secure, scalable, and resilient network architectures while collaborating with diverse and globally distributed teams. YOU'RE GOOD AT Architecture and Design Develop end-to-end network architectures that integrate AWS, GCP, Azure, and Cisco IOS platforms Design Core Network Protocol (DNS, NTP, DHCP) deployments with tools like Infoblox Design secure perimeter and segmentation strategies with Palo Alto Firewalls Lead SD-WAN design and deployment using VeloCloud to optimize global connectivity Implementation and Optimization Configure and manage Cisco IOS-based routers, switches, and firewalls Deploy and maintain enterprise scale cloud networking components in AWS, Azure, and GCP Optimize network reliability, performance, and scalability across hybrid and multi-cloud environments Implement automation where possible using Terraform, API integrations, Git Actions and/or Terraform Cloud Security Implement next-generation firewall policies, web application firewall rules, threat prevention on Palo Alto and cloud native Firewalls Apply DNS security best practices using Infoblox Ensure compliance with standards such as ISO 27001, SOC2, and GDPR Collaboration and Leadership Partner with cloud, security, network, and DevOps teams to deliver integrated solutions Serve as subject matter expert for cloud networking, SD-WAN, DNS/DHCP/IPAM, and firewall technologies Provide mentorship and guidance to engineers and operations teams Monitoring and Troubleshooting Establish proactive monitoring and alerting systems across cloud and on-prem networks Lead advanced troubleshooting for issues involving Cisco IOS, Palo Alto, Infoblox, and VeloCloud Conduct root cause analysis and implement preventive measures What You'll Bring The ideal candidate will demonstrate appropriate experience in the following: Networking Protocols and Platforms Strong Knowledge of TCP/IP, BGP, OSPF, MPLS, DNS, DHCP, NAT, VPNs Advanced proficiency in Cisco IOS (routers, switches, firewalls) Infoblox for enterprise-grade DNS solutions VeloCloud SD-WAN deployment and optimization Cloud Networking (required AWS or GCP) AWS: Transit Gateway, Direct Connect, VPC, VPN, Load Balancing, Security Groups GCP: Network Connectivity Center, Cloud Interconnect, VPC, VPN, Load Balancing, Firewall Rules Azure: Express Routes, VNET, Security Groups, Load Balancing, vWAN Security Expertise in Palo Alto Firewalls including policy configuration, threat prevention Network segmentation, zero-trust frameworks, and IAM integration Cloud native Web Application Firewalls Tools and Monitoring Monitoring solutions: Datadog, Stackdriver, PA Panorama, or equivalent Has strong practical experience with DevOps tools and methods, like CI/CD, Git, IaC (Terraform) Working and collaborating with Agile Teams (Squad) Good understanding of using Jira for story tracking and Confluence for documentation Strong communication, documentation, and stakeholder engagement skills High level of initiative, self-motivation, resourcefulness, collaboration and patience Ability to successfully and effectively manage multiple projects and deliverables Ability to build trust and work collaboratively with senior leadership and stakeholders Ability to successfully implement change through relationships built on a local, regional and global level Minimum of a Bachelor's degree in related field or relevant experience/certifications Preferred Cisco: CCNP/CCIE Cloud: AWS Certified Advanced Networking - Specialty, Professional Cloud Network Engineer 10 Years Experience in network engineering and design including cloud (AWS or GCP preferred) Who You'll Work With You will work with a broad spectrum of engineers, developers, managers and directors across IT and the IT Leadership team. Additional info For US locations only In the US, we have a compensation transparency approach. Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market leading benefits package described below. The base salary range for this role in Boston is $180,000.00 - $219,300.00. This is an estimated range, however, specific base salaries within the range depend on various factors such as experience and skill set. It is not common for new BCG employees to be hired at the high-end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness. In addition to your base salary, your total compensation will include a bonus of up to 30% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years. All of our plans provide best in class coverage: Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs Dental coverage, including up to $5,000 in orthodontia benefits Vision insurance with coverage for both glasses and contact lenses annually Reimbursement for gym memberships and other fitness activities Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month) Paid sick time on an as needed basis Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.
01/12/2025
Full time
Locations : London Boston Gurgaon Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom-line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You'll Do The IT Secure Infrastructure Engineering (SIE) team is seeking an experienced Network Solution Architect. The individual in this role will be part of the team responsible for BCG's Infrastructure Strategy with a focus on the design, implementation, and optimization of enterprise-grade network solutions across the on-premises and multi-cloud environments. The ideal candidate will have deep expertise with Cisco Appliances, AWS and/or GCP networking, and a strong proficiency with Infoblox DNS, Palo Alto Firewalls, VeloCloud SD-WAN, Zero Trust solutions like Zscaler, and Azure networking. The role requires a strategic thinker that can translate business needs into secure, scalable, and resilient network architectures while collaborating with diverse and globally distributed teams. YOU'RE GOOD AT Architecture and Design Develop end-to-end network architectures that integrate AWS, GCP, Azure, and Cisco IOS platforms Design Core Network Protocol (DNS, NTP, DHCP) deployments with tools like Infoblox Design secure perimeter and segmentation strategies with Palo Alto Firewalls Lead SD-WAN design and deployment using VeloCloud to optimize global connectivity Implementation and Optimization Configure and manage Cisco IOS-based routers, switches, and firewalls Deploy and maintain enterprise scale cloud networking components in AWS, Azure, and GCP Optimize network reliability, performance, and scalability across hybrid and multi-cloud environments Implement automation where possible using Terraform, API integrations, Git Actions and/or Terraform Cloud Security Implement next-generation firewall policies, web application firewall rules, threat prevention on Palo Alto and cloud native Firewalls Apply DNS security best practices using Infoblox Ensure compliance with standards such as ISO 27001, SOC2, and GDPR Collaboration and Leadership Partner with cloud, security, network, and DevOps teams to deliver integrated solutions Serve as subject matter expert for cloud networking, SD-WAN, DNS/DHCP/IPAM, and firewall technologies Provide mentorship and guidance to engineers and operations teams Monitoring and Troubleshooting Establish proactive monitoring and alerting systems across cloud and on-prem networks Lead advanced troubleshooting for issues involving Cisco IOS, Palo Alto, Infoblox, and VeloCloud Conduct root cause analysis and implement preventive measures What You'll Bring The ideal candidate will demonstrate appropriate experience in the following: Networking Protocols and Platforms Strong Knowledge of TCP/IP, BGP, OSPF, MPLS, DNS, DHCP, NAT, VPNs Advanced proficiency in Cisco IOS (routers, switches, firewalls) Infoblox for enterprise-grade DNS solutions VeloCloud SD-WAN deployment and optimization Cloud Networking (required AWS or GCP) AWS: Transit Gateway, Direct Connect, VPC, VPN, Load Balancing, Security Groups GCP: Network Connectivity Center, Cloud Interconnect, VPC, VPN, Load Balancing, Firewall Rules Azure: Express Routes, VNET, Security Groups, Load Balancing, vWAN Security Expertise in Palo Alto Firewalls including policy configuration, threat prevention Network segmentation, zero-trust frameworks, and IAM integration Cloud native Web Application Firewalls Tools and Monitoring Monitoring solutions: Datadog, Stackdriver, PA Panorama, or equivalent Has strong practical experience with DevOps tools and methods, like CI/CD, Git, IaC (Terraform) Working and collaborating with Agile Teams (Squad) Good understanding of using Jira for story tracking and Confluence for documentation Strong communication, documentation, and stakeholder engagement skills High level of initiative, self-motivation, resourcefulness, collaboration and patience Ability to successfully and effectively manage multiple projects and deliverables Ability to build trust and work collaboratively with senior leadership and stakeholders Ability to successfully implement change through relationships built on a local, regional and global level Minimum of a Bachelor's degree in related field or relevant experience/certifications Preferred Cisco: CCNP/CCIE Cloud: AWS Certified Advanced Networking - Specialty, Professional Cloud Network Engineer 10 Years Experience in network engineering and design including cloud (AWS or GCP preferred) Who You'll Work With You will work with a broad spectrum of engineers, developers, managers and directors across IT and the IT Leadership team. Additional info For US locations only In the US, we have a compensation transparency approach. Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market leading benefits package described below. The base salary range for this role in Boston is $180,000.00 - $219,300.00. This is an estimated range, however, specific base salaries within the range depend on various factors such as experience and skill set. It is not common for new BCG employees to be hired at the high-end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness. In addition to your base salary, your total compensation will include a bonus of up to 30% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years. All of our plans provide best in class coverage: Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children Low $10 (USD) copays for trips to the doctor, urgent care visits and prescriptions for generic drugs Dental coverage, including up to $5,000 in orthodontia benefits Vision insurance with coverage for both glasses and contact lenses annually Reimbursement for gym memberships and other fitness activities Fully vested Profit Sharing Retirement Fund contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan Paid Parental Leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month) Paid sick time on an as needed basis Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E - Verify Employer. Click here for more information on E-Verify.
Job Summary As a Hardware Development Engineer, you will analyse system requirements and design hardware solutions in close collaboration with Silicon, Architecture, and Software teams. You will generate schematics and PCB layout constraints, working closely with the PCB CAD team to realise robust circuit designs. In this role, you will define test and validation plans, execute test campaigns, report findings, and collaborate with firmware and system architecture teams to interpret results, debug issues, and improve system performance. You will have expertise in microprocessor system design and debug, with a strong understanding of processor power supply, reset and clocking requirements, memory, communication interfaces, and control subsystems. Responsibilities & Duties Development of production systems and test boards, including: Circuit design, requirements analysis, functional definition, and component selection PCB layout constraint definition and support of the PCB CAD team Circuit validation and verification Designing and executing tests to validate circuit performance and operating margin Debugging and optimisation of microcontroller hardware behaviour in collaboration with the firmware team Prototype build support, including bring-up, evaluation, system test, and validation Supporting the transfer of designs into mass production Candidate Profile Experience in one or more of the following areas: Knowledge of DC/DC voltage regulators (including multi-phase), LDOs, and PCB design practices for efficient power delivery Processor system development (e.g., STM32) with experience in processor interfaces such as Ethernet, PCIe, DDR, Flash, USB, I C, SPI, JTAG, etc. Experience with SERDES technologies (e.g., 112 Gbps, PAM4) is a strong benefit Other Desired Experience Demonstrable experience in digital circuit development and validation Extensive hands-on lab experience: bring-up, debugging, validation, and characterisation Experience using Siemens/Mentor PCB design tools for schematic capture, design constraints, and PCB layout A rigorous, detail-oriented approach ensuring first-time-right design Strong communication skills and the ability to work independently or as part of a small, collaborative team Willingness to participate across the full development cycle-from concept to delivery Proficiency with high-speed digital oscilloscopes, logic analysers, and signal generators Experience scripting tests and analysing data using Linux, Python, Bash, and Excel
28/11/2025
Contractor
Job Summary As a Hardware Development Engineer, you will analyse system requirements and design hardware solutions in close collaboration with Silicon, Architecture, and Software teams. You will generate schematics and PCB layout constraints, working closely with the PCB CAD team to realise robust circuit designs. In this role, you will define test and validation plans, execute test campaigns, report findings, and collaborate with firmware and system architecture teams to interpret results, debug issues, and improve system performance. You will have expertise in microprocessor system design and debug, with a strong understanding of processor power supply, reset and clocking requirements, memory, communication interfaces, and control subsystems. Responsibilities & Duties Development of production systems and test boards, including: Circuit design, requirements analysis, functional definition, and component selection PCB layout constraint definition and support of the PCB CAD team Circuit validation and verification Designing and executing tests to validate circuit performance and operating margin Debugging and optimisation of microcontroller hardware behaviour in collaboration with the firmware team Prototype build support, including bring-up, evaluation, system test, and validation Supporting the transfer of designs into mass production Candidate Profile Experience in one or more of the following areas: Knowledge of DC/DC voltage regulators (including multi-phase), LDOs, and PCB design practices for efficient power delivery Processor system development (e.g., STM32) with experience in processor interfaces such as Ethernet, PCIe, DDR, Flash, USB, I C, SPI, JTAG, etc. Experience with SERDES technologies (e.g., 112 Gbps, PAM4) is a strong benefit Other Desired Experience Demonstrable experience in digital circuit development and validation Extensive hands-on lab experience: bring-up, debugging, validation, and characterisation Experience using Siemens/Mentor PCB design tools for schematic capture, design constraints, and PCB layout A rigorous, detail-oriented approach ensuring first-time-right design Strong communication skills and the ability to work independently or as part of a small, collaborative team Willingness to participate across the full development cycle-from concept to delivery Proficiency with high-speed digital oscilloscopes, logic analysers, and signal generators Experience scripting tests and analysing data using Linux, Python, Bash, and Excel
Technical Project Manager - 6 months - Hybrid (London) - Outside IR35 We are looking for a highly technical Project Manager to deliver a major migration from on-premise Privileged Access Security (PAS) solution to a cloud based solution. This role offers the opportunity to lead a high-profile security transformation within a complex, fast moving environment Key Responsibilities Lead the end-to-end migration from on-premise to cloud Develop and maintain project plans, RAID logs, and migration playbooks Coordinate technical delivery with technical engineers and internal teams Manage risks, dependencies, and stakeholder communication across all phases Oversee testing, validation, and cut-over activities with minimal disruption Ensure compliance with internal security Key Experience and Skills Proven experience managing IDAM and PAM migration projects Experience with Azure Virtual Desktop, CyberArk, Zscaler Background in IAM, privileged access controls, and enterprise security architecture Excellent project governance, planning, and stakeholder management skills Project Management certification (PRINCE2, PMP, or Agile) desirable Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
19/11/2025
Contractor
Technical Project Manager - 6 months - Hybrid (London) - Outside IR35 We are looking for a highly technical Project Manager to deliver a major migration from on-premise Privileged Access Security (PAS) solution to a cloud based solution. This role offers the opportunity to lead a high-profile security transformation within a complex, fast moving environment Key Responsibilities Lead the end-to-end migration from on-premise to cloud Develop and maintain project plans, RAID logs, and migration playbooks Coordinate technical delivery with technical engineers and internal teams Manage risks, dependencies, and stakeholder communication across all phases Oversee testing, validation, and cut-over activities with minimal disruption Ensure compliance with internal security Key Experience and Skills Proven experience managing IDAM and PAM migration projects Experience with Azure Virtual Desktop, CyberArk, Zscaler Background in IAM, privileged access controls, and enterprise security architecture Excellent project governance, planning, and stakeholder management skills Project Management certification (PRINCE2, PMP, or Agile) desirable Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
IAM Engineer II Location: London (City) - (4 days office/1 remote) Salary: 85,000 + annual discretionary bonus Hours: 11am-7pm (fixed shift) About the firm Our client is a leading global law firm with world-class offices in the heart of the City. The firm has recently moved into a brand-new building offering outstanding facilities, including free breakfast, lunch and dinner, a fully equipped on-site gym, and a modern, collaborative working environment. The opportunity This is a new role within the EMEA Identity & Access Management team, supporting a global user base and working closely with teams in the US and APAC. The position offers a mix of hands-on BAU operations and project delivery focused on improving automation, access controls and privileged account management across the firm's enterprise environment. You'll work alongside experienced IAM engineers to maintain and enhance the firm's Microsoft identity platforms, supporting the joiner-mover-leaver life cycle and driving continuous improvement in identity security and governance. Key responsibilities Manage and maintain Active Directory, Azure/Entra ID and M365 identity services Support and enhance the firm's PAM platform (Delinea) - experience with CyberArk or BeyondTrust also welcome Administer PIM, Conditional Access and MFA policies across the Entra environment Develop and maintain PowerShell scripts for automation and reporting Collaborate with global IAM and Infrastructure teams on projects and incident resolution Ensure access governance, compliance and audit requirements are met across systems Contribute to roadmap development and platform improvements within the EMEA region What we're looking for Strong hands-on experience with Active Directory and Azure/Entra ID administration Knowledge of PAM solutions such as Delinea, CyberArk or BeyondTrust Good understanding of M365, Intune and identity security principles Confident using PowerShell for automation and troubleshooting Familiarity with PIM, MFA and Conditional Access Experience working in large, global or professional services environments Collaborative mindset and a genuine interest in identity security What's on offer Salary up to 85,000 depending on experience Annual discretionary bonus On-site working (4 days office/1 remote) Free breakfast, lunch and dinner each day Free on-site gym Excellent benefits package Genuine career progression - clear path to Senior Engineer or IAM Architect as the team expands If you're an experienced IAM or Infrastructure Engineer looking to step into a global role with a strong Microsoft and PAM focus, we'd love to hear from you. Please apply with your CV
19/11/2025
Full time
IAM Engineer II Location: London (City) - (4 days office/1 remote) Salary: 85,000 + annual discretionary bonus Hours: 11am-7pm (fixed shift) About the firm Our client is a leading global law firm with world-class offices in the heart of the City. The firm has recently moved into a brand-new building offering outstanding facilities, including free breakfast, lunch and dinner, a fully equipped on-site gym, and a modern, collaborative working environment. The opportunity This is a new role within the EMEA Identity & Access Management team, supporting a global user base and working closely with teams in the US and APAC. The position offers a mix of hands-on BAU operations and project delivery focused on improving automation, access controls and privileged account management across the firm's enterprise environment. You'll work alongside experienced IAM engineers to maintain and enhance the firm's Microsoft identity platforms, supporting the joiner-mover-leaver life cycle and driving continuous improvement in identity security and governance. Key responsibilities Manage and maintain Active Directory, Azure/Entra ID and M365 identity services Support and enhance the firm's PAM platform (Delinea) - experience with CyberArk or BeyondTrust also welcome Administer PIM, Conditional Access and MFA policies across the Entra environment Develop and maintain PowerShell scripts for automation and reporting Collaborate with global IAM and Infrastructure teams on projects and incident resolution Ensure access governance, compliance and audit requirements are met across systems Contribute to roadmap development and platform improvements within the EMEA region What we're looking for Strong hands-on experience with Active Directory and Azure/Entra ID administration Knowledge of PAM solutions such as Delinea, CyberArk or BeyondTrust Good understanding of M365, Intune and identity security principles Confident using PowerShell for automation and troubleshooting Familiarity with PIM, MFA and Conditional Access Experience working in large, global or professional services environments Collaborative mindset and a genuine interest in identity security What's on offer Salary up to 85,000 depending on experience Annual discretionary bonus On-site working (4 days office/1 remote) Free breakfast, lunch and dinner each day Free on-site gym Excellent benefits package Genuine career progression - clear path to Senior Engineer or IAM Architect as the team expands If you're an experienced IAM or Infrastructure Engineer looking to step into a global role with a strong Microsoft and PAM focus, we'd love to hear from you. Please apply with your CV
Network and Security Engineer - Palo Alto/ Juniper routing Outside IR35 Contract role Hybrid 3-4 visits per month/ roughly 1 visit per week - Moorgate nearest tube Must be a UK Citizen (due to role requirements) Outside IR35 contract opportunity for a Network and Security Engineer . This role will focus on implementing, testing and documenting a service roll out across a global network. You will need good configuration & troubleshooting skills across Palo Alto firewalls and Panorama , in addition to solid routing & troubleshooting (Juniper) , in addition to precise documentation skills/ change control. Experience with Privileged Access Management (PAM) systems is a plus. To be successful in this role you must have strong experience within the following and these should be cleraly evidenced in CV: Palo Alto troubleshooting Juniper routing troubleshooting Key Responsibilities Update and maintain Low-Level Design (LLD) documentation with site-specific configuration details. Review service requests and raise change requests where required. Implement and test firewall policies using Panorama. Troubleshoot connectivity issues across networks, applications, and security devices. Collaborate with security and infrastructure teams to ensure compliance with policies and standards. Configure access policies in PAM systems. What you'll bring: Proven experience with Palo Alto Networks firewalls and Panorama in complex multi-vsys, multi-VR environments. Strong routing and troubleshooting skills ( Juniper ). Solid understanding of networking fundamentals (TCP/IP, routing, switching, DNS, DHCP). Knowledge of VPN technologies (IPSec, SSL) and related troubleshooting. Excellent problem-solving, analytical, and documentation skills. Clear communication abilities, both written and verbal. Beneficial Experience Familiarity with cloud integrations (AWS, Azure, GCP). Understanding of PAM and Zero Trust Access concepts. Preferred Certifications Palo Alto PCNSE or PCNSA (highly preferred). Juniper certifications JNCIA, JNCIS, JNCIP etc
13/11/2025
Contractor
Network and Security Engineer - Palo Alto/ Juniper routing Outside IR35 Contract role Hybrid 3-4 visits per month/ roughly 1 visit per week - Moorgate nearest tube Must be a UK Citizen (due to role requirements) Outside IR35 contract opportunity for a Network and Security Engineer . This role will focus on implementing, testing and documenting a service roll out across a global network. You will need good configuration & troubleshooting skills across Palo Alto firewalls and Panorama , in addition to solid routing & troubleshooting (Juniper) , in addition to precise documentation skills/ change control. Experience with Privileged Access Management (PAM) systems is a plus. To be successful in this role you must have strong experience within the following and these should be cleraly evidenced in CV: Palo Alto troubleshooting Juniper routing troubleshooting Key Responsibilities Update and maintain Low-Level Design (LLD) documentation with site-specific configuration details. Review service requests and raise change requests where required. Implement and test firewall policies using Panorama. Troubleshoot connectivity issues across networks, applications, and security devices. Collaborate with security and infrastructure teams to ensure compliance with policies and standards. Configure access policies in PAM systems. What you'll bring: Proven experience with Palo Alto Networks firewalls and Panorama in complex multi-vsys, multi-VR environments. Strong routing and troubleshooting skills ( Juniper ). Solid understanding of networking fundamentals (TCP/IP, routing, switching, DNS, DHCP). Knowledge of VPN technologies (IPSec, SSL) and related troubleshooting. Excellent problem-solving, analytical, and documentation skills. Clear communication abilities, both written and verbal. Beneficial Experience Familiarity with cloud integrations (AWS, Azure, GCP). Understanding of PAM and Zero Trust Access concepts. Preferred Certifications Palo Alto PCNSE or PCNSA (highly preferred). Juniper certifications JNCIA, JNCIS, JNCIP etc
CyberArk Secret Manager Engineer | Freelance | London/Paris/Brussels/Hybrid (8 days/month onsite) Duration: 12 months Rate: Flexible Inside of IR35 We're looking for an experienced CyberArk Engineer to join Euroclear's Chief Information Security Office (CISO) within the Identity and Access Management (IDAM) team. This is a fantastic opportunity to play a key role in strengthening Euroclear's Privileged Access Management (PAM) posture by deploying and integrating CyberArk Secret Manager across a complex enterprise environment. You'll lead the end-to-end implementation of CyberArk's Application Access Manager (AAM) capabilities - including Credential Provider (CP) , Central Credential Provider (CCP) , and Application Service Credential Provider (ASCP) . Your focus will be on enabling secure, automated, and compliant management of service and functional accounts across Windows and Linux systems. Key Responsibilities: Deploy, configure, and integrate CyberArk Secret Manager/AAM components (CP, CCP, ASCP). Design credential management solutions for service accounts, ensuring high availability and compliance. Integrate CyberArk with applications, Middleware, and databases for secure credential retrieval and rotation. Automate deployments and configuration using Ansible , PowerShell , Bash , and REST APIs . Manage Safes, platforms, permissions, and onboarding in CyberArk PAM. Produce design documentation, runbooks, and integration guides. Collaborate with application and infrastructure teams to troubleshoot issues and optimise integrations. What We're Looking For: ? Proven hands-on experience with CyberArk Secret Manager/AAM (non-negotiable). ? Strong PAM administration skills - Safes, platforms, permissions. ? Windows & Linux integration experience. ? Automation experience with Ansible , Scripting (PowerShell, Bash), and APIs. ? Independent, proactive, and solutions-oriented mindset. Please do send across to me the most up to date CV to (see below) *Rates depend on experience and client requirements
06/10/2025
Contractor
CyberArk Secret Manager Engineer | Freelance | London/Paris/Brussels/Hybrid (8 days/month onsite) Duration: 12 months Rate: Flexible Inside of IR35 We're looking for an experienced CyberArk Engineer to join Euroclear's Chief Information Security Office (CISO) within the Identity and Access Management (IDAM) team. This is a fantastic opportunity to play a key role in strengthening Euroclear's Privileged Access Management (PAM) posture by deploying and integrating CyberArk Secret Manager across a complex enterprise environment. You'll lead the end-to-end implementation of CyberArk's Application Access Manager (AAM) capabilities - including Credential Provider (CP) , Central Credential Provider (CCP) , and Application Service Credential Provider (ASCP) . Your focus will be on enabling secure, automated, and compliant management of service and functional accounts across Windows and Linux systems. Key Responsibilities: Deploy, configure, and integrate CyberArk Secret Manager/AAM components (CP, CCP, ASCP). Design credential management solutions for service accounts, ensuring high availability and compliance. Integrate CyberArk with applications, Middleware, and databases for secure credential retrieval and rotation. Automate deployments and configuration using Ansible , PowerShell , Bash , and REST APIs . Manage Safes, platforms, permissions, and onboarding in CyberArk PAM. Produce design documentation, runbooks, and integration guides. Collaborate with application and infrastructure teams to troubleshoot issues and optimise integrations. What We're Looking For: ? Proven hands-on experience with CyberArk Secret Manager/AAM (non-negotiable). ? Strong PAM administration skills - Safes, platforms, permissions. ? Windows & Linux integration experience. ? Automation experience with Ansible , Scripting (PowerShell, Bash), and APIs. ? Independent, proactive, and solutions-oriented mindset. Please do send across to me the most up to date CV to (see below) *Rates depend on experience and client requirements
Why work for us? We aim to provide you with peace of mind in addition to an attractive salary and eligibility to participate in the discretionary annual bonus opportunities. You will also receive an excellent benefit package including: Company funded industry qualifications Workplace Pension Close to town centre / bus station / train station Free Car Parking Attendance Bonus Scheme Sick pay Scheme 22 days holiday Bank Holidays, increasing with length of service to a max of 30 days after a qualifying period. About the Role: On a day-to-day basis, you will be involved in the investigation and resolution of customer and internal support requests. In doing this, you will be responsible for providing a high-quality level of service to both internal and external customers alike and be able to identify and solve issues alongside the existing Technical Services team, who themselves specialise in the support & maintenance of our clients. You must have excellent communication skills and you will ideally be an all-rounder who is comfortable doing 1st & 2nd Line support including the following skills and aspects: 2+ years' experience in similar IT role (MSP) Excellent troubleshooting skills in all Windows desktop, Mac OSX, and Windows Server operating systems Support of Microsoft Hyper-V & VMWare vSphere infrastructures Basic understanding of Cyber Security principles Support of all Microsoft products including Office, Office 365 Exchange, Azure, SharePoint Supporting on premise and off premise Anti-Spam/Email Security solutions Solving both hardware and software faults Working with networking equipment including, Firewalls, Wi-Fi solutions and all other network equipment Assisting with Domain level DNS changes and fixes Anti-Virus and Anti-Malware monitoring, administration, and support Monitoring and maintaining client's infrastructure, patching, internal networks & broadband solutions Monitor IT security and support administration functions Providing excellent support, including procedural documentation and relevant reporting Escalate any complex problems to 3rd line and on-site engineers where appropriate Liaising with 3rd party vendors to see resolutions on all tickets Monitoring systems to ensure their smooth running, investigating issues displayed on RMM Platforms Ensuring all monitored backups have completed successfully, investigating, and resolving any issues Hands-on experience with equipment - laptops, desktop, printers, and peripherals The ability to work on set targets as well as using your own initiative and deadlines Managing and prioritising own tickets and workloads Undertaking internal and vendor training for personal and professional development Rapidly establishing a good working relationship with customers and other professionals Accurate and concise record keeping of all interactions and actions on the CRM Always maintaining client confidentiality and security Remotely carrying out chargeable jobs All other support duties that are commensurate with the role or at the request of the Management team About You: Essential Skills and Experience: Previous Technical Support (or roles of similar nature) Good knowledge of networks and basic infrastructure (routing, IP's, topology etc) Good planning, time management, administrational and organisational skills Always maintaining client confidentiality and security Ability to follow strict process and procedures Desirable - knowledge of the Cyber Essentials scheme Personal qualities: Organised, Reliable and trustworthy Customer Service Driven Good problem-solving skills Good timekeeping Attention to detail Ability to work individually and as part of a team Strong interpersonal and communication skills key An interest in technology and troubleshooting Capable of thinking outside the box Desirable - driving licence Desirable MTA: - Windows Operating systems Fundamental, Networking Fundamentals, Server Administration Fundamental CompTIA: - IT Fundamentals+, A +, Server + MCSA: - Desktop Operating system Experience within a Cyber Security Function
03/10/2025
Full time
Why work for us? We aim to provide you with peace of mind in addition to an attractive salary and eligibility to participate in the discretionary annual bonus opportunities. You will also receive an excellent benefit package including: Company funded industry qualifications Workplace Pension Close to town centre / bus station / train station Free Car Parking Attendance Bonus Scheme Sick pay Scheme 22 days holiday Bank Holidays, increasing with length of service to a max of 30 days after a qualifying period. About the Role: On a day-to-day basis, you will be involved in the investigation and resolution of customer and internal support requests. In doing this, you will be responsible for providing a high-quality level of service to both internal and external customers alike and be able to identify and solve issues alongside the existing Technical Services team, who themselves specialise in the support & maintenance of our clients. You must have excellent communication skills and you will ideally be an all-rounder who is comfortable doing 1st & 2nd Line support including the following skills and aspects: 2+ years' experience in similar IT role (MSP) Excellent troubleshooting skills in all Windows desktop, Mac OSX, and Windows Server operating systems Support of Microsoft Hyper-V & VMWare vSphere infrastructures Basic understanding of Cyber Security principles Support of all Microsoft products including Office, Office 365 Exchange, Azure, SharePoint Supporting on premise and off premise Anti-Spam/Email Security solutions Solving both hardware and software faults Working with networking equipment including, Firewalls, Wi-Fi solutions and all other network equipment Assisting with Domain level DNS changes and fixes Anti-Virus and Anti-Malware monitoring, administration, and support Monitoring and maintaining client's infrastructure, patching, internal networks & broadband solutions Monitor IT security and support administration functions Providing excellent support, including procedural documentation and relevant reporting Escalate any complex problems to 3rd line and on-site engineers where appropriate Liaising with 3rd party vendors to see resolutions on all tickets Monitoring systems to ensure their smooth running, investigating issues displayed on RMM Platforms Ensuring all monitored backups have completed successfully, investigating, and resolving any issues Hands-on experience with equipment - laptops, desktop, printers, and peripherals The ability to work on set targets as well as using your own initiative and deadlines Managing and prioritising own tickets and workloads Undertaking internal and vendor training for personal and professional development Rapidly establishing a good working relationship with customers and other professionals Accurate and concise record keeping of all interactions and actions on the CRM Always maintaining client confidentiality and security Remotely carrying out chargeable jobs All other support duties that are commensurate with the role or at the request of the Management team About You: Essential Skills and Experience: Previous Technical Support (or roles of similar nature) Good knowledge of networks and basic infrastructure (routing, IP's, topology etc) Good planning, time management, administrational and organisational skills Always maintaining client confidentiality and security Ability to follow strict process and procedures Desirable - knowledge of the Cyber Essentials scheme Personal qualities: Organised, Reliable and trustworthy Customer Service Driven Good problem-solving skills Good timekeeping Attention to detail Ability to work individually and as part of a team Strong interpersonal and communication skills key An interest in technology and troubleshooting Capable of thinking outside the box Desirable - driving licence Desirable MTA: - Windows Operating systems Fundamental, Networking Fundamentals, Server Administration Fundamental CompTIA: - IT Fundamentals+, A +, Server + MCSA: - Desktop Operating system Experience within a Cyber Security Function
Onsite IT Field Support Engineer who is a technically minded team player with good IT troubleshooting and user facing skills is required to provide onsite deskside technical support for a well-established IT Services Company based in the City of London. WORK WITH THE LATEST CLOUD SERVICES AND TECHNOLOGIES This role is focusing on the latest Microsoft cloud services. If you want the opportunity to work with cutting edge cloud and security applications, supporting professional services in London and beyond, then we want to hear from you! SALARY: £40,000 - £45,000 per annum DOE + Benefits (see below) LOCATION: Hybrid. Working 4 days from client sites or the City of London office (Farringdon / Chancery Lane EC1N) and 1 day from home JOB TYPE: Full-Time, Permanent WORKING HOURS: 35 hours per week, Monday to Friday Fantastic Career Progression Opportunities JOB OVERVIEW We have a fantastic new job opportunity for an Onsite IT Field Support Engineer who is a technically minded team player with good IT troubleshooting and user facing skills. As the Onsite IT Field Support Engineer you will act primarily as an onsite engineer for a set of clients and work closely with technical leads, account managers and other tech teams to deliver an IT vision which future proofs client systems. Working as the Onsite IT Field Support Engineer you will be supporting clients onsite on a regular or ad-hoc scheduled basis. Site visits are generally within walking distance of the Farringdon/Chancery Lane office, but there are also clients across the UK and Worldwide and some UK travel may be required. ABOUT YOU You're technically minded, you have experience in IT support and you're a team player. You have the customer service experience to work independently at client sites in a professional environment. You're tenacious and don't like to give up until you've found a solution. IT is your calling, you're bright and know you have more to offer at an inspiring company. You will be expected to demonstrate a strong work ethic when it comes to managing issues, have a keenness to learn and develop, with a thorough approach to problem solving an appreciation for the various client cultures and their unique requirements. By showing intelligence and an eagerness to learn you will be given freedom to develop new skills and gain training in a wide range of cutting-edge technologies including Microsoft Modern Desktop, Intune, Autopilot, Power Platform and Azure. CANDIDATE REQUIREMENTS As the Onsite IT Field Support Engineer you will have: Essential Previous experience in IT support roles, ideally at an MSP Knowledge of Office 365; experience supporting Outlook, OneDrive, SharePoint & Teams & Intune Proficient in supporting and troubleshooting Windows 10 & 11 and Mac devices Exposure to, and understanding of, core Windows server elements including Active Directory, DNS, DHCP Understanding of, and ability to, troubleshoot and configure networking technologies such as WIFI, Firewalls & Routers Exposure to Azure Virtual Desktops desirable Understanding of Multi Factor, Conditional Access, Compliance Policies Understanding of email routing and management - 3rd party spam filters. Mail tracing Skilled in resolving printer issues and collaborating with 3rd party vendors Desirable Professional Qualifications: Microsoft Certifications, particularly cloud ones such as MD-102 and MS-700 CompTIA A+, Network+ BENEFITS WFH one day per week Learning and development opportunities (Microsoft certifications, developmental pathways, internal and external training) Regular career progression reviews 21 days holiday, public holidays, and birthday day off Private healthcare after probation 40% off gym membership Great pension scheme from day one Cycle to work scheme Recruitment referral scheme Eyecare vouchers Central location, next to a famous food market A friendly, inclusive, sustainable work environment Regular social events (tech-infused minigolf and darts, pool, and more!) Electric car scheme after 2 years of service APPLY TODAY By submitting your job application to us you are hereby giving us your express consent to submit your details to our Client for this purpose. JOB REF: AWDO-P13882 Full-Time, Permanent IT Jobs, Careers and Vacancies. Find a new job and work in London. Multi-Job Board Advertising and CV Sourcing Recruitment Services provided by AWD online. AWD online specialise in sourcing candidates and advertising vacancies on multiple job boards for companies on a non-commission basis. AWD online operates as an employment agency. AWD-IN-SPJ
01/10/2025
Full time
Onsite IT Field Support Engineer who is a technically minded team player with good IT troubleshooting and user facing skills is required to provide onsite deskside technical support for a well-established IT Services Company based in the City of London. WORK WITH THE LATEST CLOUD SERVICES AND TECHNOLOGIES This role is focusing on the latest Microsoft cloud services. If you want the opportunity to work with cutting edge cloud and security applications, supporting professional services in London and beyond, then we want to hear from you! SALARY: £40,000 - £45,000 per annum DOE + Benefits (see below) LOCATION: Hybrid. Working 4 days from client sites or the City of London office (Farringdon / Chancery Lane EC1N) and 1 day from home JOB TYPE: Full-Time, Permanent WORKING HOURS: 35 hours per week, Monday to Friday Fantastic Career Progression Opportunities JOB OVERVIEW We have a fantastic new job opportunity for an Onsite IT Field Support Engineer who is a technically minded team player with good IT troubleshooting and user facing skills. As the Onsite IT Field Support Engineer you will act primarily as an onsite engineer for a set of clients and work closely with technical leads, account managers and other tech teams to deliver an IT vision which future proofs client systems. Working as the Onsite IT Field Support Engineer you will be supporting clients onsite on a regular or ad-hoc scheduled basis. Site visits are generally within walking distance of the Farringdon/Chancery Lane office, but there are also clients across the UK and Worldwide and some UK travel may be required. ABOUT YOU You're technically minded, you have experience in IT support and you're a team player. You have the customer service experience to work independently at client sites in a professional environment. You're tenacious and don't like to give up until you've found a solution. IT is your calling, you're bright and know you have more to offer at an inspiring company. You will be expected to demonstrate a strong work ethic when it comes to managing issues, have a keenness to learn and develop, with a thorough approach to problem solving an appreciation for the various client cultures and their unique requirements. By showing intelligence and an eagerness to learn you will be given freedom to develop new skills and gain training in a wide range of cutting-edge technologies including Microsoft Modern Desktop, Intune, Autopilot, Power Platform and Azure. CANDIDATE REQUIREMENTS As the Onsite IT Field Support Engineer you will have: Essential Previous experience in IT support roles, ideally at an MSP Knowledge of Office 365; experience supporting Outlook, OneDrive, SharePoint & Teams & Intune Proficient in supporting and troubleshooting Windows 10 & 11 and Mac devices Exposure to, and understanding of, core Windows server elements including Active Directory, DNS, DHCP Understanding of, and ability to, troubleshoot and configure networking technologies such as WIFI, Firewalls & Routers Exposure to Azure Virtual Desktops desirable Understanding of Multi Factor, Conditional Access, Compliance Policies Understanding of email routing and management - 3rd party spam filters. Mail tracing Skilled in resolving printer issues and collaborating with 3rd party vendors Desirable Professional Qualifications: Microsoft Certifications, particularly cloud ones such as MD-102 and MS-700 CompTIA A+, Network+ BENEFITS WFH one day per week Learning and development opportunities (Microsoft certifications, developmental pathways, internal and external training) Regular career progression reviews 21 days holiday, public holidays, and birthday day off Private healthcare after probation 40% off gym membership Great pension scheme from day one Cycle to work scheme Recruitment referral scheme Eyecare vouchers Central location, next to a famous food market A friendly, inclusive, sustainable work environment Regular social events (tech-infused minigolf and darts, pool, and more!) Electric car scheme after 2 years of service APPLY TODAY By submitting your job application to us you are hereby giving us your express consent to submit your details to our Client for this purpose. JOB REF: AWDO-P13882 Full-Time, Permanent IT Jobs, Careers and Vacancies. Find a new job and work in London. Multi-Job Board Advertising and CV Sourcing Recruitment Services provided by AWD online. AWD online specialise in sourcing candidates and advertising vacancies on multiple job boards for companies on a non-commission basis. AWD online operates as an employment agency. AWD-IN-SPJ
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
24/09/2022
Full time
Overview: Ensure all your application information is up to date and in order before applying for this opportunity. The Senior Infrastructure Analyst will manage and participate in the delivery and support of IT infrastructure and IT infrastructure security for new and existing systems / solutions. You will ensure RSSB infrastructure is secure and adheres to Cyber Security standards, manage DR processes and business continuity. Where appropriate, you will assist other team members in the provision of 2nd and 3rd line technical IM&T support (Desktop, Software, Infrastructure and Telephony), as well as maintain and deliver a high degree of customer service for all RSSB IM&T support queries and Requests for Change. Responsibilities: Proactively respond to security vulnerabilities identified by monitoring tools, performing remediation tasks Responsible for monitoring and reporting for on-premise and cloud infrastructure systems, for the early identification of issues Act as escalation point for technical issues Responsible for the security, effective management, administration and operation of the RSSB cloud and onsite physical infrastructure environment Management and oversight of the network infrastructure, including network switches, routers, firewalls and virtualised environment. Analyse and make recommendations to improve infrastructure, network, security and reliability of systems Responsible for system and data backups, restores and DR tests Work with the wider IM&T Team, business, internal and external business partners to ensure that security is factored into the evaluation, selection, installation, delivery and configuration process of solutions and systems Plan, manage and communicate infrastructure change with IT Operation Team Leads, Information Security manager and wider IM&T / business departments Mentor and coach colleagues and provide peer to peer advice, as required Qualifications: Computer science, Microsoft, CompTIA or related field qualifications / certifications or relevant demonstrable experience Proactive with a willingness to take ownership and responsibility for work tasks and issues, delivering a high standard of work Proficient in Windows Server v2008/2012/2019+ management to include Active Directory (AD) and Group Policy (GPO) and SQL Server Deploy patches and software applications using InTune / WSUS Knowledge of administering and supporting Azure AD, Azure IaaS/PaaS Management of backup/recovery solutions (g. Veeam, Arcserve) Experience with operating system hardening, vulnerability assessments, security audits, penetration testing, intrusion prevention systems and other security control systems for example PAM, SIEM, IDR etc. Practical experience with endpoint security, content filtering, vulnerability scanning and anti-malware Knowledge of at least one scripting language (e.g., PowerShell) MS InTune device management (mobile and Windows 10 OS) Effective communication, stakeholder' and supplier management skills Ability to work in Teams and individually using own initiative and capable of self-managing workload. Demonstrable knowledge of common vulnerabilities and exploitation techniques would be beneficial Familiarity with Cyber Essentials/Plus or ISO 27001 and ITIL best practice - Incident, Problem and Change management would be beneficial Early applications are encouraged, as we may close this vacancy before the advertised deadline if sufficient numbers of applications are received. We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme, we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request. We value our staff and we offer a competitive benefits package to ensure our staff can achieve their best throughout their journey with us. This includes 30 days annual leave (plus bank holidays); a holiday buy and sell scheme; private medical and dental cover; a season ticket loan and travel subsidy; access to a cycle to work scheme; volunteer leave; a performance related bonus and pension.
