Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-TimeSummary: We are looking for a strategic and influential cyber security leader for a Group Information & Cyber Security Manager position in Leeds city centre. The main purpose of this role is to lead, develop, and continuously enhance the client's information and cyber security posture, ensuring the security, integrity and availability of all systems and data.This is a fantastic role for a highly experienced Information & Cyber leader to step into a high-visibility role that combines strategic influence, leadership, and the chance to take ownership of a company's security protocol. This role operates on a hybrid basis (2 days per week) in the Leeds city centre office with on-site parking. Key Responsibilities: Provide overall leadership for the organisation's information and cyber security function, continually strengthening the protection of systems and data to maintain confidentiality, integrity, and availability. Set the strategic vision and governance framework for all areas of cyber and information security across the Group. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security-first culture across the organisation through awareness initiatives, training programmes, and targeted education efforts. Requirements: Strong technical understanding across various security toolings, IAM, DLP, SIEM, EDR, and vulnerability management. Deep understanding of compliance frameworks including, ISO27001, NIST, GDPR, and industry best practice Collaborative leadership style with ability to influence and challenge at exec level Risk-based mindset with ability to balance security with operational and commercial needs Benefits: Salary: £85,000 - £90,000 Hybrid Working Company Pension Scheme Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
01/04/2026
Full time
Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-TimeSummary: We are looking for a strategic and influential cyber security leader for a Group Information & Cyber Security Manager position in Leeds city centre. The main purpose of this role is to lead, develop, and continuously enhance the client's information and cyber security posture, ensuring the security, integrity and availability of all systems and data.This is a fantastic role for a highly experienced Information & Cyber leader to step into a high-visibility role that combines strategic influence, leadership, and the chance to take ownership of a company's security protocol. This role operates on a hybrid basis (2 days per week) in the Leeds city centre office with on-site parking. Key Responsibilities: Provide overall leadership for the organisation's information and cyber security function, continually strengthening the protection of systems and data to maintain confidentiality, integrity, and availability. Set the strategic vision and governance framework for all areas of cyber and information security across the Group. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security-first culture across the organisation through awareness initiatives, training programmes, and targeted education efforts. Requirements: Strong technical understanding across various security toolings, IAM, DLP, SIEM, EDR, and vulnerability management. Deep understanding of compliance frameworks including, ISO27001, NIST, GDPR, and industry best practice Collaborative leadership style with ability to influence and challenge at exec level Risk-based mindset with ability to balance security with operational and commercial needs Benefits: Salary: £85,000 - £90,000 Hybrid Working Company Pension Scheme Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Cyber Security Manager Manchester - 2-3 days per week in the office £70,000 - £75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (e.g. CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. £240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
01/04/2026
Full time
Cyber Security Manager Manchester - 2-3 days per week in the office £70,000 - £75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (e.g. CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. £240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
We are partnering an Energy Data provider who are looking for a hands-on Cyber Security Analyst to join their internal IT & Security team during a pivotal period of change. A true 4-day working week My client operates Monday to Thursday, working week, with Fridays off. Extensive Microsoft Purview experience is required for this role. Responsibilities Own and run our vulnerability and patch management processes Investigate and respond to security incidents (malware, phishing, unauthorised access, etc.) Conduct vulnerability assessments and support remediation efforts Help implement and enforce security policies, standards, and procedures Partner with IT colleagues and business units to ensure secure configurations Support audits, risk assessments, and compliance initiatives (ISO 27001, GDPR, NIST) Act as a key escalation point for security investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting and analytical skills Effective communication and collaboration across technical and non-technical teams Relevant certifications (eg, Security+, CySA+, SC-200, SSCP) are beneficial Familiarity with Power Platform and Power BI is advantageous A minimum of three years of relevant experience in similar positions. If you're looking to join a forward-thinking organisation, play a key role in strengthening its security infrastructure, and enjoy a better work-life balance with a 4-day work week, please email your CV. Etech Partners needs to collect and use your personal information when you apply for a role. We understand that you care about your privacy, and we take that seriously. Our Privacy Notice describes our policies and practices regarding collection and use of your personal data. By applying for this job you accept the Privacy Policy.
01/04/2026
Full time
We are partnering an Energy Data provider who are looking for a hands-on Cyber Security Analyst to join their internal IT & Security team during a pivotal period of change. A true 4-day working week My client operates Monday to Thursday, working week, with Fridays off. Extensive Microsoft Purview experience is required for this role. Responsibilities Own and run our vulnerability and patch management processes Investigate and respond to security incidents (malware, phishing, unauthorised access, etc.) Conduct vulnerability assessments and support remediation efforts Help implement and enforce security policies, standards, and procedures Partner with IT colleagues and business units to ensure secure configurations Support audits, risk assessments, and compliance initiatives (ISO 27001, GDPR, NIST) Act as a key escalation point for security investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting and analytical skills Effective communication and collaboration across technical and non-technical teams Relevant certifications (eg, Security+, CySA+, SC-200, SSCP) are beneficial Familiarity with Power Platform and Power BI is advantageous A minimum of three years of relevant experience in similar positions. If you're looking to join a forward-thinking organisation, play a key role in strengthening its security infrastructure, and enjoy a better work-life balance with a 4-day work week, please email your CV. Etech Partners needs to collect and use your personal information when you apply for a role. We understand that you care about your privacy, and we take that seriously. Our Privacy Notice describes our policies and practices regarding collection and use of your personal data. By applying for this job you accept the Privacy Policy.
We are partnering an Energy Data provider who are looking for a hands-on Cyber Security Analyst to join their internal IT & Security team during a pivotal period of change. A true 4-day working week My client operates Monday to Thursday, working week, with Fridays off. Extensive Microsoft Purview experience is required for this role. Responsibilities Own and run our vulnerability and patch management processes Investigate and respond to security incidents (malware, phishing, unauthorised access, etc.) Conduct vulnerability assessments and support remediation efforts Help implement and enforce security policies, standards, and procedures Partner with IT colleagues and business units to ensure secure configurations Support audits, risk assessments, and compliance initiatives (ISO 27001, GDPR, NIST) Act as a key escalation point for security investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting and analytical skills Effective communication and collaboration across technical and non-technical teams Relevant certifications (eg, Security+, CySA+, SC-200, SSCP) are beneficial Familiarity with Power Platform and Power BI is advantageous A minimum of three years of relevant experience in similar positions. If you're looking to join a forward-thinking organisation, play a key role in strengthening its security infrastructure, and enjoy a better work-life balance with a 4-day work week, please email your CV. Etech Partners needs to collect and use your personal information when you apply for a role. We understand that you care about your privacy, and we take that seriously. Our Privacy Notice describes our policies and practices regarding collection and use of your personal data. By applying for this job you accept the Privacy Policy.
01/04/2026
Full time
We are partnering an Energy Data provider who are looking for a hands-on Cyber Security Analyst to join their internal IT & Security team during a pivotal period of change. A true 4-day working week My client operates Monday to Thursday, working week, with Fridays off. Extensive Microsoft Purview experience is required for this role. Responsibilities Own and run our vulnerability and patch management processes Investigate and respond to security incidents (malware, phishing, unauthorised access, etc.) Conduct vulnerability assessments and support remediation efforts Help implement and enforce security policies, standards, and procedures Partner with IT colleagues and business units to ensure secure configurations Support audits, risk assessments, and compliance initiatives (ISO 27001, GDPR, NIST) Act as a key escalation point for security investigations Maximise the effectiveness of Microsoft Defender, Intune, and Purview Promote cyber awareness and best practice across the organisation Collaborate with the Information Security Manager and Compliance Team on GRC activity Stay ahead of emerging threats, vulnerabilities, and industry trends Identify opportunities to improve security tooling, processes, and controls Skills & Experience Needed Microsoft 365 Defender/Security Portal (endpoint and identity protection) Microsoft Purview (data governance and compliance, including Compliance Portal) Proven hands-on experience remediating vulnerabilities and applying patches in a live environment A strong understanding of cybersecurity principles and threat landscapes Experience with endpoint, network, and identity security within Microsoft ecosystems. Strong troubleshooting and analytical skills Effective communication and collaboration across technical and non-technical teams Relevant certifications (eg, Security+, CySA+, SC-200, SSCP) are beneficial Familiarity with Power Platform and Power BI is advantageous A minimum of three years of relevant experience in similar positions. If you're looking to join a forward-thinking organisation, play a key role in strengthening its security infrastructure, and enjoy a better work-life balance with a 4-day work week, please email your CV. Etech Partners needs to collect and use your personal information when you apply for a role. We understand that you care about your privacy, and we take that seriously. Our Privacy Notice describes our policies and practices regarding collection and use of your personal data. By applying for this job you accept the Privacy Policy.
Global GRC Manager Permanent - Birmingham- Hybrid - 2/3 days a week onsite 60,000 - 75,000 DOE + 20% Bonus + Bens We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide. Essential Experience required: Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Hands-on experience with cloud security governance, particularly Microsoft Azure 'Great to have' experience: Experience working in a Retail, Food & Beverage or similar environment Experience working at a Global / International level If this role sound of interest, then please apply today!
31/03/2026
Full time
Global GRC Manager Permanent - Birmingham- Hybrid - 2/3 days a week onsite 60,000 - 75,000 DOE + 20% Bonus + Bens We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide. Essential Experience required: Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management. In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Hands-on experience with cloud security governance, particularly Microsoft Azure 'Great to have' experience: Experience working in a Retail, Food & Beverage or similar environment Experience working at a Global / International level If this role sound of interest, then please apply today!
Senior Security & Technology Consultants Location: Warton, UK (On-Site - 5 Days per Week) Clearance Required: Valid MOD DV (Mandatory) Engagement Type: Contract (Inside IR35) Day Rate: 500 - 900 per day (dependent on role and experience) Overview We are seeking experienced Security & Technology Professionals to support critical programmes in a secure defence environment. These roles span architecture, assurance, operations, and technical delivery disciplines and require individuals who can operate effectively within highly regulated, mission-critical settings. All positions are based full-time on-site in Warton (5 days per week) and require candidates to hold a current and valid MOD DV clearance at the time of application. Scope of Opportunities We are hiring across multiple security and technology disciplines, including: Security Architects Security Assurers Information Security Consultants SOC Analysts OT Architects Cross Domain SMEs IT Administrators Service Managers Product Security Managers Penetration Testing Specialists Technical Project / Programme Managers Key Responsibilities (Role Dependent) Security Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent security assurance across programmes. Support accreditation activities and compliance reviews. Develop and maintain security documentation, standards, and risk registers. Security Operations & SOC Monitor, analyse, and respond to security events and incidents. Strengthen detection, response, and resilience capabilities. Support vulnerability management and remediation activities. OT & Cross Domain Security Provide expertise in Operational Technology environments. Design and assure secure cross-domain solutions and data transfer mechanisms. Evaluate network segregation and high-assurance controls. Penetration Testing & Vulnerability Management Conduct or oversee penetration testing engagements. Assess vulnerabilities and validate remediation strategies. Support red/blue team activities where required. Service & Product Security Embed security into live service management processes. Act as Product Security lead across development lifecycles. Integrate DevSecOps controls and secure SDLC practices. Technical Delivery & Programme Support Manage security-focused technical workstreams. Provide governance reporting to senior stakeholders. Translate technical risks into business impact and mitigation plans. Essential Requirements Valid and transferable MOD DV clearance (mandatory). Availability to work on-site in Warton, 5 days per week. Strong background in one or more of the listed security disciplines. Experience working in secure, defence, or highly regulated environments. Relevant certifications (e.g., CISSP, CISM, TOGAF, CREST, cloud certifications).
31/03/2026
Contractor
Senior Security & Technology Consultants Location: Warton, UK (On-Site - 5 Days per Week) Clearance Required: Valid MOD DV (Mandatory) Engagement Type: Contract (Inside IR35) Day Rate: 500 - 900 per day (dependent on role and experience) Overview We are seeking experienced Security & Technology Professionals to support critical programmes in a secure defence environment. These roles span architecture, assurance, operations, and technical delivery disciplines and require individuals who can operate effectively within highly regulated, mission-critical settings. All positions are based full-time on-site in Warton (5 days per week) and require candidates to hold a current and valid MOD DV clearance at the time of application. Scope of Opportunities We are hiring across multiple security and technology disciplines, including: Security Architects Security Assurers Information Security Consultants SOC Analysts OT Architects Cross Domain SMEs IT Administrators Service Managers Product Security Managers Penetration Testing Specialists Technical Project / Programme Managers Key Responsibilities (Role Dependent) Security Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent security assurance across programmes. Support accreditation activities and compliance reviews. Develop and maintain security documentation, standards, and risk registers. Security Operations & SOC Monitor, analyse, and respond to security events and incidents. Strengthen detection, response, and resilience capabilities. Support vulnerability management and remediation activities. OT & Cross Domain Security Provide expertise in Operational Technology environments. Design and assure secure cross-domain solutions and data transfer mechanisms. Evaluate network segregation and high-assurance controls. Penetration Testing & Vulnerability Management Conduct or oversee penetration testing engagements. Assess vulnerabilities and validate remediation strategies. Support red/blue team activities where required. Service & Product Security Embed security into live service management processes. Act as Product Security lead across development lifecycles. Integrate DevSecOps controls and secure SDLC practices. Technical Delivery & Programme Support Manage security-focused technical workstreams. Provide governance reporting to senior stakeholders. Translate technical risks into business impact and mitigation plans. Essential Requirements Valid and transferable MOD DV clearance (mandatory). Availability to work on-site in Warton, 5 days per week. Strong background in one or more of the listed security disciplines. Experience working in secure, defence, or highly regulated environments. Relevant certifications (e.g., CISSP, CISM, TOGAF, CREST, cloud certifications).
Global GRC Manager Contract - Birmingham- Hybrid - 2/3 days a week onsite 550 - 650 Inside IR35 We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide. Essential Experience required: Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Demonstrable Senior stakeholder management up to C-suite Experience working in immature security environments 'Great to have' experience: Experience working in a Retail, Food & Beverage or similar environment Experience working at a Global / International level If this role sound of interest, then please apply today!
31/03/2026
Contractor
Global GRC Manager Contract - Birmingham- Hybrid - 2/3 days a week onsite 550 - 650 Inside IR35 We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide. Essential Experience required: Significant experience in information and cyber security governance, risk, and compliance roles, in a global context Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL). Demonstrable Senior stakeholder management up to C-suite Experience working in immature security environments 'Great to have' experience: Experience working in a Retail, Food & Beverage or similar environment Experience working at a Global / International level If this role sound of interest, then please apply today!
Cyber Security Manager Manchester - 2-3 days per week in the office £70,000 - £75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is Embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (eg CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. £240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
31/03/2026
Full time
Cyber Security Manager Manchester - 2-3 days per week in the office £70,000 - £75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is Embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (eg CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. £240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
Cyber Security Manager Manchester - 2-3 days per week in the office 70,000 - 75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (e.g. CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. 240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
31/03/2026
Full time
Cyber Security Manager Manchester - 2-3 days per week in the office 70,000 - 75,000 per annum Our client is seeking an experienced and forward thinking Cyber Security Manager to guide and strengthen their Cyber Security function. This position plays a key role in protecting their systems, data and customers, making sure the organisation stays ahead of new and evolving cyber threats. Sitting within the Governance, Risk, Compliance, Security and Internal IT division, you will take on a pivotal leadership role, driving the development and execution of their cyber security strategy. You will collaborate closely with Product, Engineering and Technology teams to ensure security is embedded throughout the organisation, while leading and nurturing a high performing security team. Key Responsibilities: Take ownership of shaping and delivering the organisation's overall cyber security strategy Monitor and manage cyber risks, emerging threats and potential vulnerabilities across the company Lead activities such as security testing, threat modelling and vulnerability reviews Build, maintain and regularly update incident response and disaster recovery plans Work closely with teams across the business to ensure security is built into products, projects and processes Promote a strong security culture by driving awareness initiatives and training programmes Provide leadership, guidance and development for the cyber security team Skills Knowledge & Expertise Proven leadership experience in cyber security within a regulated environment Experience working with Artificial Intelligence Strong technical knowledge of security tools (e.g. CrowdStrike, Sentinel, Purview, iBoss) Solid understanding of security frameworks (ISO 27001, PCI DSS, SOC 2) Experience in risk assessment, incident management and vulnerability testing Excellent communication skills across technical and non-technical audiences Strong analytical mindset with attention to detail Benefits: 25 days' holiday plus public holidays increasing with length of service. Birthday off work. 2 paid volunteer days a year Holiday Purchase scheme We operate a Salary Exchange pension scheme which you will be auto-enrolled into from day one of employment. 240 yearly Wellbeing Allowance Enhanced maternity, paternity, and adoption leave Cycle to work scheme Health cash plan Free breakfast & lunch when in the Manchester office Discounted Parking in Manchester Access to training - both internal and external Dog friendly office
Business Unit: COO, Technology Operations & Cyber Security Salary range: £40,800 - £51,000 per annum + Benefits Location: UK Remote Contract type : Permanent Our Team The Platform Engineering Team sits within Technology Operations & Cyber Security (TOCS) and is responsible for supporting, maintaining, and innovating the Bank's underpinning platforms and technologies. The core aspect of your role will be to support the management of the Operational Platform, with a focus on the Linux Server Estate. This will involve collaboration with internal customers, partners and external customers to deliver excellent service and ensure our systems are efficient, performant, resilient where emerging technology threats & risks are managed and change to our systems are managed effectively. What you'll be doing Innovate, build & maintain the Virgin Money Linux server estate for Operational Platform. Engineer, validate, implement and quality assure technical solutions. Lead on initiatives to improve Platform performance and stability. Support projects implementing new infrastructure into the datacentres. Support root cause analysis and remediation of complex technical issues. Work closely with others to estimate work, manage domain scope, risks and issues. Collaborate with internal and external parties to provide excellent customer service. Ensure that change within the environment is managed and controlled effectively. We need you to have Strong engineering experience with Red Hat Enterprise Linux (RHEL) Strong Redhat Satellite experience (install, Configure, manage) Strong experience of server implementation, upgrades, maintenance, monitoring and automation (Infrastructure as Code) with Ansible, AAP Strong experience of VMware (upgrade, manage) Solid understanding of Networking, security and system performance Strong problem-solving skills with the ability to own, diagnose and resolve platforms issues. Good understanding of cybersecurity principles & vulnerability management Python, Bash, API's and data structures in JSON/YAML or other Engineering mindset: able to challenge the status quo and automate manual processes to deliver additional value. Exceptional communication & teamwork skills Flexibility. The role may require occasional evening or weekend work It's a bonus if you have but not essential Experience of Arctera Infoscale, VCS Experience of Solaris Experience of Server Hardware Management and maintenance Experience of Containerisation, Red Hat OpenShift, ARO or AKS Experience of Continuous Integration and Continuous Delivery tooling Experience of working within an ITIL framework Working in Multi-disciplinary Agile teams Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more. Up to five extra paid well-being days per year . 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early. Please ensure to submit your applications as soon as possible. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team Please note: If we receive a high volume of eligible applications, we may need to prioritise candidates whose skills and experience most closely align with the role, while still ensuring fair and equitable consideration for all applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.
06/10/2025
Full time
Business Unit: COO, Technology Operations & Cyber Security Salary range: £40,800 - £51,000 per annum + Benefits Location: UK Remote Contract type : Permanent Our Team The Platform Engineering Team sits within Technology Operations & Cyber Security (TOCS) and is responsible for supporting, maintaining, and innovating the Bank's underpinning platforms and technologies. The core aspect of your role will be to support the management of the Operational Platform, with a focus on the Linux Server Estate. This will involve collaboration with internal customers, partners and external customers to deliver excellent service and ensure our systems are efficient, performant, resilient where emerging technology threats & risks are managed and change to our systems are managed effectively. What you'll be doing Innovate, build & maintain the Virgin Money Linux server estate for Operational Platform. Engineer, validate, implement and quality assure technical solutions. Lead on initiatives to improve Platform performance and stability. Support projects implementing new infrastructure into the datacentres. Support root cause analysis and remediation of complex technical issues. Work closely with others to estimate work, manage domain scope, risks and issues. Collaborate with internal and external parties to provide excellent customer service. Ensure that change within the environment is managed and controlled effectively. We need you to have Strong engineering experience with Red Hat Enterprise Linux (RHEL) Strong Redhat Satellite experience (install, Configure, manage) Strong experience of server implementation, upgrades, maintenance, monitoring and automation (Infrastructure as Code) with Ansible, AAP Strong experience of VMware (upgrade, manage) Solid understanding of Networking, security and system performance Strong problem-solving skills with the ability to own, diagnose and resolve platforms issues. Good understanding of cybersecurity principles & vulnerability management Python, Bash, API's and data structures in JSON/YAML or other Engineering mindset: able to challenge the status quo and automate manual processes to deliver additional value. Exceptional communication & teamwork skills Flexibility. The role may require occasional evening or weekend work It's a bonus if you have but not essential Experience of Arctera Infoscale, VCS Experience of Solaris Experience of Server Hardware Management and maintenance Experience of Containerisation, Red Hat OpenShift, ARO or AKS Experience of Continuous Integration and Continuous Delivery tooling Experience of working within an ITIL framework Working in Multi-disciplinary Agile teams Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more. Up to five extra paid well-being days per year . 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early. Please ensure to submit your applications as soon as possible. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team Please note: If we receive a high volume of eligible applications, we may need to prioritise candidates whose skills and experience most closely align with the role, while still ensuring fair and equitable consideration for all applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
06/10/2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
06/10/2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
03/10/2025
Full time
Cyber Security Analyst - Manchester - £50,000 The Company: Lorien are working in partnership with a leading name in Manchester. With a strong focus on protecting their digital estate, they're now looking to hire a Cyber Security Analyst to help strengthen their InfoSec capabilities and ensure resilience against cyber threats. The Role: This is a hands-on role focused on protecting the organisation's network and systems from cyber-attacks. You'll be responsible for managing and remediating security incidents, tuning SIEM alerts, supporting endpoint detection and response tooling, and contributing to post-incident investigations.You'll also play a key role in vulnerability management, security reporting, and supporting the deployment and maintenance of security tooling across the estate. Working closely with the IT Security & Compliance Manager, you'll help shape the business's cyber defence strategy and educate stakeholders on best practices. The Skill Requirements:Successful candidates will have a blend of the following: Experience in Infrastructure support or working within a SOC/Security team Strong understanding of Microsoft O365/Azure Security, endpoint and email security tooling Familiarity with SIEM tools and IT Service Management platforms Knowledge of current and emerging cyber threats and security technologies Experience with vulnerability identification and remediation The Benefits: Salary up to £50,000 + bonus Hybrid working model (2 days onsite in Manchester) 25 days annual leave plus bank holidays Flexible working hours Opportunity to work in a fast-paced, high-impact environment If this sounds like something you'd be interested in, submit your application to be considered. Interviews will be scheduled over the coming weeks. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.
Hays Specialist Recruitment Limited
West Drayton, Middlesex
Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through detailed code reviews and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams. Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices. Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns. Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery. Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches. Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security. Support the client's Cyber Change Team by assisting in change reviews. Required Skills & Experience: Proven experience in application security within a DevSecOps framework. Strong background in software engineering, with the ability to bridge development and security. Experience identifying security issues through code review. Recognised cybersecurity certifications or qualifications desirable. Deep technical expertise in security tools and methodologies, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modelling Demonstrated success in leading or advising teams on secure development practices. Senior-level experience with a solid understanding of cloud migration challenges and solutions. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
03/10/2025
Full time
Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through detailed code reviews and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams. Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices. Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns. Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery. Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches. Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security. Support the client's Cyber Change Team by assisting in change reviews. Required Skills & Experience: Proven experience in application security within a DevSecOps framework. Strong background in software engineering, with the ability to bridge development and security. Experience identifying security issues through code review. Recognised cybersecurity certifications or qualifications desirable. Deep technical expertise in security tools and methodologies, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modelling Demonstrated success in leading or advising teams on secure development practices. Senior-level experience with a solid understanding of cloud migration challenges and solutions. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Cyber Security Lead Oxfordshire - Hybrid - 2 days per week (Flexible) 50k - 60k plus Benefits Our Client are an award-winning leading IT company offering complete outsourced IT solutions to organisations across the UK and Europe. Based in Oxfordshire they provide a comprehensive range of support services, software and hardware solutions to major blue-chip clients and their technicians are highly skilled in planning, implementing and trouble shooting. They strive to become one of the top places to work in the UK - in fact, they believe that they already are! Most of the team have been here for years, have built a terrific career, and as corny as it may sound, they really do call themselves the Planet Family. They welcome new people to the team all the time, from all backgrounds and all levels of experience. They are able to attract talent to our business by investing in staff training and staff rewards, which has become a bedrock of our success. This initiative has resulted in staff becoming even better at what they do, great staff retention and greater company buy-in from the team. As part of this strategy, the more staff learn via official courses, the better the service and the more we reward them. Primary Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security Analysts and service teams, the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers and Strategic Partnership Managers in roadmap and IT strategy sessions. Act as the strategic security escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance with secure processes. Delegate operational tasks to Security Analysts while retaining accountability for end-to-end outcomes. Governance & Standards Maintain the client and internal risk registers. Define and evolve gold-standard security "whitepapers" for projects and BAU. Sign off security requirements for project scope/designs that impact compliance or frameworks. Collaborate with Service Delivery Manager and Project Delivery Manager to ensure security is embedded in BAU, change control, and project execution. Monitor and report on client posture metrics (e.g., Microsoft Secure Score, M365 compliance dashboards). Drive continuous posture improvement across client environments. Team Leadership & Growth Mentor and develop Security Analysts. Ensure team certifications remain up to date (minimum 2 per year per Analyst). Lead internal knowledge-sharing sessions to keep the team and wider MSP relevant against new threats and frameworks. Champion automation (RPA/AI) in evidence gathering, reporting, and triage. Identify scale points for growing the Security Practice (e.g., Security Architect, more Analysts). Behaviors Required Strategic Thinking - able to translate technical risks into business outcomes and align security initiatives with client goals and budgets. Strong Governance Mindset - experienced in managing frameworks (Cyber Essentials, ISO27001, NIST) and embedding them into MSP operations and client environments. Risk Communication - skilled at presenting complex security issues clearly to non-technical stakeholders, both internally and at client leadership level. Technical Depth - hands-on understanding of vulnerability management, patch governance, endpoint security (EDR/XDR), and cloud (M365/Azure security). Analytical Skills - capable of interpreting scan results, posture metrics (e.g., Microsoft Secure Score), and incident trends into actionable insights. Delegation & Leadership - experienced in mentoring Analysts and delegating effectively while retaining accountability for outcomes. Collaboration - able to work cross-functionally with Service Delivery, Projects, Account Managers, and vendors to embed security consistently. Continuous Learning - committed to staying current with evolving threats, frameworks, and technologies, and ensuring the team is trained and certified. Client-Facing Confidence - comfortable leading Quarterly Security Reviews (QSRs), participating in roadmap sessions, and engaging with C-level stakeholders. Change Agent - able to influence internal teams and clients to adopt best practice, even when it means shifting established ways of working. Person Specification: Minimum 5+ years in IT security or MSP environment. Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience with patch/vulnerability management governance. Ability to communicate technical risks in business language. Proven ability to run client-facing reviews or presentations. Desirable CISSP, CISM, or equivalent certifications. Experience delivering or auditing compliance frameworks. Familiarity with RMM/XDR/EDR, SIEM, and vulnerability scanning platforms. Experience leading small teams (mentoring, guiding). Exposure to incident response and tabletop exercises. What Success Looks Like: Success means the Security Lead is recognised by clients as a trusted advisor who simplifies security into business language. All client and internal risks are captured, visible, and acted upon with no blind spots. QSRs consistently deliver actionable improvements that feed into roadmaps and IT strategy, while client security posture measurably improves quarter-on-quarter (demonstrated in metrics such as Microsoft Secure Score, CE+ readiness, and vulnerability closure rates). Internally, the MSP leads by example: our own systems, tools, and processes are secure, audit-ready, and improving over time. The Security Lead ensures their team is certified, trained, and ahead of industry changes, delegating operational execution while embedding governance across service, INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
01/10/2025
Full time
Cyber Security Lead Oxfordshire - Hybrid - 2 days per week (Flexible) 50k - 60k plus Benefits Our Client are an award-winning leading IT company offering complete outsourced IT solutions to organisations across the UK and Europe. Based in Oxfordshire they provide a comprehensive range of support services, software and hardware solutions to major blue-chip clients and their technicians are highly skilled in planning, implementing and trouble shooting. They strive to become one of the top places to work in the UK - in fact, they believe that they already are! Most of the team have been here for years, have built a terrific career, and as corny as it may sound, they really do call themselves the Planet Family. They welcome new people to the team all the time, from all backgrounds and all levels of experience. They are able to attract talent to our business by investing in staff training and staff rewards, which has become a bedrock of our success. This initiative has resulted in staff becoming even better at what they do, great staff retention and greater company buy-in from the team. As part of this strategy, the more staff learn via official courses, the better the service and the more we reward them. Primary Purpose The Security Lead is both the client-facing strategist and the internal accountable owner of security within the MSP. They lead Quarterly Security Reviews (QSRs), own the client risk register and exception process, and ensure services are delivered in line with frameworks such as Cyber Essentials, ISO27001, and NIST. Internally, the Security Lead is accountable for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security Analysts and service teams, the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and signed off. Support Account Managers and Strategic Partnership Managers in roadmap and IT strategy sessions. Act as the strategic security escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training, and compliance with secure processes. Delegate operational tasks to Security Analysts while retaining accountability for end-to-end outcomes. Governance & Standards Maintain the client and internal risk registers. Define and evolve gold-standard security "whitepapers" for projects and BAU. Sign off security requirements for project scope/designs that impact compliance or frameworks. Collaborate with Service Delivery Manager and Project Delivery Manager to ensure security is embedded in BAU, change control, and project execution. Monitor and report on client posture metrics (e.g., Microsoft Secure Score, M365 compliance dashboards). Drive continuous posture improvement across client environments. Team Leadership & Growth Mentor and develop Security Analysts. Ensure team certifications remain up to date (minimum 2 per year per Analyst). Lead internal knowledge-sharing sessions to keep the team and wider MSP relevant against new threats and frameworks. Champion automation (RPA/AI) in evidence gathering, reporting, and triage. Identify scale points for growing the Security Practice (e.g., Security Architect, more Analysts). Behaviors Required Strategic Thinking - able to translate technical risks into business outcomes and align security initiatives with client goals and budgets. Strong Governance Mindset - experienced in managing frameworks (Cyber Essentials, ISO27001, NIST) and embedding them into MSP operations and client environments. Risk Communication - skilled at presenting complex security issues clearly to non-technical stakeholders, both internally and at client leadership level. Technical Depth - hands-on understanding of vulnerability management, patch governance, endpoint security (EDR/XDR), and cloud (M365/Azure security). Analytical Skills - capable of interpreting scan results, posture metrics (e.g., Microsoft Secure Score), and incident trends into actionable insights. Delegation & Leadership - experienced in mentoring Analysts and delegating effectively while retaining accountability for outcomes. Collaboration - able to work cross-functionally with Service Delivery, Projects, Account Managers, and vendors to embed security consistently. Continuous Learning - committed to staying current with evolving threats, frameworks, and technologies, and ensuring the team is trained and certified. Client-Facing Confidence - comfortable leading Quarterly Security Reviews (QSRs), participating in roadmap sessions, and engaging with C-level stakeholders. Change Agent - able to influence internal teams and clients to adopt best practice, even when it means shifting established ways of working. Person Specification: Minimum 5+ years in IT security or MSP environment. Strong knowledge of Cyber Essentials, ISO27001, or NIST frameworks. Experience with patch/vulnerability management governance. Ability to communicate technical risks in business language. Proven ability to run client-facing reviews or presentations. Desirable CISSP, CISM, or equivalent certifications. Experience delivering or auditing compliance frameworks. Familiarity with RMM/XDR/EDR, SIEM, and vulnerability scanning platforms. Experience leading small teams (mentoring, guiding). Exposure to incident response and tabletop exercises. What Success Looks Like: Success means the Security Lead is recognised by clients as a trusted advisor who simplifies security into business language. All client and internal risks are captured, visible, and acted upon with no blind spots. QSRs consistently deliver actionable improvements that feed into roadmaps and IT strategy, while client security posture measurably improves quarter-on-quarter (demonstrated in metrics such as Microsoft Secure Score, CE+ readiness, and vulnerability closure rates). Internally, the MSP leads by example: our own systems, tools, and processes are secure, audit-ready, and improving over time. The Security Lead ensures their team is certified, trained, and ahead of industry changes, delegating operational execution while embedding governance across service, INDIT Planet Recruitment acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. Planet Recruitment is an Equal Opportunities Employer. By applying for this role your details will be submitted to Planet Recruitment. Our Candidate Privacy Information Statement explains how we will use your information. Only candidates with the relevant skills and experience will be contacted after application, if you do not hear back from us within 7 days you have unfortunately been unsuccessful in your application. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the position.
Role overview
Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent
Nature and scope:
The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation.
The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual.
Accountabilities:
Analyse existing and proposed technical architectures for security risk
Advise on appropriate security controls to mitigate security architecture risks
Provide expert technical advice to support the design and development of secure architectures
Apply secure architecture principles and practices to assure technical architectures
Develop security architecture frameworks/processes at programme level
Develop audit and compliance processes to assure technical security controls
Advise on technical management of secure environments
Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans
Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture.
Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation
Candidate overview
The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role
Qualifications, skills & experience:
Strong and demonstrable knowledge of Cyber Security technologies
Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments
Understanding of key trends relating to securing SAAS applications
Experience or interested in gaining experience in Secure DevOps
Experience doing threat-modelling of complex systems
Experience creating technical documentation, product documentation, technology, software and systems architecture
Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics
Experience with open-source security technologies
Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control.
Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture
Relevant industry certification in the security domain
Comprehensive understanding of GDPR, specifically UK GDPR
Committed to actively contributing and building an inclusive BACK culture in your role
Additional Information:
All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence
The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate
If you are a trans candidate applying for a job that requires a DBS check, please reach out to recruitment@rfu.com or directly to our safeguarding team ( safeguarding@rfu.com ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate.
During your application, we will ask questions about your identity. This information is considered highly confidential and will not be seen by hiring managers. You can find out more about why we ask these questions here .
Please submit an anonymised CV with your application for this role.
About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are:
Rugby – supporting rugby from grassroots to performance level
Commercial – building partnerships and hosting matches and events
Running the business - ensuring our organization and people can thrive
Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it’s about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to recruitment@rfu.com . What we can offer you We are proud of the range of benefits we can provide:
Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more
Priority access to purchase match tickets
25% discount in Rugby Store and EnglandRugby.com
25 days of annual leave and your birthday day off
Free dental care and free access to the stadium gym
Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7
After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10%
Ride-to-work scheme, eyecare vouchers and season ticket loans
About Our Team At England Rugby, we want to hear our employees’ thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That’s why we have quarterly meetings called ‘the Voice’ where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022:
85% feel motivated to perform their role to the best of their ability
83% feel supported by their Manager
90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home
83% feel informed and connected with the organisation
If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: https://www.englandrugby.com/about-rfu/rfu-policies/diversity-and-inclusion/our-approach
30/11/2022
Full time
Role overview
Job Title : Security and Compliance Architect Department : Technology Reports to : Head of Architecture and Planning Job Level : Guide Location : Twickenham / Hybrid Duration : Permanent
Nature and scope:
The RFU is at the start of a strategic programme of work to transform the digital experience of volunteers, players, fans and attendees. A major part of the programme is to identify and deliver the appropriate technology platforms required to deliver the transformation.
The Security and Compliance Architect will support the design, development, procurement, and assurance of the Digital and Data solutions created by the RFU. The role will provide expertise and be the subject matter expert on the required security and controls and processes required both through project lifecycles, and in Business as Usual.
Accountabilities:
Analyse existing and proposed technical architectures for security risk
Advise on appropriate security controls to mitigate security architecture risks
Provide expert technical advice to support the design and development of secure architectures
Apply secure architecture principles and practices to assure technical architectures
Develop security architecture frameworks/processes at programme level
Develop audit and compliance processes to assure technical security controls
Advise on technical management of secure environments
Actively collaborate with colleagues to contribute to the development and delivery of the current strategic, business, and operational plans
Act as an ambassador for, and promote the best interests of the RFU, including the promotion of the RFU core values and BACK culture.
Undertake such other duties as may be required from time to time as are consistent with the responsibilities of the post and the needs of the organisation
Candidate overview
The skills and attributes outlined in this description are not exhaustive and we welcome candidates who can bring different relevant experiences to the role
Qualifications, skills & experience:
Strong and demonstrable knowledge of Cyber Security technologies
Some experience and knowledge in designing or deploying Cyber Security solutions across either private, hybrid, or public cloud environments
Understanding of key trends relating to securing SAAS applications
Experience or interested in gaining experience in Secure DevOps
Experience doing threat-modelling of complex systems
Experience creating technical documentation, product documentation, technology, software and systems architecture
Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (e.g. Agile), API Gateways, Data Analytics
Experience with open-source security technologies
Solid understanding of and ability to speak to security principles in areas such as application security, virtualization, cloud technologies, access control.
Knowledge of SIEM solutions as well as Vulnerability Management and the role they play in security architecture
Relevant industry certification in the security domain
Comprehensive understanding of GDPR, specifically UK GDPR
Committed to actively contributing and building an inclusive BACK culture in your role
Additional Information:
All role holders must maintain an appropriate standard of confidentiality. Any disclosures of confidential information (including personal information kept on computer or other media) made unlawfully outside the proper course of duty will be treated as a serious disciplinary offence
The role description, person specification, job level and job title may be subject to change at the discretion of the RFU and under business developments. Any changes will be communicated to the role holder as appropriate
If you are a trans candidate applying for a job that requires a DBS check, please reach out to recruitment@rfu.com or directly to our safeguarding team ( safeguarding@rfu.com ) to use the confidential sensitive application route. This will provide applicants with the choice not to have any gender or name information disclosed on their DBS certificate.
During your application, we will ask questions about your identity. This information is considered highly confidential and will not be seen by hiring managers. You can find out more about why we ask these questions here .
Please submit an anonymised CV with your application for this role.
About England Rugby England Rugby or Rugby Football Union (RFU) is the national governing body for rugby in England. We deliver three core activities, and our purpose is to enrich lives, introduce more people to rugby union and develop the sport for future generations. Our core activities are:
Rugby – supporting rugby from grassroots to performance level
Commercial – building partnerships and hosting matches and events
Running the business - ensuring our organization and people can thrive
Our Culture At England Rugby, one of our core objectives is to drive rugby union to better reflect the diversity of society. We are aware that rugby, and sports in general, has not always been as welcoming an environment for everyone as we would like, and we are working hard to make rugby a more inclusive space for all identities. We believe hiring people from underrepresented groups into positions at all levels is vital to creating spaces and initiatives that better support those identities. We would love to see applications from disabled people, LGBTQ+ people, people from ethnically diverse communities, people of faith, people from lower socio-economic backgrounds, and women and non-binary people. We know that representation is more than just getting people through the door, it’s about keeping people by responding to structural barriers relating to identities and valuing the insights that different lived experiences bring. We have network groups that provide peer-to-peer support and drive forward change internally. We support colleagues to develop, and each colleague has access to a personal coaching platform that can provide same-day one-to-one coaching. We are pushing ourselves to create a more inclusive culture every day through role modelling our BACK behaviours which stand for Brave, Accountable, Collaborative and Keep improving. We know that flexible working is important to our colleagues, so our guiding principles are designed to support everyone to work in the way that suits them, their teams, and the organization in the best way. We want you to have every opportunity to demonstrate your skills, ability and potential. If there is anything we could do to support you through your application or to provide the best environment for your interviews, including assistance or adjustment, please reach out to recruitment@rfu.com . What we can offer you We are proud of the range of benefits we can provide:
Retail discounts include 30% off Adidas, 20% off Optimum Nutrition, 25% off 02 and many more
Priority access to purchase match tickets
25% discount in Rugby Store and EnglandRugby.com
25 days of annual leave and your birthday day off
Free dental care and free access to the stadium gym
Life assurance of 4x your basic salary, income protection scheme and Employee Assistance Programme that offers anonymous and confidential, emotional and practical support 24/7
After 3 months, you will be enrolled in our Aviva pension scheme and we will match and double your contribution up to 10%
Ride-to-work scheme, eyecare vouchers and season ticket loans
About Our Team At England Rugby, we want to hear our employees’ thoughts, ideas and feedback on our strategies, new initiatives and our work environment. That’s why we have quarterly meetings called ‘the Voice’ where various topics are discussed, in addition to regular surveys, including our annual D&I survey. We are always striving to create the best environment for our colleagues, and we are proud to present some of our most recent feedback from Feb 2022:
85% feel motivated to perform their role to the best of their ability
83% feel supported by their Manager
90% agree or strongly agree that their Manager empowers and trusts them to deliver while working from home
83% feel informed and connected with the organisation
If you would like to find out more about our diversity and inclusion work or the culture at England Rugby, please visit our website here: https://www.englandrugby.com/about-rfu/rfu-policies/diversity-and-inclusion/our-approach
Role: Security Architect (Communications, Media & Technology) Location: Edinburgh Salary: Competitive Salary and Benefits Career Level: Consultant or Manager Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognized worldwide not just for business performance but for inclusion and diversity too. "Across the globe, one thing is universally true of the people of Accenture: We care deeply about what we do and the impact we have with our clients and with the communities in which we work and live. It is personal to all of us." - Julie Sweet, Accenture CEO. As a team: We are one of the world's leading providers of cybersecurity solutions. You'll work on innovative projects with colleagues to drive collaboration from strategy through to implementation. You will be using the newest technologies with clients to help them get to the next level. Do you want to work in an environment where you'll learn, grow and advance in an innovative culture that thrives on shared success, innovative ways of thinking and enables boundaryless opportunities that will set you up for success, enable you to develop to your full potential, and drive your career in new and exciting ways. If you're looking for an ambitious career, working in a vibrant environment with access to training and a global network of experts, this could be the role for you. As part of our global team, you'll be working with innovative technologies and will have the opportunity to develop a wide range of new skills on the job. In our team you will learn: How to help our Communications, Media and Technology (CMT) clients secure their most critical assets, often as part of major technical transformation How clients can benefit from new technologies and new business models, while reducing risk to an acceptable level and handling it appropriately. Security innovation and exciting growth areas As a Security Architect, you will: Responsible for designing, and overseeing the building, testing and implementation of security systems within an organisation Have a thorough understanding of sophisticated IT systems Stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products Maintain senior client relationships and able to articulate key security concepts to less technical stakeholders Provide thought leadership on market and industry trends Help advise our clients on how to improve their security posture Lead and deliver technical projects for our clients We are looking for experience in the following skills: Applied Enterprise Architecture knowledge Proven development of secure architectures for enterprises, applications and infrastructure Ability to interpret relevance of security controls to compliance with legal, best-practice, and regulatory requirements for client environments Engage with Senior account team members to identify requirements, drivers and context, to derive a gap and maturity assessment Ability to translate business requirements into technical solutions Conduct security strategy, readiness and discovery assessments; be Familiar with security and architectural frameworks, compliance requirements and security operations Design and develop security architectures for cloud and multi-cloud/hybrid based systems. Possess a firm understanding of the native offerings within Microsoft Azure, Amazon Web Services (AWS) and Google Cloud platforms. Develop and deliver an end-to-end Security architecture that serves functional and non-functional requirements. Integration with delivery teams to ensure security best practices and regulatory considerations are deployed in all solution scenarios. Works with Engineering, Infrastructure Services, and Application Development organisations to choose appropriate technology solutions and facilitates complete integration into the client environments. Leads initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and implements strategies to increase Security knowledge throughout the enterprise. Industry knowledge relating to the communications, media and technology industry Set yourself apart: Validated design and/or delivery experience of technical security project workIndustry recognised certification in security (e.g. TOGAF, SABSA, CISSP, CCSK,CISA, CISM, CEH, etc.) Experience in Enterprise Security Architecture (e.g. Maturity Assessments, Technical, Governance and Process architecture blueprint creation and technical security assessments) Experience with enterprise applications (architecture, development, support, and troubleshooting) Experience in design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience in Identity and Access Management Experience in Infrastructure Security (virtualised environments a plus) Experience in Governance, Risk and Compliance Experience in business and process architectures Experience in Cyber Security technologies (i.e. Threat and Vulnerability Management) Experience in Cloud Access Security Broker (CASB) Experience in Security Operations (i.e. SIEM and SOC) Experience with EndPoint Security Experience with application and data protection and privacy Basic Qualifications Minimum 5 years experience working in Security Assessments within on-prem, hybrid and cloud environments (e.g., design, recommend and implement security hardening technical controls) Minimum of 3 years leading projects using a standardised set of project management principles Minimum of 5 years of technical writing Minimum of 3 years of developing teams of 3 or more resources Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, etc.) Minimum 5 Years Conceptual knowledge application of regulatory and legal compliance Professional Skill Requirements Validated ability to build, lead and champion a team-oriented environment Validated ability to work creatively and analytically in a problem-solving environment Desire to work in an information systems environment Superb communication (written and oral) and interpersonal skills Excellent leadership and management skills Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 30 days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there will be requirements to spend time onsite with our clients and partners to enable delivery of the first-class services we are known for. About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found. SRG100 RROOTS Locations Edinburgh,London
24/09/2022
Full time
Role: Security Architect (Communications, Media & Technology) Location: Edinburgh Salary: Competitive Salary and Benefits Career Level: Consultant or Manager Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognized worldwide not just for business performance but for inclusion and diversity too. "Across the globe, one thing is universally true of the people of Accenture: We care deeply about what we do and the impact we have with our clients and with the communities in which we work and live. It is personal to all of us." - Julie Sweet, Accenture CEO. As a team: We are one of the world's leading providers of cybersecurity solutions. You'll work on innovative projects with colleagues to drive collaboration from strategy through to implementation. You will be using the newest technologies with clients to help them get to the next level. Do you want to work in an environment where you'll learn, grow and advance in an innovative culture that thrives on shared success, innovative ways of thinking and enables boundaryless opportunities that will set you up for success, enable you to develop to your full potential, and drive your career in new and exciting ways. If you're looking for an ambitious career, working in a vibrant environment with access to training and a global network of experts, this could be the role for you. As part of our global team, you'll be working with innovative technologies and will have the opportunity to develop a wide range of new skills on the job. In our team you will learn: How to help our Communications, Media and Technology (CMT) clients secure their most critical assets, often as part of major technical transformation How clients can benefit from new technologies and new business models, while reducing risk to an acceptable level and handling it appropriately. Security innovation and exciting growth areas As a Security Architect, you will: Responsible for designing, and overseeing the building, testing and implementation of security systems within an organisation Have a thorough understanding of sophisticated IT systems Stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products Maintain senior client relationships and able to articulate key security concepts to less technical stakeholders Provide thought leadership on market and industry trends Help advise our clients on how to improve their security posture Lead and deliver technical projects for our clients We are looking for experience in the following skills: Applied Enterprise Architecture knowledge Proven development of secure architectures for enterprises, applications and infrastructure Ability to interpret relevance of security controls to compliance with legal, best-practice, and regulatory requirements for client environments Engage with Senior account team members to identify requirements, drivers and context, to derive a gap and maturity assessment Ability to translate business requirements into technical solutions Conduct security strategy, readiness and discovery assessments; be Familiar with security and architectural frameworks, compliance requirements and security operations Design and develop security architectures for cloud and multi-cloud/hybrid based systems. Possess a firm understanding of the native offerings within Microsoft Azure, Amazon Web Services (AWS) and Google Cloud platforms. Develop and deliver an end-to-end Security architecture that serves functional and non-functional requirements. Integration with delivery teams to ensure security best practices and regulatory considerations are deployed in all solution scenarios. Works with Engineering, Infrastructure Services, and Application Development organisations to choose appropriate technology solutions and facilitates complete integration into the client environments. Leads initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and implements strategies to increase Security knowledge throughout the enterprise. Industry knowledge relating to the communications, media and technology industry Set yourself apart: Validated design and/or delivery experience of technical security project workIndustry recognised certification in security (e.g. TOGAF, SABSA, CISSP, CCSK,CISA, CISM, CEH, etc.) Experience in Enterprise Security Architecture (e.g. Maturity Assessments, Technical, Governance and Process architecture blueprint creation and technical security assessments) Experience with enterprise applications (architecture, development, support, and troubleshooting) Experience in design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience in Identity and Access Management Experience in Infrastructure Security (virtualised environments a plus) Experience in Governance, Risk and Compliance Experience in business and process architectures Experience in Cyber Security technologies (i.e. Threat and Vulnerability Management) Experience in Cloud Access Security Broker (CASB) Experience in Security Operations (i.e. SIEM and SOC) Experience with EndPoint Security Experience with application and data protection and privacy Basic Qualifications Minimum 5 years experience working in Security Assessments within on-prem, hybrid and cloud environments (e.g., design, recommend and implement security hardening technical controls) Minimum of 3 years leading projects using a standardised set of project management principles Minimum of 5 years of technical writing Minimum of 3 years of developing teams of 3 or more resources Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, etc.) Minimum 5 Years Conceptual knowledge application of regulatory and legal compliance Professional Skill Requirements Validated ability to build, lead and champion a team-oriented environment Validated ability to work creatively and analytically in a problem-solving environment Desire to work in an information systems environment Superb communication (written and oral) and interpersonal skills Excellent leadership and management skills Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 30 days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there will be requirements to spend time onsite with our clients and partners to enable delivery of the first-class services we are known for. About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found. SRG100 RROOTS Locations Edinburgh,London
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
24/09/2022
Full time
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Role: Security Architect (Communications, Media & Technology) Location: Newcastle Salary: Competitive Salary and Benefits Career Level: Consultant or Manager Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognized worldwide not just for business performance but for inclusion and diversity too. "Across the globe, one thing is universally true of the people of Accenture: We care deeply about what we do and the impact we have with our clients and with the communities in which we work and live. It is personal to all of us." - Julie Sweet, Accenture CEO. As a team: We are one of the world's leading providers of cybersecurity solutions. You'll work on innovative projects with colleagues to drive collaboration from strategy through to implementation. You will be using the newest technologies with clients to help them get to the next level. Do you want to work in an environment where you'll learn, grow and advance in an innovative culture that thrives on shared success, innovative ways of thinking and enables boundaryless opportunities that will set you up for success, enable you to develop to your full potential, and drive your career in new and exciting ways. If you're looking for an ambitious career, working in a vibrant environment with access to training and a global network of experts, this could be the role for you. As part of our global team, you'll be working with innovative technologies and will have the opportunity to develop a wide range of new skills on the job. In our team you will learn: How to help our Communications, Media and Technology (CMT) clients secure their most critical assets, often as part of major technical transformation How clients can benefit from new technologies and new business models, while reducing risk to an acceptable level and handling it appropriately. Security innovation and exciting growth areas As a Security Architect, you will: Responsible for designing, and overseeing the building, testing and implementation of security systems within an organisation Have a thorough understanding of sophisticated IT systems Stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products Maintain senior client relationships and able to articulate key security concepts to less technical stakeholders Provide thought leadership on market and industry trends Help advise our clients on how to improve their security posture Lead and deliver technical projects for our clients We are looking for experience in the following skills: Applied Enterprise Architecture knowledge Proven development of secure architectures for enterprises, applications and infrastructure Ability to interpret relevance of security controls to compliance with legal, best-practice, and regulatory requirements for client environments Engage with Senior account team members to identify requirements, drivers and context, to derive a gap and maturity assessment Ability to translate business requirements into technical solutions Conduct security strategy, readiness and discovery assessments; be Familiar with security and architectural frameworks, compliance requirements and security operations Design and develop security architectures for cloud and multi-cloud/hybrid based systems. Possess a firm understanding of the native offerings within Microsoft Azure, Amazon Web Services (AWS) and Google Cloud platforms. Develop and deliver an end-to-end Security architecture that serves functional and non-functional requirements. Integration with delivery teams to ensure security best practices and regulatory considerations are deployed in all solution scenarios. Works with Engineering, Infrastructure Services, and Application Development organisations to choose appropriate technology solutions and facilitates complete integration into the client environments. Leads initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and implements strategies to increase Security knowledge throughout the enterprise. Industry knowledge relating to the communications, media and technology industry Set yourself apart: Validated design and/or delivery experience of technical security project workIndustry recognised certification in security (e.g. TOGAF, SABSA, CISSP, CCSK,CISA, CISM, CEH, etc.) Experience in Enterprise Security Architecture (e.g. Maturity Assessments, Technical, Governance and Process architecture blueprint creation and technical security assessments) Experience with enterprise applications (architecture, development, support, and troubleshooting) Experience in design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience in Identity and Access Management Experience in Infrastructure Security (virtualised environments a plus) Experience in Governance, Risk and Compliance Experience in business and process architectures Experience in Cyber Security technologies (i.e. Threat and Vulnerability Management) Experience in Cloud Access Security Broker (CASB) Experience in Security Operations (i.e. SIEM and SOC) Experience with EndPoint Security Experience with application and data protection and privacy Basic Qualifications Minimum 5 years experience working in Security Assessments within on-prem, hybrid and cloud environments (e.g., design, recommend and implement security hardening technical controls) Minimum of 3 years leading projects using a standardised set of project management principles Minimum of 5 years of technical writing Minimum of 3 years of developing teams of 3 or more resources Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, etc.) Minimum 5 Years Conceptual knowledge application of regulatory and legal compliance Professional Skill Requirements Validated ability to build, lead and champion a team-oriented environment Validated ability to work creatively and analytically in a problem-solving environment Desire to work in an information systems environment Superb communication (written and oral) and interpersonal skills Excellent leadership and management skills Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 30 days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there will be requirements to spend time onsite with our clients and partners to enable delivery of the first-class services we are known for. About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found. RROOTS
24/09/2022
Full time
Role: Security Architect (Communications, Media & Technology) Location: Newcastle Salary: Competitive Salary and Benefits Career Level: Consultant or Manager Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognized worldwide not just for business performance but for inclusion and diversity too. "Across the globe, one thing is universally true of the people of Accenture: We care deeply about what we do and the impact we have with our clients and with the communities in which we work and live. It is personal to all of us." - Julie Sweet, Accenture CEO. As a team: We are one of the world's leading providers of cybersecurity solutions. You'll work on innovative projects with colleagues to drive collaboration from strategy through to implementation. You will be using the newest technologies with clients to help them get to the next level. Do you want to work in an environment where you'll learn, grow and advance in an innovative culture that thrives on shared success, innovative ways of thinking and enables boundaryless opportunities that will set you up for success, enable you to develop to your full potential, and drive your career in new and exciting ways. If you're looking for an ambitious career, working in a vibrant environment with access to training and a global network of experts, this could be the role for you. As part of our global team, you'll be working with innovative technologies and will have the opportunity to develop a wide range of new skills on the job. In our team you will learn: How to help our Communications, Media and Technology (CMT) clients secure their most critical assets, often as part of major technical transformation How clients can benefit from new technologies and new business models, while reducing risk to an acceptable level and handling it appropriately. Security innovation and exciting growth areas As a Security Architect, you will: Responsible for designing, and overseeing the building, testing and implementation of security systems within an organisation Have a thorough understanding of sophisticated IT systems Stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products Maintain senior client relationships and able to articulate key security concepts to less technical stakeholders Provide thought leadership on market and industry trends Help advise our clients on how to improve their security posture Lead and deliver technical projects for our clients We are looking for experience in the following skills: Applied Enterprise Architecture knowledge Proven development of secure architectures for enterprises, applications and infrastructure Ability to interpret relevance of security controls to compliance with legal, best-practice, and regulatory requirements for client environments Engage with Senior account team members to identify requirements, drivers and context, to derive a gap and maturity assessment Ability to translate business requirements into technical solutions Conduct security strategy, readiness and discovery assessments; be Familiar with security and architectural frameworks, compliance requirements and security operations Design and develop security architectures for cloud and multi-cloud/hybrid based systems. Possess a firm understanding of the native offerings within Microsoft Azure, Amazon Web Services (AWS) and Google Cloud platforms. Develop and deliver an end-to-end Security architecture that serves functional and non-functional requirements. Integration with delivery teams to ensure security best practices and regulatory considerations are deployed in all solution scenarios. Works with Engineering, Infrastructure Services, and Application Development organisations to choose appropriate technology solutions and facilitates complete integration into the client environments. Leads initiatives designed to share knowledge across Security Platforms and/or Technology teams. Identifies, recommends, coordinates, deliver timely knowledge to support teams regarding technologies, processes or tools. Develops and implements strategies to increase Security knowledge throughout the enterprise. Industry knowledge relating to the communications, media and technology industry Set yourself apart: Validated design and/or delivery experience of technical security project workIndustry recognised certification in security (e.g. TOGAF, SABSA, CISSP, CCSK,CISA, CISM, CEH, etc.) Experience in Enterprise Security Architecture (e.g. Maturity Assessments, Technical, Governance and Process architecture blueprint creation and technical security assessments) Experience with enterprise applications (architecture, development, support, and troubleshooting) Experience in design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience in Identity and Access Management Experience in Infrastructure Security (virtualised environments a plus) Experience in Governance, Risk and Compliance Experience in business and process architectures Experience in Cyber Security technologies (i.e. Threat and Vulnerability Management) Experience in Cloud Access Security Broker (CASB) Experience in Security Operations (i.e. SIEM and SOC) Experience with EndPoint Security Experience with application and data protection and privacy Basic Qualifications Minimum 5 years experience working in Security Assessments within on-prem, hybrid and cloud environments (e.g., design, recommend and implement security hardening technical controls) Minimum of 3 years leading projects using a standardised set of project management principles Minimum of 5 years of technical writing Minimum of 3 years of developing teams of 3 or more resources Minimum 7 Years Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, etc.) Minimum 5 Years Conceptual knowledge application of regulatory and legal compliance Professional Skill Requirements Validated ability to build, lead and champion a team-oriented environment Validated ability to work creatively and analytically in a problem-solving environment Desire to work in an information systems environment Superb communication (written and oral) and interpersonal skills Excellent leadership and management skills Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 30 days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there will be requirements to spend time onsite with our clients and partners to enable delivery of the first-class services we are known for. About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and welcomes applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found. RROOTS
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
24/09/2022
Full time
MBDA Missile Systems - Together. For the future of defence. Salary: Up to £62,000 dependent on experience + bonus + benefits Hybrid working pattern: Where possible, we will seek to accommodate a blended approach to on-site and remote working. The opportunity: An opportunity has arisen for a role in the MBDA Security Operations and CERT. Reporting to the UK SOC manager, you will support the Cyber Security Operations team to defend against cyber threats and vulnerabilities by ensuring the Information Management (IM) environment is following the correct processes and remains compliant by proactively managing identified vulnerabilities that could be exploited. You will provide remediation action through compliance to relevant security standards and confirm that remediation is completed in accordance with the identified risk categorisation. You will be joining a diverse and hard-working team of cyber security specialists responsible for the protection, security and safety of MBDA UK networks and IM/IS environments. This is a traversal function that covers all areas of IM and will require Group collaboration. The team are working towards growing our current capabilities and supporting the business as it securely evolves to a "new way of working" in response to the pandemic and establishing international CERTs. The Role Report and track remediation activities affecting all Infrastructure and applications within the IM estate. First line management of vulnerability analysts. Support compliance and due diligence led activities and audits, including regulatory updates. Collaborate with teams and business partners to create both tactical and strategic plans as it relates to vulnerability management. Also providing security advice at a technical level. Champion security best practice within technology and be regarded as the 'go-to' individual for security vulnerability management. Advise technical and non-technical audiences on appropriate prioritisation of patch deployment. Manage vulnerability remediation by suppliers and teams through re-test & closure. Help drive security maturity in vulnerability management and security in general across the business, through positive engagement and teaching. Maintain and further improve the scanning scope and capability of the vulnerability scanning service, through automation and tooling. Manage the remediation plan of vulnerabilities discovered during penetration tests and health checks. Provide vulnerability assessment scan guidance and process oversight. What we're looking for from you: Familiarity with Infrastructure and web application scanning tools (e.g. Qualys, Nessus) and relevant remediation management/risk tools supported in the Security Operations Centre (SOC) Managing vulnerabilities 2+ years (planning and remediation) 2+ years of first line management A demonstrable knowledge of Vulnerability lifecycle management (MITRE) and IT/ OT/ IoT vulnerability remediation plans Experience or knowledge of risk management frameworks (e.g CIS, NIST) Sound understanding of network/infrastructure and web/mobile application weakness and anti-patterns (CWE, OWASP). An in depth understanding of cyber security technologies and applicable security controls A good understanding of information security principles and best-practices Ability to carry out risk assessments Supplier engagement and collaboration What to expect: We offer opportunities for career progression, paid overtime (subject to level), bonus scheme, comprehensive pension package, annual salary review, collaborative working environment and excellent on-site facilities. We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. We also welcome applicants who are looking for flexible working arrangements. Follow us on LinkedIn (MBDA), Twitter Instagram (lifeatMBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. Please Note: MBDA UK requires all employees to achieve appropriate clearances.
