Acorn Insurance and Financial Services Limited
Liverpool
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
25/04/2025
Full time
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3 6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end-to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Managerwith a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives, helping them meet regulatory and industry security standards. Cyber Security & Centralised Services Manager Key Skills & Experience: Proven experience in a 3rd Line / Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud security architectures. Hands-on experience with endpoint protection, EDR/MDR/XDR platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Strong communication skills with the ability to present technical and security findings to non-technical stakeholders and clients. Proactive mindset in threat hunting, risk assessments and continuous improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part of a technically strong, supportive and collaborative security-conscious team in central London. Play a key role in strategic security projects, incident response and continuous improvement initiatives. Access ongoing training, certifications and professional development in cybersecurity. Join a company that holds the core values of Honesty, Accountability, Commitment, Innovation, Expertise and Collaboration
09/12/2025
Full time
Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3 6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end-to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Managerwith a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives, helping them meet regulatory and industry security standards. Cyber Security & Centralised Services Manager Key Skills & Experience: Proven experience in a 3rd Line / Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud security architectures. Hands-on experience with endpoint protection, EDR/MDR/XDR platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Strong communication skills with the ability to present technical and security findings to non-technical stakeholders and clients. Proactive mindset in threat hunting, risk assessments and continuous improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part of a technically strong, supportive and collaborative security-conscious team in central London. Play a key role in strategic security projects, incident response and continuous improvement initiatives. Access ongoing training, certifications and professional development in cybersecurity. Join a company that holds the core values of Honesty, Accountability, Commitment, Innovation, Expertise and Collaboration
The Job: Were delighted to be assisting our client with their need for a Senior IT Systems Engineer. This role is to support their clients managed IT Support client base and develop and drive forward new requirements. Its important to note that this isnt a project engineer role but to support their clients on their service desk as a Senior Engineer. You will be reporting into the Service Desk Engineer. Responsibilities will include: Acting as a technical escalation point to the IT service desk Assist with pre-sales technical support Providing technical support by way of support tickets and emails Answering the phone when needed Completing business as usual activities such as vulnerability management, patching, backend systems troubleshooting Acting as primary technical lead Training other members of the desk, or assisting non technical staff with support issues Answering to the service desk manager A broad skill set is required for this role as you are the escalation point for the service desk. It is a pre-requisite that you have Azure platform & cloud-based skill set, with a comprehensive knowledge of traditional systems, server operating systems. The Person: For this role, our client is seeking someone with the following skills and experience. Previous experience held in an MSP environment is ideal but essential Experience in Azure and Microsoft 365 Strong technical experience of Microsoft Server operating systems, Microsoft core applications, such as Exchange, Domain Services Strong skills supporting Microsoft AD, DNS and Remote Desktop Services Experience supporting network related technologies and equipment Strong skills diagnosing & resolving client application, connectivity, and hardware-based incidents Understanding of virtualisation technologies and concepts Understanding of backup and DR technologies Excellent people skills Have own transport and driving license (though role is predominantly office based) Will be expected to complete Microsoft training, most likely one or all of the following: AZ-104 AZ-304 AZ-700 AZ800 & 801 The Salary: £31-37,000 depending on experience The Hours: Monday Friday 9am 5.30pm The Location: Bristol Hybrid working (3 days in the office) The Benefits: Free Microsoft training and certifications with ongoing professional development, 24 days holiday + Bank Holidays which increase with experience, Car Parking, Pension JBRP1_UKTJ
09/12/2025
Full time
The Job: Were delighted to be assisting our client with their need for a Senior IT Systems Engineer. This role is to support their clients managed IT Support client base and develop and drive forward new requirements. Its important to note that this isnt a project engineer role but to support their clients on their service desk as a Senior Engineer. You will be reporting into the Service Desk Engineer. Responsibilities will include: Acting as a technical escalation point to the IT service desk Assist with pre-sales technical support Providing technical support by way of support tickets and emails Answering the phone when needed Completing business as usual activities such as vulnerability management, patching, backend systems troubleshooting Acting as primary technical lead Training other members of the desk, or assisting non technical staff with support issues Answering to the service desk manager A broad skill set is required for this role as you are the escalation point for the service desk. It is a pre-requisite that you have Azure platform & cloud-based skill set, with a comprehensive knowledge of traditional systems, server operating systems. The Person: For this role, our client is seeking someone with the following skills and experience. Previous experience held in an MSP environment is ideal but essential Experience in Azure and Microsoft 365 Strong technical experience of Microsoft Server operating systems, Microsoft core applications, such as Exchange, Domain Services Strong skills supporting Microsoft AD, DNS and Remote Desktop Services Experience supporting network related technologies and equipment Strong skills diagnosing & resolving client application, connectivity, and hardware-based incidents Understanding of virtualisation technologies and concepts Understanding of backup and DR technologies Excellent people skills Have own transport and driving license (though role is predominantly office based) Will be expected to complete Microsoft training, most likely one or all of the following: AZ-104 AZ-304 AZ-700 AZ800 & 801 The Salary: £31-37,000 depending on experience The Hours: Monday Friday 9am 5.30pm The Location: Bristol Hybrid working (3 days in the office) The Benefits: Free Microsoft training and certifications with ongoing professional development, 24 days holiday + Bank Holidays which increase with experience, Car Parking, Pension JBRP1_UKTJ
Senior Golang Developer - Web/Vulnerability Scraping 3-Month Rolling Contract (up to 2 years) 600- 650 per day - Inside IR35 Hybrid - London 3 days per week & 2 days working from home Our global media and consumer technology client is seeking a Senior Back End Engineer to join their Information Security team for an initial 3-month contract. This role focuses on building and maintaining internal tools used for large-scale web application testing , automation , and scraping , helping to improve the security and resilience of digital platforms used worldwide. This is a fast-paced, high-impact role suited to experienced engineers who are confident working autonomously and contributing to complex systems with minimal onboarding. The ideal candidate will be available immediately or at short notice, and willing to work flexibly as needed to help clear a growing backlog of work. Key Responsibilities Creating tools that emulate malicious activity in order to detect and fix weaknesses in web platforms. Build and enhance microservice-based automation pipelines that test and strengthen web apps. Design, develop, and maintain scalable back end systems for internal web crawling and scraping tools. Collaborate with engineering and security stakeholders across global teams. Deliver high-quality, efficient code in an agile environment with minimal supervision. Requirements Extensive commercial experience with Golang in back end development. Familiarity with Python is advantageous but not essential. Proven ability to build and support applications at scale , ideally in microservices environments. Strong understanding of web technologies and experience with web scraping or automation. Deep understanding of HTTP/HTTPS protocols, including request/response flows, headers, cookies, session management, and handling protocol-level behaviours commonly encountered in large-scale scraping. Knowledge of information security principles and secure coding practices. Excellent communication and documentation skills. Comfortable working independently and able to hit the ground running. Experience working in global, distributed teams.
08/12/2025
Contractor
Senior Golang Developer - Web/Vulnerability Scraping 3-Month Rolling Contract (up to 2 years) 600- 650 per day - Inside IR35 Hybrid - London 3 days per week & 2 days working from home Our global media and consumer technology client is seeking a Senior Back End Engineer to join their Information Security team for an initial 3-month contract. This role focuses on building and maintaining internal tools used for large-scale web application testing , automation , and scraping , helping to improve the security and resilience of digital platforms used worldwide. This is a fast-paced, high-impact role suited to experienced engineers who are confident working autonomously and contributing to complex systems with minimal onboarding. The ideal candidate will be available immediately or at short notice, and willing to work flexibly as needed to help clear a growing backlog of work. Key Responsibilities Creating tools that emulate malicious activity in order to detect and fix weaknesses in web platforms. Build and enhance microservice-based automation pipelines that test and strengthen web apps. Design, develop, and maintain scalable back end systems for internal web crawling and scraping tools. Collaborate with engineering and security stakeholders across global teams. Deliver high-quality, efficient code in an agile environment with minimal supervision. Requirements Extensive commercial experience with Golang in back end development. Familiarity with Python is advantageous but not essential. Proven ability to build and support applications at scale , ideally in microservices environments. Strong understanding of web technologies and experience with web scraping or automation. Deep understanding of HTTP/HTTPS protocols, including request/response flows, headers, cookies, session management, and handling protocol-level behaviours commonly encountered in large-scale scraping. Knowledge of information security principles and secure coding practices. Excellent communication and documentation skills. Comfortable working independently and able to hit the ground running. Experience working in global, distributed teams.
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
05/12/2025
Full time
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
Company Description Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to achieve their financial goals and help them save time and money. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade C Job Description Experian Cyber Fusion Centre are looking for a new Manager of Attack Surface Management (ASM) to play a crucial role in our cybersecurity strategy. You will guide the success of the Continuous Threat Exposure Management (CTEM) program and build business engagement across global teams. You will ensure CTEM delivers reliable, applicable insights by defining and maintaining processes, integrating services with enterprise systems. Equally critical is leading the Business Engagement Team to establish trusted partnerships with regional infrastructure and application partners, aligning vulnerability management strategies with priorities. Through technical leadership and strategic influence, you will strengthen Experian's security posture and reduce risk across its global attack surface. This is an UK based remote position reporting to the Information Security Director for Cloud and Attack Surface Management. Primary Focus:- Lead CTEM Service Delivery: Manage processes for the Continuous Threat Exposure Management (CTEM) service and its provider. Ensure integration with Experian systems, delivering, reliable, and applicable security insights that inform risk reduction across the enterprise. Business Engagement: You will manage the Business Engagement Team and Service, providing expertise and strategic direction. Cultivate partnerships with regional infrastructure and application teams to ensure the vulnerability management strategy is understood, agreed upon, and implemented. Other Responsibilities:- Maintain risk stratification model to guide vulnerability prioritization based on threat and asset criticality; Identify vulnerability prioritization and asset coverage trends, escalating to senior leadership when vulnerability trends are not improving over time. Help with response to cybersecurity incidents or threat informed actions, ensuring accurate identification of applicable internal and external risks. Will use a broad and diverse combination of tools, techniques, and data sources to support highest confidence in attack surface discovery. Guide team members' daily project and operational activities Contribute to security and technology strategic planning to mature our programmes Work with Risk & Compliance teams on SOC 2, PCI DSS, HIPAA, and other audits. Research and recommend policy and procedures as they relate to Attack Surface Management Qualifications Expert experience supporting Attack Surface Management in vulnerability, remediation, and mitigation as it applies to the following. Common web applications, APIs, misconfigurations, hosts, mobile, Internet of Things, endpoints, infrastructure, cloud, network appliance, OS, firmware and software supply-chain. Management experience in an enterprise-level cybersecurity function. Experience engaging and presenting security topics at senior levels in an enterprise organization Experience managing Risk-Based Vulnerability Management models. In-depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. Experience applying the following models to an enterprise security program: CMMI, ISO/IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. Experience developing security reports, trends, and metrics analysis. Experience with the application of some of the following frameworks - SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling/mapping, methodology development, and data mapping Additional Information Benefits package includes: Great compensation package and discretionary bonus plan Core benefits include pension, bupa healthcare, sharesave scheme and more 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here JBRP1_UKTJ
05/12/2025
Full time
Company Description Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to achieve their financial goals and help them save time and money. We invest in people and new advanced technologies to unlock the power of data. As a FTSE 100 Index company listed on the London Stock Exchange (EXPN), we have a team of 22,500 people across 32 countries. Our corporate headquarters are in Dublin, Ireland. Learn more at Internal Grade C Job Description Experian Cyber Fusion Centre are looking for a new Manager of Attack Surface Management (ASM) to play a crucial role in our cybersecurity strategy. You will guide the success of the Continuous Threat Exposure Management (CTEM) program and build business engagement across global teams. You will ensure CTEM delivers reliable, applicable insights by defining and maintaining processes, integrating services with enterprise systems. Equally critical is leading the Business Engagement Team to establish trusted partnerships with regional infrastructure and application partners, aligning vulnerability management strategies with priorities. Through technical leadership and strategic influence, you will strengthen Experian's security posture and reduce risk across its global attack surface. This is an UK based remote position reporting to the Information Security Director for Cloud and Attack Surface Management. Primary Focus:- Lead CTEM Service Delivery: Manage processes for the Continuous Threat Exposure Management (CTEM) service and its provider. Ensure integration with Experian systems, delivering, reliable, and applicable security insights that inform risk reduction across the enterprise. Business Engagement: You will manage the Business Engagement Team and Service, providing expertise and strategic direction. Cultivate partnerships with regional infrastructure and application teams to ensure the vulnerability management strategy is understood, agreed upon, and implemented. Other Responsibilities:- Maintain risk stratification model to guide vulnerability prioritization based on threat and asset criticality; Identify vulnerability prioritization and asset coverage trends, escalating to senior leadership when vulnerability trends are not improving over time. Help with response to cybersecurity incidents or threat informed actions, ensuring accurate identification of applicable internal and external risks. Will use a broad and diverse combination of tools, techniques, and data sources to support highest confidence in attack surface discovery. Guide team members' daily project and operational activities Contribute to security and technology strategic planning to mature our programmes Work with Risk & Compliance teams on SOC 2, PCI DSS, HIPAA, and other audits. Research and recommend policy and procedures as they relate to Attack Surface Management Qualifications Expert experience supporting Attack Surface Management in vulnerability, remediation, and mitigation as it applies to the following. Common web applications, APIs, misconfigurations, hosts, mobile, Internet of Things, endpoints, infrastructure, cloud, network appliance, OS, firmware and software supply-chain. Management experience in an enterprise-level cybersecurity function. Experience engaging and presenting security topics at senior levels in an enterprise organization Experience managing Risk-Based Vulnerability Management models. In-depth knowledge of architecture, engineering, and operations of one or more vulnerability management tools, such as: Qualys, Rapid7, Tanium, Axonius, Armis, or other. Experience applying the following models to an enterprise security program: CMMI, ISO/IEC 2700, OWASP SAMM, NIST, SMM SANS Security Maturity Model. Experience developing security reports, trends, and metrics analysis. Experience with the application of some of the following frameworks - SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling/mapping, methodology development, and data mapping Additional Information Benefits package includes: Great compensation package and discretionary bonus plan Core benefits include pension, bupa healthcare, sharesave scheme and more 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave. Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity. Experian Careers - Creating a better tomorrow together Find out what its like to work for Experian by clicking here JBRP1_UKTJ
Senior Security Engineer - Leeds - Up to 65,000 + Benefits A forward-thinking and rapidly scaling organisation in the UK FinTech space is seeking a Senior Security Engineer to play a pivotal role in shaping, implementing and maintaining security across its UK operations. You'll be the hands-on technical security lead for the UK arm of the business - working closely with global security teams, outsourced partners and UK subsidiaries to ensure best-in-class protection, compliance and operational excellence. You'll own technical approval processes, lead security delivery across projects, and act as a key escalation point for incidents. What you'll be doing: Maintaining and optimising security controls across firewalls, EDR, WAF, cloud posture management and encryption Leading patch, vulnerability and configuration management Overseeing IAM, privileged access and onboarding/offboarding controls Managing VPN, network and firewall security, including Zero Trust principles Ensuring secure baselines across endpoints, integrating MDM and supporting incident response Contributing to DevSecOps practices, CI/CD security integration and application testing Supporting compliance initiatives (ISO27001, Cyber Essentials Plus etc.) Promoting security awareness and collaborating with vendors, SOC and internal teams What you'll bring: A proactive and collaborative mindset, strong communication skills, and proven experience securing cloud-first environments, remote endpoints and identity frameworks. Knowledge of tools such as Palo Alto, OKTA/Entra ID, Trend Micro, Prisma, GlobalProtect or similar is advantageous. If you're excited by innovation, ownership and the chance to influence security from the ground up - we'd love to hear from you. People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
04/12/2025
Full time
Senior Security Engineer - Leeds - Up to 65,000 + Benefits A forward-thinking and rapidly scaling organisation in the UK FinTech space is seeking a Senior Security Engineer to play a pivotal role in shaping, implementing and maintaining security across its UK operations. You'll be the hands-on technical security lead for the UK arm of the business - working closely with global security teams, outsourced partners and UK subsidiaries to ensure best-in-class protection, compliance and operational excellence. You'll own technical approval processes, lead security delivery across projects, and act as a key escalation point for incidents. What you'll be doing: Maintaining and optimising security controls across firewalls, EDR, WAF, cloud posture management and encryption Leading patch, vulnerability and configuration management Overseeing IAM, privileged access and onboarding/offboarding controls Managing VPN, network and firewall security, including Zero Trust principles Ensuring secure baselines across endpoints, integrating MDM and supporting incident response Contributing to DevSecOps practices, CI/CD security integration and application testing Supporting compliance initiatives (ISO27001, Cyber Essentials Plus etc.) Promoting security awareness and collaborating with vendors, SOC and internal teams What you'll bring: A proactive and collaborative mindset, strong communication skills, and proven experience securing cloud-first environments, remote endpoints and identity frameworks. Knowledge of tools such as Palo Alto, OKTA/Entra ID, Trend Micro, Prisma, GlobalProtect or similar is advantageous. If you're excited by innovation, ownership and the chance to influence security from the ground up - we'd love to hear from you. People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
01/12/2025
Full time
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
Embedded Software Engineer Salary: 40K- 70K DOE + Benefits Experience Level: 3+ years (entry-level roles also available) Location: Derbyshire About the Organisation This organisation specialises in developing high-integrity, security-critical technologies where absolute reliability is essential. The engineering culture is built on excellence, innovation, and a commitment to exceeding customer expectations. You'll be joining a multi-disciplinary team working on complex problems, disruptive security technologies, and advanced embedded solutions. The work involves supporting government and industry partners on projects involving secure systems, applied cryptography, and cutting-edge software and microelectronics. About the Role This is an exciting opportunity for software engineers-ranging from early-career developers to highly experienced specialists-to contribute to the design, development, and testing of innovative embedded products and cyber-security technologies. The role involves analysing customer requirements, producing maintainable designs, participating in unit testing, contributing to code reviews, and creating documentation as required. Security, precision, and functional correctness will be central to your work. You'll thrive in this role if you are detail-driven, collaborative, and motivated to develop high-integrity software guided by formal specifications. The work includes both independent problem-solving and close teamwork within an expert engineering group. Skills & Experience Required Required Technical Skills Strong track record delivering embedded C/C++ solutions. Deep experience with multi-threaded embedded systems (RTOS). Register-level experience with ARM-based microcontrollers (e.g., STM32). Proficiency with embedded debugging tools (e.g., JTAG, ETM). Experience writing code to formal software standards (e.g., CERT C, MISRA). Hands-on experience with unit-test automation tools (e.g., LDRA, Parasoft). Familiarity with static analysis tools. Technical documentation and report writing. Desirable Skills C# development. Scripting languages (Python, Perl, Bash, PowerShell). Network security and vulnerability analysis. Understanding of IP standards. Experience with a range of CPU/MPU architectures. Requirements capture. Knowledge of cryptographic concepts. Personal Competencies Excellent attention to detail. Strong commitment to high quality standards. Effective communicator and team collaborator; able to work independently. Good judgement under pressure. Strong time-management and organisational skills. Takes ownership and resolves issues proactively. Experience Senior roles require 3+ years of relevant commercial experience. Entry-level opportunities are available for recent Computer Science or STEM graduates with strong potential. Conditions Due to the nature of the work, candidates must be British Citizens and able to obtain and maintain DV security clearance .
27/11/2025
Full time
Embedded Software Engineer Salary: 40K- 70K DOE + Benefits Experience Level: 3+ years (entry-level roles also available) Location: Derbyshire About the Organisation This organisation specialises in developing high-integrity, security-critical technologies where absolute reliability is essential. The engineering culture is built on excellence, innovation, and a commitment to exceeding customer expectations. You'll be joining a multi-disciplinary team working on complex problems, disruptive security technologies, and advanced embedded solutions. The work involves supporting government and industry partners on projects involving secure systems, applied cryptography, and cutting-edge software and microelectronics. About the Role This is an exciting opportunity for software engineers-ranging from early-career developers to highly experienced specialists-to contribute to the design, development, and testing of innovative embedded products and cyber-security technologies. The role involves analysing customer requirements, producing maintainable designs, participating in unit testing, contributing to code reviews, and creating documentation as required. Security, precision, and functional correctness will be central to your work. You'll thrive in this role if you are detail-driven, collaborative, and motivated to develop high-integrity software guided by formal specifications. The work includes both independent problem-solving and close teamwork within an expert engineering group. Skills & Experience Required Required Technical Skills Strong track record delivering embedded C/C++ solutions. Deep experience with multi-threaded embedded systems (RTOS). Register-level experience with ARM-based microcontrollers (e.g., STM32). Proficiency with embedded debugging tools (e.g., JTAG, ETM). Experience writing code to formal software standards (e.g., CERT C, MISRA). Hands-on experience with unit-test automation tools (e.g., LDRA, Parasoft). Familiarity with static analysis tools. Technical documentation and report writing. Desirable Skills C# development. Scripting languages (Python, Perl, Bash, PowerShell). Network security and vulnerability analysis. Understanding of IP standards. Experience with a range of CPU/MPU architectures. Requirements capture. Knowledge of cryptographic concepts. Personal Competencies Excellent attention to detail. Strong commitment to high quality standards. Effective communicator and team collaborator; able to work independently. Good judgement under pressure. Strong time-management and organisational skills. Takes ownership and resolves issues proactively. Experience Senior roles require 3+ years of relevant commercial experience. Entry-level opportunities are available for recent Computer Science or STEM graduates with strong potential. Conditions Due to the nature of the work, candidates must be British Citizens and able to obtain and maintain DV security clearance .
Graduate / Early-Career Embedded Software Engineer About the Opportunity This is an excellent role for graduates or early-career software engineers looking to develop and test innovative products and systems at the forefront of cyber security. You'll join an experienced, highly skilled engineering team working on high-integrity, security-focused technologies where reliability and precision are essential. Candidates should be able to demonstrate strong design and coding ability, an eagerness to explore ideas, and a passion for building high-quality software. Because security and functional correctness are central to the work, this role will suit someone who wants to develop high-assurance software guided by formal specifications. You will work closely with colleagues in a collaborative environment, while also being confident in managing your own tasks independently. Attention to detail, problem-solving capability, and a proactive approach to finding effective solutions are key attributes. Role Graduate / Junior Embedded Software Engineer Salary: 35K DOE + Benefits Location: Derbyshire Skills & Experience Personal Competencies Minimum 3 years coding experience (including university, personal, or project work - recent graduates are welcome). Excellent attention to detail and commitment to high quality standards. Strong communication and teamwork skills; able to work independently when required. Good judgement and ability to perform effectively under pressure. Strong time-management skills and ability to take ownership of tasks. Excellent problem-solving abilities. Ability to obtain and maintain appropriate security clearance. Required Technical Skills / Qualifications Minimum 2:1 honours degree in Computer Science, Software Engineering, or a related discipline. Experience with embedded software - through university modules, personal projects, or platforms such as Raspberry Pi or Arduino. Strong knowledge of C and C++ programming. Experience with bare-metal or RTOS-based systems. Ability to use debugging tools and techniques. Understanding of object-oriented and low-level programming, including memory management and device driver concepts. Desirable Technical Skills JTAG/ETM debugging experience. C# development experience. Experience with Rust or Ada SPARK. Familiarity with Cryptol or SAW. Scripting languages (Ruby, Groovy, Python, Perl, Bash, PowerShell). Experience developing applications for Windows. Knowledge of computer network security and vulnerability analysis. Understanding of IP standards. Multi-threaded RTOS and bare-metal embedded development. Experience with ARM-based CPU/MPU architectures. Who We're Looking For Graduates or early-career software engineers with a relevant STEM degree and a strong interest in embedded systems and cyber security. There are also Senior and Principal roles available. What You Can Expect Structured professional development and clear progression opportunities. The chance to contribute to industry-leading security and cryptographic technologies. A supportive, collaborative team environment with an assigned mentor. Comprehensive benefits package, including: Competitive salary 25 days annual leave Company pension 4 death in service EV car scheme and charging Benefits platform (launching soon) On-the-job training and external courses to develop your technical skills. A two-stage interview process: 20-minute video discussion In-person interview with a C/C++ coding test Conditions Due to the nature of the work, applicants must be British citizens and able to obtain and maintain DV security clearance .
27/11/2025
Full time
Graduate / Early-Career Embedded Software Engineer About the Opportunity This is an excellent role for graduates or early-career software engineers looking to develop and test innovative products and systems at the forefront of cyber security. You'll join an experienced, highly skilled engineering team working on high-integrity, security-focused technologies where reliability and precision are essential. Candidates should be able to demonstrate strong design and coding ability, an eagerness to explore ideas, and a passion for building high-quality software. Because security and functional correctness are central to the work, this role will suit someone who wants to develop high-assurance software guided by formal specifications. You will work closely with colleagues in a collaborative environment, while also being confident in managing your own tasks independently. Attention to detail, problem-solving capability, and a proactive approach to finding effective solutions are key attributes. Role Graduate / Junior Embedded Software Engineer Salary: 35K DOE + Benefits Location: Derbyshire Skills & Experience Personal Competencies Minimum 3 years coding experience (including university, personal, or project work - recent graduates are welcome). Excellent attention to detail and commitment to high quality standards. Strong communication and teamwork skills; able to work independently when required. Good judgement and ability to perform effectively under pressure. Strong time-management skills and ability to take ownership of tasks. Excellent problem-solving abilities. Ability to obtain and maintain appropriate security clearance. Required Technical Skills / Qualifications Minimum 2:1 honours degree in Computer Science, Software Engineering, or a related discipline. Experience with embedded software - through university modules, personal projects, or platforms such as Raspberry Pi or Arduino. Strong knowledge of C and C++ programming. Experience with bare-metal or RTOS-based systems. Ability to use debugging tools and techniques. Understanding of object-oriented and low-level programming, including memory management and device driver concepts. Desirable Technical Skills JTAG/ETM debugging experience. C# development experience. Experience with Rust or Ada SPARK. Familiarity with Cryptol or SAW. Scripting languages (Ruby, Groovy, Python, Perl, Bash, PowerShell). Experience developing applications for Windows. Knowledge of computer network security and vulnerability analysis. Understanding of IP standards. Multi-threaded RTOS and bare-metal embedded development. Experience with ARM-based CPU/MPU architectures. Who We're Looking For Graduates or early-career software engineers with a relevant STEM degree and a strong interest in embedded systems and cyber security. There are also Senior and Principal roles available. What You Can Expect Structured professional development and clear progression opportunities. The chance to contribute to industry-leading security and cryptographic technologies. A supportive, collaborative team environment with an assigned mentor. Comprehensive benefits package, including: Competitive salary 25 days annual leave Company pension 4 death in service EV car scheme and charging Benefits platform (launching soon) On-the-job training and external courses to develop your technical skills. A two-stage interview process: 20-minute video discussion In-person interview with a C/C++ coding test Conditions Due to the nature of the work, applicants must be British citizens and able to obtain and maintain DV security clearance .
Senior Vulnerability Management Engineer Location: Pontefract, West Yorkshire Permanent £50,000 £65,000 3 days in the office, 1 day/month in Enderby (expenses covered) We are partnering with a leading organisation to recruit a Senior Vulnerability Management Engineer to join their Information Security team . This hands-on role focuses on Vulnerability and Threat Management across the business, with emphasis on the Warehouse environment . You ll proactively spot potential threats, combine threat hunting and vulnerability scanning (red team style), and help ensure the organisation is fully prepared for any risks. The team uses Qualys for vulnerability scanning. Key Responsibilities: Manage and maintain vulnerability scanning tools, including Qualys. Identify, triage, and assign vulnerabilities, providing mitigation guidance. Conduct proactive threat hunting across the business. Assist Incident Response with investigations and resolution. Review threat intelligence and validate against people, processes, and technology. Prepare reports for stakeholders and lead mitigation efforts. Maintain documentation, metrics, and procedures to a high standard. Act as SME and mentor less experienced team members. Key Skills & Experience: Strong experience with vulnerability management tools, preferably Qualys . In-depth InfoSec knowledge, including malware, attacks, and vulnerabilities. IT knowledge: network protocols, server infrastructure, Windows Server, Linux. Experience with threat hunting and spotting potential business-wide threats. Familiarity with frameworks: CVSS, CVE, CWE, OWASP, MITRE. OT vulnerability scanning and CTI monitoring experience. Strong analytical, prioritisation, communication, and reporting skills. Desirable: PCI-DSS/ISO27001, retail, cloud, DevOps/code scanning, SCADA/PLC, TIP management, offensive security, custom AI usage. Apply in confidence with Phoebe Rees at VIQU IT: (phone number removed) (url removed) Know someone great? Earn up to £1,000 if your referral is successful (terms apply). Follow us on IT Recruitment.
24/11/2025
Full time
Senior Vulnerability Management Engineer Location: Pontefract, West Yorkshire Permanent £50,000 £65,000 3 days in the office, 1 day/month in Enderby (expenses covered) We are partnering with a leading organisation to recruit a Senior Vulnerability Management Engineer to join their Information Security team . This hands-on role focuses on Vulnerability and Threat Management across the business, with emphasis on the Warehouse environment . You ll proactively spot potential threats, combine threat hunting and vulnerability scanning (red team style), and help ensure the organisation is fully prepared for any risks. The team uses Qualys for vulnerability scanning. Key Responsibilities: Manage and maintain vulnerability scanning tools, including Qualys. Identify, triage, and assign vulnerabilities, providing mitigation guidance. Conduct proactive threat hunting across the business. Assist Incident Response with investigations and resolution. Review threat intelligence and validate against people, processes, and technology. Prepare reports for stakeholders and lead mitigation efforts. Maintain documentation, metrics, and procedures to a high standard. Act as SME and mentor less experienced team members. Key Skills & Experience: Strong experience with vulnerability management tools, preferably Qualys . In-depth InfoSec knowledge, including malware, attacks, and vulnerabilities. IT knowledge: network protocols, server infrastructure, Windows Server, Linux. Experience with threat hunting and spotting potential business-wide threats. Familiarity with frameworks: CVSS, CVE, CWE, OWASP, MITRE. OT vulnerability scanning and CTI monitoring experience. Strong analytical, prioritisation, communication, and reporting skills. Desirable: PCI-DSS/ISO27001, retail, cloud, DevOps/code scanning, SCADA/PLC, TIP management, offensive security, custom AI usage. Apply in confidence with Phoebe Rees at VIQU IT: (phone number removed) (url removed) Know someone great? Earn up to £1,000 if your referral is successful (terms apply). Follow us on IT Recruitment.
A cybersecurity start-up in Leeds is seeking a Full-Stack PHP Developer to join its small but growing team. The business has evolved from dark web monitoring into a full External Attack Surface Management (EASM) platform. The role is focused on enhancing, maintaining, and scaling this SaaS platform while embedding secure coding practices. Key Responsibilities Enhance and maintain the SaaS platform hosted in AWS. Deliver both back-end and front-end features using PHP (Laravel), React, and TypeScript. Design, integrate, and manage APIs and microservices. Optimise applications for security, scalability, and performance. Translate business requirements into clear, actionable technical solutions. Follow secure coding practices and contribute to cybersecurity-focused product development. Collaborate with a small engineering team and leadership on roadmap delivery. Essential Skills & Experience Strong back-end development skills with PHP (Laravel). Front-end development expertise with React and TypeScript. Experience deploying and managing applications in AWS. Knowledge of secure coding practices and general cybersecurity principles. Ability to communicate effectively with technical and non-technical stakeholders. Experience working in small teams or start-up environments. Desirable Skills Experience in cybersecurity SaaS, vulnerability management, or EASM. Familiarity with serverless AWS infrastructure and cloud-native architectures. Exposure to AI/ML in the context of cybersecurity. Knowledge of DevOps practices, CI/CD pipelines, and automation tools. Location & Working Arrangements Hybrid working, with three days per week required in the Leeds city centre office (non-negotiable). Candidates must be realistically commutable to Leeds. Salary & Benefits Up to 65,000 base salary + benefits. Clear progression opportunities as the team expands (expected growth to 6-8 developers). Chance to work on a disruptive cybersecurity product with a 3-4 year roadmap ahead. Collaborative, friendly, and flexible start-up culture.
13/11/2025
Full time
A cybersecurity start-up in Leeds is seeking a Full-Stack PHP Developer to join its small but growing team. The business has evolved from dark web monitoring into a full External Attack Surface Management (EASM) platform. The role is focused on enhancing, maintaining, and scaling this SaaS platform while embedding secure coding practices. Key Responsibilities Enhance and maintain the SaaS platform hosted in AWS. Deliver both back-end and front-end features using PHP (Laravel), React, and TypeScript. Design, integrate, and manage APIs and microservices. Optimise applications for security, scalability, and performance. Translate business requirements into clear, actionable technical solutions. Follow secure coding practices and contribute to cybersecurity-focused product development. Collaborate with a small engineering team and leadership on roadmap delivery. Essential Skills & Experience Strong back-end development skills with PHP (Laravel). Front-end development expertise with React and TypeScript. Experience deploying and managing applications in AWS. Knowledge of secure coding practices and general cybersecurity principles. Ability to communicate effectively with technical and non-technical stakeholders. Experience working in small teams or start-up environments. Desirable Skills Experience in cybersecurity SaaS, vulnerability management, or EASM. Familiarity with serverless AWS infrastructure and cloud-native architectures. Exposure to AI/ML in the context of cybersecurity. Knowledge of DevOps practices, CI/CD pipelines, and automation tools. Location & Working Arrangements Hybrid working, with three days per week required in the Leeds city centre office (non-negotiable). Candidates must be realistically commutable to Leeds. Salary & Benefits Up to 65,000 base salary + benefits. Clear progression opportunities as the team expands (expected growth to 6-8 developers). Chance to work on a disruptive cybersecurity product with a 3-4 year roadmap ahead. Collaborative, friendly, and flexible start-up culture.
Business Unit: COO, Technology Operations & Cyber Security Salary range: £40,800 - £51,000 per annum + Benefits Location: UK Remote Contract type : Permanent Our Team The Platform Engineering Team sits within Technology Operations & Cyber Security (TOCS) and is responsible for supporting, maintaining, and innovating the Bank's underpinning platforms and technologies. The core aspect of your role will be to support the management of the Operational Platform, with a focus on the Linux Server Estate. This will involve collaboration with internal customers, partners and external customers to deliver excellent service and ensure our systems are efficient, performant, resilient where emerging technology threats & risks are managed and change to our systems are managed effectively. What you'll be doing Innovate, build & maintain the Virgin Money Linux server estate for Operational Platform. Engineer, validate, implement and quality assure technical solutions. Lead on initiatives to improve Platform performance and stability. Support projects implementing new infrastructure into the datacentres. Support root cause analysis and remediation of complex technical issues. Work closely with others to estimate work, manage domain scope, risks and issues. Collaborate with internal and external parties to provide excellent customer service. Ensure that change within the environment is managed and controlled effectively. We need you to have Strong engineering experience with Red Hat Enterprise Linux (RHEL) Strong Redhat Satellite experience (install, Configure, manage) Strong experience of server implementation, upgrades, maintenance, monitoring and automation (Infrastructure as Code) with Ansible, AAP Strong experience of VMware (upgrade, manage) Solid understanding of Networking, security and system performance Strong problem-solving skills with the ability to own, diagnose and resolve platforms issues. Good understanding of cybersecurity principles & vulnerability management Python, Bash, API's and data structures in JSON/YAML or other Engineering mindset: able to challenge the status quo and automate manual processes to deliver additional value. Exceptional communication & teamwork skills Flexibility. The role may require occasional evening or weekend work It's a bonus if you have but not essential Experience of Arctera Infoscale, VCS Experience of Solaris Experience of Server Hardware Management and maintenance Experience of Containerisation, Red Hat OpenShift, ARO or AKS Experience of Continuous Integration and Continuous Delivery tooling Experience of working within an ITIL framework Working in Multi-disciplinary Agile teams Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more. Up to five extra paid well-being days per year . 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early. Please ensure to submit your applications as soon as possible. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team Please note: If we receive a high volume of eligible applications, we may need to prioritise candidates whose skills and experience most closely align with the role, while still ensuring fair and equitable consideration for all applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.
06/10/2025
Full time
Business Unit: COO, Technology Operations & Cyber Security Salary range: £40,800 - £51,000 per annum + Benefits Location: UK Remote Contract type : Permanent Our Team The Platform Engineering Team sits within Technology Operations & Cyber Security (TOCS) and is responsible for supporting, maintaining, and innovating the Bank's underpinning platforms and technologies. The core aspect of your role will be to support the management of the Operational Platform, with a focus on the Linux Server Estate. This will involve collaboration with internal customers, partners and external customers to deliver excellent service and ensure our systems are efficient, performant, resilient where emerging technology threats & risks are managed and change to our systems are managed effectively. What you'll be doing Innovate, build & maintain the Virgin Money Linux server estate for Operational Platform. Engineer, validate, implement and quality assure technical solutions. Lead on initiatives to improve Platform performance and stability. Support projects implementing new infrastructure into the datacentres. Support root cause analysis and remediation of complex technical issues. Work closely with others to estimate work, manage domain scope, risks and issues. Collaborate with internal and external parties to provide excellent customer service. Ensure that change within the environment is managed and controlled effectively. We need you to have Strong engineering experience with Red Hat Enterprise Linux (RHEL) Strong Redhat Satellite experience (install, Configure, manage) Strong experience of server implementation, upgrades, maintenance, monitoring and automation (Infrastructure as Code) with Ansible, AAP Strong experience of VMware (upgrade, manage) Solid understanding of Networking, security and system performance Strong problem-solving skills with the ability to own, diagnose and resolve platforms issues. Good understanding of cybersecurity principles & vulnerability management Python, Bash, API's and data structures in JSON/YAML or other Engineering mindset: able to challenge the status quo and automate manual processes to deliver additional value. Exceptional communication & teamwork skills Flexibility. The role may require occasional evening or weekend work It's a bonus if you have but not essential Experience of Arctera Infoscale, VCS Experience of Solaris Experience of Server Hardware Management and maintenance Experience of Containerisation, Red Hat OpenShift, ARO or AKS Experience of Continuous Integration and Continuous Delivery tooling Experience of working within an ITIL framework Working in Multi-disciplinary Agile teams Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more. Up to five extra paid well-being days per year . 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early. Please ensure to submit your applications as soon as possible. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team Please note: If we receive a high volume of eligible applications, we may need to prioritise candidates whose skills and experience most closely align with the role, while still ensuring fair and equitable consideration for all applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
06/10/2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
06/10/2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Join us as a Senior Security Engineer for CIAM at Barclays, where you will bring to life a new digital platform capability, transforming and modernising our digital estate to build a market-leading digital offering with customer experience at its heart. This is an exciting and key role, partnering with business aligned engineering and product teams, to ensure a collaborative team culture is at the heart of what we do. To be successful in this role you should have: Experience across configuration and integration with Hardware Security Module (HSM) and AWS Secrets Manager (ASM) tooling, certificate lifecycle management, e.g. rotation, revocation, and in automating security workflows Experience using GitLab CI/CD pipelines, AWS CLI or Chef. Strong experience with Cloud Security expertise across the following areas: AWS security controls, policies and automation, CLI tools, role based and attribute-based access controls, cryptographic protocols and secure key lifecycle management, advanced threat modelling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security Strong experience in penetration testing and hands-on coding in at least one of the following: JavaScript, Java, Python. Some other highly desirable skills include: Experience in hands-on configuration, deployment and operation of ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, HTTP header signing, access token and data at rest encryption, PKI based self-sovereign identity, or open source You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. This role will be based out of our London office. Purpose of the role To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information. Accountabilities Provision of subject matter expertise on security systems and engineering patterns. Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems. Management and protection of secrets, ensuring that they are securely generated, stored, and used. Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches. Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques. Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements. Development/ Implementation and maintenance of Identity and Access Management solutions and systems. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.
03/10/2025
Full time
Join us as a Senior Security Engineer for CIAM at Barclays, where you will bring to life a new digital platform capability, transforming and modernising our digital estate to build a market-leading digital offering with customer experience at its heart. This is an exciting and key role, partnering with business aligned engineering and product teams, to ensure a collaborative team culture is at the heart of what we do. To be successful in this role you should have: Experience across configuration and integration with Hardware Security Module (HSM) and AWS Secrets Manager (ASM) tooling, certificate lifecycle management, e.g. rotation, revocation, and in automating security workflows Experience using GitLab CI/CD pipelines, AWS CLI or Chef. Strong experience with Cloud Security expertise across the following areas: AWS security controls, policies and automation, CLI tools, role based and attribute-based access controls, cryptographic protocols and secure key lifecycle management, advanced threat modelling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security Strong experience in penetration testing and hands-on coding in at least one of the following: JavaScript, Java, Python. Some other highly desirable skills include: Experience in hands-on configuration, deployment and operation of ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, HTTP header signing, access token and data at rest encryption, PKI based self-sovereign identity, or open source You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. This role will be based out of our London office. Purpose of the role To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information. Accountabilities Provision of subject matter expertise on security systems and engineering patterns. Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems. Management and protection of secrets, ensuring that they are securely generated, stored, and used. Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches. Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques. Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements. Development/ Implementation and maintenance of Identity and Access Management solutions and systems. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.
About the Role: At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust. Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously. Desired: Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards. Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams. We support flexibility and productivity of our employees by hybrid working arrangements. Although your role will be based in London (or Nuneaton, or Amsterdam) you will be required to travel only occasionally to our Hubs in Nuneaton or London or to any other location of H&B. What we offer: Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can get away and take 33 Days Holiday per year . Private Medical Care (Self after 1 year) Learning and Development opportunity with Holland & Barrett is a great base for career development long term. Career progression. Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network. Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers. Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy. We all need a little help sometimes, so weoffer Free 24/7 Confidential Advice & Colleague Welfare . Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing. Stay active in the Onsite Gym at our Nuneaton Hub! We have colleague Reward and Recognition Schemes , so your hard work and loyalty won't go unnoticed. And many more! We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B. Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).
03/10/2025
Full time
About the Role: At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust. Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously. Desired: Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards. Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams. We support flexibility and productivity of our employees by hybrid working arrangements. Although your role will be based in London (or Nuneaton, or Amsterdam) you will be required to travel only occasionally to our Hubs in Nuneaton or London or to any other location of H&B. What we offer: Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can get away and take 33 Days Holiday per year . Private Medical Care (Self after 1 year) Learning and Development opportunity with Holland & Barrett is a great base for career development long term. Career progression. Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network. Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers. Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy. We all need a little help sometimes, so weoffer Free 24/7 Confidential Advice & Colleague Welfare . Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing. Stay active in the Onsite Gym at our Nuneaton Hub! We have colleague Reward and Recognition Schemes , so your hard work and loyalty won't go unnoticed. And many more! We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B. Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).
Why work for us? We aim to provide you with peace of mind in addition to an attractive salary and eligibility to participate in the discretionary annual bonus opportunities. You will also receive an excellent benefit package including: Company funded industry qualifications Workplace Pension Close to town centre / bus station / train station Free Car Parking Attendance Bonus Scheme Sick pay Scheme 22 days holiday Bank Holidays, increasing with length of service to a max of 30 days after a qualifying period. As a Cyber Security Engineer, you will join our growing team with its increased focus and business growth in Cyber Security, working closely with our Senior Cyber Security Manager ensuring the smooth and successful delivery of all security-based client requests, services, audits and certifications in a continually evolving role. You will be responsible for providing advice, assistance and take action on security matters to our clients and internal colleagues as well as working on Cyber Essentials, Cyber Essentials Plus assessments and all other services within our Security portfolio. Customer service is a priority, as such you will enjoy the interaction and building rapport with our existing, varied customer base. What you'll be doing: Liaising with customer to understand client requests and how best resolve issues Supporting project implementations from initial customer training through to ongoing support Working on Cyber Essentials & IASME Assured Level 1 assessments Working on Cyber Essentials Plus & IASME Assured Level 2 (Audited) audits Carrying out Internal Vulnerability Scanning (including customising reporting) Carrying out External Penetration Testing (including customising reporting) Using enterprise level tools to analyse and assess vulnerabilities Assist with the evolving product and services portfolio available to clients Assisting the sales and support teams with relevant information and advice, taking ownership where required Carrying out client consultations and security audits to best advise clients on security measures appropriate for their organisation Undertaking industry standard training and certifications About You: Qualifications: 5 GCSEs grades A -C/9-4 or equivalent (including English Language, Maths & IT) Minimum of 3 years' experience relevant to Cyber Security and/or IT Support At least 2 industry recognised certifications (Microsoft, CompTIA, Cyber Scheme etc) Essential Skills and Experience: Previous Technical Support or Cyber Security Engineer experience (or roles of similar nature) Good knowledge of networks and basic infrastructure (routing, IP's, topology etc) Good planning, time management, administrational and organisational skills Always maintaining client confidentiality and security Ability to follow strict process and procedures Desirable - knowledge of the Cyber Essentials scheme Personal qualities: Organised, Reliable and trustworthy Customer Service Driven Good problem-solving skills Good timekeeping Attention to detail Ability to work individually and as part of a team Strong interpersonal and communication skills key An interest in technology and troubleshooting Capable of thinking outside the box Desirable - driving licence Prospects: The role offers long term security and the opportunity to progress along within the team along with continued development through to becoming an IASME accredited assessor and further industry accreditations such as Cyber Scheme Team Member (CSTM).
03/10/2025
Full time
Why work for us? We aim to provide you with peace of mind in addition to an attractive salary and eligibility to participate in the discretionary annual bonus opportunities. You will also receive an excellent benefit package including: Company funded industry qualifications Workplace Pension Close to town centre / bus station / train station Free Car Parking Attendance Bonus Scheme Sick pay Scheme 22 days holiday Bank Holidays, increasing with length of service to a max of 30 days after a qualifying period. As a Cyber Security Engineer, you will join our growing team with its increased focus and business growth in Cyber Security, working closely with our Senior Cyber Security Manager ensuring the smooth and successful delivery of all security-based client requests, services, audits and certifications in a continually evolving role. You will be responsible for providing advice, assistance and take action on security matters to our clients and internal colleagues as well as working on Cyber Essentials, Cyber Essentials Plus assessments and all other services within our Security portfolio. Customer service is a priority, as such you will enjoy the interaction and building rapport with our existing, varied customer base. What you'll be doing: Liaising with customer to understand client requests and how best resolve issues Supporting project implementations from initial customer training through to ongoing support Working on Cyber Essentials & IASME Assured Level 1 assessments Working on Cyber Essentials Plus & IASME Assured Level 2 (Audited) audits Carrying out Internal Vulnerability Scanning (including customising reporting) Carrying out External Penetration Testing (including customising reporting) Using enterprise level tools to analyse and assess vulnerabilities Assist with the evolving product and services portfolio available to clients Assisting the sales and support teams with relevant information and advice, taking ownership where required Carrying out client consultations and security audits to best advise clients on security measures appropriate for their organisation Undertaking industry standard training and certifications About You: Qualifications: 5 GCSEs grades A -C/9-4 or equivalent (including English Language, Maths & IT) Minimum of 3 years' experience relevant to Cyber Security and/or IT Support At least 2 industry recognised certifications (Microsoft, CompTIA, Cyber Scheme etc) Essential Skills and Experience: Previous Technical Support or Cyber Security Engineer experience (or roles of similar nature) Good knowledge of networks and basic infrastructure (routing, IP's, topology etc) Good planning, time management, administrational and organisational skills Always maintaining client confidentiality and security Ability to follow strict process and procedures Desirable - knowledge of the Cyber Essentials scheme Personal qualities: Organised, Reliable and trustworthy Customer Service Driven Good problem-solving skills Good timekeeping Attention to detail Ability to work individually and as part of a team Strong interpersonal and communication skills key An interest in technology and troubleshooting Capable of thinking outside the box Desirable - driving licence Prospects: The role offers long term security and the opportunity to progress along within the team along with continued development through to becoming an IASME accredited assessor and further industry accreditations such as Cyber Scheme Team Member (CSTM).
Hays Specialist Recruitment Limited
West Drayton, Middlesex
Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through detailed code reviews and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams. Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices. Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns. Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery. Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches. Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security. Support the client's Cyber Change Team by assisting in change reviews. Required Skills & Experience: Proven experience in application security within a DevSecOps framework. Strong background in software engineering, with the ability to bridge development and security. Experience identifying security issues through code review. Recognised cybersecurity certifications or qualifications desirable. Deep technical expertise in security tools and methodologies, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modelling Demonstrated success in leading or advising teams on secure development practices. Senior-level experience with a solid understanding of cloud migration challenges and solutions. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
03/10/2025
Full time
Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through detailed code reviews and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams. Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices. Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns. Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery. Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches. Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security. Support the client's Cyber Change Team by assisting in change reviews. Required Skills & Experience: Proven experience in application security within a DevSecOps framework. Strong background in software engineering, with the ability to bridge development and security. Experience identifying security issues through code review. Recognised cybersecurity certifications or qualifications desirable. Deep technical expertise in security tools and methodologies, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modelling Demonstrated success in leading or advising teams on secure development practices. Senior-level experience with a solid understanding of cloud migration challenges and solutions. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk
Lead Security Engineer Luton 12-month contract Paying up to 90p/h (Inside IR35) ARM is assisting a large Aerospace client who is looking for an experienced Lead Security Engineer who will be responsible for all security aspects of product design, development, verification, and maintenance through all phases of the product lifecycle. Responsibilities : Production of Security Managements Plans, work package descriptions and cost estimates in support of product bids, services and proposals. Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation. Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities. Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams on suitable platform lockdown and configurations, and supporting Penetration test activities. Analysing penetration test results and preparation of remedial action plans. Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA Review and maintain corporate product security policies. Deliver product security training to project engineering teams. Experience required: Experience in the development of security solutions for a military &/or commercial products and systems. Graduate degree in relevant engineering, computing or related scientific discipline, and/or evidence of further professional study. Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto technologies and key management systems Model Base System Engineering (MBSE) knowledge Understanding operating systems, firmware and software security controls and how to apply them. Understanding of existing, current and emerging technologies including cloud, virtualisation and web Excellent verbal & written communication skills. Good team worker with ability to influence and motivate. Positive attitude and drive to improve the business. Ability to obtain SC clearance with UK-eyes only caveat. Enterprise Security Architectures (SABSA, MODAF). Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
02/10/2025
Contractor
Lead Security Engineer Luton 12-month contract Paying up to 90p/h (Inside IR35) ARM is assisting a large Aerospace client who is looking for an experienced Lead Security Engineer who will be responsible for all security aspects of product design, development, verification, and maintenance through all phases of the product lifecycle. Responsibilities : Production of Security Managements Plans, work package descriptions and cost estimates in support of product bids, services and proposals. Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation. Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities. Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams on suitable platform lockdown and configurations, and supporting Penetration test activities. Analysing penetration test results and preparation of remedial action plans. Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA Review and maintain corporate product security policies. Deliver product security training to project engineering teams. Experience required: Experience in the development of security solutions for a military &/or commercial products and systems. Graduate degree in relevant engineering, computing or related scientific discipline, and/or evidence of further professional study. Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto technologies and key management systems Model Base System Engineering (MBSE) knowledge Understanding operating systems, firmware and software security controls and how to apply them. Understanding of existing, current and emerging technologies including cloud, virtualisation and web Excellent verbal & written communication skills. Good team worker with ability to influence and motivate. Positive attitude and drive to improve the business. Ability to obtain SC clearance with UK-eyes only caveat. Enterprise Security Architectures (SABSA, MODAF). Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.
