47 jobs found

Senior IT Technician Location: Wolverhampton + Other local site Salary: 38,000 - 45,000 Hours: Monday - Friday, 08:00 - 17:00 (Early finish on Fridays) The Best Connection are recruiting on behalf of our client for an experienced Senior IT Technician to take ownership of the IT infrastructure across multiple UK sites. This is a hands-on senior role responsible for maintaining and improving the organisation's IT environment, ensuring systems remain secure, reliable and aligned with operational and commercial objectives. Supporting approximately 120 users across engineering, manufacturing, finance and commercial teams, you will act as the primary escalation point for infrastructure matters and play a key role in delivering IT improvements and projects. Key Responsibilities Own and maintain the Group IT infrastructure across all UK sites including servers, endpoints, networking and cloud environments. Ensure high levels of system availability, performance and resilience. Lead cybersecurity measures including MFA, endpoint protection, patch management and vulnerability remediation. Maintain and test backup and disaster recovery processes. Provide 2nd and 3rd line technical support and act as the main escalation point for infrastructure issues. Manage Microsoft 365, Entra ID (Azure AD), Intune and Exchange Online. Maintain Windows Server environments including Active Directory, Group Policy, DNS and DHCP. Oversee network infrastructure including firewalls, VPNs, VLANs and Wi-Fi connectivity. Support and optimise ERP/MRP systems and related manufacturing integrations. Manage third-party IT providers, licensing and hardware procurement. Lead and deliver IT projects such as migrations, network refreshes and system upgrades. Maintain accurate IT documentation including asset registers, network diagrams and policies. Support and train users while promoting structured ticketing and digital best practice. Essential Requirements Minimum 5 years' experience in hands-on IT infrastructure roles At least 2 years in a senior or lead IT capacity Strong experience with Windows 10/11 environments Experience administering Microsoft 365 Knowledge of Active Directory and Azure AD Understanding of networking fundamentals (TCP/IP, DNS, DHCP, Wi-Fi) Experience with endpoint security, patching and remote support tools Full UK driving licence and willingness to travel between sites Desirable CompTIA Network+ or Security+ ITIL Foundation Experience with Cyber Essentials Plus or ISO 27001 frameworks Backup and virtualisation platforms such as Veeam, VMware or Hyper-V Exposure to ERP/MRP systems (e.g. SAP Business One, Epicor, Infor or Sage) Experience delivering IT infrastructure projects The Ideal Candidate The successful candidate will be a proactive and hands-on IT professional who takes ownership of infrastructure performance, continuously improves system resilience and cybersecurity, and communicates technical matters clearly to both technical and non-technical stakeholders. This is an excellent opportunity to join a growing organisation where you can play a key role in developing and strengthening the IT environment. Apply today with The Best Connection to learn more about this opportunity. The Best Connection is acting as an Employment Agency in relation to this vacancy.

Senior Security Engineer Rate - £450 - £525 Inside IR35 Location - Bristol (twice a week on site) Duration - 6 months initial We are looking for an experienced Senior Security Engineer to join a growing cyber security team, helping to strengthen security controls, monitoring and threat detection capabilities across the organisation's technology estate. This role will play a key part in the operation and improvement of core security platforms, working closely with security operations, engineering and infrastructure teams to detect threats, improve visibility and enhance the overall security posture. Key Responsibilities: Implement, configure and optimise core security tooling across the environment Enhance threat detection, monitoring and response capabilities Investigate security alerts and support incident response activities Improve integration and automation between security platforms Support vulnerability management and remediation processes Provide technical guidance on security controls across infrastructure and cloud environments Work closely with wider technology teams to embed security best practices Key Technology: Microsoft Defender for Endpoint Microsoft Sentinel Claroty Platform Tenable Vulnerability Management Microsoft Purview Required Experience: Strong experience working in a Security Engineering Hands-on experience with Microsoft security tooling, particularly Defender and Sentinel Experience with vulnerability management platforms such as Tenable Knowledge of OT/ICS security platforms such as Claroty is beneficial Experience supporting security monitoring, detection engineering and incident response Strong understanding of enterprise infrastructure and cloud security Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.

Job Title: Infrastructure and Security Engineer Location: York - Hybrid (4 days in office) Salary: £45,000 - £50,000 Why Apply? This Infrastructure and Security Engineer opportunity in York offers the chance to work within a cloud-first, Microsoft-led domain supporting both UK and USA operations in a Azure cloud environment. The role is suited to an experienced engineer who seeks ownership, security-led design, and continuous improvement. It is an excellent opportunity for professionals seeking a Full time Infrastructure and Security Engineer role with flexible working and long-term career development in IT and cyber security careers. This is a fantastic opportunity to work as part of a small but skilled team in the heart of York. This organisation is one of our longstanding clients and people opt to stay with the business for a long time, they offer a great place to work! Responsibilities Build, maintain, and secure Azure infrastructure to ensure availability, resilience, and performance. Lead on cloud security architecture, including identity management, access controls, and threat mitigation. Act as a senior escalation point for complex infrastructure and security incidents. Deliver cloud migration, optimisation, and security enhancement initiatives. Administer endpoint management solutions using Microsoft Intune and Group Policy. Implement monitoring, logging, and alerting through Azure Monitor and security tooling. Maintain patching, backup, and disaster recovery processes. Requirements Extensive experience in infrastructure and security engineering roles within enterprise environments. Strong hands-on knowledge of Microsoft Azure, including networking, governance, and security controls. Proven expertise in Microsoft 365 security, Azure AD (Entra ID), Conditional Access, and endpoint protection. Demonstrated experience with automation and Scripting using tools like PowerShell and Bash. Solid understanding of incident management, vulnerability remediation, and continuity planning. Confident communicator capable of working with technical and non-technical stakeholders. Willingness to participate in very occasional out-of-hours support. We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.

Lead End-User Engineer - Senior 3rd Line - Permanent Staffordshire/Derbyshire/East Midlands - Hybrid £48,000 + Pension, Healthcare & Exceptional Benefits Are you ready to take ownership of a modern, fast-evolving end-user environment? With over 200,000+ customers across the UK and Europe, this leading health and welfare organisation is expanding-and they're looking for a Lead End-User Engineer to drive excellence, shape modern workplace standards, and elevate the colleague technology experience. The Opportunity: As the Lead End-User Engineer, you'll be the technical authority for everything device, identity, and endpoint related. You will define engineering standards across Windows, macOS, iOS, and Android, ensuring all end-user platforms are secure, reliable, and optimised for a seamless colleague experience. You will champion modern management, set the direction for endpoint engineering, and act as the go-to escalation point for complex issues-while helping shape the organisation's future workplace strategy. What You'll Bring: Strong 3rd Line Engineering experience across Windows, Azure, Azure AD, Entra ID Intune, Autopilot, macOS, Android, iOS, laptops, and remote devices. Hands-on expertise with JAMF, and MDM platforms. Proven ability in application packaging and deployment (Win32/MSIX, PKG, APK). Advanced troubleshooting across device, identity, and network layers. Excellent documentation, communication, and stakeholder engagement skills. What You'll Own (Key Deliverables): Engineering Leadership: Set and maintain engineering standards across all platforms. Own and drive builds, configuration, and deployment automation using Intune, Autopilot, JAMF, and MDM. Lead application packaging and manage deployments across all device ecosystems. Ensure modern, secure, and consistent endpoint experiences for all users. Technical Authority: Act as the senior escalation point for 3rd Line teams. Provide leadership during Major Incident scenarios. Lead technical investigations, RCA, and long-term remediation initiatives. Your Core Mission (Key Objectives): Security, Compliance & Assurance: Govern and optimise device compliance policies and configuration profiles. Ensure secure, seamless device enrolment. Collaborate with Cyber teams to support Conditional Access, vulnerability remediation, and alignment with CE+, DSPT, ISO 27001, and similar frameworks. Maintain audit-ready documentation for all builds and policy changes. Knowledge Sharing & Capability Building: Produce high-quality runbooks and documentation for 1st Line teams. Mentor and guide engineering colleagues to build a collaborative, proactive technical culture. Support onboarding and skill-development of new team members. Desirable Skills: Scripting/automation experience (PowerShell, Bash, etc.) Exposure to hybrid environments and modern provisioning. Knowledge of CE+, DSPT, ISO 27001, and similar governance frameworks. Ready to Take the Lead? Do you thrive on ownership, and want to shape a modern workplace at scale? Call Experis IT today

Role Overview Our client is seeking a Senior Cloud Infrastructure Engineer to maintain and evolve their technology landscape. Reporting to the Head of IT, you will manage and optimise cloud environments, ensure security and compliance, and work closely with the Solutions Architect to deliver scalable, high-performing infrastructure solutions. Advanced expertise in Microsoft Azure and the broader Microsoft technology stack is essential, along with flexibility to support on-call and out-of-hours requirements. Key Responsibilities: Design, implement, and manage scalable, secure, and high-availability Azure cloud infrastructure. Administer Azure Virtual Desktop (AVD) environments, ensuring compliance and seamless user experience. Develop and enforce application control policies to maintain secure and compliant usage across the organisation. Implement Microsoft Purview data governance policies for proper classification and compliance. Manage Intune and endpoint security, including device compliance, application deployment, and mobile device management. Continuously monitor and optimise cloud resources for cost efficiency, performance, and reliability. Develop Infrastructure-as-Code solutions using Terraform for streamlined provisioning and configuration. Implement robust security controls, identity management, and compliance frameworks. Conduct vulnerability patch management, penetration test remediation, and phishing simulation follow-ups. Design and maintain disaster recovery plans, performing regular backup and restore testing. Evaluate emerging technologies and recommend improvements as part of a continual improvement programme. Respond to escalated incidents and service requests, providing guidance and resolution. Key Objectives: Maintain a secure, reliable, and high-performing technology environment that meets user and organisational needs. Drive continual improvement in infrastructure and cloud services to align with strategic business goals. Collaborate closely with the Solutions Architect and IT team to minimise downtime and maintain service continuity. Experience and Skills Required: Extensive experience with Microsoft Azure services and architecture. Strong knowledge of Microsoft 365 , including Azure Active Directory, Exchange Online, SharePoint Online, and related SaaS offerings. Expertise in cloud security, identity and access management, and compliance frameworks. Hands-on experience with Terraform and Infrastructure-as-Code practices. Proven ability to manage complex cloud and on-premises environments effectively. Strong problem-solving skills and ability to work under pressure in a dynamic IT environment. Working Hours and Flexibility: Core hours: 8:00 AM 7:00 PM, Monday to Friday. Early, mid, and late shift rotation may be required. Participation in an emergency on-call rota outside core hours is mandatory on a rotational basis. Occasional out-of-hours work, including evenings and weekends, may be needed to support projects and business operations. If you have not been contacted within 5 working days, then unfortunately on this occasion your CV has not been shortlisted.

Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.

Technical Account Manager The Technical Account Manager (TAM) SOC is accountable for the technical success and value realisation of managed detection and response services across a portfolio of clients. You will help clients optimise SOC operations, interpret detection insights, and translate technical outputs into measurable business outcomes. This role is collaborative and client-facing, supporting incident escalation, guiding operational maturity, and enabling long-term adoption of technologies and services. While not a shift-based position, you will be comfortable engaging at SOC depth, understanding how alerts, detections, and incidents flow through a 24/7 environment. Key Responsibilities As a Technical Account Manager (TAM) you serve as the primary technical point of contact for assigned SOC and managed detection clients, developing and maintaining a strong understanding of their monitored environments, log sources, and detection coverage. Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved to enhance client experience and satisfaction. Provide high level SME knowledge, oversight, and guidance to help clients extract maximum value from technology products and services. Interpret SOC outputs, incidents, and operational trends for clients, translating technical data into business and risk-focused insight. Support incident escalation and coordination when required, guiding root cause analysis, post-incident learning, and preventive action planning. Identify continuous improvement opportunities for SOC detections, content, log source coverage, and security automation workflows. Provide guidance, enablement, and demonstrations to accelerate adoption and maturity of technologies and managed services. Collaborate with SOC Operations, Security Engineering, and client-facing teams to co-develop use cases, workflows, and SOC operating processes. Support onboarding of new clients, defining readiness gates, change plans, and ensuring robust rollback procedures. Attend and contribute to monthly and quarterly service reviews, connecting KPIs and SLAs to actionable improvements and roadmap recommendations. Act as a technical escalation point for deployed services and technologies, ensuring clients receive timely and accurate resolution. Maintain alignment with account management and client success teams, co-owning success plans, roadmaps, and delivery outcomes. Technical and Professional Qualifications Practical experience with SOC platforms and technologies, including Microsoft Sentinel, CrowdStrike NG SIEM/XDR, Tenable One, EDR/EPP, and related SOC tools. Strong understanding of infrastructure, operating systems (Windows/Linux), Active Directory/identity management, and permissions-based controls. Hands-on experience designing detection content, use cases, tuning, suppression, and SOAR workflows, with understanding of data pipelines and connector optimisation. Proven track record in technical account management, client-facing technical leadership, or equivalent, with ownership of success plans and service reviews. Excellent presentation, communication, and interpersonal skills, capable of engaging with both technical teams and senior business stakeholders. Continuous improvement mindset, connecting SOC metrics (e.g., coverage, false positive rate, MTTA/MTTR) to tangible client value. Experience managing multiple stakeholders, balancing strategic planning with operational delivery.

Looking for a Senior Infrastructure Engineer role where you can genuinely take ownership of a secure, high-impact environment? You ll join a technology business operating in the defence sector, delivering secure systems across multiple platforms - with security, resilience and compliance being central to everything they do. You ll be responsible for maintaining and improving internal infrastructure across a predominantly Windows-based environment, with a mix of virtualisation and networking responsibilities like: Windows Server 2019/2022 administration Microsoft 365 management Hyper-V, VMware and Proxmox virtualisation Cisco and Palo Alto firewall support Linux systems Patch management and vulnerability remediation Backup and disaster recovery Infrastructure documentation and ISO compliance Alongside standard BAU responsibilities, you'll also get involved in project work, including spinning up VMs, firewall configuration, and improving internal platform security. What you ll need: Strong Windows Server experience Active Directory, DHCP, DNS, Group Policy Firewall configuration experience Solid networking fundamentals (routing, switching, NAT, VPN) Exposure to Linux Location: Tewkesbury - due to the nature of the industry and environment, the requirement is 5 days a week on site. Salary: £50k-£55k Security clearance (SC) is required. You must be a UK national and eligible to obtain clearance. If you d like to work in a secure, technically interesting environment where your infrastructure expertise genuinely matters, apply today or contact Big Red Recruitment for a confidential discussion. We are an equal opportunity recruitment company. This means we welcome applications from all suitably qualified people regardless of race, sex, disability, religion, sexual orientation or age. We are particularly invested in Neurodiversity inclusion and offer reasonable adjustments in the interview process. Reasonable adjustments are changes that we can make in the interview process if your disability puts you at a disadvantage compared with others who are not disabled. If you would benefit from a reasonable adjustment in your interview process, please call or email one of our recruiters.

Senior Cloud Infrastructure Engineer DGH Recruitment are currently recruiting on behalf of a leading client in the professional services industry who require a Senior Cloud Infrastructure Engineer to join the firm in London. You must demonstrate advanced expertise in Microsoft Azure services complemented by a strong understanding of the broader Microsoft technology stack. Responsibilities: Design, implement, and continually manage Azure cloud infrastructure to ensure scalability, security, and high availability. Perform vulnerability patch management for cloud and on-premises systems, ensuring timely remediation of identified risks. Administer and optimize Azure Virtual Desktop (AVD) environments, ensuring seamless user experience and compliance with organizational standards. Implement and maintain Microsoft Purview data categorization and governance policies to ensure proper data classification and compliance. Manage Intune and endpoint security configurations, including device compliance, application deployment, and mobile device management. Ensure adherence to Cyber Essentials requirements by implementing robust security controls and monitoring compliance across all systems. Required Skills: Strong knowledge of Microsoft cloud services and the broader Microsoft technology stack, including Azure Active Directory, Exchange Online, SharePoint Online, Microsoft 365, and related SaaS offerings. Expertise in Azure services and architecture, including automation using Terraform. Solid understanding of a broad range of general IT topics and applications across the legal industry; iManage, 3E, Intapp, Mimecast, Tessian, Litera suite. Senior Cloud Infrastructure Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position. DGH Recruitment Limited acts as both an Employment Agency and Employment Business

Can you Design, implement, and maintain robust, secure, and scalable network infrastructure solutions? Are you able to ensure high availability, performance, and security of bpha's network systems while mentoring junior staff and collaborating across IT teams? Then we want to hear from you! We're looking for someone who can do all of the above and more! Take a look at our key responsibilities below, and if you think that sounds like you, why not apply! Key Responsibilities Design and develop network architecture strategies aligned with business needs and industry standards. Implement and manage network security measures (firewalls, VPNs, IDS/IPS). Configure and maintain routers, switches, wireless systems, and firewalls. Deploy scalable, high-performance network solutions with minimal downtime. Conduct regular network maintenance, updates, and upgrades. Perform security audits and vulnerability assessments. Respond to and mitigate network security incidents. Automate network tasks and processes using scripting tools. Maintain comprehensive network documentation and diagrams. Collaborate with IT teams and third-party vendors on network-related projects. Provide technical guidance and mentorship to team members. Stay current with emerging network technologies and trends. Key Performance Indicators High network uptime and minimal downtime. Successful delivery of network projects on time and within budget. Zero or minimal security breaches. Positive stakeholder feedback on network performance and documentation. Effective automation and continuous improvement of network processes. Accurate and timely documentation updates. Strong collaboration and communication across teams. Essential Skills & Attributes Logical and analytical problem-solving skills. Excellent communication and customer service skills. Ability to manage multiple priorities and projects. Strategic thinking and stakeholder management. Adaptability and responsiveness to change. Strong vendor relationship management. Willingness to travel to remote sites as needed. Essential Experience & Knowledge Proven experience as a Senior Network Engineer. Proficiency in network protocols (TCP/IP, BGP, OSPF). Hands-on experience with Cisco, Meraki, Fortinet, NETGEAR, ZYXEL. Experience with SD-WAN technologies and network security tools. Strong background in Microsoft Azure and automation tools. Experience leading network projects and scripting for automation. Desirable Experience Windows Server administration. Experience with Amazon AWS or other cloud platforms. Familiarity with Agile methodologies (Scrum) or project management (PRINCE2, APM). ITIL Foundation certification. Qualifications Relevant degree or equivalent experience. Certifications such as CCNP, CCIE, or equivalent (Essential). Full clean driving license (Essential). Please note that we reserve the right to close this vacancy early if we receive a sufficient number of applications or find a suitable candidate before the advertised closing date. We encourage interested applicants to apply as soon as possible to avoid disappointment.

Business Unit: COO, Technology Operations & Cyber Security Salary range: £40,800 - £51,000 per annum + Benefits Location: UK Remote Contract type : Permanent Our Team The Platform Engineering Team sits within Technology Operations & Cyber Security (TOCS) and is responsible for supporting, maintaining, and innovating the Bank's underpinning platforms and technologies. The core aspect of your role will be to support the management of the Operational Platform, with a focus on the Linux Server Estate. This will involve collaboration with internal customers, partners and external customers to deliver excellent service and ensure our systems are efficient, performant, resilient where emerging technology threats & risks are managed and change to our systems are managed effectively. What you'll be doing Innovate, build & maintain the Virgin Money Linux server estate for Operational Platform. Engineer, validate, implement and quality assure technical solutions. Lead on initiatives to improve Platform performance and stability. Support projects implementing new infrastructure into the datacentres. Support root cause analysis and remediation of complex technical issues. Work closely with others to estimate work, manage domain scope, risks and issues. Collaborate with internal and external parties to provide excellent customer service. Ensure that change within the environment is managed and controlled effectively. We need you to have Strong engineering experience with Red Hat Enterprise Linux (RHEL) Strong Redhat Satellite experience (install, Configure, manage) Strong experience of server implementation, upgrades, maintenance, monitoring and automation (Infrastructure as Code) with Ansible, AAP Strong experience of VMware (upgrade, manage) Solid understanding of Networking, security and system performance Strong problem-solving skills with the ability to own, diagnose and resolve platforms issues. Good understanding of cybersecurity principles & vulnerability management Python, Bash, API's and data structures in JSON/YAML or other Engineering mindset: able to challenge the status quo and automate manual processes to deliver additional value. Exceptional communication & teamwork skills Flexibility. The role may require occasional evening or weekend work It's a bonus if you have but not essential Experience of Arctera Infoscale, VCS Experience of Solaris Experience of Server Hardware Management and maintenance Experience of Containerisation, Red Hat OpenShift, ARO or AKS Experience of Continuous Integration and Continuous Delivery tooling Experience of working within an ITIL framework Working in Multi-disciplinary Agile teams Red Hot Rewards Generous holidays - 38.5 days annual leave (including bank holidays and prorated if part-time) plus the option to buy more. Up to five extra paid well-being days per year . 20 weeks paid, gender-neutral family leave (52 weeks in total) for expectant parents and those looking to adopt. Market-leading pension. Free private medical cover, income protection and life assurance. Flexible benefits include Cycle to Work, wellness and health assessments, and critical illness. And there's no waiting around, you'll enjoy these benefits from day one. If we're lucky to receive a lot of interest, we may close the advert early. Please ensure to submit your applications as soon as possible. Say hello to Virgin Money Virgin Money is so much more than just a bank. As part of the Nationwide group, together we're the UK's first full-service mutual bank serving millions of retail and business customers and all driven by our purpose ; Banking but fairer, more rewarding and for the good of society. With us, you'll be part of an organisation uniquely positioned to make a difference to the lives of customers, communities and broader society and embark on a collaborative, customer obsessed, and fun-filled career journey. Embrace the weekdays, enjoy fantastic perks, and make a meaningful positive difference. Time to discover what it means to be part of the first mutual full-service banking provider. Be yourself at Virgin Money At Virgin Money, we celebrate everyone. We have fun, think big, and relentlessly include each other, all in pursuit of our purpose: Banking - but fairer, more rewarding, and for the good of society. We're committed to creating an inclusive culture where colleagues feel safe and inspired to contribute, speak up and be heard. As a Disability Confident Leader, we're committed to removing any obstacles to inclusion. If you need any reasonable adjustments or support making your application, contact our Talent Acquisition team Please note: If we receive a high volume of eligible applications, we may need to prioritise candidates whose skills and experience most closely align with the role, while still ensuring fair and equitable consideration for all applicants. Now the legal bit Although some of our roles allow you to be based anywhere in the UK, we'll need you to confirm you have the right to work in the UK. If you're successful in securing a role with us, there are some checks you need to complete before starting. These include credit and criminal record checks and three years' worth of satisfactory references. If the role is part of the Senior Manager Regime and Certification Regime, it requires enhanced pre-employment checks - we'll ask for six years of regulatory references, and once in the role, you'll be subject to periodic employment checks.

Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.

Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.

Join us as a Senior Security Engineer for CIAM at Barclays, where you will bring to life a new digital platform capability, transforming and modernising our digital estate to build a market-leading digital offering with customer experience at its heart. This is an exciting and key role, partnering with business aligned engineering and product teams, to ensure a collaborative team culture is at the heart of what we do. To be successful in this role you should have: Experience across configuration and integration with Hardware Security Module (HSM) and AWS Secrets Manager (ASM) tooling, certificate lifecycle management, e.g. rotation, revocation, and in automating security workflows Experience using GitLab CI/CD pipelines, AWS CLI or Chef. Strong experience with Cloud Security expertise across the following areas: AWS security controls, policies and automation, CLI tools, role based and attribute-based access controls, cryptographic protocols and secure key lifecycle management, advanced threat modelling, SOC operations, securing microservices and APIs, DevSecOps best practices, vulnerability scanning, tools, approaches, vulnerability patching and vendor management for security Strong experience in penetration testing and hands-on coding in at least one of the following: JavaScript, Java, Python. Some other highly desirable skills include: Experience in hands-on configuration, deployment and operation of ForgeRock COTS based IAM solutions (PingGateway, PingAM, PingIDM, PingDS) with embedded security gates, HTTP header signing, access token and data at rest encryption, PKI based self-sovereign identity, or open source You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen strategic thinking and digital and technology, as well as job-specific technical skills. This role will be based out of our London office. Purpose of the role To develop, implement and maintain solutions that support the safeguarding of the banks systems and sensitive information. Accountabilities Provision of subject matter expertise on security systems and engineering patterns. Development and implementation of protocols, algorithms, and software applications to protect sensitive data and systems. Management and protection of secrets, ensuring that they are securely generated, stored, and used. Execution of audits to monitor, identify and assess vulnerabilities in the banks infrastructure/software and support the response to potential security breaches. Identification of advancements in to support the innovation and adoption of new cryptographic technologies and techniques. Collaboration across the bank, including developers and security teams, to ensure that cryptographic solutions align with business objectives, security policies and regulatory requirements. Development/ Implementation and maintenance of Identity and Access Management solutions and systems. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and escalate breaches of policies/procedures If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In-depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.

About the Role: At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust. Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously. Desired: Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards. Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams. We support flexibility and productivity of our employees by hybrid working arrangements. Although your role will be based in London (or Nuneaton, or Amsterdam) you will be required to travel only occasionally to our Hubs in Nuneaton or London or to any other location of H&B. What we offer: Pension company contribution = 3% Incentive scheme up to 10% of annual salary , based on company performance. Your wellbeing is paramount so you can get away and take 33 Days Holiday per year . Private Medical Care (Self after 1 year) Learning and Development opportunity with Holland & Barrett is a great base for career development long term. Career progression. Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network. Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers. Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy. We all need a little help sometimes, so weoffer Free 24/7 Confidential Advice & Colleague Welfare . Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing. Stay active in the Onsite Gym at our Nuneaton Hub! We have colleague Reward and Recognition Schemes , so your hard work and loyalty won't go unnoticed. And many more! We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B. Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).

Why work for us? We aim to provide you with peace of mind in addition to an attractive salary and eligibility to participate in the discretionary annual bonus opportunities. You will also receive an excellent benefit package including: Company funded industry qualifications Workplace Pension Close to town centre / bus station / train station Free Car Parking Attendance Bonus Scheme Sick pay Scheme 22 days holiday Bank Holidays, increasing with length of service to a max of 30 days after a qualifying period. As a Cyber Security Engineer, you will join our growing team with its increased focus and business growth in Cyber Security, working closely with our Senior Cyber Security Manager ensuring the smooth and successful delivery of all security-based client requests, services, audits and certifications in a continually evolving role. You will be responsible for providing advice, assistance and take action on security matters to our clients and internal colleagues as well as working on Cyber Essentials, Cyber Essentials Plus assessments and all other services within our Security portfolio. Customer service is a priority, as such you will enjoy the interaction and building rapport with our existing, varied customer base. What you'll be doing: Liaising with customer to understand client requests and how best resolve issues Supporting project implementations from initial customer training through to ongoing support Working on Cyber Essentials & IASME Assured Level 1 assessments Working on Cyber Essentials Plus & IASME Assured Level 2 (Audited) audits Carrying out Internal Vulnerability Scanning (including customising reporting) Carrying out External Penetration Testing (including customising reporting) Using enterprise level tools to analyse and assess vulnerabilities Assist with the evolving product and services portfolio available to clients Assisting the sales and support teams with relevant information and advice, taking ownership where required Carrying out client consultations and security audits to best advise clients on security measures appropriate for their organisation Undertaking industry standard training and certifications About You: Qualifications: 5 GCSEs grades A -C/9-4 or equivalent (including English Language, Maths & IT) Minimum of 3 years' experience relevant to Cyber Security and/or IT Support At least 2 industry recognised certifications (Microsoft, CompTIA, Cyber Scheme etc) Essential Skills and Experience: Previous Technical Support or Cyber Security Engineer experience (or roles of similar nature) Good knowledge of networks and basic infrastructure (routing, IP's, topology etc) Good planning, time management, administrational and organisational skills Always maintaining client confidentiality and security Ability to follow strict process and procedures Desirable - knowledge of the Cyber Essentials scheme Personal qualities: Organised, Reliable and trustworthy Customer Service Driven Good problem-solving skills Good timekeeping Attention to detail Ability to work individually and as part of a team Strong interpersonal and communication skills key An interest in technology and troubleshooting Capable of thinking outside the box Desirable - driving licence Prospects: The role offers long term security and the opportunity to progress along within the team along with continued development through to becoming an IASME accredited assessor and further industry accreditations such as Cyber Scheme Team Member (CSTM).

Contract duration - 6 months Location - Waterside - UB7 0GB Hybrid - 1 day per week from office and rest days from homeOur client has a varied and complex digital landscape. The DevSecOps specialist will report to DevSecOps manager in the Cyber Architecture team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through detailed code reviews and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new tools and features to improve our security posture whilst supporting, consulting, and measuring the progression of adoption across our platform and development teams. Establish security testing approaches and tools to support iterative agile delivery, ensuring alignment with organisational objectives and secure development practices. Lead cyber digital reviews to promote consistency, quality, and alignment to cyber principles and patterns. Effectively communicate, reason, and influence stakeholders across business tech to promote the understanding of cyber digital security and embed it throughout design and delivery. Actively participate in and contribute to the client's cybersecurity guilds, driving innovation and alignment in digital security approaches. Support the client's Cyber Delivery Assurance Team and the wider business Cyber Team by acting as a subject-matter expert on all things digital security. Support the client's Cyber Change Team by assisting in change reviews. Required Skills & Experience: Proven experience in application security within a DevSecOps framework. Strong background in software engineering, with the ability to bridge development and security. Experience identifying security issues through code review. Recognised cybersecurity certifications or qualifications desirable. Deep technical expertise in security tools and methodologies, including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Software Composition Analysis (SCA) Threat Modelling Demonstrated success in leading or advising teams on secure development practices. Senior-level experience with a solid understanding of cloud migration challenges and solutions. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Talent Solutions is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Lead Security Engineer Luton 12-month contract Paying up to 90p/h (Inside IR35) ARM is assisting a large Aerospace client who is looking for an experienced Lead Security Engineer who will be responsible for all security aspects of product design, development, verification, and maintenance through all phases of the product lifecycle. Responsibilities : Production of Security Managements Plans, work package descriptions and cost estimates in support of product bids, services and proposals. Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation. Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities. Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams on suitable platform lockdown and configurations, and supporting Penetration test activities. Analysing penetration test results and preparation of remedial action plans. Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA Review and maintain corporate product security policies. Deliver product security training to project engineering teams. Experience required: Experience in the development of security solutions for a military &/or commercial products and systems. Graduate degree in relevant engineering, computing or related scientific discipline, and/or evidence of further professional study. Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto technologies and key management systems Model Base System Engineering (MBSE) knowledge Understanding operating systems, firmware and software security controls and how to apply them. Understanding of existing, current and emerging technologies including cloud, virtualisation and web Excellent verbal & written communication skills. Good team worker with ability to influence and motivate. Positive attitude and drive to improve the business. Ability to obtain SC clearance with UK-eyes only caveat. Enterprise Security Architectures (SABSA, MODAF). Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.

Lead Security Engineer Luton 12-month contract Paying up to £90p/h (Inside IR35) ARM is assisting a large Aerospace client who is looking for an experienced Lead Security Engineer who will be responsible for all security aspects of product design, development, verification, and maintenance through all phases of the product lifecycle. Responsibilities : Production of Security Managements Plans, work package descriptions and cost estimates in support of product bids, services and proposals. Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation. Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities. Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams on suitable platform lockdown and configurations, and supporting Penetration test activities. Analysing penetration test results and preparation of remedial action plans. Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA Review and maintain corporate product security policies. Deliver product security training to project engineering teams. Experience required: Experience in the development of security solutions for a military &/or commercial products and systems. Graduate degree in relevant engineering, computing or related scientific discipline, and/or evidence of further professional study. Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto technologies and key management systems Model Base System Engineering (MBSE) knowledge Understanding operating systems, firmware and software security controls and how to apply them. Understanding of existing, current and emerging technologies including cloud, virtualisation and web Excellent verbal & written communication skills. Good team worker with ability to influence and motivate. Positive attitude and drive to improve the business. Ability to obtain SC clearance with UK-eyes only caveat. Enterprise Security Architectures (SABSA, MODAF). Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission. Where the role is marked as Outside IR35 in the advertisement this is subject to receipt of a final Status Determination Statement from the end Client and may be subject to change.