63 jobs found

Location Cheltenham, London, Manchester About the job Job summary About Us GCHQ is the nation's intelligence, cyber and security agency. We work to make the UK the safest place to live and work online; connect the national security community securely; and provide insights and counter threats through SIGINT and effects. Our people work closely with MI5 and MI6 as well as defence, international, and industry partners across a variety of locations, with major hubs in Cheltenham, London and Manchester as well as other sites in the UK and overseas. We live by the values of ingenuity, integrity, impact and teamwork as we work to keep the UK safe, resilient and prosperous in an uncertain world. A role with us means you will do unique and challenging work in a supportive environment, making a meaningful difference to national security. Job description About the Role The UK Intelligence Community (UKIC) is seeking an outstanding Chief Information Security Officer (CISO) to lead cyber security and information governance across some of the nation's most sensitive missions. Accountable to the UKIC Infosec Director, this is one of the most high-profile technical leadership roles in government, shaping the strategic direction of information security to protect the UK against the most capable and persistent adversaries. The successful candidate will ensure operational resilience and secure innovation in support of national intelligence objectives, delivering results in a highly complex and rapidly evolving environment. As CISO, you will work with colleagues to set and implement the organisation's cyber and information security strategy, striking the right balance between capability, acceptable risk and technological progress. You will integrate security governance into a complex set of cross agency organisational decision-making, forums ensuring that information risks are managed effectively and proportionately, and that security is embedded at every level. This includes advising executive boards and senior leaders on the potential implications of major programmes, and guiding the organisations in safely embracing innovation and digital transformation. You will be responsible for designing and leading the UKIC's end-to-end risk management framework. This includes defining and tracking cybersecurity KPIs, producing regular reports for senior stakeholders, conducting organisation-wide risk assessments and overseeing vulnerability management to ensure compliance with relevant frameworks. You will be responsible for designing incident response and business continuity strategies and ensuring they are implemented by business areas. Your leadership will be central to developing sustainable security budgets and resourcing strategies that ensure capabilities remain strong in the face of emerging threats. This role demands exceptional communication skills and the ability to influence at the highest levels of government. You must be confident presenting complex security concepts to both technical and non-technical audiences, including boards, ministers and cross-government stakeholders. You will draw on significant experience delivering robust security strategies in complex organisations and demonstrate deep knowledge of cyber threat landscapes, risk management practices and modern security technologies. International relationships are a critical element of this role, so familiarity working with key allied governments would be valuable. You should bring expertise in securing cloud environments and emerging technologies within digital transformation programmes, alongside a strong understanding of regulatory compliance frameworks such as NIST, ISO 27001, GDPR and GovS 007. Professional certifications such as CISSP, CISM or CCISO are highly desirable. A proven track record in embedding a positive security culture, mentoring high-performing teams and managing supplier security will be critical to your success. This is a unique opportunity to take on one of the most influential cyber security leadership roles in the UK. Protecting the nation's intelligence capabilities requires vision, strategic acumen and operational excellence. If you are ready to take on this challenge, and have the skills, integrity and commitment to safeguard national security, we invite you to join us in delivering a secure future for UK intelligence. The role can be based in Cheltenham, Manchester or London, with a regular presence required in those locations. The ability to undertake occasional international travel is desirable. Key Responsibilities Develop, maintain and articulate a clear understanding of the cyber and information security risks inherent across the whole organisation in order to provide assurance to the UKIC Group Senior information risk owner (SIRO). Create and implement information security strategy which supports the organisation in determining the right balance between the organisation's cyber and information security capabilities, acceptable level of risk and speed of technology progress. Ensure an effective cyber and information security governance framework that is integrated with overall organisational governance. Define and track cybersecurity KPIs, producing regular executive and board level reports on security posture. Enable the organisation to innovate safely by advising senior leadership on the potential risks and implications of major decisions that impact information security. Oversee the creation and implementation of relevant policies and standards which ensure effective information risk management. Identify and deliver opportunities for improvement of the security operations function to ensure timely detection and response to security incidents. Lead and mentor high performing information security professionals, fostering a culture of professional development. Play a leading role in multiple Technical and programme boards. Work closely with stakeholders from across the UK Intelligence Community to ensure an end-to-end approach to cyber security and ensure that cyber security is embedded at all levels. Person specification Essential Criteria, qualifications and experience Exceptional communication skills, with the ability to present complex security concepts to both technical and non-technical stakeholders at all levels. Proven experience developing and implementing information security strategies and policies within a complex organisation. In-depth understanding of cybersecurity threats, technologies and risk management practices. One or more professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Chief Information Security Officer (CCISO). Deep understanding of cloud security. Experience leading an operational cyber security function, or the delivery of cyber security capabilities. Extensive knowledge of relevant public and private sector cyber security practice.

Location East Midlands (England), East of England, London (region), North East England, North West England, Scotland, South East England, South West England, Wales, West Midlands (England), Yorkshire and the Humber About the job Job summary This position is based nationally. Job description The HMCTS Security Architect plays a vital role in embedding Secure by Design principles across the technology lifecycle. Working closely with the Chief Information Security Officer, Principal and Lead Security Architects, and the wider security team, the architect ensures that cyber security activities align with HMCTS's strategic goals, risk management framework, and evolving security roadmap. This role is responsible for maintaining compliance with key standards including PCI DSS, ISO27001, GovAssure, and the National Cyber Security Centre's Cyber Assessment Framework. The architect promotes a strong security culture, ensuring that Secure by Design is understood and consistently applied across programmes and platforms. Operating across on-premises, cloud, and hybrid environments, the Security Architect provides expert oversight and guidance to technical teams, enabling informed decisions on security controls. They ensure the effective use of common tools and patterns to deliver secure systems, while applying proportionate controls that support business outcomes. The architect safeguards HMCTS's data, services, and infrastructure by shaping robust security solutions and coordinating assurance activities. They play a key role in enabling secure innovation and ensuring that security is not just a compliance requirement but a strategic enabler. This role demands a strategic mindset, deep technical expertise, and strong collaboration skills. The Security Architect must influence across multidisciplinary teams, advocate for security best practices, and contribute to the continuous improvement of HMCTS's cyber security posture. Key Responsibilities: A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies. At this role level, you will: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Recommend security controls and identify security solutions that support business objectives. Provide specialist security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure. Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes. Inspire and influence others to execute security principles, communicating widely with other stakeholders. Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office. Advise on important security-related technologies and assess the risk associated with proposed changes Assist, where necessary, with incident response processes to identify architectural issues and solutions. Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions. You will be expected to carry out any other duties that may reasonably be required in line with your main duties. Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards. Continue to review ongoing security architectural activities Essential Skills & Criteria: Good understanding and working knowledge of Cyber Security Policies and Frameworks. Broad technical knowledge, especially around cloud and hybrid technologies. Strong understanding of Governance, Compliance and Risk, and the Confidentiality, Availability, and Integrity (CIA) triad. Solid understanding of security protocols, networking, identity management, authentication, authorisation, and cryptography. Understanding security implications of transformation - Can interpret and apply understanding of policy and process, business architecture, and legal and political implications to assist the development of technical solutions or controls. Work with team members to identify risks and communicate them effectively to decision makers. Help inform prioritisation of wider departmental work to ensure security improvements are given due consideration. Able to understand and articulate the impact of vulnerabilities on existing and future designs and be able to articulate an appropriate response. Excellent communication and interpersonal skills. Ability to interact with stakeholders of all levels to effectively articulate security controls, solutions, and advice. Capable of evaluating options and making decisions quickly and effectively. Apply leadership experience by using consultative and negotiating skills to contribute to the overall success including building and maintaining relationships with stakeholders at all levels. Ability to address situations, incidents or tasks proactively and promptly. Continually stay abreast of emerging security technologies, threats and trends. Self-motivated to drive their learning needs. Desirable Experience Knowledge of Secure by Design principles and their practical application Analysis - Able to apply the approach to real problems and consider all relevant information. Applies appropriate rigour to ensure a full solution is designed and achieves the business outcome. You will also benefit from knowledge of the different approaches to delivery across digital and technology teams, and how security practices can integrate / clash with these working practices. Person specification Please refer to Job Description

On behalf of one of our premier clients, we are seeking a high-caliber Cybersecurity Specialist to join their expanding AI & Data Security team. This is a critical role within our client's AI Security programme, designed for a professional who thrives at the intersection of traditional infrastructure security and the emerging frontier of Generative AI. Our client is at the forefront of AI adoption; you will be the technical lead ensuring that these powerful technologies from AWS Bedrock to Azure OpenAI are implemented with world-class security standards. Key Responsibilities AI Security Architecture: Design and implement secure deployment patterns and guardrails for foundation models across AWS Bedrock , Azure OpenAI , and Microsoft 365 . Security Strategy: Develop innovative strategies to enhance application security, specifically addressing risks like prompt injection, data leakage, and insecure output handling. Infrastructure Governance: Translate platform-specific risks into actionable engineering patterns, focusing on Network Encryption and Identity Management . Assessments & Audits: Conduct rigorous security assessments and red-teaming exercises on AI-driven applications and AI Agents . Leadership & Mentorship: Lead the team through complex technical decisions, provide high-level problem-solving, and mentor junior members on modern security principles. Collaboration: Work closely with AI Engineers and Data Scientists to integrate security into the LLM lifecycle (RAG pipelines, fine-tuning, and inference). Randstad Technologies is acting as an Employment Business in relation to this vacancy.

Ready to take the next step in your penetration testing career and lead a high-performing team at a respected, fast-growing cybersecurity consultancy? This is your opportunity to join a CREST-certified organisation committed to excellence, innovation and integrity. As our new Penetration Testing Team Leader , you ll play a pivotal role in shaping cutting-edge testing services, developing talented testers, and helping protect clients across government, telecoms, finance, digital currencies and other critical sectors. With structured development, meaningful progression opportunities, and the chance to make a visible impact from day one, this is a role designed for a driven, highly skilled Team Lead who thrives on technical depth, leadership and solving complex security challenges. The Role at a Glance: Penetration Testing Team Leader Remote with travel to client sites and occasional meetings in London, UK or Channel Islands Up to £95,000 DOE Plus Benefits Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities. Growth: A structured career development plan and training Hours: 09:00 am to 17:30 pm Monday Friday Development Opportunity: Career progression opportunities to develop a growing team of penetration testers and break new ground in testing. Company: Specialist information and cybersecurity consultancy and audit services Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose. Your Skills / Background: Existing CHECK Team Lead qualification and Team Lead experience. You will also be a tenacious problem solver and communicator with strong client-facing and leadership experience to lead engagements, mentor testers at all levels, and scope complex projects. The Penetration Testing Team Leader Opportunity: As Penetration Testing Team Leader, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. You will deliver hands-on technical penetration testing on a variety of projects and guide and direct the team. In return, you will benefit from an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects. This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans. Key Responsibilities: • Improve and develop penetration testing methodologies, guide project scoping and execution, establish new testing services, and shape the future direction of the testing function with senior management. • Deliver high-quality penetration tests across infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout scenarios, and cloud security assessments. • Work with client teams to research vulnerabilities and emerging attack vectors, plan assessments accordingly, and support clients during ongoing incidents. • Conduct vulnerability scans, unauthorised host discovery exercises, analyse findings, and translate results into actionable technical and business-risk recommendations. • Produce high-quality technical reports and create internal documentation, tooling, threat libraries, methodologies, and policies to ensure consistent, informed, and meaningful testing outcomes. • Provide technical presales support, contribute thought-leadership content (papers, articles, online posts, marketing material), and identify business development opportunities. • Mentor, coach, and help build the technical team, supporting their growth in knowledge, skills, and career development. About You: • A driven, battle-tested Team Leader, holding a current CHECK Team Leader qualification and proven senior-level experience • Extensive, hands-on penetration testing expertise backed by deep technical mastery • Fluent in a wide arsenal of security testing tools, using the right tech for maximum impact • Up-to-date, cutting-edge understanding of modern technologies, threats, and security trends • Well-versed in key industry bodies, frameworks, and security standards • Strong ability to translate vulnerabilities into real-world business risk, paired with standout reporting and client presentation skills • Proven track record in growing and developing technical teams, including reviews, appraisals, training plans, and long-term career progression • A credible, personable communicator who builds trust with clients, peers, and technical teams alike • Self-starter with a proactive mindset, comfortable taking initiative and driving outcomes • Genuinely passionate about penetration testing and nurturing teams across all skill levels • Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum but we are unfortunately not able to offer sponsorship) About Us: We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats. We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a Certifying Body • Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber Essentials • Training and awareness If you re a proven Penetration Testing Team Leader with CHECK TL status, a passion for advancing security testing, and the drive to mentor and grow a talented team, we d love to hear from you. Step into a role where your expertise shapes real-world defence, your ideas influence future testing services, and your career continues to accelerate in a supportive, forward-thinking environment. Interested? Apply here for a fast-track path to our Hiring Manager Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

Excellent opportunity for a Senior Penetration Tester to join a highly-skilled and growing CREST-certified cybersecurity consultancy committed to excellence, innovation and integrity. The company offers great career progression opportunities, a generous training and development budget, and time to support research projects that allow you to break new ground in testing. You will need to be enthusiastic about continuous development and either have or wish to gain a current CRT qualification. The role is predominantly home based although will include some travel to customer sites and attendance at company meetings as needed. The Role at a Glance: Senior Penetration Tester Home based with visits to client sites and company meetings as required Up to £70,000 to £80,000 Per Annum depending on experience & qualifications Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities. Growth: A structured career development plan and training Hours: 09:00 am to 17:30 pm Monday Friday Development Opportunity: Career progression and training opportunities available Company: Specialist information and cyber security consultancy and audit services Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose. Your Skills / Background: 4+ years hands-on penetration testing experience and ideally an existing CRT qualification or the aspiration to gain the qualification. You will also be a tenacious problem solver and good communicator. The Senior Penetration Tester Opportunity: As Senior Penetration Tester, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. In return, you will work in an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects. This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans, and support/sponsorship to attain future qualifications. Key Responsibilities: • Delivering high quality infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout penetration tests, along with cloud security assessments • Working with client teams to research potential vulnerabilities and then plan accordingly • Working with clients to research and identify new and emerging attack vectors • Conducting vulnerability assessment scanning and unauthorised host discovery exercises • Analysing findings and translating them into actionable recommendations • Delivering high-quality technical reports, outlining technical and business risk • Providing support to clients during on-going incidents • Creating and developing tooling, knowledge/threat libraries, methodologies and policies that ensure high quality and informed testing assessments are undertaken • Creating and developing internal documentation to ensure our reporting is meaningful • Authoring appropriate thought leadership papers, articles, online posts, and marketing materials About You: • A tenacious tester with 4+ years' demonstrable hands-on penetration testing experience • Have mastered a variety of security testing tools • Current and relevant technical understanding of technologies, security threats and trends • Familiar with relevant bodies and security standards • Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with good reporting writing and client presentation skills • Current CRT, OSCP and/or CTM / CTL qualification would be advantageous, but we are also considering applications from candidates with relevant work experience who would be ready and keen to obtain these qualifications in the near future (with relevant company sponsorship) • The desire to gain new skills, continuous learning and development, attend training courses and obtain future qualifications / accreditations • Strong verbal and written communication skills including report writing • Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum, but we are unfortunately not able to offer sponsorship) About Us: We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats. We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus. Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure. Services include: • Security consulting across the area of security governance, risk, compliance and standards alignment • Penetration testing • Security architecture for cloud and infrastructure • Detection and response • Fractional heads and virtual support • NCSC Assurance service provider for Cyber Essentials and a Certifying Body • Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber E Essentials • Training and awareness Interested? Apply here for a fast-track path to our Hiring Manager Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details. If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

Are you passionate about cybersecurity and want to help safeguard critical Operational Technology (OT) environments? We're looking for an experienced Operational Technology (OT) Security Consultant to join a dynamic and forward-thinking team dedicated to delivering cutting-edge OT security solutions. Operational Technology (OT) Security Consultant Salary: 80,000 - 100,000 base plus benefits, perks, healthcare options and bonus! Location: Hybrid (Office, Client Sites, and Home, UK-Wide) Client: Global IT Consultancy NOTE: Security Clearance Required - Active SC Clearance Are you passionate about cybersecurity and want to help safeguard critical Operational Technology (OT) environments? We're looking for an experienced Operational Technology (OT) Security Consultant to join a dynamic and forward-thinking team dedicated to delivering cutting-edge OT security solutions. This is a fantastic opportunity to work across industries like energy, manufacturing, pharmaceuticals, and more, making a tangible impact by helping clients reduce risks and enhance their security posture. Your Role: As an OT Security Consultant, you will play a key role in securing and optimizing OT environments for our clients. You will: Conduct site surveys (including offshore locations) to assess systems in OT environments. Lead assessments and risk evaluations to ensure systems comply with industry standards and best practices. Develop and implement OT security policies, procedures, and frameworks to protect critical assets. Perform audits and gap analyses to ensure ongoing security and compliance. Provide expert guidance to clients on OT security challenges, acting as a trusted advisor. Develop security artefacts and deliver OT security training to clients. Your Skills & Experience: We're seeking professionals with a strong background in OT security and a passion for improving systems and processes. Ideal candidates will have: Experience working in OT environments across industries such as energy, manufacturing, oil & gas, chemicals, or pharmaceuticals. Knowledge of OT-related network architecture, endpoint protection, and security governance. Experience supporting organisations with OT security roadmaps, policies, and best practices. Expertise in leading assessments and audits within OT environments. Understanding of OT security controls and their application in large organisations. If you're a cybersecurity enthusiast who thrives in a collaborative and supportive environment, we want to hear from you! Benefits of Joining Us: Hybrid Working - A flexible blend of office, client site, and remote work. Inclusive Culture - We are committed to building a diverse and welcoming environment where everyone can bring their whole self to work. Wellbeing Support - Access to wellness apps, Mental Health Champions, and a culture that values work-life balance. Professional Development - Opportunities to work with industry experts, develop new skills, and grow in your career. Security Clearance: To be successfully appointed to this role, you will need to obtain Security Check (SC) clearance . You must have resided continuously in the UK for the past 5 years and meet other criteria. If you're ready to take the next step in your career and make a real impact on the security of critical OT systems, apply now!

Role Title: Security Architect Duration: contract to run until 30/09/2026 Location: London or Southampton hybrid working 3 days per week onsite Rate: up to 503.24 p/d Umbrella inside IR35 Role purpose / summary Architecture & Design : Develop secure architectures and reference patterns across cloud, infrastructure, applications, and data platforms. Ensure alignment with business goals, risk appetite, and regulatory requirements. Solution Delivery : Provide architectural guidance during project lifecycle (HLD/LLD), review designs, and ensure solutions meet security requirements. Risk & Threat Management : Conduct threat modelling, assess vulnerabilities, and ensure appropriate mitigating controls are designed and implemented. Governance & Standards : Define and maintain security policies, standards, and guardrails. Ensure adherence to architectural principles and regulatory obligations (e.g., GDPR, FCA). Collaboration : Partner with engineering, cloud, network, IAM, and operational teams to embed secure by design principles and resolve architecture level issues. Security Tooling & Controls : Evaluate and guide the adoption of security technologies including IAM, encryption, network security, detection/response, and cloud-native controls. Incident Support : Provide architectural expertise during incidents, investigations, and post incident reviews. Continuous Improvement : Monitor emerging threats, technologies, and patterns to enhance the organisation's security posture. Required Skills & Experience: 5+ years in security architecture or security engineering roles. Strong understanding of security protocols, authentication/authorization models, encryption, identity management, and cloud security patterns. Experience producing high quality architecture documentation (HLD/LLD, patterns, data flows). Hands on understanding of cloud environments (Azure/AWS/GCP), networks, applications, and data protection. Familiarity with threat modelling, risk assessment, and regulatory compliance. Excellent communication skills, able to explain complex security topics to technical and non technical audiences. Preferred Qualifications: Certifications such as CISSP, CISM, SABSA, AWS/Azure Security, or Cybersecurity Architect Expert. Experience in financial services or other regulated industries. Knowledge of DevSecOps, API security, and secure software delivery. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Senior GRC Consultant Up to £65,000 + Bonus & Benefits Hybrid 1 day per week in the office (Central London) A specialist cyber security consultancy is looking to hire a Senior GRC Consultant to join a growing Governance, Risk and Compliance team. This role offers the opportunity to work across a diverse portfolio of clients including commercial organisations, government, defence and critical infrastructure environments. You will play a key role in helping organisations improve their cyber security posture through advisory work, framework alignment and security maturity assessments. The Role You will work across multiple client engagements supporting organisations with governance, risk and compliance activities. This will involve advising on security frameworks, delivering maturity assessments and supporting organisations as they align to recognised cyber security standards. Key responsibilities include: Supporting client engagements focused on governance, risk and compliance Advising organisations on cyber security frameworks and standards Supporting and delivering ISO 27001 aligned engagements Conducting cyber security maturity assessments Supporting clients with security governance, resilience and business continuity initiatives Working closely with senior consultants and principals across multiple projects Skills & Experience Experience working in cyber security governance, risk and compliance Experience working with frameworks such as ISO 27001 and/or NIST CSF Experience working in a cyber security consultancy or advisory environment is highly desirable Experience supporting security maturity assessments or compliance programmes Strong stakeholder engagement and client-facing communication skills Desirable Certifications ISO 27001 Lead Auditor or Lead Implementer CISSP CISM What This Role Offers Exposure to a wide range of industries including commercial, defence, government and critical infrastructure The opportunity to develop consulting skills across multiple cyber security frameworks A collaborative consulting environment with experienced security professionals Clear opportunities for professional development and progression within the GRC consulting space This role is well suited to someone looking to take the next step in their cyber security consulting career and gain exposure to a broad range of governance, risk and compliance engagements.

Job title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible for collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation and strengthening the organisation's overall incident response capability. The consultant will work closely with internal stakeholders to ensure alignment with business operations, technology, and regulatory requirements. IR Technical Capability Maturity Assessment Evaluate and report on the organisation's technical capabilities and maturity against IR Detection & Analysis, Containment, Eradication, & Recovery domains using industry maturity model. Develop & Maintain Incident Response Documentation Produce and refine the organisation's Incident Response Plan (IRP). Build clear and consistent internal and external incident communication workflows. Develop detailed incident response playbooks, such as ransomware, business email compromise (BEC), data breach, insider threat, malware outbreak, DDoS attack, cloud service compromise. (Final scenarios to be agreed during discovery.) Strengthen Organisational Incident Preparedness Conduct discovery sessions with technical and non-technical stakeholders. Review existing security processes, tools, and architecture to ensure documentation reflects current environments. Support tabletop exercise planning and incorporate lessons learned into documentation. Provide expert guidance and recommendations to improve cyber readiness. Build Containment & Eradication Frameworks Develop clear, structured containment strategies for different incident types. Create eradication and recovery guidance aligned with operational capabilities. Ensure all procedures support legal, compliance, and evidence-preservation requirements. Align with Standards & Regulatory Expectations Ensure all documentation aligns with CIS Controls. Ensure materials support relevant legal and regulatory expectations as appropriate for the organisation. Collaborate Across the Business Work closely with SOC staff, IT teams, legal, risk, compliance, communications, and senior leadership. Convert technical details and threat intelligence into clear, actionable steps appropriate for operational use. Required Experience & Skills Proven experience (typically 5+ years) in incident response, SOC operations, cybersecurity consulting, or GRC. Demonstrated ability to produce high-quality IR documentation and playbooks for medium-to-large organisations. Deep understanding of modern threat actors, attack methodologies, and incident response lifecycle. Experience across cloud (Azure, AWS) and on-premise enterprise environments. Exceptional written communication skills and ability to deliver polished, structured documentation. Ability to work independently, meet deadlines, and drive deliverables with minimal supervision. Preferred Qualifications and Experience GCIH, GCFA, CISSP, or equivalent security certifications. Experience working within regulated sectors (financial services, healthcare, government, critical infrastructure). Prior participation in or leadership of real-world cyber incident response activities. Familiarity with identity governance, EDR platforms, SIEM tooling, and cloud security architecture. Why This Engagement Matters The Cyber Incident Response Preparation Consultant plays a crucial role in elevating the organisation's cyber maturity and readiness. Through the development of robust documentation and playbooks, the consultant will help ensure the organisation can respond rapidly, effectively, and consistently to modern cyber threats.

Senior Security & Technology Consultants Location: Warton, UK (On-Site - 5 Days per Week) Clearance Required: Valid MOD DV (Mandatory) Engagement Type: Contract (Inside IR35) Day Rate: 500 - 900 per day (dependent on role and experience) Overview We are seeking experienced Security & Technology Professionals to support critical programmes in a secure defence environment. These roles span architecture, assurance, operations, and technical delivery disciplines and require individuals who can operate effectively within highly regulated, mission-critical settings. All positions are based full-time on-site in Warton (5 days per week) and require candidates to hold a current and valid MOD DV clearance at the time of application. Scope of Opportunities We are hiring across multiple security and technology disciplines, including: Security Architects Security Assurers Information Security Consultants SOC Analysts OT Architects Cross Domain SMEs IT Administrators Service Managers Product Security Managers Penetration Testing Specialists Technical Project / Programme Managers Key Responsibilities (Role Dependent) Security Architecture & Design Define and review secure architectures across enterprise IT and OT environments. Act as technical authority for secure system design and implementation. Lead threat modelling, risk assessments, and security design reviews. Ensure compliance with defence security standards and secure-by-design principles. Security Assurance & Governance Deliver independent security assurance across programmes. Support accreditation activities and compliance reviews. Develop and maintain security documentation, standards, and risk registers. Security Operations & SOC Monitor, analyse, and respond to security events and incidents. Strengthen detection, response, and resilience capabilities. Support vulnerability management and remediation activities. OT & Cross Domain Security Provide expertise in Operational Technology environments. Design and assure secure cross-domain solutions and data transfer mechanisms. Evaluate network segregation and high-assurance controls. Penetration Testing & Vulnerability Management Conduct or oversee penetration testing engagements. Assess vulnerabilities and validate remediation strategies. Support red/blue team activities where required. Service & Product Security Embed security into live service management processes. Act as Product Security lead across development lifecycles. Integrate DevSecOps controls and secure SDLC practices. Technical Delivery & Programme Support Manage security-focused technical workstreams. Provide governance reporting to senior stakeholders. Translate technical risks into business impact and mitigation plans. Essential Requirements Valid and transferable MOD DV clearance (mandatory). Availability to work on-site in Warton, 5 days per week. Strong background in one or more of the listed security disciplines. Experience working in secure, defence, or highly regulated environments. Relevant certifications (e.g., CISSP, CISM, TOGAF, CREST, cloud certifications).

Job Description: Cybersecurity Consultant (Cloud, Data, AI & Microsoft Security) Department: Information Security - (Data & AI team) Duration: Duration 4 months Location : London (Hybrid) Role Overview We are looking for a highly skilled Cybersecurity Consultant with strong expertise across Microsoft Security , Cloud Security , Data Protection , and emerging AI/LLM security and governance . The role focuses on identifying security gaps, defining secure-by-design patterns, supporting product and platform teams, and strengthening enterprise security posture-particularly across Microsoft 365, Azure, data platforms, and AI-enabled solutions. You will play a key role in threat modelling, risk assessments, guardrail design & implementation, and delivering practical security guidance for engineering, data, and application/product teams. Rationale/deliverables: Contribute to the Operating Securely program by providing information security advice and support to product and engineering teams and validate that security controls are in place and issues / vulnerabilities remediated Perform technical risk assessments for proposed new and changing systems, including products that are designed and built by the client as well as the secure deployment and configuration of business applications that report on and analyse data, e.g. Power BI Perform technical risk assessments and advise product and engineering teams on the secure implementation of AI based solutions, e.g. autonomous AI agents, LLMs, LRMs, and AI-enhanced productivity systems Support the roll-out of the new AI information security control framework Support the Data governance team Key Responsibilities Perform threat modelling (STRIDE), guardrail definition, and security posture assessments across applications, data platforms, APIs, cloud services, and SaaS ecosystems. Identify security control gaps , especially around data pipelines, repositories, network security, API security, middleware, and cloud architectures. Conduct technical security risk assessments , produce risk statements/reports, and support teams with remediation and mitigation strategies. Develop security controls, standards, and documentation for product teams, platform engineering, and data services (e.g., pipelines, warehouses, data sources). Provide expert guidance on Microsoft Security Stack , including: Microsoft Defender (XDR, MDE, MDI) Microsoft Entra ID (SSO, MFA, Conditional Access, PIM) Microsoft Purview (DLP, Information Protection, Data Governance, DSPM) Microsoft 365 Copilot & GitHub Copilot security enablement Partner with data governance, platform engineering, DevOps, and architecture teams to embed secure-by-design Support secure adoption of cloud-native technologies (Azure), DevSecOps pipelines, GitOps practices, and GitHub Advanced Security (GHAS). Oversee security controls for cryptography, key management, secrets management, HSM/Key Vault configurations , and cloud network security (firewalls, proxies, segmentation). Drive secure integration of AI/LLM tools , including Copilot, Azure OpenAI, and agentic systems-ensuring proper guardrails, risk assessments, and data protection. Participate in cloud monitoring, detection & incident response , working with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle management of sensitive data. Essential Skills & Experience Strong understanding of security frameworks (CIS), MITRE ATT&CK, and AI/LLM security frameworks. Hands-on experience with Azure cloud security , DevSecOps, and cloud-native architectures. Expertise with Microsoft 365 Security and Azure Security Strong knowledge of IAM (SSO, MFA, Conditional Access, AAD/Entra, PIM). Experience delivering data security , DLP, DSPM, and governance controls using Microsoft Purview. Practically skilled in AI security , including risk identification, secure integration patterns, and AI governance models. Experience with cloud monitoring, incident response, SIEM/XDR operations. Ability to translate complex security risks into clear business language and actionable recommendations. Desirable Skills Experience with secure data platforms (Azure Data Factory, Data Lake, SQL, or similar). Knowledge of API, container security, Kubernetes, and infrastructure-as-code security. Familiarity with PCI, GDPR, data privacy requirements, and compliance frameworks. Exposure to adaptive protection, insider risk management, and automated DLP frameworks. Personal Attributes Strong communicator able to work across engineering, data, product, and business teams. Highly analytical with a structured approach to problem-solving. Comfortable in fast-paced environments undergoing modernization and AI adoption. Ability to influence teams and drive secure-by-design culture across the organization

Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.

Job Advert: Technology Governance Manager - £60,000 + Benefits Location: Warwick / Hybrid 2days p/w We are looking for an experienced Technology Governance Manager to lead and mature the governance, risk, and compliance framework across our Technology function. This role plays a critical part in ensuring that technology change, cybersecurity, and risk management are delivered effectively, enabling robust service delivery and supporting business performance. You will be responsible for defining and operating governance processes that are practical, value adding, and aligned with key regulatory and accreditation standards including ISO 27001 and Cyber Essentials Plus. This role requires a proactive, structured individual who can engage stakeholders, simplify complex governance requirements, and embed a strong culture of secure, risk aware decision making across the function. Key Responsibilities Technology Governance & Controls Develop, maintain, and continuously improve the technology governance framework. Embed a culture of secure by design and risk aware decision making. Own and maintain Technology policies, standards, and procedures, ensuring compliance with ISO 27001, CE+ and other regulatory requirements. Provide guidance and practical support on policy interpretation and governance matters. Lead governance input for customer bids, ensuring the strongest possible position. Own and maintain the Technology Disaster Recovery plan and ensure regular reviews and testing. Streamline governance processes to reduce unnecessary burden while maintaining compliance. Technology Risk Management Manage and maintain the Technology Risk Register. Identify, assess, and prioritise risks across systems, suppliers, and services. Track mitigation actions and provide clear reporting to senior leadership on the risk posture. Change Governance Manage and oversee technology change processes across service, infrastructure, and solutions. Ensure effective risk based assessment of changes, balancing delivery velocity and risk control. Cyber & Information Security Work closely with the Information Security Manager / Data Protection Officer to align technology and security policies. Ensure operational controls support ISO 27001, CE+ and broader security requirements. Promote best practice in access control, monitoring, configuration and data protection. Audit & Compliance Coordinate internal and external audits and certification activities. Provide structured compliance reporting for internal and external stakeholders including shareholders, insurers and customers. Monitor and assess vendor performance relating to technology risk and security. About You We are seeking someone with strong expertise in technology governance, risk, and cybersecurity alongside excellent communication and stakeholder management skills. You will be confident working independently, influencing decision making, and driving continuous improvement. Essential Experience & Skills Strong communication and stakeholder management ability. CISSP or CISSM qualification. Significant experience with ISO 27001; ITIL v3 desirable. Demonstrable experience in security best practice and risk management. Strong project and change management capability. Experience working within enterprise IT environments (healthcare/private medical desirable). Ability to identify service improvements and drive operational excellence. Desirable Experience managing staff. Experience working with IT infrastructure teams. Our Values You will be expected to champion and model our organisational values: Collaboration working in partnership and valuing expertise. Excellence uncompromising focus on quality, compassion, dignity and respect. Learning continuous improvement and development. Efficiency using resources intelligently to improve patient outcomes. What We Offer The opportunity to shape and influence an evolving governance landscape. A collaborative environment focused on improvement and quality. Professional development aligned to industry-recognised standards.

Job Title: Cyber Security Assurance Specialist (Application Security) Client: Urenco Rate: £700 per day Location: Hybrid Minimum 2 days per week in Paddington, London Clearance: Active SC Clearance required About the Client Urenco is a world leader in the enrichment of uranium for use in the civil nuclear industry. Operating across the United Kingdom, United States, Netherlands, and Germany, Urenco plays a critical role in enabling the safe, sustainable use of nuclear technology worldwide. The Group CISO function is responsible for continuously developing and enhancing Urenco s cyber security portfolio to protect the organisation, its customers, and the public. The CISO team is structured across three core areas: Governance, Risk & Compliance (GRC) Operational Technology (OT) Cyber & Cyber Assurance Threat Defence This opportunity sits within the Cyber Assurance Team , reporting directly to the Head of Cyber Security Assurance. Role Overview We are seeking an experienced Cyber Security Assurance Specialist with a strong focus on application security across both on-premises and cloud environments. You will play a key role in improving cyber security maturity across the organisation by providing assurance over security designs, assessing risk, and developing application security standards and policies. The role requires close collaboration with IT, Information Security, and business stakeholders, translating business requirements into secure, practical solutions. This is a highly visible position requiring strong communication skills, sound business judgement, and the ability to operate effectively in agile delivery environments. Key Responsibilities 1. Security Design & Solution Assurance Review and assure technical designs against security policies and standards Identify security design gaps and recommend appropriate control improvements Author and review high-quality security documentation Provide security oversight for both on-premises and cloud-based solutions Act as a trusted advisor and security advocate across the business Communicate effectively with stakeholders to embed secure-by-design principles 2. Security Risk Assessment & Control Assurance Produce formal security risk assessments in collaboration with GRC, architects, and IT teams Define and agree risk mitigations and compensating controls Assure implementation and effectiveness of technical controls Translate business strategy into secure architecture guidance Conduct supplier assurance across on-premises, cloud, and hybrid services 3. Security Standards, Policies & Governance Develop and maintain application security policies, standards, and guidelines Align security frameworks with broader business strategy Track emerging security practices and ensure standards remain current Support the continuous improvement of cyber security maturity Essential Experience Minimum 5 years experience in Information Security Assurance with a focus on application security Experience working in a global organisation Strong knowledge of regulatory compliance and security frameworks such as: ISO 27000 series NIST SP 800 series NIST Cyber Security Framework Experience in: Secure application design and review Cloud security assurance Penetration testing and vulnerability management Supplier security assurance Desirable Experience Knowledge of nuclear industry regulations across the UK, US, Netherlands, and Germany Understanding of government information classifications Experience in OT security environments Technical Knowledge Strong understanding of security controls across multiple asset types including data, networks, devices, and users, covering: Software Asset Inventory & Control Data Protection Secure Configuration Management Continuous Vulnerability Management Audit Log Management Malware Defences Disaster Recovery Service Provider Security Management Application Security & Penetration Testing Qualifications & Certifications Degree (BS/MS) in Computer Science, Information Security, or equivalent experience Relevant certifications such as: CISSP CISA CSSLP OWASP ASVS / OWASP Top 10 GIAC (GWAPT, GCSA) CASE Certified DevSecOps Professional Key Competencies Strong business acumen with ability to align security to organisational objectives Adaptable and responsive to changing risk landscapes Excellent written and verbal communication skills Strong analytical and decision-making capability Team-oriented with experience working across diverse stakeholders Self-motivated with a sense of urgency and delivery focus Organised and able to manage multiple priorities Additional Information Hybrid working model minimum 2 days per week onsite in Paddington Occasional travel may be required Active SC clearance is mandatory

Job Advert: Technology Governance Manager - £60,000 + Benefits Location: Warwick / Hybrid 2days p/w We are looking for an experienced Technology Governance Manager to lead and mature the governance, risk, and compliance framework across our Technology function. This role plays a critical part in ensuring that technology change, cybersecurity, and risk management are delivered effectively, enabling robust service delivery and supporting business performance. You will be responsible for defining and operating governance processes that are practical, value adding, and aligned with key regulatory and accreditation standards including ISO 27001 and Cyber Essentials Plus. This role requires a proactive, structured individual who can engage stakeholders, simplify complex governance requirements, and embed a strong culture of secure, risk aware decision making across the function. Key Responsibilities Technology Governance & Controls Develop, maintain, and continuously improve the technology governance framework. Embed a culture of "secure by design" and risk aware decision making. Own and maintain Technology policies, standards, and procedures, ensuring compliance with ISO 27001, CE+ and other regulatory requirements. Provide guidance and practical support on policy interpretation and governance matters. Lead governance input for customer bids, ensuring the strongest possible position. Own and maintain the Technology Disaster Recovery plan and ensure regular reviews and testing. Streamline governance processes to reduce unnecessary burden while maintaining compliance. Technology Risk Management Manage and maintain the Technology Risk Register. Identify, assess, and prioritise risks across systems, suppliers, and services. Track mitigation actions and provide clear reporting to senior leadership on the risk posture. Change Governance Manage and oversee technology change processes across service, infrastructure, and solutions. Ensure effective risk based assessment of changes, balancing delivery velocity and risk control. Cyber & Information Security Work closely with the Information Security Manager / Data Protection Officer to align technology and security policies. Ensure operational controls support ISO 27001, CE+ and broader security requirements. Promote best practice in access control, monitoring, configuration and data protection. Audit & Compliance Coordinate internal and external audits and certification activities. Provide structured compliance reporting for internal and external stakeholders including shareholders, insurers and customers. Monitor and assess vendor performance relating to technology risk and security. About You We are seeking someone with strong expertise in technology governance, risk, and cybersecurity alongside excellent communication and stakeholder management skills. You will be confident working independently, influencing decision making, and driving continuous improvement. Essential Experience & Skills Strong communication and stakeholder management ability. CISSP or CISSM qualification. Significant experience with ISO 27001; ITIL v3 desirable. Demonstrable experience in security best practice and risk management. Strong project and change management capability. Experience working within enterprise IT environments (healthcare/private medical desirable). Ability to identify service improvements and drive operational excellence. Desirable Experience managing staff. Experience working with IT infrastructure teams. Our Values You will be expected to champion and model our organisational values: Collaboration - working in partnership and valuing expertise. Excellence - uncompromising focus on quality, compassion, dignity and respect. Learning - continuous improvement and development. Efficiency - using resources intelligently to improve patient outcomes.

Senior Infrastructure & Cloud Consultant - 50,000/ 55,000 - Scunthorpe Principal IT are delighted to be partnering with a well-established and growing Managed Service Provider in the recruitment of a Senior Infrastructure & Cloud Consultant . This is a senior, client-facing consultancy position suited to an experienced Microsoft cloud and infrastructure specialist who thrives in complex project environments. The role will see you leading multi-site enterprise deployments, acting as a trusted technical advisor to senior stakeholders, and shaping long-term cloud strategy for key customers. Our client delivers high-quality Microsoft-led infrastructure solutions and is seeking someone who can operate at architectural level while maintaining hands-on technical capability. The Role As a Senior Infrastructure & Cloud Consultant, you will: Lead the technical delivery of complex, multi-phase Microsoft infrastructure and Azure cloud projects. Act as the primary technical advisor for enterprise clients. Design, architect, and implement secure, scalable solutions aligned to business objectives. Provide escalation support for high-level technical challenges. Work closely with Project Managers to ensure projects are delivered on time and within budget. Engage with C-suite stakeholders and translate technical solutions into business outcomes. Mentor junior consultants and contribute to continuous improvement initiatives. You will play a pivotal role in shaping the technical direction of projects and influencing strategic decisions across client environments. Key Responsibilities Technical Delivery & Architecture Design and deploy Microsoft-based solutions across Microsoft 365, Azure, Windows Server, networking, and security. Lead multi-site deployments supporting 100+ user environments. Conduct infrastructure assessments and site surveys. Own solution architecture and provide alternative design approaches where required. Ensure security, scalability, and best practice compliance. Stakeholder Engagement Engage with senior client stakeholders including C-suite. Provide strategic guidance and technical recommendations. Communicate risks, project milestones, and business impact clearly. Project Governance Collaborate with IT Project Managers on resource planning and delivery. Produce and maintain project documentation including: Work plans Risk assessments Dependencies Downtime planning Technical designs Push back where deliverables are not technically viable. Continuous Improvement Identify automation and tooling opportunities. Improve delivery efficiency within Professional Services. Contribute to product portfolio development. Support knowledge sharing and mentoring initiatives. Measurable Outcomes On-time project delivery Delivery within agreed budgets High client satisfaction scores Seamless, high-quality implementations Strong documentation standards Contribution to process improvement and revenue initiatives Required Experience 5+ years' experience in an MSP or IT consultancy environment Proven experience delivering complex Microsoft cloud and infrastructure projects Strong background in solution architecture and enterprise environments Experience working directly with senior stakeholders Commercial awareness and client-facing consultancy skills Technical Skills & Certifications Strong expertise across: Microsoft 365 Azure Infrastructure Windows Server Networking & Security best practices Enterprise cloud architecture Desirable / Expected Certifications (or equivalent experience): MD-102 (Endpoint Administrator) MS-102 (Microsoft 365 Administrator) SC-100 (Cybersecurity Architect) SC-300 (Identity & Access Administrator) AZ-104 (Azure Administrator) AZ-305 (Azure Infrastructure Solutions Architect) Essential Requirements Right to work in the UK Full UK Driving License Ability to travel to client sites when required Who This Role Would Suit This opportunity would suit a: Senior Infrastructure Engineer stepping into a strategic consultancy role Azure Architect within an MSP seeking greater ownership Technical Lead who enjoys stakeholder engagement and architectural design About the Client Our client is a respected and growing MSP with a strong reputation for delivering high-quality Microsoft-led solutions. They pride themselves on technical excellence, professional standards, and long-term client partnerships. They offer a collaborative environment, clear progression opportunities, and exposure to complex enterprise-level projects. If you would like a confidential discussion regarding this opportunity, please contact Principal IT. INDGH

System Engineer Location: East London (Hybrid office/home) Rate: £450 £500 per day (Inside IR35) Duration: Initial 3 4 month contract (backlog clearance) with strong potential for extension or permanent conversion Client Environment: Major London Rail customers (TfL, Network Rail station systems) Overview We are seeking a mid-to-senior Cybersecurity & Network Assurance Engineer to join a high-performing networks team supporting critical rail infrastructure in London. This role will focus on cybersecurity governance, assurance, and technical documentation , ensuring networked systems meet customer, regulatory, and industry standards. You will play a key role in clearing an immediate backlog of assurance deliverables while providing technical oversight to junior engineers and supporting SIEM integration activities. This is a hybrid East London role with no trackside/site access required. Key Responsibilities Cybersecurity Governance & Assurance Produce and maintain: Cyber Security Management Plans (CSMP) Risk assessments and threat models Assurance and compliance documentation Control framework mappings Align artefacts to client standards (TfL / Network Rail) and industry frameworks Support continual improvement of cyber assurance processes Standards & Compliance Map controls and documentation to: ISO/IEC 27001 IEC 62443 (OT security) Customer-specific rail standards Ensure deliverables meet governance and audit requirements Network Security & Architecture Assurance Provide design assurance for: Secure communications Firewalls (e.g., Cisco, Juniper) Switching and routed network environments Assess effectiveness of implemented security controls in networked systems SIEM Integration Support Produce documentation for SIEM onboarding: Data source identification Logging requirements Use-case and control alignment Support assurance activities for SIEM integration (e.g., Microsoft Sentinel environments) Stakeholder & Team Engagement Act as a technical interface to client stakeholders Translate technical risk and assurance findings for non-technical audiences Provide guidance and quality oversight to junior engineers/graduate staff Essential Experience Cybersecurity governance & assurance in enterprise or critical infrastructure environments Proven delivery of: Risk assessments Threat modelling Cyber security management documentation Control framework mapping Strong knowledge of ISO/IEC 27001 and IEC 62443 Solid understanding of network architecture and secure communications Experience assessing firewalls, switching, and routed networks from a security perspective Familiarity with SIEM concepts and onboarding processes (e.g., Microsoft Sentinel) Ability to produce clear, client-aligned technical documentation Experience working with stakeholders and presenting assurance outcomes Desirable Experience Experience in rail, transport, or OT environments Hands-on network configuration (Cisco, Juniper) Experience with network management and policy enforcement tools Knowledge of Windows Server architectures Prior contract/consulting experience Experience aligning to customer templates or London-specific standards Qualifications & Certifications HND, degree, or equivalent experience in IT, networking, or cybersecurity Cisco CCNA/CCNP (or equivalent experience) Security certifications such as CISSP , CompTIA CySA+ , or similar (desirable) ITIL Foundation (desirable) Clearance Must be eligible for BPSS clearance Key Behaviours Strong written and verbal communication skills Ability to operate at mid-to-senior level with minimal supervision Comfortable guiding junior team members Able to work in a governance, assurance, and documentation-heavy role Collaborative approach in a multi-stakeholder environment

Senior IT Auditor Financial Services Retail Bank Hybrid - London Your new company UK-based merchant bank headquartered in London. It offers specialist lending, savings, and wealth management through its Commercial, Retail, and Property divisions. Listed on the London Stock Exchange, the group reported c.£950 million in revenue and a £10 billion loan book in FY 2025, supported by strong capital ratios. Your new role As part of the Internal Audit team, you will provide independent and objective assurance, along with advisory support, to the Audit Committee, Board, and senior management on the effectiveness of the Group's governance, risk management, and internal control frameworks. You will be responsible for producing high-quality analysis to support the annual risk assessment and audit plan, tracking outstanding management actions through to closure, and ensuring timely escalation where necessary. The role involves proactive collaboration across the Internal Audit function to achieve departmental goals, delivering risk-based audits and reviews in line with methodology, and performing business monitoring to identify changes requiring audit response. You will build strong relationships with business management, promote collaboration and knowledge sharing between Audit, Risk, Compliance, and the wider business to embed a robust risk and control culture, and ensure full adherence to governance, compliance, and regulatory reporting requirements. What you'll need to succeed Financial Services IT audit experience or external audit experience Strong knowledge of technology, operational risk, data, and cyber risks, including best practice standards and regulations Proven experience in leading or supporting continuous monitoring and stakeholder management Exposure to data analytics is desirable. What you'll get in return £70/75k base salary + strong bonus + benefits Hybrid - 3 days in office per week. (London based) What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. #

Network Security Analyst Wigton, Cumbria Up to 35,500 per year Adecco Workington are delighted to be recruiting for our fantastic client, a well established international manufacturing organisation, to join their IT team as a Network Security Analyst. The role will involve: Monitoring network and user activity and managing security incidents Supporting security impact assessments and change management Maintaining IT controls and supporting audit activity Ensuring compliance with global cybersecurity standards Contributing to security policies and governance frameworks We are looking for: Experience in IT operations with exposure to cybersecurity or governance Knowledge of ISO 27001, GDPR and risk management frameworks Familiarity with vulnerability management, SIEM or EDR tools Strong understanding of Windows Server, Active Directory and Microsoft 365 security Strong analytical and communication skills What is on offer: Salary up to 35,500 depending on experience Performance related pay and annual bonus 25 days holiday plus bank holidays Flexible working options Competitive pension and healthcare benefits This is an excellent opportunity to develop your career within a global organisation committed to security and continuous improvement. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.