20 jobs found

We're building a secure, cloud-native platform that underpins how software is delivered across the organisation. Following a major digital transformation, our platform enables teams to ship high-quality software quickly, safely, and consistently-by default. As we continue to scale, security, reliability, and developer experience are treated as first-class concerns, designed in from the start. This role sits at the heart of that mission, shaping how security is applied at scale and how engineering teams confidently move from idea to production. About the role As aDevSecOps Engineer, you'll be a hands on contributor to the design, build, and operation of our internal platform. This is adelivery-focused role, working closely with SRE, Cloud, and Application Security teams to embed security controls, guardrails, and best practices directly into tooling, pipelines, and infrastructure. You'll help define how security is applied at scale in a pragmatic, developer-friendly way, influencing engineering culture through code, automation, and clear technical standards-raising the baseline for security and operational excellence across the organisation. The Tech Stack You'll work with a modern, cloud-native platform, including: Cloud & Networking: AWS (multi-account, IAM, VPC, managed services), hybrid/on prem connectivity Containers & Orchestration: Docker, Kubernetes (EKS, ECS) Infrastructure as Code: OpenTofu, Terragrunt, CloudFormation CI/CD: GitLab CI, reusable components, self-hosted runners Security & Identity: Microsoft Entra, AWS IAM, OIDC, secrets management, policy-as-code Observability: Centralised logging, metrics, tracing (e.g. Datadog, OpenTelemetry) Platform Automation: Declarative configuration and infrastructure management Internal Tooling: Developer-facing tools and services built with Python, Go, and modern frontend frameworks Version Control: Git, merge requests, and code review workflows We value strong fundamentals over specific tools-if you understand the principles, you'll thrive here. What You'll Do Design, build, and operate secure cloud and platform capabilities Embed security controls across the software delivery lifecycle by default Build and maintain fast, reliable, secure CI/CD pipelines and reusable components Automate security, compliance, and operational checks Partner with engineering teams to remove friction and improve workflows Contribute to platform architecture, standards, and technical direction Promote ownership, continuous improvement, and pragmatic DevSecOps practice Key Requirements Hands on experience as a DevSecOps Engineer, Platform Engineer, Cloud Security Engineer, or similar role Strong understanding of DevSecOps principles, including CI/CD, infrastructure as code, and security automation Solid experience working in AWS environments Practical knowledge of containerised workloads and Kubernetes Clear communication skills and the ability to work effectively across teams A focus on raising engineering standards through practical, scalable solutions Why Holland & Barrett? You will be joining at a point where the platform is still being actively shaped, with real scope to influence how security and delivery work across the organisation. This role offers autonomy, technical ownership, and the opportunity to build foundational capabilities that directly impact hundreds of engineers. We offer a competitive salary, comprehensive benefits, and flexible working arrangements. If you enjoy building secure platforms that developers actually love, we'd love to hear from you. What we offer Wellbeing & Lifestyle Benefits Health Cash Plan Life Assurance Incentive Scheme - Based on company & personal performance Virtual GP Private Medical care FREE at-home blood test kit Holiday Purchase option Pension Contribution scheme Access to 'Wellhub' with gyms, studios and wellbeing apps Discounts & Savings 25% Colleague Discount with FREE Standard Delivery Exclusive Discounts from a wide range of partners £/€50 Annual Product Allowance to spend in store Learning & Development Access to a variety of learning opportunities, including Level 2-5 Apprenticeships, Workshops and our Digital Learning Library AND MORE! Holland and Barrett is an equal opportunity employer. We welcome diverse perspectives and are committed to creating an inclusive environment for all colleagues. We understand that when our colleagues are listened to, respected and valued for who they are, we build anorganisationwith belonging at its heart - making health and wellness a way of life for everyone.

Wood Mackenzie is the global leader in analytics, insights and proprietary data across the entire energy and natural resources landscape.For over 50 years our work has guided the decisions of the world's most influential energy producers, utilities companies, financial institutions and governments.Now, with the world's energy system more complex and interconnected than ever before, sector-specific views are no longer enough. That's why we've redefined what's possible with Intelligence Connected.By fusing our unparalleled proprietary data with the sharpest analytical minds, all supercharged by Synoptic AI, we deliver a clear, interconnected view of the entire value chain. Our trusted team of 2,700 experts across 30 countries breaks siloes and connects industries, markets and regions across the globe.This empowers our customers to identify risk sooner, spot opportunities faster and recalibrate strategy with confidence - whether planning days, weeks, months or decades ahead.Wood Mackenzie Intelligence Connected Wood Mackenzie Values Position Overview We are seeking an experienced Cyber Security Lead Analyst to join our cyber security team. The ideal candidate will have a minimum of 5 years cyber security experience and 3+ years in cloud security and/or application security. The candidate will be able to demonstrate a proven track record of protecting enterprise environments against evolving cyber threats. This role requires a technically proficient lead analyst who can lead security initiatives and ensure our cloud and application infrastructure maintains the highest security standards, whilst maintaining business partnerships across the group. Key Responsibilities Monitor and analyze security events across cloud and on-premises environments using SIEM and security analytics tools Conduct thorough investigations of security incidents and provide detailed incident reports Develop and maintain incident response playbooks and procedures Experience with threat intelligence platforms and threat hunting Experience with security orchestration, automation and response (SOAR) platforms Understanding of data protection and encryption technologies Experience in regulated industries (financial services, healthcare, energy) Background in offensive security or penetration testing Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP) Conduct cloud security assessments and architecture reviews Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST) Manage cloud-native security tools including CSPM, CWPP, and cloud WAF solutions Implement and maintain identity and access management (IAM) policies and controls Lead cyber security programs and coordinate remediation efforts Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps) Stay current with emerging threats, vulnerabilities, and security technologies Contribute to security awareness training and documentation Facilitate Supplier Management and security input into bids Support compliance initiatives (SOC 2, ISO 27001, PCI-DSS, GDPR, etc.) Develop and enforce security policies, standards, and procedures Conduct security audits and risk assessments Maintain security documentation and metrics reporting Required Qualifications 5+ years of experience in cybersecurity roles 3+ years of hands-on experience with cloud security (AWS, Azure, or GCP) Proven experience leading security incidents and coordinating response efforts Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture Technical Skills Strong expertise in cloud security services and tools (AWS & Azure) Experience working with SIEM platforms (Splunk, Sentinel) Understanding of network security, firewalls, IDS/IPS, and VPN technologies Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools) Experience with endpoint detection and response (EDR) solutions Certifications (one or more preferred) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate Soft Skills Strong analytical and problem-solving abilities Excellent written and verbal communication skills Ability to explain complex security concepts to technical and non-technical audiences Leadership capabilities and experience mentoring team members Strong attention to detail and ability to work under pressure Collaborative mindset with cross-functional teams Business Partnering experience Education Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience) Working Conditions Some flexibility for remote work - 2 days minimum in office (Edinburgh preferred) Equal Opportunities We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex, national origin, disability or protected veteran status. You can find out more about your rights under the law at If you are applying for a role and have a physical or mental disability, we will support you with your application or through the hiring process. Inclusive - we succeed together Trusting - we choose to trust each other Customer committed - we put customers at the heart of our decisions Future Focused - we accelerate change Curious - we turn knowledge into action

Position Overview We are seeking an experienced Cyber Security Analyst to join our cyber security team. The ideal candidate will have a minimum of 5 years cyber security experience and 3+ years in cloud security and/or application security. The candidate will be able to demonstrate a proven track record of protecting enterprise environments against evolving cyber threats. This role requires a technically proficient lead analyst who can lead security initiatives and ensure our cloud and application infrastructure maintains the highest security standards, whilst maintaining business partnerships across the group. Key Responsibilities Monitor and analyze security events across cloud and on premises environments using SIEM and security analytics tools Conduct thorough investigations of security incidents and provide detailed incident reports Develop and maintain incident response playbooks and procedures Experience with threat intelligence platforms and threat hunting Experience with security orchestration, automation and response (SOAR) platforms Understanding of data protection and encryption technologies Experience in regulated industries (financial services, healthcare, energy) Background in offensive security or penetration testing Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP) Conduct cloud security assessments and architecture reviews Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST) Manage cloud native security tools including CSPM, CWPP, and cloud WAF solutions Implement and maintain identity and access management (IAM) policies and controls Lead cyber security programs and coordinate remediation efforts Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps) Stay current with emerging threats, vulnerabilities, and security technologies Contribute to security awareness training and documentation Facilitate Supplier Management and security input into bids Support compliance initiatives (SOC2, ISO27001, PCI DSS, GDPR, etc.) Develop and enforce security policies, standards, and procedures Conduct security audits and risk assessments Maintain security documentation and metrics reporting Required Qualifications Minimum of 5 years cyber security experience 3+ years of hands on experience with cloud security (AWS, Azure, or GCP) Proven experience leading security incidents and coordinating response efforts Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture Technical Skills Strong expertise in cloud security services and tools (AWS & Azure) Experience working with SIEM platforms (Splunk, Sentinel) Understanding of network security, firewalls, IDS/IPS, and VPN technologies Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools) Experience with endpoint detection and response (EDR) solutions Soft Skills Strong analytical and problem solving abilities Excellent written and verbal communication skills Ability to explain complex security concepts to technical and non technical audiences Leadership capabilities and experience mentoring team members Strong attention to detail and ability to work under pressure Collaborative mindset with cross functional teams Business partnering experience Certifications (one or more preferred) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate Education: Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience) Working Conditions Some flexibility for remote work - 2 days minimum in office (Edinburgh preferred) Equal Opportunities We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex, national origin, disability or protected veteran status. We can support you with your application or through the hiring process if you have a physical or mental disability. You can find out more about your rights under the law at .

Viridien is seeking an Infrastructure as Code (IaC) Specialist (Contract) to design and implement a cloud agnostic IaC foundation for a Kubernetes based software platform supporting data transformation and analytics in the energy and mining sectors. The platform is deployed across cloud and on premise environments, with an initial focus on Microsoft Azure. Key Responsibilities Infrastructure & Architecture: Design and implement an IaC foundation for Kubernetes and non Kubernetes components. Define cloud agnostic architecture and deployment patterns for multi environment support. Build reusable IaC modules for networking, identity, compute, Kubernetes, storage, and observability. Kubernetes & Platform Engineering: Provision and configure Kubernetes clusters, including node pools, add ons, and security controls. Integrate supporting services such as databases, container registries, networking, and messaging systems. CI/CD & Operations: Establish CI/CD pipelines and GitOps workflows for infrastructure deployment and lifecycle management. Define environment standards, naming conventions, and cost management controls. Security & Governance: Implement security best practices including IAM/RBAC, secrets management, and policy as code. Ensure compliance, auditability, and secure infrastructure design. Collaboration & Documentation: Work closely with cloud architects, DevOps, and engineering teams to deliver scalable solutions. Document architecture, IaC modules, and operational procedures to support knowledge sharing. Qualifications Proven experience designing and delivering IaC solutions for production systems. Strong experience with Terraform or similar tools such as Pulumi, Bicep, or CloudFormation. Hands on experience with Kubernetes including provisioning, networking, security, and lifecycle management. Experience deploying on Azure, including AKS, networking, identity, and monitoring services. Experience designing cloud agnostic architectures across multiple environments. Experience with CI/CD and GitOps tools such as GitHub Actions, Azure DevOps, ArgoCD, or Flux. Strong understanding of networking and security principles including DNS, TLS, IAM, and secrets management. Experience with monitoring, logging, and operational best practices. Strong communication, documentation, and stakeholder collaboration skills. Preferred: Experience working in energy, mining, or data intensive industries. Preferred: Experience supporting hybrid or on premise and HPC environments. Preferred: Consulting or contract experience delivering infrastructure foundations. Preferred: Experience working with ML or data platform deployments. Benefits & Compensation Competitive salary commensurate with experience. Highly attractive bonus scheme. Initial 22 days annual leave with future increases. Flexible buying and selling holiday program. Company pension with generous employer contribution. Wellbeing Unmind app. Flexible benefits platform with discount schemes for gym membership, restaurants, cinema tickets, etc. Regular social club events and spontaneous reward events. Cycle purchase scheme. Flexible private medical & dental care programmes. Visa sponsorship and comprehensive relocation packages. Bank holiday swap program. Relaxed dress code policy. Onsite gym facilities. Learning and development through tailored training programs via the Learning Hub. Equal Opportunity Statement We see things differently. Diversity fuels our innovation, we value the unique ways in which we differ, and we are committed to equal employment opportunities for all professionals.

Insight Investment is looking for Security Architect to join the Data Platform team in Manchester. The role will focus on designing, implementing, and continuously enhancing the security of our Snowflake-based data platform hosted on Microsoft Azure. This role has been created to strengthen security-by-design principles throughout the platform's development and delivery processes. Working collaboratively within the team, you will partner closely with engineers and fellow architects to proactively identify cyber threats, devise proportionate security controls, and see these measures through to practical implementation. Your efforts will be instrumental in ensuring our platform remains secure and compliant, while supporting efficient and frictionless delivery. This is a hands-on, delivery-oriented position, embedded within the wider Data Platform team. You will play a key part in shaping our secure system development practices, championing robust governance and regulatory compliance, and enabling trusted access to data for users across the organisation. Role Responsibilities Design and implement security architecture for the Snowflake data platform on Microsoft Azure, encompassing data, identity, network, and platform controls, while embedding security into Snowflake workspaces and GitHub-backed repositories (secure branching, code reviews, pipelines, secrets management, and deployment patterns) Secure integrations with Sigma, Collibra, on-premises systems, other clouds/SaaS, and third-party vendors by ensuring connectivity, authentication, data exchange, and auditability Lead threat modelling and hands-on security assessments for systems, data flows, integrations, and vendors; translate findings into actionable controls, prioritise remediation, and track closure Implement and refine controls across IAM (Entra ID/Azure AD, Snowflake roles/RBAC), networking (private endpoints, firewall rules), encryption and key management (customer-managed keys, Key Vault), secrets management, monitoring, and logging, ensuring operability and observability (logs, alerts, dashboards), incident response, and post-incident learning Define and embed reusable, automatable security patterns, guardrails, and reference architectures in CI/CD; enforce secure data lifecycle controls (ingestion, storage, processing, sharing, retention/deletion), including classification, masking, and least-privilege access Work closely with the platform team and Internal Security to align on standards and enable secure delivery, contribute to Architecture Review Boards and technical risk management, and ensure compliance with legal, regulatory, industry, and enterprise standards, focusing on real risk reduction. Elevate the platform team's security maturity and mindset in the process Experience Required Snowflake on Azure security: role/warehouse design, RBAC, masking/row level controls, network policies, private connectivity, secure data sharing patterns Azure security: identity (Entra ID), network isolation (VNets, Private Link), Key Vault / customer managed keys, policy/blueprints, logging/monitoring GitHub security & DevSecOps: protected branches, code owners, signed commits, secrets management, GitHub Actions hardening, SAST/secret scanning, supply chain hygiene Infrastructure as Code (e.g., Terraform) and pipeline embedded controls (policy as code, automated checks, drift detection) Threat modelling & risk assessment skills; ability to turn threats into concrete, testable mitigations and track them to done Zero Trust and principal of least privilege mindset; strong grasp of enforcing role entitlement over data security (classification, tokenisation/masking, lineage, audit) Security observability: designing for logs, metrics and alerts that support detection, response and auditability Working familiarity with industry frameworks (e.g., NIST CSF, CSA Cloud Controls) to communicate design rationale in governance forums Clear, pragmatic communication to brief engineers, product, architects and ARB succinctly; documents decisions and residual risk Behaviours: collaborative, embedded, outcome focused, balances speed and safety, takes ownership, learns from incidents, influences through expertise, consultative stakeholder style, curiosity, continuous improvement mindset, transparent about trade offs and residual risk Insight is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation. If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability-driven investment, risk management, full-spectrum fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:

Systems Engineer (Exchange) page is loaded Systems Engineer (Exchange)locations: UK - London ( St Botolph )time type: Full timeposted on: Posted Todayjob requisition id: 2026-395Job Title: Systems EngineerReporting to: Lead Systems EngineerPosition Type: Permanent, 35 hours per weekHybridOverview: Why Standing still is not an option in the current world of Insurance. TMHCC are one of the world's leading Specialty Insurers. With deep expertise in our chosen lines of business, our unparalleled track record and a solid balance sheet, TMHCC evaluates and manages risk like no one else in the industry. Looking beyond profit, empowering our people and delivering on our commitments are at the core of our customer values, and so is a desire to grow and provide creative and innovative solutions to our clients.Job Purpose:The Infrastructure Collaboration Engineering team is looking to hire a technical person with expertise in M365, with a focus on Exchange, OneDrive, Teams and Entra ID. In this role, you will work as a technical lead and subject matter expert in designing, architecting, implementing, operating, and maintaining access management solutions using M365 and Entra ID.Key Responsibilities: Exchange Design, implement, and configure Exchange Online environments, including mailbox setup, migration from on-premises Exchange, and hybrid configurations. Manage user mailboxes, distribution groups, shared mailboxes, and resource mailboxes. Perform day-to-day administration using the Microsoft 365 admin center and PowerShell. Implement and manage security features such as anti-phishing, anti-spam, and malware protection. Ensure compliance with organizational policies and regulatory requirements using features like retention policies, eDiscovery, and data loss prevention (DLP). Monitor Exchange Online health and performance using tools like Microsoft 365 Service Health and Message Trace. Troubleshoot mail flow issues, connectivity problems, and resolve service incidents. Provide technical support to end-users for Exchange Online-related issues, including mailbox access, email delivery, and calendar synchronization. Educate users on best practices and new features. Plan and execute mailbox migrations from legacy systems (such as Exchange Server or other email platforms) to Exchange Online, ensuring minimal disruption and data integrity. Integrate Exchange Online with other Microsoft 365 services (such as Teams, SharePoint, and OneDrive) and third-party applications as required. Utilize PowerShell and other automation tools to streamline administrative tasks, generate reports, and enforce organizational policies. Stay updated with the latest Exchange Online features, best practices, and Microsoft roadmap changes. Proactively recommend and implement improvements to enhance service reliability and user experience. OneDrive Migrate legacy file storage systems to OneDrive for Business, ensuring data integrity and minimal downtime. Oversee storage quotas, user access, and sharing settings to maintain organizational standards. Implement and enforce security policies, including Data Loss Prevention (DLP), encryption, and access controls. Ensure compliance with industry regulations and internal governance standards for data storage and sharing. Monitor for and respond to security incidents related to OneDrive usage. Provide tier 2/3 support for OneDrive-related issues, coordinating with Microsoft support as necessary. Develop and deliver training materials, workshops, or webinars to promote OneDrive adoption. Integrate OneDrive with other M365 services (e.g., Teams, SharePoint) to streamline workflows. Leverage Power Automate or similar tools to automate routine tasks and processes related to file management. Collaborate with developers and IT teams to enable custom integrations as needed. MS Teams Plan, deploy, and configure Microsoft Teams environments according to business requirements, including tenant setup, policies, and integrations. Oversee day-to-day administration of Teams, managing users, groups, channels, and permissions. Monitor usage and maintain system health. Implement and manage security protocols, data governance, and compliance policies to protect organizational data and ensure regulatory adherence. Integrate Teams with other Microsoft 365 services (such as SharePoint, Exchange, OneDrive) and third-party applications to enhance collaboration and workflow automation. Provide technical support to end-users, resolve issues, and handle escalations related to Teams functionality, connectivity, and performance. Utilize reporting tools to monitor usage, analyze trends, and provide actionable insights for continuous improvement. Stay current with Microsoft Teams updates, new features, and best practices; implement changes and communicate impacts to stakeholders. Work closely with IT teams, business units, and external partners to align Teams capabilities with organizational goals and strategies. Maintain thorough documentation of configurations, procedures, troubleshooting steps, and change management activities. Entra ID Proven expert knowledge of Azure Entra ID capabilities such as Conditional Access Policies, Privileged Identity Manager and Application Registrations. Strong understanding of PIM and the assignment of roles / IAM permissions on Management Groups, Subscriptions and Resources, aligned with Just-in-Time access principles Azure Infrastructure Management to include user accounts, groups, conditional policies, Intune management, mobile device management, and endpoint security. Strong understanding of App registration, Enterprise Apps, SPN's and managed identities with the understanding of least privileged administration when it comes to MS Graph API allocation of permissions. Strong understanding of multifactor authentication, SSPR and WHfB, ensuring secure privileged authentication workflows Strong PowerShell scripting Skills, automation, and scheduling skills when working with data in Azure Good understanding of Intune polices management and autopilot. An individual that stays abreast of the latest Entra ID features, best practices, and security trends, and make recommendations for continuous improvement. Competencies Planning • Follow work plans, established timelines, and predefined goals for assigned work.• Meet commitments on deadlines. Communication • Communicate activities, results, and observations with employees and management as appropriate. Cost Management • Identify areas for improvement in existing business practices.• Perform work thoroughly in a cost-efficient manner and at a high productivity level. Business Controls and Policies • Comply with all corporate policies and procedures.• Report any breakdowns in controls to management.• Conduct all activities in a safe manner. People Management • No people management responsibility. Other • Having knowledge and experience with SharePoint is beneficial.• Demonstrating expertise and familiarity with Rubrik is an asset.• Microsoft and Azure certification are highly beneficial.Tokio Marine HCC is a leading specialty insurance group with offices in the United States, the United Kingdom, Europe, and other locations. With the strength and stability that comes from being a member of the Tokio Marine group, and more than forty years of growth, profitability, and stability, we offer important insurance products that most people do not even know exist.The Tokio Marine HCC Group of companies is an equal opportunity employer. Please visit for more information about our companies.

Technical Infrastructure Architect (DV Security Clearance) Job Description At CGI, we empower architects to shape the future of secure digital transformation. As a Technical Architect, you will design and deliver a next generation, on premise identity solution that underpins the resilience and security of our clients' most critical systems. You will help define and implement a scalable, future ready access management platform that ensures seamless connectivity and trust across complex environments. This is an opportunity to take ownership of a greenfield solution that drives real world impact, harnessing creativity and technical excellence to keep CGI's clients ahead in an evolving digital landscape. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. Benefits include a competitive salary, excellent pension, private healthcare and a share scheme (3.5% + 3.5% matching). The company values diversity and inclusion. Your future duties and responsibilities include: Lead & Innovate: Drive the design and architecture of a new on premise identity solution using Windows Server 2022, Active Directory and ADFS. Develop & Deliver: Define technical standards, principles and direction for a secure IAM environment. Mentor & Support: Guide engineering teams through build and deployment phases, ensuring alignment with design intent. Integrate & Secure: Design and configure federation services, SSO and RBAC models aligned to business needs. Collaborate & Govern: Partner with security, networking and application teams to ensure smooth integration and operational readiness. Document & Communicate: Produce comprehensive architecture documentation and provide ongoing governance for solution stability and compliance. Qualifications and experience required: You should have strong experience architecting and delivering Microsoft based identity solutions in secure or regulated environments, with proven expertise in Active Directory, ADFS and federation technologies. You will bring both strategic thinking and hands on technical depth, with excellent communication skills and a collaborative approach to problem solving. Essential skills and experience: Extensive experience as a Solution or Technical Architect specialising in Microsoft identity solutions. Proven track record delivering greenfield IAM environments. Deep expertise in Windows Server 2022, Active Directory and ADFS configuration. Strong knowledge of SAML, OAuth 2.0 and OpenID Connect federation models. Experience designing and implementing SSO and RBAC frameworks. Solid understanding of networking fundamentals (DNS, routing, firewalls, load balancing). Proven leadership and mentoring experience with engineering teams. Strong documentation, communication and stakeholder engagement skills. Desirable: Microsoft Certified: Identity and Access Administrator Associate or Solutions Architect Expert. Experience with hybrid identity integration and PowerShell automation. Prior experience in Defence or secure government environments.

Azure Engineer Application Deadline: 31 May 2026 Department: IT Employment Type: Fixed Term - Full Time Location: London, UK Description The Premier League IT department is looking for an experienced Azure Engineer to join the Technology Operations team. Working alongside the Cloud Solutions Architect, the Azure Engineer will take on responsibility for managing the Azure platform across the Premier League. Our hybrid working model allows you to work from home on some days each week. When possible you will attend the office or site visits in line with our company policy. All staff liaise closely with their line manager to manage their time appropriately and according to their work and team requirements. Responsibilities Implement scalable and secure Azure environments. Deploy resources using Infrastructure as Code (IaC) such as Bicep, ARM. Manage resource groups, VMs, VNets, storage, and other Azure services. Maintain Bicep templates and repos. Build and manage pipelines using Azure DevOps. Implement identity and access management using Entra ID, RBAC, PIM. Use Azure Policy, Defender for Cloud, and Sentinel to enforce security and compliance. Set up monitoring tools such as Azure Monitor, Log Analytics, and Application Insights. Create alerts and dashboards for system health, performance, and usage. Analyze and troubleshoot logs for issues and optimisation. Work with developers, operations, and security teams to align infrastructure needs. Work with stakeholders and vendors to design, deliver, and support solutions. Document system designs, configurations, and standard operating procedures. Monitor cloud spend and usage with Azure Cost Management. Apply cost control strategies such as right sizing, autoscaling, reserved instances. Use tagging for resource accountability and reporting. Implement business continuity plans using Azure Backup and Site Recovery. Ensure resilience and disaster recovery compliance. Automate lifecycle management of resources and environments. Maintain configuration standards across environments. Stay current with Azure services. Evaluate and introduce new tools or approaches to improve the platform. Qualifications Proven experience and skills in the following Azure areas: Azure Well Architected Framework / Cloud Adoption Framework IaC: DevOps, Bicep Identity: Entra ID, RBAC, PIM, IAM Network: VPN, DNS, Application Gateway Network Security: Firewall, Network Security Groups, Private Links, Routing Azure Monitor and Policy Compute: Virtual Machines, App Services Storage: Disk, Blob, Files Cost Management: Analysis, Budgets, Alerts Experience implementing cloud and hybrid solutions that run on Azure. Excellent analytical and creative problem solving skills. Experience managing incidents and change. Stakeholder and vendor management experience. Strong interpersonal and communication skills with the ability to interact well with people at all levels. Well organized and able to effectively prioritise and execute tasks in a high pressure environment. A team player who enjoys working in a collaborative environment. MUST hold Microsoft Certified: Azure Administrator Associate (AZ 104). Familiarity with Sentinel, Defender for Cloud, Purview, Priva is desired but not required. Creation of Logic Apps and automation is desired but not required. Experience supporting Microsoft 365 suite and other SaaS solutions is desired but not required. Equal Opportunity Statement We are an equal opportunities employer and strive to create an inclusive culture where talent can flourish. We encourage applications from women, people from minority ethnic communities, LGBTQ+ people and disabled people. All appointments will be made based on merit. Safeguarding Our commitment to safeguarding includes implementing robust safer recruitment procedures to assess the suitability of individuals applying for roles that involve work with children and adults who may be at risk of harm.

Overview Mayer Brown is an international law firm positioned to represent the world's major corporations, funds, and financial institutions in their most important and complex transactions and disputes. We are recognized by our clients as strategic partners with deep commercial instincts and a commitment to creatively anticipating their needs and delivering excellence in everything we do. We are a collegial and collaborative firm where highly motivated individuals with an unwavering commitment to excellence receive the opportunity, support, and development they need to grow, thrive, and realise their greatest potential all while supporting the Firm's client service principles of excellence, strategic partnership, commercial instinct, integrated strengths, innovation, and collaboration across our international firm. If you enjoy working with team members whose defining characteristics are exceptional client service, initiative, professionalism, responsiveness, and adaptability, you may be the person we are seeking to join our IT department in our London office as an Architect: Infrastructure & Access Management. Responsibilities Stay current with emerging IAM technologies such as passwordless authentication, decentralized identity frameworks, and adaptive access controls. Collaborate with the Senior Architect Information Security and lead the implementation of identity governance automation, leveraging machine learning for anomaly detection and remediation. Ensure seamless integration of multi-factor authentication (MFA) with biometric and mobile device capabilities to improve both security and user experience. Champion the adoption of identity threat detection and response (ITDR) solutions to proactively identify and mitigate identity-based attacks. Develop and maintain the firm's IAM architecture, including identity lifecycle, access governance, and privileged access controls. Design secure authentication and authorization patterns (OpenID Connect, SAML, OAuth, Kerberos, LDAP) and in conjunction with the Platform Engineering team, Conditional Access policies aligned with Microsoft best practices. Embed zero trust and least privilege principles across all privileged roles and enterprise applications. Responsible for global firewall design and architecture. Architect and enhance privileged access management (PAM) capabilities, including approval workflows and continuous monitoring. Collaborate with Security to design Azure Policies and guardrails, supporting audit readiness and remediation (e.g., ISO 27001, ISO 22301). Integrate IAM with HR, IT, and engineering systems to ensure policy-driven access throughout the user lifecycle. Oversee Conditional Access deployment, risk-based authentication, and device/state signals. Guide the operation and hardening of multi-site Active Directory domains/forests and cloud identity components (Entra/Azure AD). Align IAM with Firewall, Micro-Segmentation, NDR, Remote Access, and Certificate Management strategies. Assess IAM-related vulnerabilities and design timely mitigations. Establish and maintain reference architectures, design standards, runbooks, and documentation. Participate in vendor governance, roadmap reviews, and security notifications. Communicate architecture decisions to senior business and IT leaders; foster cross-regional collaboration. Track industry trends and recommend innovations to improve security and reduce complexity. Perform other duties as assigned or required to meet Firm goals and objectives The Firm may modify and amend this job description at any time at its sole discretion. Nothing herein creates a contract of employment. Qualifications Bachelor's degree in Computer Science, Information Technology, or related field; equivalent experience considered. Approx. 7-10 years in IAM/identity engineering/architecture within large or enterprise environments; 3+ years leading complex IAM design initiatives. Prior global/large-scale enterprise experience preferred. Relevant industry certifications such as CISSP Microsoft Certified: Identity and Access Administrator Associate required Azure Cybersecurity Expert preferred Certified Identity and Access Manager (CIAM) are highly desirable Technical Skills: Deep expertise in Microsoft identity and security across SaaS/PaaS, IAM, and Privileged Access domains; advanced Entra ID/Azure AD and on prem AD. Strong command of SSO and authentication protocols: OpenID Connect, SAML, OAuth, Kerberos, LDAP. Hands on RBAC design, entitlement management, and automated provisioning/de provisioning pipelines. Proficiency with PowerShell and RESTful integrations for identity automation and compliance checks. Familiarity with NDR and Micro Segmentation patterns; understanding of network topologies and their interplay with IAM. Experience hardening infrastructure and monitoring for malware/unauthorized access in hybrid environments. Exposure to Azure Policy and landing zone guardrails; Conditional Access at scale. Performance Traits: Excellent written and verbal communication; able to explain complex identity concepts to diverse audiences. Strong customer focus, initiative, and ability to operate under pressure with shifting priorities. Collaborative across business analysts, developers, data teams, and security; resilient, agile mindset; commitment to process improvement and structured operational practices. High discretion in handling sensitive information; willingness to challenge the status quo constructively. Willingness to challenge the status quo. At Mayer Brown, we are committed to creating an inclusive work environment that offers our people the opportunity and support they need to succeed. Our culture promotes mutual respect, acceptance, cooperation and productivity among people from all backgrounds and values different perspectives and ideas. One of our core values at Mayer Brown is to promote inclusion at all levels within the business which is actively supported by our Employee Resource Groups - LGBTQI+, Fusion (Race & Ethnicity), Multi-faith, Women, Enable (Disability), Social Inclusion and Opportunities Network and Work and Me (Family). We are happy to discuss any reasonable adjustments that individuals may require throughout the recruitment process and once they have joined the Firm.

Music is Universal It's the passionate and dedicated team at Universal Music who help make us the world's leading music company. From A&R to finance, legal to digital, sales to marketing, Universal Music is the place to grow and develop your career within a truly commercial and innovative business that leads in everything it does.Everyone is welcome to apply for our roles, and we are determined to ensure that no applicant or employee receives less favourable treatment because of gender, race, disability, sexual orientation, religion, belief, age, marital status, background, pregnancy, or caring responsibilities. We also recognise the importance of diversity of thought within our teams and are fully committed to embracing the talents of people with autism, dyslexia, ADHD, and other forms of neurocognitive variation.We will always seek to make appropriate adjustments to recruitment, workplaces, and work processes to be fully inclusive to people with different needs and working styles. If you need us to make any reasonable adjustments for you from application onwards, including alternatives to the online form or to disclose a neurocognitive condition, please email . Job Summary We are currently seeking an Identity & Access Management Engineer with specialization in Access Management to join UMG's global Tech Security & Identity organization. Reporting to the Manager, Access ManagementVP, Tech Security & Identity, this is a hands-on engineering role responsible for designing, implementing, and operating enterprise access management capabilities across a global, hybrid environment - including workforce, partner, customer, and consumer experiences.This engineer will play a critical role in securing authentication and authorization for workforce and application access, delivering scalable solutions across Single Sign-On (SSO), federation, and multi-factor authentication (MFA). The role emphasizes strong technical execution, platform reliability, and automation, working closely with application, infrastructure, and security teams to enable secure access while maintaining a strong user experience. The ideal candidate brings deep experience with modern access management platforms and protocols, and the ability to operate access services at enterprise scale. Job Functions Design, engineer, deploy, and operate Access Management solutions across the enterprise. Implement and support Single Sign-On (SSO) and federation services using modern identity protocols. Engineer and maintain authentication and authorization services including MFA, adaptive access, and conditional access policies. Integrate applications and platforms with enterprise access management systems across on-premises and cloud environments. Partner with application owners and platform teams to onboard applications to SSO and enforce consistent authentication standards. Design and maintain secure federation integrations using protocols such as SAML, OAuth 2.0, and OpenID Connect (OIDC). Develop and maintain automation and tooling to support access onboarding, configuration, and lifecycle management. Troubleshoot and resolve complex authentication, authorization, and federation issues impacting users or applications. Ensure access management services meet availability, performance, and resiliency requirements in a global environment. Support audit, compliance, and security review activities related to access controls and authentication mechanisms. Maintain technical documentation, standards, and runbooks for access management platforms and integrations. Continuously improve access security and user experience through platform enhancements, automation, and adoption of modern authentication patterns. Job Requirements Essential Qualifications 5+ years of hands-on experience in Identity & Access Management or Security Engineering roles, with strong focus on Access Management. Demonstrated experience implementing and operating enterprise access management platforms (e.g., Ping Identity, Okta, Microsoft Entra ID, or equivalent). Strong understanding of authentication and authorization concepts, including SSO, federation, MFA, and adaptive access. Hands-on experience with identity protocols and standards such as SAML, OAuth 2.0, OpenID Connect (OIDC), and LDAP. Experience integrating identity platforms with cloud applications, SaaS platforms, and custom-built applications. Proficiency in scripting and automation using tools such as PowerShell or Python. Experience operating access services in hybrid and cloud environments (Azure and/or AWS). Ability to independently own complex technical implementations while collaborating across a global organization. Strong troubleshooting, documentation, and communication skills.Desirable Qualifications Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical discipline. Experience with passwordless authentication technologies and modern identity standards. Familiarity with Zero Trust and conditional access models. Experience supporting authentication services in high-availability, 24x7 enterprise environments. Experience with identity verification solutions and technolgies. Professional certifications such as Ping Identity Certified Professional, Microsoft Certified: Identity and Access Administrator, Security+, or CISSP. Experience operating IAM platforms within a large, global, or highly regulated enterprise environment. About UMG UK We are Universal Music Group UK - the UK's leading music-based entertainment company. We exist to shape culture through the power of artistry. We help UK artists produce, distribute and promote the most critically acclaimed and commercially successful music to inspire and entertain fans at home and around the world. Bonus Tracks: Your Benefits Group Personal Pension Scheme (between 3% and 9%) Private Medical Insurance 25 paid days of annual leave Interest Free Season Ticket Loan Holiday Purchase scheme Dental and Travel Insurance options Cycle to Work Scheme Salary Sacrifice Cars Subsidised Gym Membership Employee Discounts (Reward Gateway)Just So You Know The company presents this job description as a guide to the major areas and duties for which the jobholder is accountable. However, the business operates in an environment that demands change and the jobholder's specific responsibilities and activities will vary and develop. Therefore, the job description should be seen as indicative and not as a permanent, definitive, and exhaustive statement. Job Category: Universal Music Group

) for more information.# Job Details Viridien is seeking an Infrastructure as Code (IaC) Specialist (Contract) to design and implement a cloud-agnostic IaC foundation for a Kubernetes-based software platform supporting data transformation and analytics in the energy and mining sectors.The platform is deployed across cloud and on-premise environments, with an initial focus on Microsoft Azure. This role will define scalable, reusable infrastructure patterns to support future deployments across AWS, HPC, and on-premise environments. About The Team You will join a growing, collaborative team of scientists, engineers, and developers focused on delivering advanced data and AI-driven solutions across industries including geothermal, environmental, hydrocarbon, and mineral exploration.The team works in an open and flexible environment, collaborating across data engineering, machine learning, and software development. This role offers the opportunity to work remotely or in a hybrid setup from North Wales or Crawley.# Key Responsibilities -Infrastructure & Architecture Design and implement an Infrastructure as Code foundation for Kubernetes and non-Kubernetes components. Define cloud-agnostic architecture and deployment patterns for multi-environment support. Build reusable IaC modules for networking, identity, compute, Kubernetes, storage, and observability. -Kubernetes & Platform Engineering Provision and configure Kubernetes clusters, including node pools, add-ons, and security controls. Integrate supporting services such as databases, container registries, networking, and messaging systems. -CI/CD & Operations Establish CI/CD pipelines and GitOps workflows for infrastructure deployment and lifecycle management. Define environment standards, naming conventions, and cost management controls. -Security & Governance Implement security best practices including IAM/RBAC, secrets management, and policy-as-code. Ensure compliance, auditability, and secure infrastructure design. -Collaboration & Documentation Work closely with cloud architects, DevOps, and engineering teams to deliver scalable solutions. Document architecture, IaC modules, and operational procedures to support knowledge sharing.# Qualifications Required Proven experience designing and delivering IaC solutions for production systems. Strong experience with Terraform or similar tools such as Pulumi, Bicep, or CloudFormation. Hands-on experience with Kubernetes including provisioning, networking, security, and lifecycle management. Experience deploying on Azure, including AKS, networking, identity, and monitoring services. Experience designing cloud-agnostic architectures across multiple environments. Experience with CI/CD and GitOps tools such as GitHub Actions, Azure DevOps, Argo CD, or Flux. Strong understanding of networking and security principles including DNS, TLS, IAM, and secrets management. Experience with monitoring, logging, and operational best practices. Strong communication, documentation, and stakeholder collaboration skills. Preferred Experience working in energy, mining, or data-intensive industries. Experience supporting hybrid or on-premise and HPC environments. Consulting or contract experience delivering infrastructure foundations. Experience working with ML or data platform deployments. Competitive salary commensurate with experience Highly attractive bonus scheme Initial 22 days annual leave with future increases, complemented by a flexible buying and selling holiday program Company pension with generous employer contribution Wellbeing Unmind app - puts you in control of your mental health A flexible benefits platform with numerous discount schemes - gym membership, restaurants, cinema tickets, and much more! Regular social club events, spontaneous reward events throughout the year Cycle purchase scheme Flexible Private Medical & Dental care programmes Sponsorship of visas/comprehensive relocation packages Bank Holiday Swap - our holiday swap program allows you to change it for another day of your choice! Relaxed dress code policy Onsite Gym Facilities Learning and Development At Viridien, we foster a culture of continuous learning and provide tailored training programs through our Learning Hub, designed to enhance technical, commercial, and personal growth. We Care About The Environment We encourage and actively support a strong sense of community, through volunteering and various company initiatives, as well as a strong company commitment to protecting our environment through sustainable solutions, energy saving and waste reduction enterprises. Our Hiring Process At Viridien, we are committed to delivering a respectful, inclusive, and transparent recruitment experience.Due to the high volume of applications we receive, we may not be able to provide individual feedback to every applicant. Only candidates whose qualifications closely match the role criteria will be contacted for an interview. We do, however, aim to share personalized feedback with those who progress to the first round of interviews and beyond.We are also dedicated to ensuring that our hiring process accessible to all. If you require any reasonable adjustments to fully participate in the application or interview stages, please don't hesitate to contact your recruiter directly.We see things differently. Diversity fuels our innovation, we value the unique ways in which we differ, and we are committed to equal employment opportunities for all professionals.Viridien () is an advanced technology, digital and Earth data company that pushes the boundaries of science for a more prosperous and sustainable future. With our ingenuity, drive and deep curiosity we discover new insights, innovations, and solutions that efficiently and responsibly resolve complex natural resource, digital, energy transition and infrastructure challenges.Create a brighter future forViridien () is an advanced technology, digital and Earth data company that pushes the boundaries of science for a more prosperous and sustainable future. With our ingenuity, drive and deep curiosity we discover new insights, innovations, and solutions that efficiently and responsibly resolve complex natural resource, digital, energy transition and infrastructure challenges.

The Head of Windows Enterprise is accountable for the global Windows ecosystem and the full Microsoft technology stack across LMAX Group. This role sets the strategic direction, leads a high-performing global engineering organisation, and ensures the reliability, security, and evolution of all Windows Enterprise services. You will act as the senior technical authority and final escalation point, but your primary impact will be through strategy, leadership, and driving an automation-first engineering culture that delivers measurable business value. Key Responsibilities 1. Leadership, Strategy & Organisational Impact Define and own the multi-year Windows Enterprise strategy aligned to LMAX Group's cloud-first and M365 vision. Lead and develop a global team spanning 1st, 2nd, and 3rd line engineering, building a culture of ownership, accountability, and collaboration. Engage senior stakeholders across business units to ensure Windows services evolve with organisational needs and deliver an exceptional end-user experience. Own vendor and partner relationships, including strategic technology decisions and procurement. Champion a high-standards culture, where engineering excellence and "doing the right thing" are non-negotiable. 2. Service Ownership & Operational Excellence Own the performance, reliability, and consistency of global end-user computing services. Ensure robust lifecycle management, including patching, compliance, and security across the Windows estate. Act as the senior escalation point for complex or critical issues within the Windows Enterprise environment. Oversee asset and application management, ensuring accurate inventory, effective patching, and operational discipline. 3. Identity, Security & Risk Management Provide leadership across Identity and Access Management, including IAM lifecycle, Azure AD (Entra ID), RBAC, and directory integrations. Partner with Cyber Security to deliver Zero Trust initiatives, conditional access, CASB solutions, and privileged access governance. Ensure all services meet regulatory, audit, and security expectations, consistent with financial services standards. 4. Core Infrastructure & Cloud Services Own the strategy, reliability, and evolution of Microsoft core services, including Active Directory Directory Services (AD DS), Entra ID, Intune, and the full Microsoft 365 stack. Contribute to Azure cloud strategy, supporting IaaS, PaaS, and M365 scalability and modernisation. Maintain and support the AWS EC2 infrastructure underpinning the MT4 and MT5 trading platforms, ensuring stability, performance, and alignment with operational and regulatory requirements. Maintain and evolve business continuity capabilities, including Azure Virtual Desktop (AVD) and Intune-based continuity frameworks. Technical Expertise Deep expertise across the Microsoft ecosystem: Windows Server (2016+), Windows 10/11, Microsoft 365. Strong understanding of Azure products, Azure IAM, hybrid identity, and on-premise AD forest integration. Experience with Cloud Platforms: AWS, Alibaba, Azure. Exposure to Broker Trading systems (MT4/MT5) and FIX protocol is highly advantageous. Automation & Engineering Practices Advanced PowerShell and Azure AD Graph API scripting capability. Experience with Infrastructure-as-Code (Terraform, Ansible) and modern CI/CD engineering approaches. Proficiency with Intune, Defender for Endpoint, BitLocker, AppLocker, and related enterprise Security tooling. Leadership & Personal Attributes Excellent stakeholder management, able to translate technical strategy into business outcomes. A proactive, accountable self-starter with strong ownership and delivery focus. Collaborative, approachable leadership style with experience running follow-the-sun operational models. Qualifications Professional certification such as Microsoft Certified: Azure Administrator or Azure Security Engineer. Demonstrable experience leading and scaling infrastructure teams within complex, regulated environments. Benefits 25 days of holiday Bonus Pension contribution Private medical, dental, and vision coverage Life assurance Critical illness cover Wellness contribution program with access to ClassPass Plumm Platform Five volunteering days Give as You Earn initiative Learning and development programs Electric Vehicle Scheme Cycle to Work Scheme Season Ticket Loan