Principal Cyber Security ConsultantApplylocations: GB.United Kingdomtime type: Full timeposted on: Posted Todayjob requisition id: R-155642 Job Description Overview Leading the edge of transformation. Join our organisation, where we have a huge variety of projects on-the-go at any one time. So when you start this role with us, it could take your career wherever your interests lie. You'll find everyone here is willing to pitch in and help because we all want you to succeed, and we're ready to help you grow.When it comes to living your life, we want you to get the most out of it. So talk to us about all our flexible and remote working policies that can support your personal priorities. Also, ask us about some of our recent pledges for Women's Equality, as well as being a 'Disability Confident' and 'Inclusive Employer.'As a Cyber Security Consultant, you'll play a pivotal role in protecting Aerospace, Defence and CNI/OT clients from evolving cyber threats. You'll work on projects that shape national security, working alongside industry experts in a supportive, innovative environment. We offer clear pathways for career advancement, and professional development, and this role will suit a recently qualified professional who is looking to take their career to the next level and provide real world benefit to clients. In return, we offer a challenging and rewarding role, career development, an empowered and supportive working environment with a competitive reward package. We invest in your professional growth through certifications, training and leadership pathways. You will work on 'business as usual', technical refresh, and new project environments, applying technical knowledge and innovative thinking. You will help clients establish robust security governance, perform risk assessments, and deploy effective security controls and solutions aligned with business risk appetite.The successful candidate will be a knowledgeable, enthusiastic and conscientious individual who has the relevant Information Assurance and Security qualifications, and experience in working in either Defence or CNI/OT. If you have strong cyber security fundamentals and are keen to develop expertise in Defence or CNI/OT, we'll support you with training and certifications. You will work on a range of client facing projects, large and small, but will also be expected to contribute to winning new business and managing delivery. Projects are likely to involve working on client sites, (although hybrid working allows us to be flexible), and may involve travel across the UK and, occasionally overseas. Your role Client Delivery- Provide cyber security advice and guidance for clients in various environments. Lead and deliver risk assessments, security governance, and deployment of effective security controls tailored to client needs. Develop, review and maintain security related artefacts, policies and procedures to ensure compliance and best practice. Manage multiple projects concurrently, balancing business and client priorities. Deliver high-quality work under pressure and to tight deadlines, ensuring stakeholder expectations are met. Technical Leadership- Apply technical security knowledge creatively to solve cyber security challenges. Assist in fostering a culture of continuous improvement within the security team. Articulate cyber security concepts and recommendations to both technical and non-technical audiences. Business Development- Assist with the identification of new business opportunities, contributing to proposals and client engagement. Build and maintain strong relationships with clients, stakeholders, and team members. About you Experience of delivering technical cyber security consultancy in multi-disciplined environments, with proven ability to work both independently and collaboratively. Background in information assurance, including developing Information Security Management Systems (ISMS), conducting risk assessments, and deploying appropriate security controls. Excellent verbal and written communication skills, with the ability to engage effectively with stakeholders at all levels. Strong organisational skills, with experience managing multiple projects and tasks concurrently. Ability to deliver security outcomes to tight deadlines while maintaining quality and managing stakeholder expectations. Willingness and flexibility to travel throughout the UK (and occasionally overseas) as required. Relevant professional certifications (e.g., ISO27000, CISMP, CISM, CISSP) are highly desirable. Solid understanding of 'Secure by Design' methodology. Commitment to ongoing professional development and willingness to learn new frameworks and technologies. Experience in the UK Defence sector, including knowledge of MoD security policies and processes (e.g., HMG Information Assurance Policies, Security Policy Framework, JSP440, JSP604/JSP453). Experience conducting and managing security assurance and accreditation activities for Defence capabilities or experience delivering cyber security consultancy in OT environments (e.g., energy, utilities, transportation). Experience in segmenting and securing industrial OT/ICS networks. Any Control & Instrumentation background would be an added advantage. Familiarity with OT cyber security standards or regulatory frameworks (e.g., IEC 62443, NIST CSF, NIS Regulations, HSE OG-0086). Relevant OT cyber security qualifications (e.g., GICSP, IEC/ISA 62443). Membership of recognised security professional bodies (e.g., IISP, IS2, BCS, CIISEC). Ability to create client policies and procedures to meet corporate and regulatory requirements in OT environments. Experience selecting and deploying appropriate technology in live CNI environments. Reward & benefitsExplore the rewards and benefits that help you thrive - at every stage of your life and your career. Enjoy competitive salaries, employee rewards and a brilliant range of benefits you can tailor to suit your own health, wellbeing, financial and lifestyle choices. Make the most of a myriad of opportunities for training and professional development to grow your skills and expertise. And combine our hybrid working culture and flexible holiday allowances to balance a great job and fulfilling personal life.Be rewarded. Find out more. About AtkinsRéalisWe're AtkinsRéalis, a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. We're committed to leading our clients across our various end markets to engineer a better future for our planet and its people.Find out more. Additional information Security clearance This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary, it will be discussed with you at interview. The vetting process is delivered by United Kingdom Security Vetting (UKSV) and may require candidates to provide proof of residency in the UK of 5 years or longer. If applying to this role please do not make reference to (in conversation) or include in your application or CV, details of any current or previously held security clearance.We are committed to creating a culture where everyone feels that they belong - a place where we can all be ourselves, thrive and develop to be the best we can be. So, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee resource groups to support all employees. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.
14/06/2026
Full time
Principal Cyber Security ConsultantApplylocations: GB.United Kingdomtime type: Full timeposted on: Posted Todayjob requisition id: R-155642 Job Description Overview Leading the edge of transformation. Join our organisation, where we have a huge variety of projects on-the-go at any one time. So when you start this role with us, it could take your career wherever your interests lie. You'll find everyone here is willing to pitch in and help because we all want you to succeed, and we're ready to help you grow.When it comes to living your life, we want you to get the most out of it. So talk to us about all our flexible and remote working policies that can support your personal priorities. Also, ask us about some of our recent pledges for Women's Equality, as well as being a 'Disability Confident' and 'Inclusive Employer.'As a Cyber Security Consultant, you'll play a pivotal role in protecting Aerospace, Defence and CNI/OT clients from evolving cyber threats. You'll work on projects that shape national security, working alongside industry experts in a supportive, innovative environment. We offer clear pathways for career advancement, and professional development, and this role will suit a recently qualified professional who is looking to take their career to the next level and provide real world benefit to clients. In return, we offer a challenging and rewarding role, career development, an empowered and supportive working environment with a competitive reward package. We invest in your professional growth through certifications, training and leadership pathways. You will work on 'business as usual', technical refresh, and new project environments, applying technical knowledge and innovative thinking. You will help clients establish robust security governance, perform risk assessments, and deploy effective security controls and solutions aligned with business risk appetite.The successful candidate will be a knowledgeable, enthusiastic and conscientious individual who has the relevant Information Assurance and Security qualifications, and experience in working in either Defence or CNI/OT. If you have strong cyber security fundamentals and are keen to develop expertise in Defence or CNI/OT, we'll support you with training and certifications. You will work on a range of client facing projects, large and small, but will also be expected to contribute to winning new business and managing delivery. Projects are likely to involve working on client sites, (although hybrid working allows us to be flexible), and may involve travel across the UK and, occasionally overseas. Your role Client Delivery- Provide cyber security advice and guidance for clients in various environments. Lead and deliver risk assessments, security governance, and deployment of effective security controls tailored to client needs. Develop, review and maintain security related artefacts, policies and procedures to ensure compliance and best practice. Manage multiple projects concurrently, balancing business and client priorities. Deliver high-quality work under pressure and to tight deadlines, ensuring stakeholder expectations are met. Technical Leadership- Apply technical security knowledge creatively to solve cyber security challenges. Assist in fostering a culture of continuous improvement within the security team. Articulate cyber security concepts and recommendations to both technical and non-technical audiences. Business Development- Assist with the identification of new business opportunities, contributing to proposals and client engagement. Build and maintain strong relationships with clients, stakeholders, and team members. About you Experience of delivering technical cyber security consultancy in multi-disciplined environments, with proven ability to work both independently and collaboratively. Background in information assurance, including developing Information Security Management Systems (ISMS), conducting risk assessments, and deploying appropriate security controls. Excellent verbal and written communication skills, with the ability to engage effectively with stakeholders at all levels. Strong organisational skills, with experience managing multiple projects and tasks concurrently. Ability to deliver security outcomes to tight deadlines while maintaining quality and managing stakeholder expectations. Willingness and flexibility to travel throughout the UK (and occasionally overseas) as required. Relevant professional certifications (e.g., ISO27000, CISMP, CISM, CISSP) are highly desirable. Solid understanding of 'Secure by Design' methodology. Commitment to ongoing professional development and willingness to learn new frameworks and technologies. Experience in the UK Defence sector, including knowledge of MoD security policies and processes (e.g., HMG Information Assurance Policies, Security Policy Framework, JSP440, JSP604/JSP453). Experience conducting and managing security assurance and accreditation activities for Defence capabilities or experience delivering cyber security consultancy in OT environments (e.g., energy, utilities, transportation). Experience in segmenting and securing industrial OT/ICS networks. Any Control & Instrumentation background would be an added advantage. Familiarity with OT cyber security standards or regulatory frameworks (e.g., IEC 62443, NIST CSF, NIS Regulations, HSE OG-0086). Relevant OT cyber security qualifications (e.g., GICSP, IEC/ISA 62443). Membership of recognised security professional bodies (e.g., IISP, IS2, BCS, CIISEC). Ability to create client policies and procedures to meet corporate and regulatory requirements in OT environments. Experience selecting and deploying appropriate technology in live CNI environments. Reward & benefitsExplore the rewards and benefits that help you thrive - at every stage of your life and your career. Enjoy competitive salaries, employee rewards and a brilliant range of benefits you can tailor to suit your own health, wellbeing, financial and lifestyle choices. Make the most of a myriad of opportunities for training and professional development to grow your skills and expertise. And combine our hybrid working culture and flexible holiday allowances to balance a great job and fulfilling personal life.Be rewarded. Find out more. About AtkinsRéalisWe're AtkinsRéalis, a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. We're committed to leading our clients across our various end markets to engineer a better future for our planet and its people.Find out more. Additional information Security clearance This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary, it will be discussed with you at interview. The vetting process is delivered by United Kingdom Security Vetting (UKSV) and may require candidates to provide proof of residency in the UK of 5 years or longer. If applying to this role please do not make reference to (in conversation) or include in your application or CV, details of any current or previously held security clearance.We are committed to creating a culture where everyone feels that they belong - a place where we can all be ourselves, thrive and develop to be the best we can be. So, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee resource groups to support all employees. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.
Title Cyber Security Consultant Salary & Location £46,000 to £55,000 per annum (dependent on capability and experience) Portsmouth, Bristol, Plymouth Working Pattern Flexible hybrid schedule with time split between office, client sites, and working from home. Closing Date 30th June 2026 Areas of Work Information Security - identification and management of security risks to business information within complex systems. Cyber Security - identification and management of security risks to IT, OT and supporting processes. Resilience - planning, managing and recovering from events that may compromise a business or system. Experience Required Understanding of security risk assessment and management in complex environments. Relevant certifications such as CISSP, CISM, CISA or demonstrable experience in these areas. Experience in a client-facing role. Knowledge of Secure by Design approaches. Familiarity with GOV ASSURE scheme, ISO27000/NIST family and secure by design practices. Experience in defence, MOD or nuclear programmes is desirable. Familiarity with classified information handling environments. Experience working across multi partner delivery environments. Pre employment screening and UK National Security Vetting clearance required. Benefits Competitive salary with yearly reviews. 25 days holiday (+ option to buy 5 days). Flexible working arrangements. Enhanced parental benefits. Company pension scheme. Targeted professional development. Life assurance. Private healthcare membership. Bonus scheme linked to company performance. Paid membership fees to a professional institution. Support in attaining professional membership. Cycle to work scheme. Season rail ticket loan.
14/06/2026
Full time
Title Cyber Security Consultant Salary & Location £46,000 to £55,000 per annum (dependent on capability and experience) Portsmouth, Bristol, Plymouth Working Pattern Flexible hybrid schedule with time split between office, client sites, and working from home. Closing Date 30th June 2026 Areas of Work Information Security - identification and management of security risks to business information within complex systems. Cyber Security - identification and management of security risks to IT, OT and supporting processes. Resilience - planning, managing and recovering from events that may compromise a business or system. Experience Required Understanding of security risk assessment and management in complex environments. Relevant certifications such as CISSP, CISM, CISA or demonstrable experience in these areas. Experience in a client-facing role. Knowledge of Secure by Design approaches. Familiarity with GOV ASSURE scheme, ISO27000/NIST family and secure by design practices. Experience in defence, MOD or nuclear programmes is desirable. Familiarity with classified information handling environments. Experience working across multi partner delivery environments. Pre employment screening and UK National Security Vetting clearance required. Benefits Competitive salary with yearly reviews. 25 days holiday (+ option to buy 5 days). Flexible working arrangements. Enhanced parental benefits. Company pension scheme. Targeted professional development. Life assurance. Private healthcare membership. Bonus scheme linked to company performance. Paid membership fees to a professional institution. Support in attaining professional membership. Cycle to work scheme. Season rail ticket loan.
Senior Cyber Security Operations Centre (CSOC) Consultant DV Cleared Corsham / Hybrid Rate: £700 - £750pd (Inside IR35) We're supporting a major national security programme seeking an experienced Cyber Security Operations Centre (CSOC) Consultant to join a growing cyber security function delivering services within a highly secure environment. This is an opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government, or other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection use cases, correlation rules, and security monitoring processes. Work closely with cloud, infrastructure, and engineering teams to improve security posture across complex environments. Contribute to threat hunting activities and proactive identification of emerging threats. Support security assurance, risk management, and compliance activities. Produce technical documentation, reports, and recommendations for both technical and non-technical stakeholders. Provide subject matter expertise on security operations best practice within secure government environments. Experience Required Current UK Developed Vetting (DV) clearance. Strong experience within a Security Operations Centre (SOC) or Cyber Security Operations Centre (CSOC) environment. Experience investigating and responding to cyber security incidents. Knowledge of SIEM platforms and security monitoring technologies. Understanding of threat detection, threat hunting, vulnerability management, and incident response methodologies. Experience working within Defence, Central Government, or other secure environments. Strong stakeholder engagement and communication skills. Desirable Experience Experience supporting cloud-hosted environments, particularly Google Cloud Platform (GCP). Experience of MOD Cloud (MODCloud) programmes or secure cloud transformation initiatives. Familiarity with NCSC guidance and secure-by-design principles. Knowledge of security frameworks including JSP 440, JSP 604, NIST, ISO27001, or Cyber Assessment Framework (CAF). Relevant certifications such as CISSP, CCSP, GCIH, GCIA, Security+, or similar. We are looking to have someone in position by 1st July 2026, so if you meet the criteria outlined and want to know more, please get in touch ASAP. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website. JBRP1_UKTJ
13/06/2026
Full time
Senior Cyber Security Operations Centre (CSOC) Consultant DV Cleared Corsham / Hybrid Rate: £700 - £750pd (Inside IR35) We're supporting a major national security programme seeking an experienced Cyber Security Operations Centre (CSOC) Consultant to join a growing cyber security function delivering services within a highly secure environment. This is an opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government, or other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection use cases, correlation rules, and security monitoring processes. Work closely with cloud, infrastructure, and engineering teams to improve security posture across complex environments. Contribute to threat hunting activities and proactive identification of emerging threats. Support security assurance, risk management, and compliance activities. Produce technical documentation, reports, and recommendations for both technical and non-technical stakeholders. Provide subject matter expertise on security operations best practice within secure government environments. Experience Required Current UK Developed Vetting (DV) clearance. Strong experience within a Security Operations Centre (SOC) or Cyber Security Operations Centre (CSOC) environment. Experience investigating and responding to cyber security incidents. Knowledge of SIEM platforms and security monitoring technologies. Understanding of threat detection, threat hunting, vulnerability management, and incident response methodologies. Experience working within Defence, Central Government, or other secure environments. Strong stakeholder engagement and communication skills. Desirable Experience Experience supporting cloud-hosted environments, particularly Google Cloud Platform (GCP). Experience of MOD Cloud (MODCloud) programmes or secure cloud transformation initiatives. Familiarity with NCSC guidance and secure-by-design principles. Knowledge of security frameworks including JSP 440, JSP 604, NIST, ISO27001, or Cyber Assessment Framework (CAF). Relevant certifications such as CISSP, CCSP, GCIH, GCIA, Security+, or similar. We are looking to have someone in position by 1st July 2026, so if you meet the criteria outlined and want to know more, please get in touch ASAP. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website. JBRP1_UKTJ
About Us: Solirius Reply , part of the Reply Group , is a technology consultancy and digital transformation partner that helps organisations solve complex challenges through strategy, design, engineering, and delivery. We work closely with our clients to deliver secure, accessible, user-focused services that evolve with their needs. By combining deep technical expertise with people-centred design, we create solutions that deliver meaningful, lasting impact. Our consultants partner directly with client teams, embedding into organisations to understand their goals, challenges, and users. This collaborative approach enables us to deliver tailored solutions that drive measurable outcomes across public and private sectors. Past and present clients include the Ministry of Justice, Department for Education, Ministry of Housing, Communities and Local Government, UEFA, International Olympic Committee, and Mercedes-Benz. Our services span the full digital delivery lifecycle, including architecture, engineering, delivery management, user-centred design, business analysis, data, DevOps, and AI. We operate as a collaborative and inclusive organisation that empowers our people to take ownership, innovate, and develop their expertise. As an equal opportunities employer, we are committed to encouraging equality, diversity, and social mobility, while creating opportunities for our teams to work on meaningful projects that deliver lasting impact About You: You are a motivated and adaptable professional with a strong analytical mindset and a passion for using technology to solve real-world problems. You enjoy working in collaborative, agile teams and take pride in delivering high-quality solutions that make a tangible impact. With strong communication skills and a consultative approach, you're comfortable engaging with clients, understanding their needs, and translating them into effective outcomes. The Role: We are seeking experienced Security Architects to support our public sector and enterprise clients in delivering secure digital services and technology transformation initiatives. The role involves engaging with multiple stakeholders to understand business objectives, identify security risks, and design security architectures that enable the safe delivery of business outcomes. You will work closely with solution architects, engineering teams, delivery managers, and client leadership to ensure that security is embedded by design and aligned with organisational risk appetites. As a Security Architect, you will operate with a high degree of autonomy, applying your expertise to resolve complex security challenges and providing authoritative guidance across projects and programmes. You will also contribute to the growth of the Security Practice by developing new service offerings, maintaining security standards and artefacts, supporting business development activities, and mentoring junior colleagues. In addition to technical leadership, you will help identify and shape new opportunities by engaging with client stakeholders to understand strategic security objectives and deliver value-driven outcomes. You will be a confident communicator, capable of influencing senior stakeholders, facilitating workshops, and building consensus across multidisciplinary teams. Key Responsibilities: Design end-to-end security architectures that align with business, technical, regulatory, and security requirements. Develop security strategies and controls for cloud-native, hybrid, and on-premise environments. Conduct security architecture reviews and provide recommendations to mitigate identified risks. Translate business and technical requirements into secure, scalable, and resilient designs. Ensure alignment with enterprise security architecture, governance frameworks, and organisational standards. Support Agile delivery teams by embedding security-by-design principles throughout the software development lifecycle. Define and document security patterns, reference architectures, and reusable security artefacts. Lead threat modelling activities and identify appropriate mitigation strategies. Collaborate with stakeholders across business, product, operations, and engineering teams to drive secure decision-making. Advise on identity and access management approaches, including authentication, authorisation, and privileged access controls. Ensure security, privacy, compliance, and risk management requirements are incorporated into solutions. Support security assurance activities, including risk assessments, security testing, and accreditation processes. Contribute to DevSecOps initiatives, promoting automation and continuous security practices. Produce clear architectural documentation, including security views, high-level designs, and security artefacts. Mentor junior team members and contribute to the development of the wider Security Practice. Key Experience: Extensive experience engaging with stakeholders at all levels, including senior leadership and C-suite executives. Proven experience operating within client-facing and/or consultancy environments. Demonstrated experience designing and implementing enterprise security architectures. Strong understanding of security architecture methodologies and frameworks. Experience conducting threat modelling and security risk assessments. Experience supporting security assurance activities within regulated environments. Proven ability to balance security requirements with operational and business objectives. Experience designing secure architectures across cloud and hybrid environments. Strong understanding of security controls for applications, infrastructure, data, and identity. Experience working within Agile delivery environments and integrating security into delivery processes. Familiarity with public sector security requirements and accreditation approaches is highly desirable. Experience supporting compliance initiatives involving standards and regulatory frameworks. Key Skills: Advanced knowledge of cloud security across Microsoft Azure, AWS, Google Cloud Platform (GCP), and Microsoft 365. Expertise in Zero Trust security principles and secure-by-design methodologies. Strong understanding of identity and access management technologies, including federation, SSO, MFA, and privileged access management. Experience with threat modelling methodologies such as STRIDE, PASTA, or equivalent. Knowledge of security frameworks and standards including: - ISO 27001 - NIST Cybersecurity Framework - NIST 800-53 - CIS Controls - SABSA - TOGAF Understanding of security operations concepts, incident response, and detection capabilities. Knowledge of application security principles, including secure coding practices and OWASP guidance. Experience with DevSecOps practices and security automation. Familiarity with container and Kubernetes security. Understanding of encryption, key management, and data protection principles. Strong documentation, communication, and stakeholder management skills. Competitive Salary Bonus Scheme Private Healthcare Insurance 25 Days Annual Leave + Bank Holidays Up to 10 days allocated for development training per year Enhanced Parental Leave Paid Fertility Leave (5 Days) Statutory & Contributory Pension EAP with Gym Membership Benefits Cycle to Work and Electric Vehicle schemes Flexible Working Annual Away Days/Company Socials Diversity and Inclusion As an equal opportunities employer, we are committed to creating a work environment that supports, celebrates, encourages and respects all individuals, where all processes are based on merit, competence and business needs. Encouraging high social mobility is really important to us. We foster an inclusive culture by welcoming different perspectives, enabling equitable opportunities and promoting open dialogue. This commitment is reflected in initiatives such as our gender diversity group and our focus on mental health and wellbeing. Whatever stage you are at, you will find an environment where you can thrive. Should you require further assistance or require any reasonable adjustments to be put in place to better support your application process, please do not hesitate to raise this with us. As a Disability Confident employer, we are committed to ensuring our recruitment process is accessible and inclusive, enabling all candidates to demonstrate their skills, experience and potential.
13/06/2026
Full time
About Us: Solirius Reply , part of the Reply Group , is a technology consultancy and digital transformation partner that helps organisations solve complex challenges through strategy, design, engineering, and delivery. We work closely with our clients to deliver secure, accessible, user-focused services that evolve with their needs. By combining deep technical expertise with people-centred design, we create solutions that deliver meaningful, lasting impact. Our consultants partner directly with client teams, embedding into organisations to understand their goals, challenges, and users. This collaborative approach enables us to deliver tailored solutions that drive measurable outcomes across public and private sectors. Past and present clients include the Ministry of Justice, Department for Education, Ministry of Housing, Communities and Local Government, UEFA, International Olympic Committee, and Mercedes-Benz. Our services span the full digital delivery lifecycle, including architecture, engineering, delivery management, user-centred design, business analysis, data, DevOps, and AI. We operate as a collaborative and inclusive organisation that empowers our people to take ownership, innovate, and develop their expertise. As an equal opportunities employer, we are committed to encouraging equality, diversity, and social mobility, while creating opportunities for our teams to work on meaningful projects that deliver lasting impact About You: You are a motivated and adaptable professional with a strong analytical mindset and a passion for using technology to solve real-world problems. You enjoy working in collaborative, agile teams and take pride in delivering high-quality solutions that make a tangible impact. With strong communication skills and a consultative approach, you're comfortable engaging with clients, understanding their needs, and translating them into effective outcomes. The Role: We are seeking experienced Security Architects to support our public sector and enterprise clients in delivering secure digital services and technology transformation initiatives. The role involves engaging with multiple stakeholders to understand business objectives, identify security risks, and design security architectures that enable the safe delivery of business outcomes. You will work closely with solution architects, engineering teams, delivery managers, and client leadership to ensure that security is embedded by design and aligned with organisational risk appetites. As a Security Architect, you will operate with a high degree of autonomy, applying your expertise to resolve complex security challenges and providing authoritative guidance across projects and programmes. You will also contribute to the growth of the Security Practice by developing new service offerings, maintaining security standards and artefacts, supporting business development activities, and mentoring junior colleagues. In addition to technical leadership, you will help identify and shape new opportunities by engaging with client stakeholders to understand strategic security objectives and deliver value-driven outcomes. You will be a confident communicator, capable of influencing senior stakeholders, facilitating workshops, and building consensus across multidisciplinary teams. Key Responsibilities: Design end-to-end security architectures that align with business, technical, regulatory, and security requirements. Develop security strategies and controls for cloud-native, hybrid, and on-premise environments. Conduct security architecture reviews and provide recommendations to mitigate identified risks. Translate business and technical requirements into secure, scalable, and resilient designs. Ensure alignment with enterprise security architecture, governance frameworks, and organisational standards. Support Agile delivery teams by embedding security-by-design principles throughout the software development lifecycle. Define and document security patterns, reference architectures, and reusable security artefacts. Lead threat modelling activities and identify appropriate mitigation strategies. Collaborate with stakeholders across business, product, operations, and engineering teams to drive secure decision-making. Advise on identity and access management approaches, including authentication, authorisation, and privileged access controls. Ensure security, privacy, compliance, and risk management requirements are incorporated into solutions. Support security assurance activities, including risk assessments, security testing, and accreditation processes. Contribute to DevSecOps initiatives, promoting automation and continuous security practices. Produce clear architectural documentation, including security views, high-level designs, and security artefacts. Mentor junior team members and contribute to the development of the wider Security Practice. Key Experience: Extensive experience engaging with stakeholders at all levels, including senior leadership and C-suite executives. Proven experience operating within client-facing and/or consultancy environments. Demonstrated experience designing and implementing enterprise security architectures. Strong understanding of security architecture methodologies and frameworks. Experience conducting threat modelling and security risk assessments. Experience supporting security assurance activities within regulated environments. Proven ability to balance security requirements with operational and business objectives. Experience designing secure architectures across cloud and hybrid environments. Strong understanding of security controls for applications, infrastructure, data, and identity. Experience working within Agile delivery environments and integrating security into delivery processes. Familiarity with public sector security requirements and accreditation approaches is highly desirable. Experience supporting compliance initiatives involving standards and regulatory frameworks. Key Skills: Advanced knowledge of cloud security across Microsoft Azure, AWS, Google Cloud Platform (GCP), and Microsoft 365. Expertise in Zero Trust security principles and secure-by-design methodologies. Strong understanding of identity and access management technologies, including federation, SSO, MFA, and privileged access management. Experience with threat modelling methodologies such as STRIDE, PASTA, or equivalent. Knowledge of security frameworks and standards including: - ISO 27001 - NIST Cybersecurity Framework - NIST 800-53 - CIS Controls - SABSA - TOGAF Understanding of security operations concepts, incident response, and detection capabilities. Knowledge of application security principles, including secure coding practices and OWASP guidance. Experience with DevSecOps practices and security automation. Familiarity with container and Kubernetes security. Understanding of encryption, key management, and data protection principles. Strong documentation, communication, and stakeholder management skills. Competitive Salary Bonus Scheme Private Healthcare Insurance 25 Days Annual Leave + Bank Holidays Up to 10 days allocated for development training per year Enhanced Parental Leave Paid Fertility Leave (5 Days) Statutory & Contributory Pension EAP with Gym Membership Benefits Cycle to Work and Electric Vehicle schemes Flexible Working Annual Away Days/Company Socials Diversity and Inclusion As an equal opportunities employer, we are committed to creating a work environment that supports, celebrates, encourages and respects all individuals, where all processes are based on merit, competence and business needs. Encouraging high social mobility is really important to us. We foster an inclusive culture by welcoming different perspectives, enabling equitable opportunities and promoting open dialogue. This commitment is reflected in initiatives such as our gender diversity group and our focus on mental health and wellbeing. Whatever stage you are at, you will find an environment where you can thrive. Should you require further assistance or require any reasonable adjustments to be put in place to better support your application process, please do not hesitate to raise this with us. As a Disability Confident employer, we are committed to ensuring our recruitment process is accessible and inclusive, enabling all candidates to demonstrate their skills, experience and potential.
Broughton Group seeks a Principal Security Consultant specializing in Defence and National Security. This hybrid role demands expertise in governance, risk, and compliance with standards such as ISO 27001 and JSP440. Join our highly respected team, contributing to impactful projects while engaging with stakeholders in a fast-paced environment. A commitment to training and certifications is assured, along with competitive compensation of up to £80,000 and generous benefits.
13/06/2026
Full time
Broughton Group seeks a Principal Security Consultant specializing in Defence and National Security. This hybrid role demands expertise in governance, risk, and compliance with standards such as ISO 27001 and JSP440. Join our highly respected team, contributing to impactful projects while engaging with stakeholders in a fast-paced environment. A commitment to training and certifications is assured, along with competitive compensation of up to £80,000 and generous benefits.
Head of Technology London, UK Hybrid Senior Leadership About EmpowerRD R&D tax credits are a powerful but underused engine for innovation, and navigating them shouldn't require an army of consultants and months of back-and-forth. At EmpowerRD, we're changing that. We build software that makes claiming R&D tax relief transparent and genuinely empowering for the businesses and advisors who rely on us, with a vision to help every innovative company unlock the funding they deserve. Living by that mission has been the secret to our growth, and now we're at a pivotal moment in our journey. Every move we make has a direct impact on our customers, our product, and our collective success. We need people who take pride in understanding what drives outcomes, challenge the way things are done (respectfully), and always aim high. We can't say we've got this whole thing figured out, and frankly, that's half the fun. What we can say is that we're a driven, progressive, and, importantly, a kind team, all committed to building the future of R&D tax relief together. About the role We're looking for a Head of Technology to join EmpowerRD's senior leadership team at a pivotal moment in our growth. You'll own the technology strategy end-to-end, shaping our architecture and engineering culture while accelerating innovation that differentiates us in the R&D tax market. You'll be the connective tissue between our product ambitions and the engineering capability that brings them to life, partnering closely with the CEO, Product, Operations, and Marketing leadership. Who you'll be working with You'll sit at the senior leadership table, reporting into the CEO and working across the whole business. Day to day, you'll partner with the CEO, Head of Product, and our engineering and data teams. You'll also be the primary technology voice in conversations with Finance, Customer Success, Sales, and external technology vendors and partners. Our company virtues are: Be a truth seeker, Build Bridges, Empower Growth, Start and keep going, Foster Well-Being. We build strong cross-functional relationships, stay close to strategic priorities, and bring decisions grounded in data and evidence. What you'll be doing As Head of Technology at EmpowerRD, you will: Develop, communicate, and execute a comprehensive technology strategy aligned with our business goals and growth plans. Collaborate closely with the executive team, product, and other business units to understand technology needs and drive technology-enabled initiatives. Own and evolve the Data, Metrics and Insights that underpin the business. Oversee design and implementation of scalable, secure technology systems and infrastructure, ensuring alignment with security standards and best practice. Provide strong leadership, line management and mentorship to our engineering and data teams, fostering a culture of continuous learning and high performance. Oversee the Ways of Working and ensure teams have a full understanding of the software lifecycle and their roles within the process. Identify and mitigate technology-related risks, ensuring compliance with data privacy and security regulations and internal policies: you will be the DPO. Manage the technology budget, optimising resource allocation and ensuring cost-effective decisions. Manage relationships with technology vendors and partners, evaluating and selecting the most appropriate solutions. Stay close to the latest technology advances and provide strategic recommendations to keep EmpowerRD at the leading edge. What you bring Essential Five or more years of experience in a senior technology leadership role Deep understanding of software development methodologies and how AI has transformed these processes in recent years Many years of experience building technology platforms for organisations - you have the battle scars to show as well as depth of technical experience. Our Stack is Vue, Ruby on Rails, Postgres, Terraform, dbt, AWS, GCP - you'll have many years of experience in these technologies. Demonstrated success managing software development, systems architecture, infrastructure management, IT infrastructure, third party services, cyber security and budgets Broad commercial understanding of how a SaaS business ticks and the teams and processes that drive growth Strong strategic thinking: the ability to translate business objectives into effective technology decisions through Data and discussion Excellent leadership and team management skills, with a track record of developing high performing technology teams Proven ability to deliver complex technology projects on time and within budget Strong analytical and problem solving skills with a data driven approach to decision making A degree in computer science, information technology, or a related field (or equivalent experience) Valued but not required Experience in fintech, SaaS, professional services, or a regulated technology environment Hands on experience with AI and Data platform tooling Familiarity with the R&D tax credit, Accounting or HMRC landscape This role is for you if You're energised by setting the technology direction for a company, not just executing on a predefined plan. You're as comfortable discussing architectural trade offs with engineers as you are presenting a technology roadmap to the CEO or delivering Town Hall updates to the company. You hold yourself and your teams to high engineering standards without letting perfection get in the way of progress. This role may not be for you if You're looking for a steady state technology management role rather than a building and scaling challenge. You do not use data, metrics and insights as part of your operating DNA. You prefer to operate with full certainty before moving; we're a fast moving team, and ambiguity is part of the job. Practical details Location: London, UK. Hybrid with mandatory office days each week. Visa sponsorship: We're not able to offer UK work visa sponsorship for this role. Salary: To be discussed during the first interview. About your application and the interview process We use AI to score every application and then read every relevant CV ourselves. Your effort deserves human attention that matches it, so please take the time to read the role description and make sure your application reflects experience that is genuinely relevant here. The "Achieved X, as measured by Y, by doing Z" formula is a strong way to make your experience compelling. The role requires operational grounding, strategic breadth, and technical depth, so make sure your CV reflects all three. The process Intro call: A 30 minute conversation with leadership to discuss the role and your background. Take home strategic & technical exercises followed by a presentation interview with leadership. CEO interview: A 60 minute interview covering your leadership approach and strategic thinking. Culture Interview with function & technology team leads. EmpowerRD National Technology Awards 2026 Nominee Growth Business of the Year Financial Services Technology of the Year RegTech Project of the Year Ranked in TechRound 2025 FinTech 50
13/06/2026
Full time
Head of Technology London, UK Hybrid Senior Leadership About EmpowerRD R&D tax credits are a powerful but underused engine for innovation, and navigating them shouldn't require an army of consultants and months of back-and-forth. At EmpowerRD, we're changing that. We build software that makes claiming R&D tax relief transparent and genuinely empowering for the businesses and advisors who rely on us, with a vision to help every innovative company unlock the funding they deserve. Living by that mission has been the secret to our growth, and now we're at a pivotal moment in our journey. Every move we make has a direct impact on our customers, our product, and our collective success. We need people who take pride in understanding what drives outcomes, challenge the way things are done (respectfully), and always aim high. We can't say we've got this whole thing figured out, and frankly, that's half the fun. What we can say is that we're a driven, progressive, and, importantly, a kind team, all committed to building the future of R&D tax relief together. About the role We're looking for a Head of Technology to join EmpowerRD's senior leadership team at a pivotal moment in our growth. You'll own the technology strategy end-to-end, shaping our architecture and engineering culture while accelerating innovation that differentiates us in the R&D tax market. You'll be the connective tissue between our product ambitions and the engineering capability that brings them to life, partnering closely with the CEO, Product, Operations, and Marketing leadership. Who you'll be working with You'll sit at the senior leadership table, reporting into the CEO and working across the whole business. Day to day, you'll partner with the CEO, Head of Product, and our engineering and data teams. You'll also be the primary technology voice in conversations with Finance, Customer Success, Sales, and external technology vendors and partners. Our company virtues are: Be a truth seeker, Build Bridges, Empower Growth, Start and keep going, Foster Well-Being. We build strong cross-functional relationships, stay close to strategic priorities, and bring decisions grounded in data and evidence. What you'll be doing As Head of Technology at EmpowerRD, you will: Develop, communicate, and execute a comprehensive technology strategy aligned with our business goals and growth plans. Collaborate closely with the executive team, product, and other business units to understand technology needs and drive technology-enabled initiatives. Own and evolve the Data, Metrics and Insights that underpin the business. Oversee design and implementation of scalable, secure technology systems and infrastructure, ensuring alignment with security standards and best practice. Provide strong leadership, line management and mentorship to our engineering and data teams, fostering a culture of continuous learning and high performance. Oversee the Ways of Working and ensure teams have a full understanding of the software lifecycle and their roles within the process. Identify and mitigate technology-related risks, ensuring compliance with data privacy and security regulations and internal policies: you will be the DPO. Manage the technology budget, optimising resource allocation and ensuring cost-effective decisions. Manage relationships with technology vendors and partners, evaluating and selecting the most appropriate solutions. Stay close to the latest technology advances and provide strategic recommendations to keep EmpowerRD at the leading edge. What you bring Essential Five or more years of experience in a senior technology leadership role Deep understanding of software development methodologies and how AI has transformed these processes in recent years Many years of experience building technology platforms for organisations - you have the battle scars to show as well as depth of technical experience. Our Stack is Vue, Ruby on Rails, Postgres, Terraform, dbt, AWS, GCP - you'll have many years of experience in these technologies. Demonstrated success managing software development, systems architecture, infrastructure management, IT infrastructure, third party services, cyber security and budgets Broad commercial understanding of how a SaaS business ticks and the teams and processes that drive growth Strong strategic thinking: the ability to translate business objectives into effective technology decisions through Data and discussion Excellent leadership and team management skills, with a track record of developing high performing technology teams Proven ability to deliver complex technology projects on time and within budget Strong analytical and problem solving skills with a data driven approach to decision making A degree in computer science, information technology, or a related field (or equivalent experience) Valued but not required Experience in fintech, SaaS, professional services, or a regulated technology environment Hands on experience with AI and Data platform tooling Familiarity with the R&D tax credit, Accounting or HMRC landscape This role is for you if You're energised by setting the technology direction for a company, not just executing on a predefined plan. You're as comfortable discussing architectural trade offs with engineers as you are presenting a technology roadmap to the CEO or delivering Town Hall updates to the company. You hold yourself and your teams to high engineering standards without letting perfection get in the way of progress. This role may not be for you if You're looking for a steady state technology management role rather than a building and scaling challenge. You do not use data, metrics and insights as part of your operating DNA. You prefer to operate with full certainty before moving; we're a fast moving team, and ambiguity is part of the job. Practical details Location: London, UK. Hybrid with mandatory office days each week. Visa sponsorship: We're not able to offer UK work visa sponsorship for this role. Salary: To be discussed during the first interview. About your application and the interview process We use AI to score every application and then read every relevant CV ourselves. Your effort deserves human attention that matches it, so please take the time to read the role description and make sure your application reflects experience that is genuinely relevant here. The "Achieved X, as measured by Y, by doing Z" formula is a strong way to make your experience compelling. The role requires operational grounding, strategic breadth, and technical depth, so make sure your CV reflects all three. The process Intro call: A 30 minute conversation with leadership to discuss the role and your background. Take home strategic & technical exercises followed by a presentation interview with leadership. CEO interview: A 60 minute interview covering your leadership approach and strategic thinking. Culture Interview with function & technology team leads. EmpowerRD National Technology Awards 2026 Nominee Growth Business of the Year Financial Services Technology of the Year RegTech Project of the Year Ranked in TechRound 2025 FinTech 50
Job Overview Salary Range: £44,171 - £63,000 Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity. Responsibilities As a Cyber Security Architect, you'll work at the design and decision making layer of major programmes, helping customers build security in from the start. Your role involves: Building trusted relationships with customers and understanding their missions, constraints and operating environments. Engaging confidently with engineers, project managers, security professionals and senior stakeholders. Analyzing complex IT environments, even where information is incomplete. Applying recognised security principles, architectural patterns and frameworks to real world systems. Thinking in terms of risk and identifying architectural risks, threats and vulnerabilities. Explaining security trade offs in clear, business relevant language rather than just technical detail. Designing secure solutions and defining layered, secure by design architectures across people, process and technology. Recommending practical security controls and patterns that support project delivery. Providing assurance and reviewing designs and implementations against agreed standards and regulatory expectations. Supporting architecture governance, compliance and security assurance activities. Contributing to reusable architectural patterns, frameworks and offerings. Providing technical leadership in bids, proposals and early solution shaping. Career Development Grow the practice by sharing expertise, mentoring junior engineers, architects or consultants and contributing to the evolution of our security architecture methodology. What You'll Bring Strong communication and stakeholder engagement skills; ability to explain complex technical concepts clearly and confidently. A consulting mindset: adaptable, dependable and focused on high quality outcomes. Technical background with solid understanding of core IT fundamentals such as TCP/IP, networking, protocols and system interactions. Experience designing or supporting complex IT, cloud, application or networked systems and decomposing large systems into logical, secure architectural components. Security and architecture experience: translating high level functional or mission objectives into technical or security requirements, understanding security controls, threat mitigation and architectural trade offs. Ability to justify why a control or design decision is needed to both technical and non technical audiences. Additional Experience Previous exposure to security architecture, risk assessment or design assurance. Experience mentoring junior engineers, architects or consultants. Familiarity with UK MOD, defence or national security environments. Certifications Security+ (preferred) CISMP, CCSP, TOGAF, AWS or Azure cloud certifications. Security Clearance This role is subject to pre employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). Additional Personnel Security Controls referred to as National Security Vetting (NSV) may apply, possibly including the Security Check (SC) or Developed Vetting (DV). For more information and guidance, visit Location & Contract Primary Location: Bristol - Coldharbour Lane, UK Contract Type: Permanent Hybrid Working: Hybrid (International, multicultural, innovative, technological)
13/06/2026
Full time
Job Overview Salary Range: £44,171 - £63,000 Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity. Responsibilities As a Cyber Security Architect, you'll work at the design and decision making layer of major programmes, helping customers build security in from the start. Your role involves: Building trusted relationships with customers and understanding their missions, constraints and operating environments. Engaging confidently with engineers, project managers, security professionals and senior stakeholders. Analyzing complex IT environments, even where information is incomplete. Applying recognised security principles, architectural patterns and frameworks to real world systems. Thinking in terms of risk and identifying architectural risks, threats and vulnerabilities. Explaining security trade offs in clear, business relevant language rather than just technical detail. Designing secure solutions and defining layered, secure by design architectures across people, process and technology. Recommending practical security controls and patterns that support project delivery. Providing assurance and reviewing designs and implementations against agreed standards and regulatory expectations. Supporting architecture governance, compliance and security assurance activities. Contributing to reusable architectural patterns, frameworks and offerings. Providing technical leadership in bids, proposals and early solution shaping. Career Development Grow the practice by sharing expertise, mentoring junior engineers, architects or consultants and contributing to the evolution of our security architecture methodology. What You'll Bring Strong communication and stakeholder engagement skills; ability to explain complex technical concepts clearly and confidently. A consulting mindset: adaptable, dependable and focused on high quality outcomes. Technical background with solid understanding of core IT fundamentals such as TCP/IP, networking, protocols and system interactions. Experience designing or supporting complex IT, cloud, application or networked systems and decomposing large systems into logical, secure architectural components. Security and architecture experience: translating high level functional or mission objectives into technical or security requirements, understanding security controls, threat mitigation and architectural trade offs. Ability to justify why a control or design decision is needed to both technical and non technical audiences. Additional Experience Previous exposure to security architecture, risk assessment or design assurance. Experience mentoring junior engineers, architects or consultants. Familiarity with UK MOD, defence or national security environments. Certifications Security+ (preferred) CISMP, CCSP, TOGAF, AWS or Azure cloud certifications. Security Clearance This role is subject to pre employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). Additional Personnel Security Controls referred to as National Security Vetting (NSV) may apply, possibly including the Security Check (SC) or Developed Vetting (DV). For more information and guidance, visit Location & Contract Primary Location: Bristol - Coldharbour Lane, UK Contract Type: Permanent Hybrid Working: Hybrid (International, multicultural, innovative, technological)
Security Architecture ConsultantApplylocations: GB - Bristol - Coldharbour Lanetime type: Full timeposted on: Posted Todayjob requisition id: R Job Description: Salary Range: £44,171 - £63,000Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity. Your impact Are you a network, systems, cloud or software engineer looking to take the next step into cyber security consultancy? Do you enjoy solving complex technical problems, working with customers, and influencing how systems are designed - not just built?Leonardo UK is looking for a Cyber Security Architect to join our Cyber & Security Solutions Division. This role is ideal for experienced IT professionals who want to broaden their impact, move into a consultative role, and help shape secure solutions for some of the UK's most critical and complex environments. What you'll be doing: As a Cyber Security Architect, you'll work at the design and decision-making layer of major programmes. Rather than focusing on day-to-day operations, you'll help customers build security in from the start - translating technical realities and business objectives into clear, robust, and proportionate security architectures.You'll work in a collaborative, agile consultancy environment, blending home and on-site working, and engaging closely with customers, delivery teams and fellow specialists. Your role in practice: You'll use your technical background to:Work with customers Build trusted relationships and understand customer missions, constraints and operating environments Engage confidently with engineers, project managers, security professionals and senior stakeholdersUnderstand complex systems Analyse existing and proposed IT environments, even where information is incomplete Apply recognised security principles, architectural patterns and frameworks to real-world systemsThink in terms of risk Identify architectural risks, threats and vulnerabilities Explain security trade-offs in clear, business-relevant language rather than just technical detailDesign secure solutions Define layered, secure by design architectures across people, process and technology Recommend practical security controls and patterns that will support project deliveryProvide assurance Review designs and implementations against agreed standards and regulatory expectations Support architecture governance, compliance and security assurance activitiesGrow the practice Contribute to reusable architectural patterns, frameworks and offerings Provide technical leadership in bids, proposals and early solution shaping What you'll bring This role suits experienced engineers or consultants who are comfortable with complex systems and are ready to step into a broader, more influential security role.Core strengths Strong communication and stakeholder engagement skills Ability to explain complex technical concepts clearly and confidently A consulting mindset: adaptable, dependable and focused on high-quality outcomes Enjoy working collaboratively and supporting the development of othersTechnical background Solid understanding of core IT fundamentals such as TCP/IP, networking, protocols and system interactions Experience designing or supporting complex IT, cloud, application or networked systems Ability to decompose large systems into logical, secure architectural componentsSecurity and architecture Experience translating high-level functional or mission objectives into technical or security requirements Understanding of security controls, threat mitigation and architectural trade-offs Ability to justify why a control or design decision is needed - to both technical and non-technical audiencesAdditional experience (beneficial, not essential) Previous exposure to security architecture, risk assessment or design assurance Experience mentoring junior engineers, architects or consultants Familiarity with UK MOD, defence or national security environmentsCertificationsWe value practical experience, but relevant certifications are welcomed, such as: Security+: CISMP, CCSP TOGAF AWS or Azure cloud certificationsThis is not an exhaustive list, and we are keen to hear from you even if you might not have experience in all the above. The most important skill is a good attitude and willingness to learn. Security Clearance This role is subject to pre-employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personnel Security Controls referred to as National Security Vetting (NSV) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). For more information and guidance please visit: Why join us At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company-funded benefits package that supports your wellbeing, career development, and work-life balance. Whether you're looking to grow professionally, care for your health, or plan for the future, we're here to help you thrive. Time to Recharge: Enjoy generous leave with the opportunity to accrue up to 12 additional flexi-days each year. Secure your Future: Benefit from our award-winning pension scheme with up to 15% employer contribution. Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks championing inclusion and diversity (Enable, Pride, Equalise, Armed Forces, Carers, Wellbeing and Ethnicity). Rewarding Performance : All employees at management level and below are eligible for our bonus scheme. Never Stop Learning : Free access to 4,000+ online courses via Coursera and LinkedIn Learning. Refer a friend: Receive a financial reward through our referral programme. Tailored Perks : Spend up to £500 annually on flexible benefits including private healthcare, dental, family cover, tech & lifestyle discounts, gym memberships and more. Flexible working: Flexible hours with hybrid working options. For part time opportunities, please talk to us about what might be possible for this role.For a full list of our company benefits please visit our website.Leonardo is a global leader in Aerospace, Defence, and Security. Headquartered in Italy, we employ over 53,000 people worldwide including 8,500 across 9 sites in the UK. Our employees are not just part of a team-they are key contributors to shaping innovation, advancing technology, and enhancing global safety.At Leonardo we are committed to building an inclusive, accessible, and welcoming workplace. We believe that a diverse workforce sparks creativity, drives innovation, and leads to better outcomes for our people and our customers. If you have any accessibility requirements to support you during the recruitment process, just let us know.Be part of something bigger - apply now! Primary Location: GB - Bristol - Coldharbour Lane Contract Type: Permanent Hybrid Working: Hybrid
13/06/2026
Full time
Security Architecture ConsultantApplylocations: GB - Bristol - Coldharbour Lanetime type: Full timeposted on: Posted Todayjob requisition id: R Job Description: Salary Range: £44,171 - £63,000Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity. Your impact Are you a network, systems, cloud or software engineer looking to take the next step into cyber security consultancy? Do you enjoy solving complex technical problems, working with customers, and influencing how systems are designed - not just built?Leonardo UK is looking for a Cyber Security Architect to join our Cyber & Security Solutions Division. This role is ideal for experienced IT professionals who want to broaden their impact, move into a consultative role, and help shape secure solutions for some of the UK's most critical and complex environments. What you'll be doing: As a Cyber Security Architect, you'll work at the design and decision-making layer of major programmes. Rather than focusing on day-to-day operations, you'll help customers build security in from the start - translating technical realities and business objectives into clear, robust, and proportionate security architectures.You'll work in a collaborative, agile consultancy environment, blending home and on-site working, and engaging closely with customers, delivery teams and fellow specialists. Your role in practice: You'll use your technical background to:Work with customers Build trusted relationships and understand customer missions, constraints and operating environments Engage confidently with engineers, project managers, security professionals and senior stakeholdersUnderstand complex systems Analyse existing and proposed IT environments, even where information is incomplete Apply recognised security principles, architectural patterns and frameworks to real-world systemsThink in terms of risk Identify architectural risks, threats and vulnerabilities Explain security trade-offs in clear, business-relevant language rather than just technical detailDesign secure solutions Define layered, secure by design architectures across people, process and technology Recommend practical security controls and patterns that will support project deliveryProvide assurance Review designs and implementations against agreed standards and regulatory expectations Support architecture governance, compliance and security assurance activitiesGrow the practice Contribute to reusable architectural patterns, frameworks and offerings Provide technical leadership in bids, proposals and early solution shaping What you'll bring This role suits experienced engineers or consultants who are comfortable with complex systems and are ready to step into a broader, more influential security role.Core strengths Strong communication and stakeholder engagement skills Ability to explain complex technical concepts clearly and confidently A consulting mindset: adaptable, dependable and focused on high-quality outcomes Enjoy working collaboratively and supporting the development of othersTechnical background Solid understanding of core IT fundamentals such as TCP/IP, networking, protocols and system interactions Experience designing or supporting complex IT, cloud, application or networked systems Ability to decompose large systems into logical, secure architectural componentsSecurity and architecture Experience translating high-level functional or mission objectives into technical or security requirements Understanding of security controls, threat mitigation and architectural trade-offs Ability to justify why a control or design decision is needed - to both technical and non-technical audiencesAdditional experience (beneficial, not essential) Previous exposure to security architecture, risk assessment or design assurance Experience mentoring junior engineers, architects or consultants Familiarity with UK MOD, defence or national security environmentsCertificationsWe value practical experience, but relevant certifications are welcomed, such as: Security+: CISMP, CCSP TOGAF AWS or Azure cloud certificationsThis is not an exhaustive list, and we are keen to hear from you even if you might not have experience in all the above. The most important skill is a good attitude and willingness to learn. Security Clearance This role is subject to pre-employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personnel Security Controls referred to as National Security Vetting (NSV) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). For more information and guidance please visit: Why join us At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company-funded benefits package that supports your wellbeing, career development, and work-life balance. Whether you're looking to grow professionally, care for your health, or plan for the future, we're here to help you thrive. Time to Recharge: Enjoy generous leave with the opportunity to accrue up to 12 additional flexi-days each year. Secure your Future: Benefit from our award-winning pension scheme with up to 15% employer contribution. Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks championing inclusion and diversity (Enable, Pride, Equalise, Armed Forces, Carers, Wellbeing and Ethnicity). Rewarding Performance : All employees at management level and below are eligible for our bonus scheme. Never Stop Learning : Free access to 4,000+ online courses via Coursera and LinkedIn Learning. Refer a friend: Receive a financial reward through our referral programme. Tailored Perks : Spend up to £500 annually on flexible benefits including private healthcare, dental, family cover, tech & lifestyle discounts, gym memberships and more. Flexible working: Flexible hours with hybrid working options. For part time opportunities, please talk to us about what might be possible for this role.For a full list of our company benefits please visit our website.Leonardo is a global leader in Aerospace, Defence, and Security. Headquartered in Italy, we employ over 53,000 people worldwide including 8,500 across 9 sites in the UK. Our employees are not just part of a team-they are key contributors to shaping innovation, advancing technology, and enhancing global safety.At Leonardo we are committed to building an inclusive, accessible, and welcoming workplace. We believe that a diverse workforce sparks creativity, drives innovation, and leads to better outcomes for our people and our customers. If you have any accessibility requirements to support you during the recruitment process, just let us know.Be part of something bigger - apply now! Primary Location: GB - Bristol - Coldharbour Lane Contract Type: Permanent Hybrid Working: Hybrid
Senior Cyber Security Operations Centre (CSOC) Consultant DV Cleared Corsham / Hybrid Rate: 700 - 750pd (Inside IR35) We're supporting a major national security programme seeking an experienced Cyber Security Operations Centre (CSOC) Consultant to join a growing cyber security function delivering services within a highly secure environment. This is an opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government, or other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection use cases, correlation rules, and security monitoring processes. Work closely with cloud, infrastructure, and engineering teams to improve security posture across complex environments. Contribute to threat hunting activities and proactive identification of emerging threats. Support security assurance, risk management, and compliance activities. Produce technical documentation, reports, and recommendations for both technical and non-technical stakeholders. Provide subject matter expertise on security operations best practice within secure government environments. Experience Required Current UK Developed Vetting (DV) clearance. Strong experience within a Security Operations Centre (SOC) or Cyber Security Operations Centre (CSOC) environment. Experience investigating and responding to cyber security incidents. Knowledge of SIEM platforms and security monitoring technologies. Understanding of threat detection, threat hunting, vulnerability management, and incident response methodologies. Experience working within Defence, Central Government, or other secure environments. Strong stakeholder engagement and communication skills. Desirable Experience Experience supporting cloud-hosted environments, particularly Google Cloud Platform (GCP). Experience of MOD Cloud (MODCloud) programmes or secure cloud transformation initiatives. Familiarity with NCSC guidance and secure-by-design principles. Knowledge of security frameworks including JSP 440, JSP 604, NIST, ISO27001, or Cyber Assessment Framework (CAF). Relevant certifications such as CISSP, CCSP, GCIH, GCIA, Security+, or similar. We are looking to have someone in position by 1st July 2026, so if you meet the criteria outlined and want to know more, please get in touch ASAP. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
12/06/2026
Contractor
Senior Cyber Security Operations Centre (CSOC) Consultant DV Cleared Corsham / Hybrid Rate: 700 - 750pd (Inside IR35) We're supporting a major national security programme seeking an experienced Cyber Security Operations Centre (CSOC) Consultant to join a growing cyber security function delivering services within a highly secure environment. This is an opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government, or other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection use cases, correlation rules, and security monitoring processes. Work closely with cloud, infrastructure, and engineering teams to improve security posture across complex environments. Contribute to threat hunting activities and proactive identification of emerging threats. Support security assurance, risk management, and compliance activities. Produce technical documentation, reports, and recommendations for both technical and non-technical stakeholders. Provide subject matter expertise on security operations best practice within secure government environments. Experience Required Current UK Developed Vetting (DV) clearance. Strong experience within a Security Operations Centre (SOC) or Cyber Security Operations Centre (CSOC) environment. Experience investigating and responding to cyber security incidents. Knowledge of SIEM platforms and security monitoring technologies. Understanding of threat detection, threat hunting, vulnerability management, and incident response methodologies. Experience working within Defence, Central Government, or other secure environments. Strong stakeholder engagement and communication skills. Desirable Experience Experience supporting cloud-hosted environments, particularly Google Cloud Platform (GCP). Experience of MOD Cloud (MODCloud) programmes or secure cloud transformation initiatives. Familiarity with NCSC guidance and secure-by-design principles. Knowledge of security frameworks including JSP 440, JSP 604, NIST, ISO27001, or Cyber Assessment Framework (CAF). Relevant certifications such as CISSP, CCSP, GCIH, GCIA, Security+, or similar. We are looking to have someone in position by 1st July 2026, so if you meet the criteria outlined and want to know more, please get in touch ASAP. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
Creating an account has many benefits: See order and delivery status Track order history Check out fasterJob# Hybrid Infrastructure Business ManagerHybrid (London)Technology Partner Management Hybrid Infrastructure Business Manager 2. First Stage InterviewYou'll meet the hiring manager and learn more about the role.boxxe Limited, a company incorporated in England and Wales with company number and registered office at Artemis House, Eboracum Way, York, YO31 7RE ("boxxe") together with any group companies (" we us ours ") is committed to protecting and respecting your privacy and personal data.For the purposes of data protection legislation, we are the data processor and we will process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the UK Data Protection Act 2018 and any other applicable national laws which relate to the processing of personal data.When we use the term "services", we are referring to all the services that we offer on our own behalf, including our product offerings. We are not referring to services that we provide solely on behalf of a third party, such as outsourced IT services we may provide to another company or software licenses from a third party. Please refer to the privacy notice of the third party with which you have a relationship for information on how they engage service providers, like us, to process personal information on their behalf. We take your privacy very seriously, Please read this policy carefully as it contains important information on who we are and how boxxe collects, stores, uses, shares, retains and destroys personal data that you provide to us or that we collect when you purchase goods or services from us and/or when you or visit the website. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint. name, address (delivery, shipping, registered), contact information, including email address and telephone number and company details; information to check and verify your identity; location data; your billing information, transaction and payment card or other payment method information, e.g., bank account and payment details; details of any information, feedback or other matters you give to us by phone, email, post or via social media; your account details, such as username and login details; your activities on, and use of, our website; your professional interests; your professional online presence, e.g., LinkedIn profile; information about the services we provide to you; your contact history, purchase history and saved items; information about how you use our website and technology systems; your responses to surveys, competitions and promotions; and IP address Google Device's IP address (processed during your session and stored in a de-identified form) geographic location (country only), and the preferred language used to display our website. Google Analytics stores this information on our behalf in a pseudonymized user profile. Hotjar Ltd This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Dotdigital Dotdigital is a SaaS cross-channel marketing automation platform and services provider that helps brands devise successful, personalized marketing campaigns across multiple channels (e.g. email). Paired with its Microsoft Dynamics 365 CRM integration, boxxe is able to deliver tailored marketing to its customers. Contact data (such as email address, contact number, name or other contact details), marketing preferences, IP address and usage information (including online navigation data, location data and browser data). Darktrace Darktrace's Security Platform enhances boxxe's cybersecurity position by providing endpoint protection, cloud security, and email security. Darktrace uses AI-driven tools to detect and respond to potential threats, such as malware, phishing attacks, and insider threats, by continuously monitoring network traffic, user behaviour, and cloud-based resources. It aims to prevent data breaches and minimize cyber risks by identifying and mitigating security threats in real-time. Contact data (name, email address, user name), devide identifiers (e.g. IP address) and/or mobile identifiers, location data to nearest city, usage information (including tracking or browsing behavior). Greenhouse Greenhouse ATS is a cloud-based software that helps companies manage their recruitment processes. It organizes and tracks job applications, resumes, and candidate information. Greenhouse ATS collects applications and stores data about the applicants, such as which source they came from, which role they applied to and where they are in the application process. Greenhouse ATS features applicant tracking, background screening, interview scheduling, and onboarding. Contact details (name, email address, home address, telephone number) and any special accommodations needed if successful for interview and employment. data from our selected partners who have identified a lead for the sale of a product or service to you; third party vendor, reseller, distributor, sub-contractor or partner for the supply of goods and services that you have requested if it is necessary for the performance of the contract. These external companies are only authorised to use your data for the purpose of providing the contract; staff members in order to facilitate the provision of goods or services to you; our affiliated entities to support internal administration; postal/courier service providers; professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services; HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances; and third parties with whom we may choose to sell, transfer or merge parts of our business or assets - we may seek to acquire other business or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy. Ireland Hotjar Adequacy regulation further to paragraph 5(1)(a) of Part 3 of Schedule 21 to the Data Protection Act 2018 USA Stripe Inc In order to facilitate online payments through boxxe's ecommerce portal, where applicable, Stripe may Process Payment Account Details, bank account details, billing/shipping address, name, date/time/amount of transaction, device ID, email address, IP address/location, order ID, payment card details, tax ID/status, unique customer identifier, identity information including government issued documents (e.g., national IDs, driver's licenses and passports). UK Data Transfer Addendum How long your personal data will be keptWe retain your personal data for as long as is necessary to fulfil the purpose that we collected it for, including the satisfaction of any legal, accounting or reporting requirements. This includes data for tax and accounting requirements under applicable law. If you make a purchase from boxxe, we will keep the information for tax and accounting requirements under applicable law.Data is reviewed regularly and only retained where necessary. To determine the appropriate retention period of your data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from a loss of confidentiality to the data and any legal requirements to retain such personal data. Once any legal requirements have expired for the
11/06/2026
Full time
Creating an account has many benefits: See order and delivery status Track order history Check out fasterJob# Hybrid Infrastructure Business ManagerHybrid (London)Technology Partner Management Hybrid Infrastructure Business Manager 2. First Stage InterviewYou'll meet the hiring manager and learn more about the role.boxxe Limited, a company incorporated in England and Wales with company number and registered office at Artemis House, Eboracum Way, York, YO31 7RE ("boxxe") together with any group companies (" we us ours ") is committed to protecting and respecting your privacy and personal data.For the purposes of data protection legislation, we are the data processor and we will process your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the UK Data Protection Act 2018 and any other applicable national laws which relate to the processing of personal data.When we use the term "services", we are referring to all the services that we offer on our own behalf, including our product offerings. We are not referring to services that we provide solely on behalf of a third party, such as outsourced IT services we may provide to another company or software licenses from a third party. Please refer to the privacy notice of the third party with which you have a relationship for information on how they engage service providers, like us, to process personal information on their behalf. We take your privacy very seriously, Please read this policy carefully as it contains important information on who we are and how boxxe collects, stores, uses, shares, retains and destroys personal data that you provide to us or that we collect when you purchase goods or services from us and/or when you or visit the website. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint. name, address (delivery, shipping, registered), contact information, including email address and telephone number and company details; information to check and verify your identity; location data; your billing information, transaction and payment card or other payment method information, e.g., bank account and payment details; details of any information, feedback or other matters you give to us by phone, email, post or via social media; your account details, such as username and login details; your activities on, and use of, our website; your professional interests; your professional online presence, e.g., LinkedIn profile; information about the services we provide to you; your contact history, purchase history and saved items; information about how you use our website and technology systems; your responses to surveys, competitions and promotions; and IP address Google Device's IP address (processed during your session and stored in a de-identified form) geographic location (country only), and the preferred language used to display our website. Google Analytics stores this information on our behalf in a pseudonymized user profile. Hotjar Ltd This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Dotdigital Dotdigital is a SaaS cross-channel marketing automation platform and services provider that helps brands devise successful, personalized marketing campaigns across multiple channels (e.g. email). Paired with its Microsoft Dynamics 365 CRM integration, boxxe is able to deliver tailored marketing to its customers. Contact data (such as email address, contact number, name or other contact details), marketing preferences, IP address and usage information (including online navigation data, location data and browser data). Darktrace Darktrace's Security Platform enhances boxxe's cybersecurity position by providing endpoint protection, cloud security, and email security. Darktrace uses AI-driven tools to detect and respond to potential threats, such as malware, phishing attacks, and insider threats, by continuously monitoring network traffic, user behaviour, and cloud-based resources. It aims to prevent data breaches and minimize cyber risks by identifying and mitigating security threats in real-time. Contact data (name, email address, user name), devide identifiers (e.g. IP address) and/or mobile identifiers, location data to nearest city, usage information (including tracking or browsing behavior). Greenhouse Greenhouse ATS is a cloud-based software that helps companies manage their recruitment processes. It organizes and tracks job applications, resumes, and candidate information. Greenhouse ATS collects applications and stores data about the applicants, such as which source they came from, which role they applied to and where they are in the application process. Greenhouse ATS features applicant tracking, background screening, interview scheduling, and onboarding. Contact details (name, email address, home address, telephone number) and any special accommodations needed if successful for interview and employment. data from our selected partners who have identified a lead for the sale of a product or service to you; third party vendor, reseller, distributor, sub-contractor or partner for the supply of goods and services that you have requested if it is necessary for the performance of the contract. These external companies are only authorised to use your data for the purpose of providing the contract; staff members in order to facilitate the provision of goods or services to you; our affiliated entities to support internal administration; postal/courier service providers; professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services; HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances; and third parties with whom we may choose to sell, transfer or merge parts of our business or assets - we may seek to acquire other business or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy. Ireland Hotjar Adequacy regulation further to paragraph 5(1)(a) of Part 3 of Schedule 21 to the Data Protection Act 2018 USA Stripe Inc In order to facilitate online payments through boxxe's ecommerce portal, where applicable, Stripe may Process Payment Account Details, bank account details, billing/shipping address, name, date/time/amount of transaction, device ID, email address, IP address/location, order ID, payment card details, tax ID/status, unique customer identifier, identity information including government issued documents (e.g., national IDs, driver's licenses and passports). UK Data Transfer Addendum How long your personal data will be keptWe retain your personal data for as long as is necessary to fulfil the purpose that we collected it for, including the satisfaction of any legal, accounting or reporting requirements. This includes data for tax and accounting requirements under applicable law. If you make a purchase from boxxe, we will keep the information for tax and accounting requirements under applicable law.Data is reviewed regularly and only retained where necessary. To determine the appropriate retention period of your data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from a loss of confidentiality to the data and any legal requirements to retain such personal data. Once any legal requirements have expired for the
Alexander Mann Solutions - Public Sector Resourcing
Corsham, Wiltshire
On behalf of the MOD, we are looking for a Security Assurance Coordinator (Inside IR35) for a 9 Month contract based Hybrid in either Abbeywood or Corsham. The Ministry of Defence (MOD) is a central government department with a mission to protect our country and provide the ultimate guarantee of its security and independence, as well as helping to protect its values and interests abroad. The MOD is one of the biggest public procurement organisations in Europe and the single largest customer for UK industry. It currently manages approximately £20 billion of spend on capital investments in equipment and infrastructure every year. Over the next decade the MOD is committed to spending over £190 billion on equipment and support. The MOD's customers include both the armed forces and national security agencies, and it has a diverse range of requirements, including military fighting vehicles, education services, nuclear submarines and facilities management. The MOD's aim is to provide its armed forces with the best capabilities to enable them to protect the UK's security and advance national interests, both now and in the long term. To do this the MOD has an annual budget of almost £53 billion and a workforce comprising 197,000 people. of which 54,000 are civilians working for the UK MOD. The work really matters; the MOD offers a range of engaging roles which have a direct impact on the quality of services they provide, in many locations across the UK. We support teams working in HR, Primary Health Care, Corporate Services, and many others. SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance. As a Security Assurance Coordinator, your main responsibilities will be: . Coordinate security assurance activities across Foundry products and services in line with MOD and Defence Digital security policies. . Support agile delivery teams to understand and implement security requirements throughout the product life cycle. . Act as the primary point of contact for security assurance planning, tracking security actions, risks, and dependencies. . Assist in the production, maintenance, and quality assurance of Risk Management and Accreditation Document Sets (RMADS). . Ensure supporting security evidence is identified, captured, and maintained. . Manage version control, assurance milestones, and approvals for security documentation. . Liaise with accreditation, cyber security, and risk stakeholders to support timely assurance decisions. Essential: . Experience supporting cyber security or information assurance activities in a digital or IT delivery environment. . Understanding of risk-based security assurance principles within MOD, HMG, or similar regulated environments. . Experience contributing to or coordinating RMADS or equivalent security documentation. . Strong stakeholder engagement and communication skills across technical and non-technical audiences. . Ability to manage multiple assurance activities concurrently in a fast-paced delivery context. Desirable: . Experience working within Defence Digital, MOD, or wider UK Government. . Familiarity with agile, product-centric, or user-centred delivery models. . Experience working with NCSC-accredited CLAS consultants or external assurance providers. . Knowledge of cloud hosting platforms and modern digital architectures. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the MOD guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. Armed Forces Covenant The MOD guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.
10/06/2026
Contractor
On behalf of the MOD, we are looking for a Security Assurance Coordinator (Inside IR35) for a 9 Month contract based Hybrid in either Abbeywood or Corsham. The Ministry of Defence (MOD) is a central government department with a mission to protect our country and provide the ultimate guarantee of its security and independence, as well as helping to protect its values and interests abroad. The MOD is one of the biggest public procurement organisations in Europe and the single largest customer for UK industry. It currently manages approximately £20 billion of spend on capital investments in equipment and infrastructure every year. Over the next decade the MOD is committed to spending over £190 billion on equipment and support. The MOD's customers include both the armed forces and national security agencies, and it has a diverse range of requirements, including military fighting vehicles, education services, nuclear submarines and facilities management. The MOD's aim is to provide its armed forces with the best capabilities to enable them to protect the UK's security and advance national interests, both now and in the long term. To do this the MOD has an annual budget of almost £53 billion and a workforce comprising 197,000 people. of which 54,000 are civilians working for the UK MOD. The work really matters; the MOD offers a range of engaging roles which have a direct impact on the quality of services they provide, in many locations across the UK. We support teams working in HR, Primary Health Care, Corporate Services, and many others. SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance. As a Security Assurance Coordinator, your main responsibilities will be: . Coordinate security assurance activities across Foundry products and services in line with MOD and Defence Digital security policies. . Support agile delivery teams to understand and implement security requirements throughout the product life cycle. . Act as the primary point of contact for security assurance planning, tracking security actions, risks, and dependencies. . Assist in the production, maintenance, and quality assurance of Risk Management and Accreditation Document Sets (RMADS). . Ensure supporting security evidence is identified, captured, and maintained. . Manage version control, assurance milestones, and approvals for security documentation. . Liaise with accreditation, cyber security, and risk stakeholders to support timely assurance decisions. Essential: . Experience supporting cyber security or information assurance activities in a digital or IT delivery environment. . Understanding of risk-based security assurance principles within MOD, HMG, or similar regulated environments. . Experience contributing to or coordinating RMADS or equivalent security documentation. . Strong stakeholder engagement and communication skills across technical and non-technical audiences. . Ability to manage multiple assurance activities concurrently in a fast-paced delivery context. Desirable: . Experience working within Defence Digital, MOD, or wider UK Government. . Familiarity with agile, product-centric, or user-centred delivery models. . Experience working with NCSC-accredited CLAS consultants or external assurance providers. . Knowledge of cloud hosting platforms and modern digital architectures. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the MOD guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. Armed Forces Covenant The MOD guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.
Cyber Security Delivery Manager £80-90k Portsmouth (Hybrid) SC Clearance Eligibility essential Are you a senior cyber security professional who can lead from the front - advising at board level one day and getting hands-on with a security architecture review the next? We're recruiting on behalf of a well-regarded cyber security consultancy based in Hampshire. They work with a range of clients on complex, meaningful security challenges - and they're looking for an experienced Cyber Manager to join the senior team. This isn't a purely strategic role. You'll lead engagements, grow client relationships, and help shape the direction of the business - but you'll also roll your sleeves up when the work demands it. Salary: £ Package: Gym, private medical insurance, company pension, work from home flex Working Structure: Hybrid remote in Portsmouth (2 days onsite) Security Clearance: Active or Eligible for SC clearance. The Role: As Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes out the door. What You'll Be Doing: Leading end-to-end cyber security engagements across advisory and hands-on delivery Managing multiple projects simultaneously, ensuring delivery quality and client satisfaction Building and maintaining strong relationships with clients, including at CISO and board level Leading proposals and bids, contributing to go-to-market strategy and service development Supporting and developing junior and mid-level consultants through active mentoring Putting sensible operational processes in place and keeping day-to-day delivery on track Contributing to hiring decisions as the team grows What You'll Need: Significant experience delivering cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate complex security topics clearly to both technical and non-technical stakeholders Eligibility to obtain or active SC (Security Clearance) Self-motivated, decisive, and comfortable operating with a high degree of autonomy Desired but not essential: Experience across multiple disciplines such as GRC, penetration testing, SOC, cloud security, or OT security Familiarity with frameworks including NIST, ISO 27001, CAF, or Cyber Essentials Experience working with government, defence, or critical national infrastructure clients Additional certifications such as CREST, OSCP, or NCSC Certified Professional If this sounds like the right next step, apply now or get in touch for a confidential conversation. Candidates must be eligible to work in the UK and able to obtain Security Clearance. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
10/06/2026
Full time
Cyber Security Delivery Manager £80-90k Portsmouth (Hybrid) SC Clearance Eligibility essential Are you a senior cyber security professional who can lead from the front - advising at board level one day and getting hands-on with a security architecture review the next? We're recruiting on behalf of a well-regarded cyber security consultancy based in Hampshire. They work with a range of clients on complex, meaningful security challenges - and they're looking for an experienced Cyber Manager to join the senior team. This isn't a purely strategic role. You'll lead engagements, grow client relationships, and help shape the direction of the business - but you'll also roll your sleeves up when the work demands it. Salary: £ Package: Gym, private medical insurance, company pension, work from home flex Working Structure: Hybrid remote in Portsmouth (2 days onsite) Security Clearance: Active or Eligible for SC clearance. The Role: As Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes out the door. What You'll Be Doing: Leading end-to-end cyber security engagements across advisory and hands-on delivery Managing multiple projects simultaneously, ensuring delivery quality and client satisfaction Building and maintaining strong relationships with clients, including at CISO and board level Leading proposals and bids, contributing to go-to-market strategy and service development Supporting and developing junior and mid-level consultants through active mentoring Putting sensible operational processes in place and keeping day-to-day delivery on track Contributing to hiring decisions as the team grows What You'll Need: Significant experience delivering cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate complex security topics clearly to both technical and non-technical stakeholders Eligibility to obtain or active SC (Security Clearance) Self-motivated, decisive, and comfortable operating with a high degree of autonomy Desired but not essential: Experience across multiple disciplines such as GRC, penetration testing, SOC, cloud security, or OT security Familiarity with frameworks including NIST, ISO 27001, CAF, or Cyber Essentials Experience working with government, defence, or critical national infrastructure clients Additional certifications such as CREST, OSCP, or NCSC Certified Professional If this sounds like the right next step, apply now or get in touch for a confidential conversation. Candidates must be eligible to work in the UK and able to obtain Security Clearance. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Senior Cyber Security Analyst - Application Security / DevSecOps / Secure Design/SAST, DAST - London Contract (12 Months, Hybrid 8 Days onsite per month, remote rest). Inside of IR35 - must use umbrella. £600 per day. We are supporting a leading international organisation in the search for a Senior Cyber Security Analyst to join a high performing security engineering and assurance team. This role is ideal for a consultant with a strong background in Application Security, DevSecOps, Secure SDLC, Threat Modelling, and Cloud Security, who can work closely with engineering teams to embed security into modern software delivery environments. The successful consultant will operate across cloud native platforms, CI/CD pipelines, APIs, containers, and microservices architectures, helping drive secure by design principles across enterprise scale platforms. Key Responsibilities Perform security risk assessments, secure design reviews, and threat modelling exercises for applications, APIs, and cloud platforms Define and implement secure by design principles across software engineering and DevOps teams Embed security controls into CI/CD pipelines using modern DevSecOps practices Lead and support SAST, DAST, SCA, and container security integration activities Conduct application and infrastructure security assessments aligned to OWASP, NIST, and industry best practices Work closely with development teams to triage vulnerabilities and support remediation activities Define security requirements for modern application architectures including APIs, Microservices, Kubernetes/Containers, Cloud native platforms Support secure architecture reviews across AWS and/or Azure environments Collaborate with stakeholders across Security, Engineering, DevOps, Risk, and Architecture teams Support vulnerability management, security governance, and secure delivery processes Required Skills & Experience Application Security & Secure SDLC OWASP Top 10 / ASVS Secure coding practices Threat modelling (STRIDE / MITRE ATT&CK) Security architecture and design reviews Vulnerability management and remediation Secure Software Development Lifecycle (SSDLC) DevSecOps & CI/CD Security integration of security tooling into CI/CD pipelines Experience with: GitHub, GitLab, Jenkins, Azure DevOps Hands on experience with: SAST, DAST, SCA, Secrets scanning, Container security, Cloud & Platform Security, AWS and/or Azure security, Kubernetes / Docker / container security, API security, IAM / Identity Federation / SSO, WAF and cloud native security tooling, Infrastructure as Code security (Terraform / Checkov / tfsec) Security tooling experience with: SonarQube, Checkmarx, Veracode, Fortify, OWASP ZAP, Burp Suite, Snyk, Aqua, Wiz, Prisma Cloud, Defender for Cloud, Sentinel Ideal Background 8-15+ years in Cyber Security Strong focus on Application Security and DevSecOps Experience working closely with engineering and platform teams Strong stakeholder engagement and communication skills Experience within regulated or enterprise environments (Financial services, government, or large scale enterprise) highly desirable Certifications desirable: CISSP, SABSA, GIAC, ISO 27001, Cloud security certifications (AWS / Azure) Rates depend on experience and client requirements.
09/06/2026
Full time
Senior Cyber Security Analyst - Application Security / DevSecOps / Secure Design/SAST, DAST - London Contract (12 Months, Hybrid 8 Days onsite per month, remote rest). Inside of IR35 - must use umbrella. £600 per day. We are supporting a leading international organisation in the search for a Senior Cyber Security Analyst to join a high performing security engineering and assurance team. This role is ideal for a consultant with a strong background in Application Security, DevSecOps, Secure SDLC, Threat Modelling, and Cloud Security, who can work closely with engineering teams to embed security into modern software delivery environments. The successful consultant will operate across cloud native platforms, CI/CD pipelines, APIs, containers, and microservices architectures, helping drive secure by design principles across enterprise scale platforms. Key Responsibilities Perform security risk assessments, secure design reviews, and threat modelling exercises for applications, APIs, and cloud platforms Define and implement secure by design principles across software engineering and DevOps teams Embed security controls into CI/CD pipelines using modern DevSecOps practices Lead and support SAST, DAST, SCA, and container security integration activities Conduct application and infrastructure security assessments aligned to OWASP, NIST, and industry best practices Work closely with development teams to triage vulnerabilities and support remediation activities Define security requirements for modern application architectures including APIs, Microservices, Kubernetes/Containers, Cloud native platforms Support secure architecture reviews across AWS and/or Azure environments Collaborate with stakeholders across Security, Engineering, DevOps, Risk, and Architecture teams Support vulnerability management, security governance, and secure delivery processes Required Skills & Experience Application Security & Secure SDLC OWASP Top 10 / ASVS Secure coding practices Threat modelling (STRIDE / MITRE ATT&CK) Security architecture and design reviews Vulnerability management and remediation Secure Software Development Lifecycle (SSDLC) DevSecOps & CI/CD Security integration of security tooling into CI/CD pipelines Experience with: GitHub, GitLab, Jenkins, Azure DevOps Hands on experience with: SAST, DAST, SCA, Secrets scanning, Container security, Cloud & Platform Security, AWS and/or Azure security, Kubernetes / Docker / container security, API security, IAM / Identity Federation / SSO, WAF and cloud native security tooling, Infrastructure as Code security (Terraform / Checkov / tfsec) Security tooling experience with: SonarQube, Checkmarx, Veracode, Fortify, OWASP ZAP, Burp Suite, Snyk, Aqua, Wiz, Prisma Cloud, Defender for Cloud, Sentinel Ideal Background 8-15+ years in Cyber Security Strong focus on Application Security and DevSecOps Experience working closely with engineering and platform teams Strong stakeholder engagement and communication skills Experience within regulated or enterprise environments (Financial services, government, or large scale enterprise) highly desirable Certifications desirable: CISSP, SABSA, GIAC, ISO 27001, Cloud security certifications (AWS / Azure) Rates depend on experience and client requirements.
Cyber and Information Assurance Security Consultants Salary: £50,000 - £85,000 + bonus Location: Cheltenham, Gloucester (Hybrid Working) Clearance Required: eDV clearance Join a Leading Consultancy Driving National Security Innovation FR Secure is partnering with a rapidly expanding consultancy that delivers cutting edge cyber and information assurance solutions for high security government and industry clients. We are looking for multiple Cyber Security & Information Assurance Consultants to support long term, mission critical programmes in the National Security sector. Your Role As a Cyber Security & Information Assurance Consultant, you will: Deliver expert security advice for BAU, technical refresh, and new project initiatives. Implement and improve governance models aligned with client business needs. Identify cyber risks and propose risk based mitigation strategies. Conduct compliance assessments across systems and processes to evaluate cyber and information assurance posture. Develop, refine, or review security policies and procedures to align with corporate and regulatory standards. Build strong relationships with clients and internal teams to enhance the value of Cyber Security & Information Assurance services delivered. What You Bring We're looking for people who can make a real impact. You should have: Proven experience in Cyber Security & Information Assurance within Defence or UK Government environments. Strong understanding of risk management frameworks Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D You will ideally hold CISM / CISSP or similar higher level recognised and current Information Security or Assurance certification Excellent stakeholder communication skills - you can clearly explain complex security concepts to both technical and non technical audiences. Security Clearance Due to the highly sensitive nature of the work, all applicants must hold valid eDV clearance.
09/06/2026
Full time
Cyber and Information Assurance Security Consultants Salary: £50,000 - £85,000 + bonus Location: Cheltenham, Gloucester (Hybrid Working) Clearance Required: eDV clearance Join a Leading Consultancy Driving National Security Innovation FR Secure is partnering with a rapidly expanding consultancy that delivers cutting edge cyber and information assurance solutions for high security government and industry clients. We are looking for multiple Cyber Security & Information Assurance Consultants to support long term, mission critical programmes in the National Security sector. Your Role As a Cyber Security & Information Assurance Consultant, you will: Deliver expert security advice for BAU, technical refresh, and new project initiatives. Implement and improve governance models aligned with client business needs. Identify cyber risks and propose risk based mitigation strategies. Conduct compliance assessments across systems and processes to evaluate cyber and information assurance posture. Develop, refine, or review security policies and procedures to align with corporate and regulatory standards. Build strong relationships with clients and internal teams to enhance the value of Cyber Security & Information Assurance services delivered. What You Bring We're looking for people who can make a real impact. You should have: Proven experience in Cyber Security & Information Assurance within Defence or UK Government environments. Strong understanding of risk management frameworks Familiarity with government and defence security standards such as: HMG/NCSC IA Policies and Guidelines JSP440 and other MoD IA standards Cyber Essentials NIST, NIS-D You will ideally hold CISM / CISSP or similar higher level recognised and current Information Security or Assurance certification Excellent stakeholder communication skills - you can clearly explain complex security concepts to both technical and non technical audiences. Security Clearance Due to the highly sensitive nature of the work, all applicants must hold valid eDV clearance.
Forwardrole is seeking Cyber and Information Assurance Security Consultants for a hybrid role based in Cheltenham. The position offers a competitive salary of £50,000 - £85,000 plus a bonus. The successful candidates will deliver expert security advice and ensure compliance within Defence or UK Government environments. Important qualifications include a strong understanding of risk management frameworks and relevant certifications such as CISM or CISSP. All applicants must hold valid eDV clearance.
09/06/2026
Full time
Forwardrole is seeking Cyber and Information Assurance Security Consultants for a hybrid role based in Cheltenham. The position offers a competitive salary of £50,000 - £85,000 plus a bonus. The successful candidates will deliver expert security advice and ensure compliance within Defence or UK Government environments. Important qualifications include a strong understanding of risk management frameworks and relevant certifications such as CISM or CISSP. All applicants must hold valid eDV clearance.
The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation. Thousands of organizations worldwide trust Varonis to defend their data wherever it lives - across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management. The Role The Varonis Email Security Architect will simultaneously drive revenue growth and security maturity of customer and prospect M365 environments through identifying and uncovering business challenges/pain, positioning Varonis Email solutions, building technical pitch, demo, data review, and deep-dive materials, evangelizing Varonis solutions. They will have intimate knowledge of the Email Security ecosystem (Email Security, Email Privacy, Email DLP). They will develop expertise in Varonis and make Varonis a key component of every security program. They will serve as a practitioner consultant - working with account teams and clients to uncover challenges, propose recommendations, and demonstrate value. They will keep up to date on the Email security landscape, leveraging their knowledge to educate customers, prospects, and other Varonis employees. The Location We are considering candidates who are able to work by remote model. The Requirements Technical Proficiency with Email Security, Email DLP, Email Privacy Proven mastery of Messaging + Email Architecture and solutions Proven success in contributing to a team-oriented environment Demonstrate strong written, verbal, and presentation skills with the ability to discuss highly technical concepts to all audiences ranging from non-technical people to executive-level technical decision-makers Experience with Active Directory and related Directory Services. Knowledge of how they are used as well as management, monitoring, & security challenges The Responsibilities Support Pre-Sales and Post Sales account teams as requested where Email Security expertise is required. Understand and identify customers ' business and technical objectives and demonstrate how Varonis solutions fill gaps within the Email security ecosystem Develop and deliver sales presentations, technical papers, and webinars about Varonis' products and services. Conduct Product Demonstrations Present at seminars, respond to RFP's and RFI's, and develop and deliver webinars like "Varonis M365 - Masterclass" Communicate with other SMEs and Product Management to prioritize features, determine product gaps, and raise technical issues Communicate impactful Email product updates to field teams and externally to customers to drive product sales Develop enablement material and deliver as required Maintain and share findings of an up-to-date lab environment demonstrating expert-level understanding of email security solutions Communicate with the sales to submit Feature Requests and Business Value Requests to drive prioritization of needed features and capabilities We invite you to check out our Instagram Page to gain further insight into the Varonis culture! Varonis is an equal-opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics
08/06/2026
Full time
The Company: Varonis (Nasdaq: VRNS) is a leader in data security, fighting a different battle than conventional cybersecurity companies. Our cloud-native Data Security Platform continuously discovers and classifies critical data, removes exposures, and detects advanced threats with AI-powered automation. Thousands of organizations worldwide trust Varonis to defend their data wherever it lives - across SaaS, IaaS, and hybrid cloud environments. Customers use Varonis to automate a wide range of security outcomes, including data security posture management (DSPM), data classification, data access governance (DAG), data detection and response (DDR), data loss prevention (DLP), and insider risk management. The Role The Varonis Email Security Architect will simultaneously drive revenue growth and security maturity of customer and prospect M365 environments through identifying and uncovering business challenges/pain, positioning Varonis Email solutions, building technical pitch, demo, data review, and deep-dive materials, evangelizing Varonis solutions. They will have intimate knowledge of the Email Security ecosystem (Email Security, Email Privacy, Email DLP). They will develop expertise in Varonis and make Varonis a key component of every security program. They will serve as a practitioner consultant - working with account teams and clients to uncover challenges, propose recommendations, and demonstrate value. They will keep up to date on the Email security landscape, leveraging their knowledge to educate customers, prospects, and other Varonis employees. The Location We are considering candidates who are able to work by remote model. The Requirements Technical Proficiency with Email Security, Email DLP, Email Privacy Proven mastery of Messaging + Email Architecture and solutions Proven success in contributing to a team-oriented environment Demonstrate strong written, verbal, and presentation skills with the ability to discuss highly technical concepts to all audiences ranging from non-technical people to executive-level technical decision-makers Experience with Active Directory and related Directory Services. Knowledge of how they are used as well as management, monitoring, & security challenges The Responsibilities Support Pre-Sales and Post Sales account teams as requested where Email Security expertise is required. Understand and identify customers ' business and technical objectives and demonstrate how Varonis solutions fill gaps within the Email security ecosystem Develop and deliver sales presentations, technical papers, and webinars about Varonis' products and services. Conduct Product Demonstrations Present at seminars, respond to RFP's and RFI's, and develop and deliver webinars like "Varonis M365 - Masterclass" Communicate with other SMEs and Product Management to prioritize features, determine product gaps, and raise technical issues Communicate impactful Email product updates to field teams and externally to customers to drive product sales Develop enablement material and deliver as required Maintain and share findings of an up-to-date lab environment demonstrating expert-level understanding of email security solutions Communicate with the sales to submit Feature Requests and Business Value Requests to drive prioritization of needed features and capabilities We invite you to check out our Instagram Page to gain further insight into the Varonis culture! Varonis is an equal-opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics
NCC Group is seeking a CNI Cyber Security Consultant in Cheltenham, UK, to help organizations navigate critical national infrastructure challenges and improve cyber resilience. The role offers hybrid working with some travel, and focuses on compliance with regulatory frameworks such as NIS and NIS2. The ideal candidate will lead client engagements, delivering meaningful improvements in resilience and regulatory readiness. Qualifications such as SC clearance and experience in operational technology environments are preferred.
08/06/2026
Full time
NCC Group is seeking a CNI Cyber Security Consultant in Cheltenham, UK, to help organizations navigate critical national infrastructure challenges and improve cyber resilience. The role offers hybrid working with some travel, and focuses on compliance with regulatory frameworks such as NIS and NIS2. The ideal candidate will lead client engagements, delivering meaningful improvements in resilience and regulatory readiness. Qualifications such as SC clearance and experience in operational technology environments are preferred.
Daintta are a rapidly growing, values-driven consultancy delivering mission-critical data, technology, and engineering solutions across the UK public sector. We partner with clients in Defence, National Security, Law Enforcement, and wider Government to strengthen the UK's resilience and operational advantage through innovative, data-driven insights. We are seeking a Software Engineer with proven experience in the Public Safety sector to design and deliver secure, scalable software systems supporting our clients' most important missions. You'll be joining a collaborative, purpose-led team committed to transparency, fairness, and daring innovation. As a Software Engineer (Public Safety), you will work alongside stakeholders, programme leads, and multi-disciplinary teams to design, develop, and maintain software systems that directly support public safety capabilities. You will apply your software engineering expertise within classified or restricted environments, ensuring security, reliability, and compliance with organisational standards and industry best practice. Key Responsibilities Work closely with clients to understand mission requirements and translate them into robust software solutions. Design, develop, test, and deploy high-quality, secure software using approved toolchains and environments. Contribute to systems that enhance situational awareness, command and control, cyber defence, and decision-support capabilities. Develop clean, well-documented, and maintainable code in accordance with relevant coding standards and security requirements. Participate in code reviews, peer testing, and design assurance activities to maintain delivery quality in secure environments. Collaborate with systems engineers, data scientists, and solution architects to deliver integrated solutions across restricted environments. Apply DevSecOps principles, CI/CD pipelines, and containerisation technologies (e.g. Docker, Kubernetes) to projects where appropriate. Keep up to date with emerging public safety technology trends, secure software frameworks, and government digital standards. Contribute to bid and proposal work, technical presentations, and client demonstrations. Support Daintta's growth in the public safety sector through mentoring, technical input, and alignment with company strategy. Helping to support & grow Daintta by actively inputting into the company strategy and helping to shape our future. Representing us and our core values: Transparent, Fair, and Daring. Skills/Knowledge The role requires the following key skills / knowledge, non-exhaustively: Proven experience delivering software engineering projects within the UK Public Safety ecosystem. Strong knowledge of secure software development practices and handling sensitive information appropriately. Proficiency in one or more programming languages: Python, Java, C++, Rust, or Go. Familiarity with relevant software development frameworks and toolsets, such as Jenkins, GitLab CI, pytest, and OpenAPI. Experience working within Unix/Linux environments and with database systems (SQL or NoSQL). Familiarity with secure by design principles, and working in cross-domain environments. Hands-on experience with Agile or Scrum delivery methods, ideally in secure or hybrid cloud environments. Strong analytical, problem-solving, and communication skills; able to convey complex technical information clearly to non-technical stakeholders. Knowledge of cloud platforms (AWS, Azure, etc.) and DevOps practices (CI/CD, infrastructure-as-code). Commitment to producing high-quality, mission-ready software underpinned by robust testing and assurance. What's in it for you? In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Benefits We believe in supporting our people both professionally and personally. Here's what you can expect when you join us: Time Off: 25 days annual leave, plus bank holidays Up to 3 days annual volunteering leave - give back to the community Competitive maternity, paternity, shared parental leave & compassionate leave Health & Wellness: Comprehensive Private Health Insurance Employee Assistance Programme - 24/7 support services £2,000 Flex Cash Allowance, paid pro-rata over the year Financial Benefits: 5% pension contribution Discretionary company awards and bonuses, based on performance and company targets Access to Electric Vehicle (EV) Salary Sacrifice scheme Professional Development Up to £1,000 annual training budget (access to additional training and development budget via business case) Up to 5 days annual training leave 1 professional membership paid annually Up to £200 of additional IT budget for new joiners Location? Hybrid where possible, but likely to be mostly on client site with infrequent days working from one of the Daintta offices (London or Cheltenham). Security information Due to the nature of this position, you must be willing and eligible to achieve a minimum of SC clearance, and it is desirable to attain DV clearance. Strong preference is to hold an existing DV clearance. To qualify, you must be a British Citizen and have resided in the UK for the last 5 years. For more information about clearance eligibility, please see
07/06/2026
Full time
Daintta are a rapidly growing, values-driven consultancy delivering mission-critical data, technology, and engineering solutions across the UK public sector. We partner with clients in Defence, National Security, Law Enforcement, and wider Government to strengthen the UK's resilience and operational advantage through innovative, data-driven insights. We are seeking a Software Engineer with proven experience in the Public Safety sector to design and deliver secure, scalable software systems supporting our clients' most important missions. You'll be joining a collaborative, purpose-led team committed to transparency, fairness, and daring innovation. As a Software Engineer (Public Safety), you will work alongside stakeholders, programme leads, and multi-disciplinary teams to design, develop, and maintain software systems that directly support public safety capabilities. You will apply your software engineering expertise within classified or restricted environments, ensuring security, reliability, and compliance with organisational standards and industry best practice. Key Responsibilities Work closely with clients to understand mission requirements and translate them into robust software solutions. Design, develop, test, and deploy high-quality, secure software using approved toolchains and environments. Contribute to systems that enhance situational awareness, command and control, cyber defence, and decision-support capabilities. Develop clean, well-documented, and maintainable code in accordance with relevant coding standards and security requirements. Participate in code reviews, peer testing, and design assurance activities to maintain delivery quality in secure environments. Collaborate with systems engineers, data scientists, and solution architects to deliver integrated solutions across restricted environments. Apply DevSecOps principles, CI/CD pipelines, and containerisation technologies (e.g. Docker, Kubernetes) to projects where appropriate. Keep up to date with emerging public safety technology trends, secure software frameworks, and government digital standards. Contribute to bid and proposal work, technical presentations, and client demonstrations. Support Daintta's growth in the public safety sector through mentoring, technical input, and alignment with company strategy. Helping to support & grow Daintta by actively inputting into the company strategy and helping to shape our future. Representing us and our core values: Transparent, Fair, and Daring. Skills/Knowledge The role requires the following key skills / knowledge, non-exhaustively: Proven experience delivering software engineering projects within the UK Public Safety ecosystem. Strong knowledge of secure software development practices and handling sensitive information appropriately. Proficiency in one or more programming languages: Python, Java, C++, Rust, or Go. Familiarity with relevant software development frameworks and toolsets, such as Jenkins, GitLab CI, pytest, and OpenAPI. Experience working within Unix/Linux environments and with database systems (SQL or NoSQL). Familiarity with secure by design principles, and working in cross-domain environments. Hands-on experience with Agile or Scrum delivery methods, ideally in secure or hybrid cloud environments. Strong analytical, problem-solving, and communication skills; able to convey complex technical information clearly to non-technical stakeholders. Knowledge of cloud platforms (AWS, Azure, etc.) and DevOps practices (CI/CD, infrastructure-as-code). Commitment to producing high-quality, mission-ready software underpinned by robust testing and assurance. What's in it for you? In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Benefits We believe in supporting our people both professionally and personally. Here's what you can expect when you join us: Time Off: 25 days annual leave, plus bank holidays Up to 3 days annual volunteering leave - give back to the community Competitive maternity, paternity, shared parental leave & compassionate leave Health & Wellness: Comprehensive Private Health Insurance Employee Assistance Programme - 24/7 support services £2,000 Flex Cash Allowance, paid pro-rata over the year Financial Benefits: 5% pension contribution Discretionary company awards and bonuses, based on performance and company targets Access to Electric Vehicle (EV) Salary Sacrifice scheme Professional Development Up to £1,000 annual training budget (access to additional training and development budget via business case) Up to 5 days annual training leave 1 professional membership paid annually Up to £200 of additional IT budget for new joiners Location? Hybrid where possible, but likely to be mostly on client site with infrequent days working from one of the Daintta offices (London or Cheltenham). Security information Due to the nature of this position, you must be willing and eligible to achieve a minimum of SC clearance, and it is desirable to attain DV clearance. Strong preference is to hold an existing DV clearance. To qualify, you must be a British Citizen and have resided in the UK for the last 5 years. For more information about clearance eligibility, please see
CNI Cyber Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description Managing Consultant, Critical National Infrastructure Hybrid with regular travel to client and operational sites across the UK, sometimes at short notice. Operators of essential services face a rapidly evolving threat landscape, especially as IT and OT environments continue to converge and regulatory expectations rise. NCC Group's Consulting & Implementation practice helps organisations strengthen cyber resilience by assessing risk, improving controls, implementing secure architectures, and preparing for regulatory oversight. Our OT capability covers ICs, SCADA, and industrial networks, with services including threat modelling, attack surface mapping, embedded and firmware review, and security architecture design. Key Responsibilities As a CNI Managing Consultant, you will help organisations navigate frameworks such as the Cyber Assessment Framework (CAF), NIS and NIS2, translating them into proportionate, actionable improvement plans. Your work directly strengthens the resilience of the UK's critical sectors, which continue to face enduring and significant threat activity. You will lead client engagements across the full consulting lifecycle from discovery and assessment through roadmap and implementation. The role includes shaping and delivering work in OT and CNI environments, preparing clients for regulator inspections, and providing clear recommendations that support safety, availability, and operational uptime. Over the next 12-24 months, you will deliver measurable improvements in client resilience, maturity, and regulatory readiness. You may also integrate NCC Group's wider capabilities, such as our Microsoft verified MXDR service for continuous monitoring and response. Skills, Knowledge and Expertise You will succeed in this role if you: Apply structured, evidence led assessment methods to identify risks and provide proportionate, achievable improvements Communicate clearly with engineering, operations, IT and leadership stakeholders, ensuring complex issues are presented in a way that informs decisions Lead delivery teams, ensure high quality outputs, and maintain strong relationships built on trust and clarity Navigate OT environments confidently, bringing practical understanding of ICT, SCADA, industrial networks, and the operational realities around safety and uptime Work effectively with regulatory frameworks such as NIS, NIS2, and the NCSC CAF. Understand how to prepare organisations for regulatory oversight, including evidence packs and roadmap development Draw on wider capability where useful, including incident readiness and IT/OT convergence retainers delivered jointly with Dragos Hold SC clearance (or above). When it comes to qualifications and certifications, these are helpful but not mandatory: GICSP, ISA/IEC 62443 certificates, CISSP, CISM, CSSA. Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
07/06/2026
Full time
CNI Cyber Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description Managing Consultant, Critical National Infrastructure Hybrid with regular travel to client and operational sites across the UK, sometimes at short notice. Operators of essential services face a rapidly evolving threat landscape, especially as IT and OT environments continue to converge and regulatory expectations rise. NCC Group's Consulting & Implementation practice helps organisations strengthen cyber resilience by assessing risk, improving controls, implementing secure architectures, and preparing for regulatory oversight. Our OT capability covers ICs, SCADA, and industrial networks, with services including threat modelling, attack surface mapping, embedded and firmware review, and security architecture design. Key Responsibilities As a CNI Managing Consultant, you will help organisations navigate frameworks such as the Cyber Assessment Framework (CAF), NIS and NIS2, translating them into proportionate, actionable improvement plans. Your work directly strengthens the resilience of the UK's critical sectors, which continue to face enduring and significant threat activity. You will lead client engagements across the full consulting lifecycle from discovery and assessment through roadmap and implementation. The role includes shaping and delivering work in OT and CNI environments, preparing clients for regulator inspections, and providing clear recommendations that support safety, availability, and operational uptime. Over the next 12-24 months, you will deliver measurable improvements in client resilience, maturity, and regulatory readiness. You may also integrate NCC Group's wider capabilities, such as our Microsoft verified MXDR service for continuous monitoring and response. Skills, Knowledge and Expertise You will succeed in this role if you: Apply structured, evidence led assessment methods to identify risks and provide proportionate, achievable improvements Communicate clearly with engineering, operations, IT and leadership stakeholders, ensuring complex issues are presented in a way that informs decisions Lead delivery teams, ensure high quality outputs, and maintain strong relationships built on trust and clarity Navigate OT environments confidently, bringing practical understanding of ICT, SCADA, industrial networks, and the operational realities around safety and uptime Work effectively with regulatory frameworks such as NIS, NIS2, and the NCSC CAF. Understand how to prepare organisations for regulatory oversight, including evidence packs and roadmap development Draw on wider capability where useful, including incident readiness and IT/OT convergence retainers delivered jointly with Dragos Hold SC clearance (or above). When it comes to qualifications and certifications, these are helpful but not mandatory: GICSP, ISA/IEC 62443 certificates, CISSP, CISM, CSSA. Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
CNI Cyber Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description Managing Consultant, Critical National Infrastructure Hybrid with regular travel to client and operational sites across the UK, sometimes at short notice. Operators of essential services face a rapidly evolving threat landscape, especially as IT and OT environments continue to converge and regulatory expectations rise. NCC Group's Consulting & Implementation practice helps organisations strengthen cyber resilience by assessing risk, improving controls, implementing secure architectures, and preparing for regulatory oversight. Our OT capability covers ICs, SCADA, and industrial networks, with services including threat modelling, attack surface mapping, embedded and firmware review, and security architecture design. Key Responsibilities As a CNI Managing Consultant, you will help organisations navigate frameworks such as the Cyber Assessment Framework (CAF), NIS and NIS2, translating them into proportionate, actionable improvement plans. Your work directly strengthens the resilience of the UK's critical sectors, which continue to face enduring and significant threat activity. You will lead client engagements across the full consulting lifecycle from discovery and assessment through roadmap and implementation. The role includes shaping and delivering work in OT and CNI environments, preparing clients for regulator inspections, and providing clear recommendations that support safety, availability, and operational uptime. Over the next 12-24 months, you will deliver measurable improvements in client resilience, maturity, and regulatory readiness. You may also integrate NCC Group's wider capabilities, such as our Microsoft verified MXDR service for continuous monitoring and response. Skills, Knowledge and Expertise You will succeed in this role if you: Apply structured, evidence led assessment methods to identify risks and provide proportionate, achievable improvements Communicate clearly with engineering, operations, IT and leadership stakeholders, ensuring complex issues are presented in a way that informs decisions Lead delivery teams, ensure high quality outputs, and maintain strong relationships built on trust and clarity Navigate OT environments confidently, bringing practical understanding of ICT, SCADA, industrial networks, and the operational realities around safety and uptime Work effectively with regulatory frameworks such as NIS, NIS2, and the NCSC CAF. Understand how to prepare organisations for regulatory oversight, including evidence packs and roadmap development Draw on wider capability where useful, including incident readiness and IT/OT convergence retainers delivered jointly with Dragos Hold SC clearance (or above). When it comes to qualifications and certifications, these are helpful but not mandatory: GICSP, ISA/IEC 62443 certificates, CISSP, CISM, CSSA. Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
07/06/2026
Full time
CNI Cyber Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description Managing Consultant, Critical National Infrastructure Hybrid with regular travel to client and operational sites across the UK, sometimes at short notice. Operators of essential services face a rapidly evolving threat landscape, especially as IT and OT environments continue to converge and regulatory expectations rise. NCC Group's Consulting & Implementation practice helps organisations strengthen cyber resilience by assessing risk, improving controls, implementing secure architectures, and preparing for regulatory oversight. Our OT capability covers ICs, SCADA, and industrial networks, with services including threat modelling, attack surface mapping, embedded and firmware review, and security architecture design. Key Responsibilities As a CNI Managing Consultant, you will help organisations navigate frameworks such as the Cyber Assessment Framework (CAF), NIS and NIS2, translating them into proportionate, actionable improvement plans. Your work directly strengthens the resilience of the UK's critical sectors, which continue to face enduring and significant threat activity. You will lead client engagements across the full consulting lifecycle from discovery and assessment through roadmap and implementation. The role includes shaping and delivering work in OT and CNI environments, preparing clients for regulator inspections, and providing clear recommendations that support safety, availability, and operational uptime. Over the next 12-24 months, you will deliver measurable improvements in client resilience, maturity, and regulatory readiness. You may also integrate NCC Group's wider capabilities, such as our Microsoft verified MXDR service for continuous monitoring and response. Skills, Knowledge and Expertise You will succeed in this role if you: Apply structured, evidence led assessment methods to identify risks and provide proportionate, achievable improvements Communicate clearly with engineering, operations, IT and leadership stakeholders, ensuring complex issues are presented in a way that informs decisions Lead delivery teams, ensure high quality outputs, and maintain strong relationships built on trust and clarity Navigate OT environments confidently, bringing practical understanding of ICT, SCADA, industrial networks, and the operational realities around safety and uptime Work effectively with regulatory frameworks such as NIS, NIS2, and the NCSC CAF. Understand how to prepare organisations for regulatory oversight, including evidence packs and roadmap development Draw on wider capability where useful, including incident readiness and IT/OT convergence retainers delivered jointly with Dragos Hold SC clearance (or above). When it comes to qualifications and certifications, these are helpful but not mandatory: GICSP, ISA/IEC 62443 certificates, CISSP, CISM, CSSA. Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
