19 jobs found

The Cyber Security Engineer will be a vital member of our newly established SecOps team, reporting directly to the Infrastructure Platforms Manager. This position is crucial in implementing and maintaining robust security measures across our infrastructure, as well as managing incident response. The role involves developing, implementing, and sustaining security solutions designed to protect our systems against constantly evolving cyber threats, with a focus on transitioning to a zero-trust operating model. The Cyber Security Engineer will spearhead key security initiatives in collaboration with the Lead Cyber Security Engineer and playing a pivotal role in enhancing our overall security posture. Additionally, the role will support the firm in its pursuit of ISO 27001 certification and the implementation of CIS controls. Roles and Responsibilities Maintenance of the CrowdStrike platform, including configuring EDR policies, tuning SIEM rules, and optimizing the system for performance Work with the network engineers to implement posture management i.e. ICE/NAC segmentation/lateral movement control and firewalls Proactive collaboration with InfoSec to align CrowdStrike and other key security platforms with our security strategy and policies Leading or participating in incident response efforts, conducting root cause analysis, and developing runbooks for incident handling Monitoring for security threats, analysing alerts, and responding to incidents using CrowdStrike and other security tools. Conduct vulnerability scans and support remediation and risk mitigation efforts Oversee WAF, DDoS, VPN, and perimeter firewalls Work with Endpoints team to administer MFA, SSO, PAM, MDM/MAM, and Conditional Access Maintain security certificates, encryption keys, and IDS/IPS systems Collaborate with third-party penetration testers to identify, prioritize, and remediate security vulnerabilities Creating detailed reports on detected threats, incidents, and response actions, as well as documenting configurations, processes, and runbooks. Keeping well-informed of the latest cybersecurity trends, emerging threats, and updates Comply with all relevant legal and regulatory obligations including the Solicitors Regulation Authority (SRA) Standards and Regulations, and Principles. Skills and Experience Experience in the following technologies: CrowdStrike EDR Cisco ISE Mimecast Tessian or equivalent email DLP Intune, Entra ID, Active Directory Palo Alto Firewalls, WAF, Menlo Security Deep understanding of Security Frameworks & Compliance PCI-DSS, ISO 27001, NIST, CIS Networking Person Specification Certified Information Systems Security Professional - CISSP Crest Practitioner Security Analyst - CPSA Palo Alto Network Certified Security Operations Professional Competencies Working together Integrity and respect Inclusive Personal impact and growth Driving high standards Commercial mindset Client-centric Responsible Business Hybrid Working We adopt a hybrid and flexible working approach, dependent on the requirements of the role and subject to manager approval.

Application Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI driven business. We are recruiting an exciting Application Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role You will own security across the software development lifecycle, embedding automated security testing into CI/CD pipelines and enabling development teams to ship secure code quickly. This role works closely with UK and France engineering teams. As an experienced Application Security Engineer, your working day will include but not be limited to: DevSecOps & Pipeline Security Implement and maintain security testing in GitLab CI pipelines Configure and tune SAST, DAST, dependency scanning, and secrets detection Build automated security gates that balance rigour with delivery velocity Enable self serve security tooling for development teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch and track application vulnerabilities through to remediation Manage dependency vulnerabilities and upgrade cycles Report on application security posture to senior leadership Risk & Compliance Embed GDPR and healthcare regulatory requirements into development processes Support DCB0129 clinical safety compliance for software changes Support customer security due diligence and audits Support ISO27001:2022 ISMS controls and audit process Key Skills and Experience Essential 3+ years in application security, DevSecOps, and secure software development Hands on experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able to translate security requirements for developers Desirable Development background with security focus Familiarity with SIEM platforms (Snowbit, Splunk, Sentinel) Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider, delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high growth, capital backed business with a sophisticated scale strategy. Our team is a unique blend of digital native pioneers, management consultants, creatives and industry leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI powered, always on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a Great Place to Work, which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture. Why us? Our values guide us, every day we strive to Simplify, Own, Aspire and Respect (SOAR). and we're rewarded when we do. What we offer A full induction training programme, which will be undertaken via Microsoft Teams. An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic. 25 days leave. Bank Holidays and your birthday off as leave. Regular 1 2 1s with your line Manager. 24/7 on call staff support. Auto enrolment pension scheme. Health Scheme and access to our Employee Assistance Programme. Life Insurance Scheme. Apply If you are interested in making a difference and believe this role is a good fit for you, we would love to hear from you. If you have any questions, please contact our Recruitment Team at Hybrid: London or Bristol (There is a requirement to work in the office for a minimum of two days per week) Closing date for applications: Friday 29 May (5pm) Additional information We reserve the right to close this job in the event we receive a sufficient number of applications. Please note that we are unfortunately unable to offer a sponsor licence to candidates who require sponsorship from their employer. Equality, Inclusivity and Diversity In line with our commitment to Equality, Inclusivity and Diversity, we welcome and encourage applications from all suitably qualified candidates from all backgrounds. We are committed to supporting and promoting equality and diversity and aim to establish an inclusive working environment. As such, we welcome diverse applications from candidates irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race (including colour, nationality, ethnic and national origin), religion or belief, sex, or sexual orientation. We are a certified Disability Confident Employer and is committed to affording equal opportunities for candidates with disabilities or special needs. Should you require any reasonable adjustments to be made at any part of your application process, please let us know by contacting us at Safeguarding Please see for information relating to our commitment to safeguarding.

Managing Engineer - Security (Hybrid)Applyremote type: Hybridlocations: Belfast 10 Mays Meadow: Der-Derry/Londonderrytime type: Full timeposted on: Posted Yesterdaytime left to apply: End Date: June 2, 2026 (5 days left to apply)job requisition id: R29646At Allstate, great things happen when our people work together to protect families and their belongings from life's uncertainties. And for more than 90 years, our innovative drive has kept us a step ahead of our customers' evolving needs. From advocating for seat belts, air bags and graduated driving laws, to being an industry leader in pricing sophistication, telematics, and, more recently, device and identity protection. Your role in the team Product Security Engineering designs, builds, and operates enterprise security controls as software products that integrate directly into the SDLC and core enterprise platforms. The organization applies modern engineering practices to create scalable, reliable, and developer friendly security capabilities that are embedded into the enterprise technology ecosystem and enable secure by default behaviors while minimizing friction for product and platform teams. The Managing Security Engineer is a hands on engineering leader responsible for leading a team that delivers and operates these security controls in production. This role blends deep technical leadership, people leadership, and delivery ownership: setting technical direction, guiding architecture and design decisions, coaching and developing engineers, and ensuring the team consistently ships high quality software that achieves measurable security and engineering outcomes. The Managing Security Engineer is accountable for the end to end success of the team's security products, including reliability, adoption, and operational health in production. Key Responsibilities Lead and manage an engineering team delivering security controls as software products, including hiring, onboarding, coaching, performance management, and career development Set technical direction for the team and drive high quality execution across design, implementation, deployment, and production support of security controls Serve as a hands on technical leader by contributing to architecture and design reviews, guiding technical decisions, performing code reviews, and supporting critical path implementation as needed Own operational outcomes for the team's products in production, including reliability, performance, and continuous improvement through feedback and learning loops Partner with Digital Product Managers, platform teams, and engineering stakeholders to effect alignment across roadmaps, priorities, and delivery plans spanning multiple product portfolios Build and sustain a strong engineering culture that emphasizes modern delivery practices (e.g., test driven development, paired programming, CI/CD), fast feedback, and continuous improvement Influence and innovate solutions to complex security challenges by translating security needs into scalable engineering approaches and reusable capabilities Facilitate effective agile execution (standups, planning, backlog refinement, retrospectives) while maintaining a strong focus on outcomes rather than ceremony Essential Skills: All applicants must demonstrate they have a legal right to work in the UK for employment at Allstate. Allstate is not providing sponsorship for this vacancy Minimum of 5 years of professional software engineering experience, including hands on production coding in modern languages (e.g., Java, JavaScript, Python) and ownership of production systems delivering measurable reliability, performance, or security outcomes A minimum of 2 years' experience leading engineers through hands on technical guidance, including architecture reviews, design decisions, and code reviews Proven background in building and operating scalable, distributed systems in cloud environments, including microservices based architectures Track record of designing, evolving, and integrating APIs and backend services, with attention to reliability, scalability, and security considerations Practical application of modern engineering practices such as test driven development, paired programming, CI/CD pipelines, and operational feedback loops including monitoring and observability Experience operating within agile delivery environments, partnering closely with Digital Product Managers and engineering stakeholders to deliver outcomes Desirable Skills Demonstrated depth in security engineering domains such as application security, cloud security, DevSecOps, or secure software development practices Practical experience designing or operating security controls embedded into CI/CD pipelines, developer workflows, or shared platform services Proven ability to influence technical decisions beyond the immediate team, driving adoption of secure patterns, standards, or reusable capabilities across product areas Experience mentoring senior engineers and emerging technical leaders, with a focus on raising engineering quality and long term team capability Strong organizational awareness and the ability to navigate cross team dependencies while maintaining delivery momentum and technical integrity Exposure to cloud native and containerized environments (e.g., Kubernetes, Docker, AWS and/or Azure) and the security considerations that accompany them Familiarity with security metrics and operational signals (e.g., control adoption, reliability, incident reduction) used to evaluate engineering and security outcomes Strong mindset of balancing delivery velocity, security rigor, and developer experience, making thoughtful tradeoffs appropriate to context Demonstrated commitment to building solutions that balance robust security guarantees with an excellent developer experience, without compromising one for the other Supervisory Responsibilities: This role has supervisory responsibilities and serves as the first level manager for a team of engineers. Posting closing date: Monday 1st June .59pm

Cyber Technical Delivery Manager Location: London (Hybrid - 4 Days per Week Onsite) Contract Length:12 Months Engagement:Inside IR35 Industry:Investment Banking / Financial Services Start Date:ASAP Overview We are supporting a leading investment banking client in London who is seeking an experienced Cyber Technical Delivery Manager to join a large-scale Cyber Security Transformation Programme. This role will be responsible for the successful delivery of complex cyber security initiatives across multiple technology domains, including Identity & Access Management (IAM), Security Operations, Cloud Security, Vulnerability Management, Data Protection, and Regulatory Compliance. The successful candidate will act as the bridge between technical engineering teams, cyber security stakeholders, business leaders, and third-party vendors, ensuring projects are delivered on time, within budget, and in line with regulatory and security requirements. Key Responsibilities Programme & Project Delivery Lead the end-to-end delivery of cyber security projects and workstreams. Develop and maintain project plans, milestones, RAID logs, budgets, and resource plans. Ensure delivery aligns with business objectives, security standards, and regulatory requirements. Manage dependencies across multiple technology and business teams. Drive project governance and reporting activities. Cyber Security Delivery Deliver initiatives across: Identity & Access Management (IAM) Privileged Access Management (PAM) Security Operations (SOC) SIEM Platforms Cloud Security Vulnerability Management Data Protection and DLP Security Monitoring and Threat Detection Secure File Transfer and Encryption Programmes Coordinate technical teams to ensure successful implementation of security controls and technologies. Stakeholder Management Engage with senior stakeholders across Cyber Security, Infrastructure, Cloud, Risk, Compliance, and Business Functions. Provide regular programme updates to senior management and governance forums. Manage relationships with third-party suppliers and technology vendors. Facilitate workshops, steering committees, and technical review sessions. Risk & Governance Identify, manage, and mitigate project risks and issues. Ensure compliance with internal security policies and regulatory frameworks. Support audit, risk, and compliance activities. Track and report programme KPIs and delivery metrics. Requirements Required Skills & Experience Cyber Security Experience Strong understanding of enterprise cyber security principles and controls. Experience delivering projects involving: IAM and Access Governance PAM Solutions SIEM and Security Monitoring Cloud Security Endpoint Security Vulnerability Management Data Protection Security Compliance Programmes Familiarity with security frameworks and standards such as: NIST ISO 27001 CIS Controls Cyber Essentials Regulatory requirements within Financial Services Technical Knowledge Good understanding of: Microsoft Azure AWS Active Directory / Entra ID Security Monitoring Platforms Identity Management Solutions Network and Infrastructure Security Ability to engage effectively with technical architects, engineers, and security specialists. Delivery Management Proven experience delivering complex technology or cyber programmes within large enterprise environments. Strong project and programme management experience. Experience managing multiple workstreams simultaneously. Excellent RAID management and governance skills. Strong budget and financial management experience. Essential Experience Previous experience working within Investment Banking, Banking, or Financial Services. Experience delivering cyber security transformation programmes. Experience operating within regulated environments. Strong stakeholder management skills with the ability to engage at Executive and C-Level. Experience managing third-party suppliers and system integrators. Desirable Skills Experience with: Microsoft Sentinel Splunk SailPoint CyberArk Okta CrowdStrike Microsoft Defender Suite Knowledge of DevSecOps practices. Exposure to cloud migration and security transformation programmes. Experience supporting regulatory remediation initiatives. Qualifications & Certifications One or more of the following would be advantageous: PRINCE2 Practitioner PMP Agile Practitioner / Scrum Certification CISSP CISM CISA CRISC Personal Attributes Strong leadership and organisational skills. Excellent communication and presentation abilities. Ability to influence stakeholders at all levels. Strong analytical and problem-solving mindset. Ability to operate effectively in fast-paced, complex environments. Self motivated with a strong focus on delivery and outcomes. Key Deliverables Successful delivery of cyber security projects and workstreams. Effective management of risks, issues, and dependencies. Timely implementation of security controls and technologies. Improved cyber security posture and compliance alignment. High quality governance reporting and stakeholder engagement.

Senior Security Engineer (AI & DevSecOps) at iProov About iProov iProov provides science-based biometric solutions that enable the world's most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences. Trusted by leading governments and enterprises, including the U.S. Department of Homeland Security, U.K. Home Office, GovTech Singapore, ING, and UBS, iProov sets the standard in biometric identity assurance. This global trust is built not only on our technology but on the strength of the people behind it. For us, diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose. The Role Reports to: Head of Cybersecurity Location: WeWork Waterloo - Hybrid Comp: $ (Base) + Company Performance Bonus (20%) + Share Options + US iProov Benefits The role was created specifically to provide the technical security depth that will allow us to accelerate our adoption of agentic AI, equipping developers and data scientists building our biometric products with the tools and workflows to use AI safely and at pace. You will work as the direct counterpart to our GRC focused InfoSec Manager, owning the engineering and implementation side of our security posture across cloud infrastructure, developer workflows, AI systems, and our core security toolstack. This is a role for someone who has built and shipped software or infrastructure and brings that experience into a security context. How you can make an impact Architect and deploy the secure technical framework that governs the security controls for how our developers and scientists use agentic AI, including AI coding assistants, autonomous agents, and LLM integrated tooling. Given that these systems can autonomously access data, execute code, and interact with external services, the guardrails you design will need to address a substantially broader attack surface than traditional AI tooling, and must hold up in a context where the underlying data is among the most sensitive we handle. Be the primary technical security voice in decisions around the use and deployment of externally developed AI, ensuring the right controls are in place from the onset. Continuously mature automated security controls into CI/CD pipelines and infrastructure as code deployments, championing the DevSecOps culture across a large engineering organisation. Take hands on ownership of our core security technology stack, including Wiz, CrowdStrike, Google SecOps, and Tailscale, ensuring these platforms are correctly configured, tuned, and integrated. Drive continuous technical delivery of strategic security initiatives, systematically identifying, triaging, and closing gaps across our cloud environments, internal networks, and developer workflows. Provide technical oversight of the security of the data pipelines feeding our internal AI systems and, critically, the permissions and access boundaries of agentic AI systems reaching out into other environments, enforcing the principle of least privilege, maintaining audit trails, and ensuring sensitive data and code integrity is handled with the rigour required. Complement the work of our existing biometric and product focused Red Team by owning security coverage of the DevSecOps surface, the build pipeline, internal toolchain, cloud environments and developer infrastructure. Act as the primary technical security partner to our GRC focused InfoSec Manager, translating governance and compliance mandates into concrete, automated engineering controls. Represent the technical security function in external audits. This includes presenting evidence of controls, articulating the security posture of our cloud and AI environments to auditors, and working closely with the InfoSec Manager to ensure the technical substance behind our compliance position is clearly and credibly communicated. Qualifications A foundational background in software engineering or DevOps before moving into a dedicated security role: you understand how code is written, tested, and deployed, and that experience is central to how you approach security problems. Proven, hands on experience securing modern cloud infrastructure and containerised environments, with a solid understanding of infrastructure as code principles and the security implications of how infrastructure is defined and provisioned. Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero trust networking. A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM specific attack vectors. Scripting and automation capability, particularly in Python, to build internal tooling, automate security checks, and reduce reliance on manual processes across the security function. Prior experience or a demonstrated practical interest in securing AI workloads, data pipelines, and machine learning environments. The communication skills to collaborate effectively with highly technical stakeholders, champion security initiatives without hindering developer productivity, and translate risk into language that resonates with both engineering peers and business leadership, including the confidence to present technical security evidence clearly in formal external audit settings. Benefits 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service) Growth Shares allocated after passing probation (6 months of service) Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme Nursery Sacrifice Scheme Work Overseas Perk - Work globally for up to 2 weeks Life Assurance SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family Benefit from personalized 1:1 career coaching with our in house Occupational Psychologist Award winning L&D platform with personal allocated training budgets Enhanced paid family leave Flexible hybrid working environment Free Barista Coffee/Tea, biscuits with fruit in the WeWork office Free access to WeWork discounts and free online well being sessions Vitality Health - a range of options available on this below The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example: Private Health cover including Dental, Optical, and Audiology 50% off monthly gym memberships Apple watches significantly discounted based member vitality status Half price trainers with Runners Need Weekly rewards - Free coffee with Café Nero Monthly rewards - Free Cinema ticket Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status Amazon prime free months based on activity Up to 25% cashback at Waitrose when buying healthy foods75% off stays at Champneys Health Spas Allen Carr's £299 no smoking programme for free Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace Discounts on Weight Watchers As an equal opportunities employer, we encourage applications from people of all backgrounds. We're committed to building a workforce that is representative of the people we serve.

At Engine by Starling, we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software as a service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back office processes that have helped achieve Starling's success. We draw upon our experience as knowledgeable bankers, and best in class technologists to become the chosen option for these banks, and preferred partners for leading consultancies. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for someone who will be excited by the potential for Engine's technology to transform banking in different markets around the world. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role To support our rapid growth, we are looking for talented engineers to join our foundational in house SecOps team. This is a "Full Stack" security role: you will move beyond traditional monitoring to develop and operate our security capabilities. We are looking for engineers who are masters of automation but remain grounded in analyst fundamentals. You should have a keen interest in leveraging AI and Large Language Models (LLMs) to reduce SOC toil - using AI to summarise complex alerts, auto generate YARA L detections, or build intelligent playbooks to stay ahead of modern threats. Responsibilities Security Monitoring & Alert Triage: Active Monitoring: Monitor security alerts and events generated by the SecOps platform and integrated cloud security tools. Triage & Analysis: Perform deep diving analysis of security incidents and anomalies, accurately distinguishing between true positives and false positives. Prioritisation: Manage the incident queue, prioritising alerts based on severity, potential impact, and business criticality. Detection Engineering & Automation (IaC): Detection as Code: Design and maintain sophisticated detection logic using YARA L. Manage the lifecycle of these rules and configurations using IaC principles for version control. SOAR Extension: Lead the automation of response playbooks. You will write and extend SOAR capabilities using Python, creating custom integrations and "Managers" to connect SecOps with internal APIs. Tool Optimisation: Identify opportunities for automation to streamline operations and contribute to the continuous tuning and maintenance of SOC tools. Incident Response & Investigation: End to End Investigation: Investigate incidents thoroughly, leveraging logs from platforms, endpoints, and applications mapped to the Unified Data Model (UDM). Incident Lifecycle: Lead containment, eradication, and recovery efforts in collaboration with Security and Technology teams. Documentation: Maintain comprehensive records of incident details, findings, and remediation steps to ensure a high standard of auditability. Collaboration & Threat Intelligence: Group Collaboration: Work closely with the Group SOC team to align on global security standards and coordinate response efforts during cross entity incidents. Threat Hunting: Stay informed about the latest cyber threats and cloud specific vulnerabilities, conducting proactive threat hunting activities using available telemetry. Qualifications 3+ years of experience in a SOC or SecOps Engineering role, with a strong background in both alert triage and security engineering. Proficiency in Python: Ability to write clean code to automate workflows or interact with security APIs. Cloud Fluency: Experience with security monitoring and incident response in cloud environments (AWS/GCP/Azure). Infrastructure as Code: Familiarity with managing security configurations through Git based workflows. Framework Knowledge: Strong understanding of attack vectors and the MITRE ATT&CK framework. Education: A degree in a cyber related field or relevant certifications (e.g., CompTIA Security+, CySA+, GCIH) is beneficial. Interview Process Stage 1 - 45 minutes technical interview Stage 2 - Take home task Stage 3 - 60 minutes with Team Members Stage 4 - Final with CTO Benefits 33 days holiday (including public holidays, which you can take when it works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4 your salary & group income protection Private Medical Insurance with VitalityHealth, including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family friendly policies Incentives refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Engine by Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.

Introduction At IBM Consulting UK FutureNow, you'll build a career at the forefront of hybrid cloud and AI, working with leading clients across the public and private sectors. You'll collaborate with top industry professionals, gain hands on experience with cutting edge technologies, and deliver solutions that create real business impact. From day one, you'll work on meaningful, high profile programmes that stretch your skills and accelerate your growth. We invest heavily in you-supporting continuous learning, in demand skills development, and long term career progression. You'll thrive in a flexible, inclusive environment that values curiosity, encourages reinvention, and recognises what makes you unique. We offer: Tools and policies to support your work-life balance from flexible working approaches, sabbatical programs, paid paternity leave, maternity leave and an innovative maternity returners scheme More traditional benefits, such as 25 days holiday (in addition to public holidays), private medical, dental & optical cover, online shopping discounts, an Employee Assistance Program, life assurance and a group pension plan through salary sacrifice. Your role and responsibilities We are looking for a Full Stack Developer to build modern, cloud native applications using the latest front end frameworks, scalable microservices, and hyperscaler cloud services. You will work across the entire technology stack designing intuitive user interfaces, implementing resilient backend microservices, developing event driven components, and deploying solutions using cloud native CI/CD pipelines. You will work with technologies such as React or Angular, Java/Spring Boot, .NET Core, Node.js, Python, Kafka, Docker, Kubernetes, serverless functions, and event streams. You may build solutions on AWS services like Lambda, EKS, DynamoDB, and CloudFront, or Azure services like AKS, App Services, APIM, Event Grid, Cosmos DB, and Azure Functions. This role is ideal for someone who enjoys solving complex engineering challenges, working in Agile teams, and building end to end cloud native products using modern tools and frameworks. Whether you are delivering features, guiding technical decisions, or owning key services, you will play a key part in building high performance, scalable, and secure applications. If you want to work with next generation cloud native architectures and full stack engineering, we'd love to hear from you. Key Responsibilities Develop full stack cloud native applications using microservices, APIs, and modern UI frameworks. Build front end applications using React or Angular (SPA or microfrontends). Develop scalable back end services following 12 factor principles and event driven patterns through Domain-Driven Design (DDD). Design Relational SQL and NoSQL data models for cloud hosted applications. Build applications using languages such as Java, .NET, Node.js, or Python. Deploy and manage containerised or serverless workloads using AWS or Azure cloud services. Work with event driven tools such as Kafka and cloud messaging services. Apply cloud native CI/CD, DevSecOps practices, and Test Driven Development. Collaborate with cross functional teams and support high quality delivery across the stack. Depending on experience, guide other developers or lead technical components Required technical and professional expertise Front End SPA and microfrontends Responsive Design React or Angular Back End Microservices design (12 factor, domain bounded) Common Design Patterns REST and event driven APIs SQL and NoSQL modelling Programming Languages / Runtimes Java (8+), GraalVM .NET / .NET Core JavaScript Node.js Python (Proficiency in at least one) Frameworks Spring Boot (must have) Quarkus Express.js Django Cloud (AWS and/or Azure) Compute & PaaS: AWS: EKS, ECS, Fargate, Lambda, ROSA Azure: AKS, Azure VMs, ACR, App Services, Functions, Service Fabric Routing / API AWS: API Gateway, ALB/NLB, Route 53 Azure: APIM Databases AWS: Aurora, RDS, DynamoDB Azure: SQL DB, Cosmos DB, Redis Event-driven services AWS: SQS, SNS, Kinesis, Dynamo Streams, MSKafka Azure: Service Bus, Event Grid, Logic Apps Storage AWS S3 Azure Blob Storage Observability AWS CloudWatch, X Ray, EventBridge Azure Monitor, App Insights Networking AWS VPC, EC2 Azure VNet Event Driven Kafka Zookeeper DevSecOps / CI/CD AWS: CodeBuild, CodeDeploy, CodePipeline, CodeCommit, SAM, CloudFormation Azure: Azure DevOps, YAML pipelines, PowerShell scripting Source Control: GitHub Security: IAM, Cognito, KMS, Secrets Manager Git-based workflows (GitHub, GitLab, Bitbucket) Engineering Practices Test Driven Development Cloud native CI/CD tooling Agile delivery Containerisation (Docker), orchestration (Kubernetes) Serverless architectures Microservices oriented design This role is subject to pre employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personal Security Controls referred to as National Security Vetting (NVS) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). Preferred technical and professional experience Desirable certifications AWS Certified Developer - Associate AWS Certified Solutions Architect - Associate Google Professional Cloud Developer Microsoft Azure Developer Associate (AZ 204) Microsoft Azure Solutions Architect Expert Certified Kubernetes Application Developer Certified Kubernetes Administrator Meta Full Stack Developer Professional Certificate IBM Full Stack Software Developer Professional Certificate Oracle Java SE Programmer Node.js Application Developer Certification MongoDB Developer Certification Red Hat Certified Engineer CompTIA Cloud CompTIA Security+ IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Endur SpecialistApplyremote type: This position is a hybrid of office/remote workinglocations: United Kingdom - Londontime type: Full timeposted on: Posted Todaytime left to apply: End Date: June 10, 2026 (13 days left to apply)job requisition id: RQ104436 Entity: Technology Job Family Group: IT&S Group Job Description: Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!We are looking for an Endur Specialist with focus on engineering who will join a team of 2 to 6 people that are part of a much wider global team of 60 sitting across the globe: UK, Singapore, India and America. You will be part of a specialized team where your individual technical skills will be used to the fullest and we will give you an opportunity to grow further through cross-working with other teams and learning new things or by learning more about the commercial side of the business and commodities. You will be working with bp's Gas and Power Trading division however you may be deployed to work in different areas of our business over time based on your skills and experience and the business adoption of technology.In bp you will have an opportunity to work with new, exciting things like a very progressive AI utilization or AWS platform. You do not need to know these things yet - we will train and develop you.To be successful in bp you need to thrive in a culture of continuous improvement within teams, encouraging and empowering innovation and the delivery of changes that optimize operational efficiency and user experience. You are curious and improve your skills through continuous learning of new technologies, trends & methods, applying knowledge gained to improve bp standards and the capabilities of the Engineering Community. Key responsibilities: The safety of our people and our customers is our highest priority. The role will advocate and lead in this and promote a culture of security and safety in everything that we do. Work as part of evolving multi-disciplinary teams which may include Software Engineers, Enterprise Technology Engineers, Designers, SecOps, and Product owners to deliver value through the application of specialist skills Work with vendors and partners providing market solutions to optimize the usage and value which can be delivered from the appropriate technology platform Ensure operational integrity of what you build, assuring operational compliance with architectural and security standards, as well as compliance and policy controls refined by Strategy. Define and document standard run books and operating procedures. Create and maintain system information and architecture diagrams. What you need to be successful: Broad hands-on experience of supporting, implementing and extending features in Openlink Endur. Hands on and in-depth experience of Endur's C# Open Component API, Open JVS, UDSR's, Report Builder, Operation Services and Services Manager (Grid Architecture). Deep experience of Endur's main modules including one or more: APM (e.g. new page creation, understanding of exposure), Trading Explorer (e.g. deal modelling/capture, templates, expo/PnL results), Market Explorer (e.g. curve and volatility setup, market data analysis) or Admin & Reference Manager (static data, location and pipelines, valuation pools). Working with business partners, developers, architects and testers to define requirements, designs and implement efficient supportable solutions. Experience working on at least one globally traded market, preferably physical commodities. Implementing a test regime to ensure solution quality across the delivery. Working with a hybrid team of delivery resources (internal & external); utilising scrum methodology where relevant. Strong Communications skills with the ability to operate across complex business environments and partners up to executive level. Identifying areas for continual improvement that deliver Technology or Business value.Nice to have: Excellent and demonstrable Oracle SQL skills. In depth experience working in at least one area of Front/Mid/Back office. Understanding of Endur deployment procedures including CMM import/export and cloud DevOps Experience working on European Gas and Power markets Reviewing and elaborating interface specifications for other systems connecting to EndurWhy join us?At bp, we support our people to grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. There are many aspects of our employees' lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, a generous paid parental leave policy, excellent retirement benefits, among others! We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Reinvent your career as you help our business meet the challenges of the future. Apply now! Travel Requirement No travel is expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills: Legal Disclaimer: We are an equal opportunity employer. We do not discriminate on the basis of protected characteristics like race, religion, color, sex, national origin, sexual orientation, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us. If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

You can find out more about this in ourEnterprise Security Architect page is loaded Enterprise Security Architectlocations: Londontime type: Full timeposted on: Posted Todayjob requisition id: JR-The Apex Group was established in Bermuda in 2003 and is now one of the world's largest fund administration and middle office solutions providers.Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion.That's why, at Apex Group, we will do more than simply 'empower' you. We will work to supercharge your unique skills and experience.Take the lead and we'll give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.For our business, for clients, and for you The Role Apex is looking for an experienced Enterprise Security Architect to join our growing Security Architecture team. This role is pivotal in designing and guiding the implementation of secure technology solutions across the organization. You will help build scalable, resilient, and secure systems that support Apex's business objectives and regulatory commitments. Key Responsibilities Design and maintain secure architecture patterns aligned with Apex's technology roadmap and business goals. Serve as the security design authority for assigned projects, initiatives, or architectural domains. Translate security policies and standards into actionable design controls and implementation guidance. Evaluate emerging technologies, products, and platforms for alignment with enterprise security strategy. Conduct architecture risk assessments and threat modelling to identify potential exposures. Collaborate with infrastructure, application, and data teams to ensure secure solution design and integration. Document and maintain security architecture artefacts, including diagrams, control mappings, and design decisions. Develop security reference architectures and reusable design templates. Stay current on emerging threats, vulnerabilities, and technology trends. Execute delegated tasks as deemed appropriate by the Group CISO and other empowered Group Cyber leadership authorities, ensuring timely and effective completion in alignment with organizational priorities. Support the Group Cyber Strategy end-to-end, driving alignment of all activities, decisions, and deliverables with strategic objectives and business outcomes. Areas of Specialization Depending on expertise, the role may focus on one or more of the following domains: Cloud & Infrastructure Security: Secure deployment and integration across hybrid/multi-cloud environments, network security, IaaS/PaaS/SaaS controls, and cloud governance. Application Security: Secure software architecture, threat modelling, DevSecOps, API and identity design, and CI/CD integration. Data, AI & Tokenization: Data classification, privacy-enhancing technologies, encryption/tokenization, AI governance, and secure data pipeline design. Security Architecture Advisory Services: Strategic and technical guidance across domains, aligning security architecture with business objectives. Focus areas include zero trust principles, risk-based decision-making, and security integration into digital transformation initiatives. Required Experience & Skills Experience: 10+ years of overall experience in cybersecurity or infrastructure/application roles, with 5-7 years of experience in architecture, design, or engineering roles involving security. Proven experience architecting secure systems in large or complex enterprise environments. Technical Expertise: Hands-on exposure to one or more of: AWS, Azure, GCP, Kubernetes, IAM, CI/CD, API gateways, SIEM/SOAR, email security, EDR, ZTNA technologies or data security technologies. Strong understanding of security principles, design patterns, and defense-in-depth strategies. Knowledge of Standards: Strong knowledge of relevant security standards and frameworks such as NIST, ISO 27001, CSA CCM, MITRE ATT&CK, SOC2 and OWASP. Communication Skills: Ability to articulate technical risks and architectural decisions to both technical and non-technical audiences. Certifications: Architectural qualifications (e.g., SABSA, TOGAF) are essential. Professional certifications (e.g., CISSP, CCSP, AWS/Azure Architect, GCP Security) are highly desirable. Why Join Apex: Opportunity to work with senior security professionals across multiple global teams. Exposure to modern technologies and enterprise-scale transformation projects. Flexible work options and a strong focus on team collaboration and growth. Opportunity to shape enterprise security architecture in a global organization.Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners. About Apex Group We are dedicated to driving positive change in financial services while fuelling the growth and ambitions of asset managers, allocators, financial institutions, and family offices. Established in Bermuda in 2003, the Group has continually disrupted the asset serving industry through our investment in innovation and talent. Today, we set the pace in asset servicing and stand out for our unique single-source solution and unified cross asset-class platform which supports the entire value chain, harnesses leading innovative technology, and benefits from cross-jurisdictional expertise delivered by a long-standing management team and over 13,000 highly integrated professionals. We're a people-powered business, and our people are full of ambition. Together, we're inspired to lead the new era of data and tech enabled service. Bringing new products and services to market. Sharpening our client focus. Disrupting the market to exceed expectations. Innovating across a range of specialisms. With our focus on making a difference to our people, our planet and our society, you'll experience more here than you would at most other companies.

Waracle are looking for a Principal Cloud Architect (GCP) for an exciting new role joining our world-class digital technology consultancy and home to a diverse, smart, curious and ambitious community of specialists in technology-driven transformation. We work with ambitious clients to help them solve their biggest business and customer challenges. We help our clients to innovate and create intelligent digital products and services. We thrive on complex challenges and deliver business-critical IT transformation projects, moving seamlessly from strategy, design and delivery to operations. This is a Hybrid role based in London. Why This Role? As a Principal Cloud Architect, you will be a high-level strategic advisor, bridging the gap between complex technical cloud architectures and executive business goals. You won't just build infrastructure; you will ensure cloud architecture serves as the foundation for world-class digital products. This role is perfect for a leader who enjoys high-stakes conversations with C-suite stakeholders and thrives on designing transformative, cloud-native strategies. What You'll Be Doing Reporting to the Head of Technology, your role will cover: Driving Strategic Advisory: Designing innovative GCP architectures that align with digital product goals and securing executive alignment. Leading Pre-Sales and Growth: Contributing strategic input to RFPs and proposals while working closely with the Google Cloud Partner Manager. Technical & Product Leadership: Leading client pilots or POCs to demonstrate tangible business value and shaping the adoption of modern practices like DevSecOps. Cultivating Excellence: Mentoring and coaching senior consultants, fostering a culture of continuous learning and a product-led approach to engineering. Championing Innovation: Producing viewpoints on emerging technologies, such as AI and data-driven features, to represent Waracle in senior client forums. What You'll Bring We are looking for a collaborative leader who brings a blend of technical mastery and commercial acumen. If you are passionate about building both great products and great teams, we want to hear from you: Expert-level GCP Mastery: Deep experience in designing and deploying complex, scalable cloud-native architectures. GCP Certifications: Professional certifications (or the ambition to achieve them) and knowledge of Google Cloud's AI products. Strategic Mindset: A proven track record of contributing to winning RFPs and shaping large-scale digital transformations. Executive Presence: The ability to navigate conflict, build confidence, and influence business strategy at the C-level. Empathetic Leadership: Experience coaching technical staff and supporting recruitment to build high-potential, diverse teams. The Recruitment Process You can expect an initial call with a dedicated Talent Acquisition Partner to discuss your aspirations, salary, and benefits. This is followed by a two-stage interview process where you can showcase your skills and learn more about our culture. Your partner will guide you every step of the way to your first day. Our Benefits We believe in supporting our team, inside and outside of work. Here's a glimpse of what you can expect: Rest & Recharge: You'll receive 27 days of annual leave, plus 8 bank holidays, totaling 35 days of holiday to unwind and pursue your passions. Financial Future & Security: Plan for retirement with our company-matched 5% pension contribution. For added peace of mind, we also offer a Death in Service benefit, providing 2 x your annual salary for your loved ones. Health & Wellness: Our Medicash Health Cash Plans help cover everyday healthcare costs, complemented by an Employee Assistance Programme for confidential support, and Group Sickness Cover for peace of mind. Flexible Working: We champion hybrid working, providing a home office setup budget to ensure you're comfortable and productive wherever you are. Learning & Development: Invest in yourself with access to Udemy Business and a dedicated learning and development budget for continuous growth. Lifestyle Perks: Make the most of our Cycle to Work Scheme, and enjoy exclusive gym and retail discounts. Family First: Our enhanced parental leave policies include support for fertility journeys, recognising diverse family needs. Community & Connection: We foster a vibrant culture with regular fun meet-ups and lunch on us in the office once a month. You'll also have the opportunity to make a local impact through Spirit of Waracle, our initiative for getting involved in charitable causes locally, building strong team bonds and giving back. We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, gender, disability, religion/belief, sexual orientation or age.

Cloud Migration Programme Manager (AWS, GCP, Microsoft Azure) - FinTech Skills & Expertise It will be very useful if you have some or all of the following skills and experience: Technology background with early career hands on technical experience eg systems developer, systems engineer, database administrator Experience delivering complex programmes in a hybrid/multi Cloud environment which includes at least one of the "big 3" public Cloud providers ( AWS, Azure or GCP) Experience helping organisations migrate to, build on and optimize their Cloud technology through advisory, delivery planning and implementation is essential Experience helping organisations deliver change through Cloud at enterprise scale Experience helping clients at different stages in their Cloud journey and different levels of Cloud readiness A deep understanding of the full enterprise Cloud context, including but not limited to: business drivers, service onboarding, integration and management, security and controls An understanding, at a conceptual level of Cloud technology, this needs to include: Cloud security and DevSecOps including tooling, Cloud service management and monitoring, staging and control environment build and toolchain integration Experience working with the major Cloud security industry standards and frameworks, such as Mitre ATT&ACK, NIST and CSA Leading large teams of 50+ people both Onshore and Offshore and with budgets of 10m+ Planning and designing the Programme. Proactively monitoring its progress, resolving issues and initiating corrective actions as appropriate Interested? Please apply in via Jobserve for consideration. Microsoft Azure Cloud AWS GCP