Job DescriptionJob Title: Solution ArchitectReq ID: 59066Job Function: Architecture Solution and DesignPosting Start Date: 22/05/2026Posting End Date: 05/06/2026Division: UK BusinessJob Location: GBR Bristol - Assembly, GBR Chippenham Methuen Park HouseAdvertised Salary: Competitive + Market Leading BenefitsPlease note - you will be required to have (or gain) Security Clearance for this role - please only apply if you are eligible (5 years MINIMUM UK residency)About the roleJoin BT's Defence & Defence Industry Partners team as a Solution Architect Specialist, where your work will help design and deliver secure solutions that support critical Defence programmes and contribute to keeping the UK safe and secure.As a trusted partner to Defence sector customers, BT plays a vital role in enabling secure, resilient communications and digital capabilities across some of the most sensitive environments. In this role, you will be part of that mission-helping to protect national interests while delivering meaningful outcomes for customers and society.You'll work closely with colleagues across business, technology, security and operations, as well as external partners, to turn customer needs into practical, secure and scalable solutions. You will also be a trusted technical leader-bringing clarity, confidence and direction so teams deliver at their best, especially in complex and fast-changing environments.What you'll be doingSupport Sales teams with customer engagements.Support Bid teams in responding to private/public sector bids and proposals.Create solutions meeting the customer needs in addressing business and technical challenges and deliver clear outcomes.Taking overall solution architecture design ownership.Provide clear technical direction, helping teams deliver with confidence and focus.Act as a trusted leader, bringing clarity and confidence in complex situations.Work with stakeholders to understand business and technical requirements.Prepare recommendations and design documents, highlighting risks and dependencies.Develop solution roadmaps and governance structures.Provide input to senior stakeholders on architecture direction and understand the value of proposed solutions.Ensure solutions align with enterprise architecture and secure by design standards.Promote good practice in architecture governance throughout the solution's life cycle.Keep up to date with industry trends and best practice.Contribute to programmes that support wider business goals.Share knowledge and support continuous improvement across the team.Support and mentor colleagues to build team capability.Essential Skills / ExperienceExperience designing and delivering end-to-end technical solutions that meet customer needs.Ability to understand business requirements and turn them into practical solution designs.Experience working with stakeholders across business, technology and support teams.Experience in responding to customer engagements, and private/public sector bids and proposals.Experience in Telecommunication and connectivity systems, including enterprise networking and service provider environments.Knowledge of cloud or hosted technologies and how they integrate into wider solutions.Understanding of cyber security principles, including secure by design and risk awareness.Awareness of operational service management systems, including lifecycle considerations.Ability to create clear bid documents, proposals and recommendations.Awareness of architecture governance, standards and compliance requirements.Ability to problem solve, identify risks, dependencies and impacts within a solution.Strong communication skills, with the ability to explain technical ideas clearly.Desirable Skills / ExperienceExperience working in defence or secure environments.Understanding of model-based system engineering within the context of an ICT solution.Experience of network security, boundary protection or secure architectures.Experience with cloud platforms or modern infrastructure approaches.Understanding of solution roadmaps and long-term planning.Professional certifications (e.g. TOGAF, MBSE, Secure by Design and vendor certifications)Our PackageTailored benefits make a real difference. That's why we offer a comprehensive range to support your growth, wellbeing, and everyday life.You can design the package to suit you and your lifestyle. Your core benefits include:10% on target annual bonus25 days HolidayAccess to an online private GP 24/7 for you and your immediate familyMarket-leading paid carers leave with up to 2 weeks offEqualized maternity, paternity, and adoption leave - 18 weeks' full pay and 8 weeks' half payDiscounted EE and BT products, including mobile and broadbandMarket leading Pension scheme - 5% from you and 10% from usHoliday purchase schemeYou can select additional benefits, including healthcare, dental, gym memberships and more when you're ready.Ready to connect for good and help shape the future? .With over 180 years of heritage, BT Business has brought together our best people and capabilities into a B2B powerhouse serving 1.2 million business customers in the UKWe're a leader for secure connectivity and collaboration platforms for businesses of all shapes and sizes, from big household names and government departments, right through to sole traders and new start-ups. But it's not just the technology that matters, it's what it can do to help them build stronger, smarter, more secure businesses.We are Customer-First Challengers, who are Committed, Clear and Connected. We value diversity and inclusion and believe in making a positive impact. We connect for good by championing digital inclusion and equipping people, businesses, and communities with digital skills to thrive.As a member of our team, you will be part of an organisation that celebrates difference, fosters innovation and provides you with opportunities to be your best. With millions of businesses relying on us daily, joining BT means you can be part of a diverse and multi-skilled team that makes a significant impact to society.
23/06/2026
Full time
Job DescriptionJob Title: Solution ArchitectReq ID: 59066Job Function: Architecture Solution and DesignPosting Start Date: 22/05/2026Posting End Date: 05/06/2026Division: UK BusinessJob Location: GBR Bristol - Assembly, GBR Chippenham Methuen Park HouseAdvertised Salary: Competitive + Market Leading BenefitsPlease note - you will be required to have (or gain) Security Clearance for this role - please only apply if you are eligible (5 years MINIMUM UK residency)About the roleJoin BT's Defence & Defence Industry Partners team as a Solution Architect Specialist, where your work will help design and deliver secure solutions that support critical Defence programmes and contribute to keeping the UK safe and secure.As a trusted partner to Defence sector customers, BT plays a vital role in enabling secure, resilient communications and digital capabilities across some of the most sensitive environments. In this role, you will be part of that mission-helping to protect national interests while delivering meaningful outcomes for customers and society.You'll work closely with colleagues across business, technology, security and operations, as well as external partners, to turn customer needs into practical, secure and scalable solutions. You will also be a trusted technical leader-bringing clarity, confidence and direction so teams deliver at their best, especially in complex and fast-changing environments.What you'll be doingSupport Sales teams with customer engagements.Support Bid teams in responding to private/public sector bids and proposals.Create solutions meeting the customer needs in addressing business and technical challenges and deliver clear outcomes.Taking overall solution architecture design ownership.Provide clear technical direction, helping teams deliver with confidence and focus.Act as a trusted leader, bringing clarity and confidence in complex situations.Work with stakeholders to understand business and technical requirements.Prepare recommendations and design documents, highlighting risks and dependencies.Develop solution roadmaps and governance structures.Provide input to senior stakeholders on architecture direction and understand the value of proposed solutions.Ensure solutions align with enterprise architecture and secure by design standards.Promote good practice in architecture governance throughout the solution's life cycle.Keep up to date with industry trends and best practice.Contribute to programmes that support wider business goals.Share knowledge and support continuous improvement across the team.Support and mentor colleagues to build team capability.Essential Skills / ExperienceExperience designing and delivering end-to-end technical solutions that meet customer needs.Ability to understand business requirements and turn them into practical solution designs.Experience working with stakeholders across business, technology and support teams.Experience in responding to customer engagements, and private/public sector bids and proposals.Experience in Telecommunication and connectivity systems, including enterprise networking and service provider environments.Knowledge of cloud or hosted technologies and how they integrate into wider solutions.Understanding of cyber security principles, including secure by design and risk awareness.Awareness of operational service management systems, including lifecycle considerations.Ability to create clear bid documents, proposals and recommendations.Awareness of architecture governance, standards and compliance requirements.Ability to problem solve, identify risks, dependencies and impacts within a solution.Strong communication skills, with the ability to explain technical ideas clearly.Desirable Skills / ExperienceExperience working in defence or secure environments.Understanding of model-based system engineering within the context of an ICT solution.Experience of network security, boundary protection or secure architectures.Experience with cloud platforms or modern infrastructure approaches.Understanding of solution roadmaps and long-term planning.Professional certifications (e.g. TOGAF, MBSE, Secure by Design and vendor certifications)Our PackageTailored benefits make a real difference. That's why we offer a comprehensive range to support your growth, wellbeing, and everyday life.You can design the package to suit you and your lifestyle. Your core benefits include:10% on target annual bonus25 days HolidayAccess to an online private GP 24/7 for you and your immediate familyMarket-leading paid carers leave with up to 2 weeks offEqualized maternity, paternity, and adoption leave - 18 weeks' full pay and 8 weeks' half payDiscounted EE and BT products, including mobile and broadbandMarket leading Pension scheme - 5% from you and 10% from usHoliday purchase schemeYou can select additional benefits, including healthcare, dental, gym memberships and more when you're ready.Ready to connect for good and help shape the future? .With over 180 years of heritage, BT Business has brought together our best people and capabilities into a B2B powerhouse serving 1.2 million business customers in the UKWe're a leader for secure connectivity and collaboration platforms for businesses of all shapes and sizes, from big household names and government departments, right through to sole traders and new start-ups. But it's not just the technology that matters, it's what it can do to help them build stronger, smarter, more secure businesses.We are Customer-First Challengers, who are Committed, Clear and Connected. We value diversity and inclusion and believe in making a positive impact. We connect for good by championing digital inclusion and equipping people, businesses, and communities with digital skills to thrive.As a member of our team, you will be part of an organisation that celebrates difference, fosters innovation and provides you with opportunities to be your best. With millions of businesses relying on us daily, joining BT means you can be part of a diverse and multi-skilled team that makes a significant impact to society.
Job Description Purpose of the role To keep our customers, clients, and colleagues safe by identifying cyber vulnerabilities across the Bank, using a risk based approach to prioritise them, and to drive effective remediation activity. Accountabilities Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host. Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment. Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices. Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales. Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications. Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and elevate breaches of policies/procedures. If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave. Join our Proactive Defence team as an Enterprise Security Posture Management SME, leading capabilities across Attack Surface Management (ASM), Attack Path Management (APM), and Breach & Attack Simulation (BAS) within the CISO organization. You will drive a proactive, threat informed approach to exposure management, helping the bank identify, prioritise, and reduce exploitable security risk through greater visibility, attack path analysis, and continuous control validation. This role is critical to shifting from reactive vulnerability management to proactive exposure reduction by providing continuous visibility of the attack surface, mapping how attackers can move through the environment, and validating security controls through adversary simulation. In doing so, you will help the organization identify, prioritise, and reduce exploitable security risk in a way that is threat informed, measurable, and directly tied to business impact. To be successful in this role, you should have experience with: Attack surface discovery and asset attribution Ability to continuously identify internet-facing assets, shadow IT, domains, subdomains, certificates, cloud services, APIs, SaaS exposures, third party hosted assets, and assets with unclear ownership Risk based exposure prioritisation Ability to prioritise the most material exposures by combining exploitability, business criticality, asset ownership, threat intelligence, vulnerability data, and likelihood of attack Threat-informed attack surface analysis Ability to enrich attack surface findings with attacker techniques, active exploitation trends, KEV data, offensive security teams findings, and sector specific threat intelligence Highly valued skills for this role include: Hands on experience with EASM/ASM platforms Experience using tools such as external attack surface management, CAASM, vulnerability management, cloud posture, and exposure management platforms Cloud, identity, SaaS, CI/CD and API exposure knowledge Understanding of common attack surface risks across AWS, Azure, GCP, Entra ID, Active Directory, Kubernetes, APIs, internet gateways, and exposed management interfaces Understanding of Breach and Attack Simulation techniques Ability to use BAS outputs to validate whether identified exposures are exploitable, test control effectiveness, simulate attacker behaviours, and support evidence-based prioritisation You may be assessed on the critical skills required for success in this role, including risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job specific technical skills. Location : Knutsford.
23/06/2026
Full time
Job Description Purpose of the role To keep our customers, clients, and colleagues safe by identifying cyber vulnerabilities across the Bank, using a risk based approach to prioritise them, and to drive effective remediation activity. Accountabilities Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host. Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment. Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices. Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales. Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications. Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and elevate breaches of policies/procedures. If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave. Join our Proactive Defence team as an Enterprise Security Posture Management SME, leading capabilities across Attack Surface Management (ASM), Attack Path Management (APM), and Breach & Attack Simulation (BAS) within the CISO organization. You will drive a proactive, threat informed approach to exposure management, helping the bank identify, prioritise, and reduce exploitable security risk through greater visibility, attack path analysis, and continuous control validation. This role is critical to shifting from reactive vulnerability management to proactive exposure reduction by providing continuous visibility of the attack surface, mapping how attackers can move through the environment, and validating security controls through adversary simulation. In doing so, you will help the organization identify, prioritise, and reduce exploitable security risk in a way that is threat informed, measurable, and directly tied to business impact. To be successful in this role, you should have experience with: Attack surface discovery and asset attribution Ability to continuously identify internet-facing assets, shadow IT, domains, subdomains, certificates, cloud services, APIs, SaaS exposures, third party hosted assets, and assets with unclear ownership Risk based exposure prioritisation Ability to prioritise the most material exposures by combining exploitability, business criticality, asset ownership, threat intelligence, vulnerability data, and likelihood of attack Threat-informed attack surface analysis Ability to enrich attack surface findings with attacker techniques, active exploitation trends, KEV data, offensive security teams findings, and sector specific threat intelligence Highly valued skills for this role include: Hands on experience with EASM/ASM platforms Experience using tools such as external attack surface management, CAASM, vulnerability management, cloud posture, and exposure management platforms Cloud, identity, SaaS, CI/CD and API exposure knowledge Understanding of common attack surface risks across AWS, Azure, GCP, Entra ID, Active Directory, Kubernetes, APIs, internet gateways, and exposed management interfaces Understanding of Breach and Attack Simulation techniques Ability to use BAS outputs to validate whether identified exposures are exploitable, test control effectiveness, simulate attacker behaviours, and support evidence-based prioritisation You may be assessed on the critical skills required for success in this role, including risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job specific technical skills. Location : Knutsford.
Head of Cyber Security, Google Cloud Public Sector London, UK Job Overview As a part of Google Cloud Public Sector UK, you will empower the UK public sector to build a digital first future. You will bridge the gap between innovation and public service, bringing Google Cloud's technology to the mission critical problems of the UK government. Security is paramount for the problems we work on and the customers we work with. In this executive security leadership role, you will drive the delivery of key security programmes for customers, ensuring our cloud services mitigate threats and enable the customers to take full advantage of the opportunities Google Cloud's technologies offer to transform services and mission critical workloads. You will influence top security leaders and their technical representatives through thought leadership, whiteboard sessions, whitepapers, speaking at events, and solving technical problems. You will engage with internal engineering teams to drive product enhancements that meet our customer security needs and partner with the UK based operations teams who build and scale sovereign cloud. You will have extensive experience working in UK public sector security in a complex organisation that has implemented highly secure infrastructure and application platforms through cloud related innovation in highly regulated, high threat environments. You will hold a detailed understanding of one or more of the following aspects of cloud security: security architecture, security operations, security engineering, governance, risk and compliance. Requirements Must be a British citizen to meet compliance and security clearance requirements. Bachelor's degree or equivalent practical experience. 10 years of experience in a technical cyber security role. 5 years of experience in a technical leadership role and in a customer facing role. 5 years of experience in UK public sector, particularly in applying UK government security standards, risk management processes or working in a regulated security environment. Must possess an active Security Check (SC) UK security clearance, and the ability to obtain Developed Vetting (DV) UK security clearance. Preferred qualifications Master's degree in cyber security, computer science, risk management, auditing, or a related field. Experience in undertaking security architecture reviews, identifying and remediating security vulnerabilities in products or systems. Experience in delivering security change programmes or embedding new security practices and technologies in engineering teams. Experience with a wide range of information security standards and certifications, understanding their application as well as their relative strengths and weaknesses (ISO 27000 family, NIST CSF, SOC reports, PCI DSS, etc.). Responsibilities Lead security programmes and workstreams spanning risk, compliance and security delivery as part of wider delivery programmes. Drive initiatives to solve complex problems, both from within Google and through external partners. Set strategy for cyber security, working to incorporate the strategies for specialist areas such as Security Operations (SecOps) and Compliance. Manage the technical and operational constraints and requirements of public sector or other high security customers and advocate for them on product and engineering roadmaps to achieve the outcomes our customers need regarding security. Cultivate executive stakeholder relationships for security across key customers, shaping their security approach, providing advice, and authoring content to respond to their needs, while supporting customer advocacy initiatives from the wider Google organisation in a UK public sector context. Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity or expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents to be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
23/06/2026
Full time
Head of Cyber Security, Google Cloud Public Sector London, UK Job Overview As a part of Google Cloud Public Sector UK, you will empower the UK public sector to build a digital first future. You will bridge the gap between innovation and public service, bringing Google Cloud's technology to the mission critical problems of the UK government. Security is paramount for the problems we work on and the customers we work with. In this executive security leadership role, you will drive the delivery of key security programmes for customers, ensuring our cloud services mitigate threats and enable the customers to take full advantage of the opportunities Google Cloud's technologies offer to transform services and mission critical workloads. You will influence top security leaders and their technical representatives through thought leadership, whiteboard sessions, whitepapers, speaking at events, and solving technical problems. You will engage with internal engineering teams to drive product enhancements that meet our customer security needs and partner with the UK based operations teams who build and scale sovereign cloud. You will have extensive experience working in UK public sector security in a complex organisation that has implemented highly secure infrastructure and application platforms through cloud related innovation in highly regulated, high threat environments. You will hold a detailed understanding of one or more of the following aspects of cloud security: security architecture, security operations, security engineering, governance, risk and compliance. Requirements Must be a British citizen to meet compliance and security clearance requirements. Bachelor's degree or equivalent practical experience. 10 years of experience in a technical cyber security role. 5 years of experience in a technical leadership role and in a customer facing role. 5 years of experience in UK public sector, particularly in applying UK government security standards, risk management processes or working in a regulated security environment. Must possess an active Security Check (SC) UK security clearance, and the ability to obtain Developed Vetting (DV) UK security clearance. Preferred qualifications Master's degree in cyber security, computer science, risk management, auditing, or a related field. Experience in undertaking security architecture reviews, identifying and remediating security vulnerabilities in products or systems. Experience in delivering security change programmes or embedding new security practices and technologies in engineering teams. Experience with a wide range of information security standards and certifications, understanding their application as well as their relative strengths and weaknesses (ISO 27000 family, NIST CSF, SOC reports, PCI DSS, etc.). Responsibilities Lead security programmes and workstreams spanning risk, compliance and security delivery as part of wider delivery programmes. Drive initiatives to solve complex problems, both from within Google and through external partners. Set strategy for cyber security, working to incorporate the strategies for specialist areas such as Security Operations (SecOps) and Compliance. Manage the technical and operational constraints and requirements of public sector or other high security customers and advocate for them on product and engineering roadmaps to achieve the outcomes our customers need regarding security. Cultivate executive stakeholder relationships for security across key customers, shaping their security approach, providing advice, and authoring content to respond to their needs, while supporting customer advocacy initiatives from the wider Google organisation in a UK public sector context. Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity or expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents to be, criminal histories consistent with legal requirements, or any other basis protected by law. See also Google's EEO Policy, Know your rights: workplace discrimination is illegal, Belonging at Google, and How we hire.
Job Description Purpose of the role To keep our customers, clients, and colleagues safe by identifying cyber vulnerabilities across the Bank, using a risk based approach to prioritise them, and to drive effective remediation activity. Accountabilities Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host. Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment. Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices. Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales. Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications. Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and elevate breaches of policies/procedures. If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave. Join our Proactive Defence team as an Enterprise Security Posture Management SME, leading capabilities across Attack Surface Management (ASM), Attack Path Management (APM), and Breach & Attack Simulation (BAS) within the CISO organization. You will drive a proactive, threat informed approach to exposure management, helping the bank identify, prioritise, and reduce exploitable security risk through greater visibility, attack path analysis, and continuous control validation. This role is critical to shifting from reactive vulnerability management to proactive exposure reduction by providing continuous visibility of the attack surface, mapping how attackers can move through the environment, and validating security controls through adversary simulation. In doing so, you will help the organization identify, prioritise, and reduce exploitable security risk in a way that is threat informed, measurable, and directly tied to business impact. To be successful in this role, you should have experience with: Attack surface discovery and asset attribution Ability to continuously identify internet-facing assets, shadow IT, domains, subdomains, certificates, cloud services, APIs, SaaS exposures, third party hosted assets, and assets with unclear ownership Risk based exposure prioritisation Ability to prioritise the most material exposures by combining exploitability, business criticality, asset ownership, threat intelligence, vulnerability data, and likelihood of attack Threat-informed attack surface analysis Ability to enrich attack surface findings with attacker techniques, active exploitation trends, KEV data, offensive security teams findings, and sector specific threat intelligence Highly valued skills for this role include: Hands on experience with EASM/ASM platforms Experience using tools such as external attack surface management, CAASM, vulnerability management, cloud posture, and exposure management platforms Cloud, identity, SaaS, CI/CD and API exposure knowledge Understanding of common attack surface risks across AWS, Azure, GCP, Entra ID, Active Directory, Kubernetes, APIs, internet gateways, and exposed management interfaces Understanding of Breach and Attack Simulation techniques Ability to use BAS outputs to validate whether identified exposures are exploitable, test control effectiveness, simulate attacker behaviours, and support evidence-based prioritisation You may be assessed on the critical skills required for success in this role, including risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job specific technical skills. Location : Knutsford.
23/06/2026
Full time
Job Description Purpose of the role To keep our customers, clients, and colleagues safe by identifying cyber vulnerabilities across the Bank, using a risk based approach to prioritise them, and to drive effective remediation activity. Accountabilities Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host. Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment. Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affect business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices. Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales. Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications. Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/ processes; deliver continuous improvements and elevate breaches of policies/procedures. If managing a team, they define jobs and responsibilities, planning for the department's future needs and operations, counselling employees on performance and contributing to employee pay decisions/changes. They may also lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. If the position has leadership responsibilities, People Leaders are expected to demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. OR for an individual contributor, they will be a subject matter expert within own discipline and will guide technical direction. They will lead collaborative, multi-year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. They will train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave. Join our Proactive Defence team as an Enterprise Security Posture Management SME, leading capabilities across Attack Surface Management (ASM), Attack Path Management (APM), and Breach & Attack Simulation (BAS) within the CISO organization. You will drive a proactive, threat informed approach to exposure management, helping the bank identify, prioritise, and reduce exploitable security risk through greater visibility, attack path analysis, and continuous control validation. This role is critical to shifting from reactive vulnerability management to proactive exposure reduction by providing continuous visibility of the attack surface, mapping how attackers can move through the environment, and validating security controls through adversary simulation. In doing so, you will help the organization identify, prioritise, and reduce exploitable security risk in a way that is threat informed, measurable, and directly tied to business impact. To be successful in this role, you should have experience with: Attack surface discovery and asset attribution Ability to continuously identify internet-facing assets, shadow IT, domains, subdomains, certificates, cloud services, APIs, SaaS exposures, third party hosted assets, and assets with unclear ownership Risk based exposure prioritisation Ability to prioritise the most material exposures by combining exploitability, business criticality, asset ownership, threat intelligence, vulnerability data, and likelihood of attack Threat-informed attack surface analysis Ability to enrich attack surface findings with attacker techniques, active exploitation trends, KEV data, offensive security teams findings, and sector specific threat intelligence Highly valued skills for this role include: Hands on experience with EASM/ASM platforms Experience using tools such as external attack surface management, CAASM, vulnerability management, cloud posture, and exposure management platforms Cloud, identity, SaaS, CI/CD and API exposure knowledge Understanding of common attack surface risks across AWS, Azure, GCP, Entra ID, Active Directory, Kubernetes, APIs, internet gateways, and exposed management interfaces Understanding of Breach and Attack Simulation techniques Ability to use BAS outputs to validate whether identified exposures are exploitable, test control effectiveness, simulate attacker behaviours, and support evidence-based prioritisation You may be assessed on the critical skills required for success in this role, including risk and controls, change and transformation, business acumen, strategic thinking, digital and technology, and job specific technical skills. Location : Knutsford.
Enterprise Architect - IAM Security Permanent - Up to 110k + strong benefits Location: Hybrid - Cambridge Your new company: A NASDAQ listed semiconductor organisation in the UK is currently looking for an Enterprise Architect focussing on IAM Security to join their ranks. The organisation is very well known in their world and offers strong benefits and hybrid working, as well as shares in the company, split over 4 years. The role responsibilities: You'll play a big role in architecting and designing the organisations' zero trust IAM infrastructure and policies, as well as guiding the strategy behind how they secure their global workforce. You'll work across IT and Security to define, design, and integrate. Some of the main elements of your roles, in the clients' words: Lead the design and implementation of enterprise Zero Trust IAM architecture across AD, Entra ID, SSO, MFA, PAM, and PKI. Create and maintain Zero Trust IAM security roadmaps, patterns, and reference designs. Supporting and partner with IT, GRC, and Engineering teams to ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Whilst the business is looking for the below, a big part of what they're also looking for is the passion and desire to be at the forefront of security. You will want to keep up to date with the latest threats, you will want to find the next tool that can make a difference in an enterprise environment, you will want to push the boundaries and go outside the norm. You will be a part of a forward-thinking team, pushing to be the best around. Strong practical experience in designing and running Identity and Access Management (IAM) solutions within large-scale, complex environments. Deep knowledge of identity protocols (SAML, OAuth2, OIDC, SCIM, LDAP/AD, PKI). Strong zero-trust mindset. Expertise in at least two IAM product areas such as Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What you'll get in return: This role is available for hybrid working with a typical requirement to work 2 days per week in the Cambridge office. Strong salary with decent benefits. 7% pension - employers contribution PMI and dental Shares option ( 60k+) And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
23/06/2026
Full time
Enterprise Architect - IAM Security Permanent - Up to 110k + strong benefits Location: Hybrid - Cambridge Your new company: A NASDAQ listed semiconductor organisation in the UK is currently looking for an Enterprise Architect focussing on IAM Security to join their ranks. The organisation is very well known in their world and offers strong benefits and hybrid working, as well as shares in the company, split over 4 years. The role responsibilities: You'll play a big role in architecting and designing the organisations' zero trust IAM infrastructure and policies, as well as guiding the strategy behind how they secure their global workforce. You'll work across IT and Security to define, design, and integrate. Some of the main elements of your roles, in the clients' words: Lead the design and implementation of enterprise Zero Trust IAM architecture across AD, Entra ID, SSO, MFA, PAM, and PKI. Create and maintain Zero Trust IAM security roadmaps, patterns, and reference designs. Supporting and partner with IT, GRC, and Engineering teams to ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. You will need: Whilst the business is looking for the below, a big part of what they're also looking for is the passion and desire to be at the forefront of security. You will want to keep up to date with the latest threats, you will want to find the next tool that can make a difference in an enterprise environment, you will want to push the boundaries and go outside the norm. You will be a part of a forward-thinking team, pushing to be the best around. Strong practical experience in designing and running Identity and Access Management (IAM) solutions within large-scale, complex environments. Deep knowledge of identity protocols (SAML, OAuth2, OIDC, SCIM, LDAP/AD, PKI). Strong zero-trust mindset. Expertise in at least two IAM product areas such as Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Ability to define standards, partner cross-functionally (IT, GRC, Engineering), and drive risk reduction through threat modelling, compliance (NIST, ISO, GDPR), and ongoing optimisation of identity systems. Experience working with cloud identity (Azure, AWS, or GCP). What you'll get in return: This role is available for hybrid working with a typical requirement to work 2 days per week in the Cambridge office. Strong salary with decent benefits. 7% pension - employers contribution PMI and dental Shares option ( 60k+) And more! Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
# Cyber Security Platform Engineer - Microsoft - LondonIT/Information/Cyber SecurityRef:198 Date Posted: Monday 25 May 2026LinkedInFacebookXTitle: Cyber Security Platform Engineer - MicrosoftReference No: 2161Company: FTSE 100Reports to Security Platform Engineering ManagerLocation: LondonWorking Pattern 37.5 hours per week, Monday - Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).Salary: £59,000 - £72,000Benefits Bupa, Matched pension contributions. The Role Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across) the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. This is a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus.It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on.The Security Platform Engineering function is central to that portfolio - responsible for ensuring that the security tools the organisation invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value. Microsoft is the most strategically significant security platform, and the uplift and optimisation of the Microsoft security estate is one of the most consequential engineering challenges in the GCS transformation programme. Role Summary Reporting to the Security Platform Engineering Manager, the Cyber Security Platform Engineer - Microsoft is the Group dedicated technical authority for the Microsoft security platform. The role carries implied ownership of the full Microsoft security stack: the M365 Defender suite, the security-relevant capabilities of Microsoft Entra ID (conditional access, Privileged Identity Management, access packages, and least privilege), Intune, and the foundational configuration of the Microsoft 365 and Azure environments on which all of these depend. This is a role that extends beyond BAU platform management: a significant part of the initial mandate is to critically assess the current state of the Microsoft estate - spanning E3, Active Directory, Entra ID, Intune, and existing Defender deployments - identify the gaps against vendor-recommended best practice and the Group cyber standard, and build a prioritised strategy and plan to close them.This role is the primary technical owner of that relationship on the GCS side - working directly with the Microsoft team to prioritise, plan, and drive the E5 deployment across the estate, and ensuring that the professional services and engineering resources available are directed at the highest-value activities. The role must navigate the realities of the federated organisation with skill: delivery will depend on partnership with divisional IT teams, and getting there will require excellent stakeholder management, a clear change communication approach, and an absolute commitment to end-user experience. Zero tolerance for avoidable downtime is not a preference - it is a non-negotiable operating constraint.The role works in close partnership with the Cyber Architecture Manager, the Group CTO function, the IT Frameworks Director, Assurance leads, Divisional Security Leads, and the Identity Transformation team. It shares the defining mindset of the whole platform engineering function: genuine passion for the Microsoft platform, curiosity about its full capability, and the drive to get to a secure, consistent, vendor-recommended configuration as quickly and as safely as possible. Role Responsibilities / Accountabilities Microsoft Estate Assessment, Gap Analysis & Strategy • Conduct a structured, critical assessment of the current Microsoft security estate, covering Active Directory, Microsoft Entra ID, Intune, M365 (E3 and current Defender deployments), and Azure security configuration; benchmark the current state against Microsoft's secure score recommendations, vendor best practice, and the Group cyber technical standard, and produce a clear, evidence-based gap analysis.• Develop a prioritised Microsoft security uplift strategy and delivery plan that sequences remediation and enhancement activity by risk reduction impact, operational feasibility, and alignment with the E5 migration roadmap; ensure the plan is realistic for federated environment and has clear milestones, owners, and success criteria.• Maintain the Microsoft security uplift plan as a live document; track progress against milestones, report status to the Security Platform Engineering Manager, and adapt the plan to the Groups environment, the threat landscape, and the Microsoft product roadmap evolve. Microsoft Defender Platform Ownership & Engineering • Own the technical configuration, ongoing engineering, and operational health of the full M365 Defender suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and Microsoft Sentinel integration; maintain configurations to the approved baseline and drive continuous improvement against vendor-recommended configuration.• Work closely with the SOC to tune Defender configurations for effective detection and response; adjust detection rules, custom detection queries, and alert thresholds in response to SOC operational feedback, ensuring analysts receive high-fidelity, actionable alerts with minimal noise.• Develop and maintain detailed configuration documentation, runbooks, and change records for all Defender workloads; ensure configuration state is consistently documented, version-controlled, and auditable. Entra ID Security & Identity Controls • Own the security configuration of Microsoft Entra ID across the Group; take implied technical ownership of the security-relevant Entra capabilities including Conditional Access policy design and enforcement, Privileged Identity Management (PIM), access packages and entitlement management, Identity Protection, and the application of least privilege principles across the directory.• Work with the Cyber Architecture Manager, the IT Frameworks Director, and Assurance leads to ensure that GCS policies - including BYOD, remote access, and privilege management policies - are correctly and completely manifested in Entra Conditional Access policies and Intune device compliance rules; maintain a clear mapping between policy intent and platform configuration.• Support the Active Directory to Entra ID modernisation journey; identify legacy AD configurations and hybrid identity risks that need to be addressed as part of the E5 migration, and work with the Identity Transformation team to ensure Entra security configuration activity is co-ordinated with the broader identity programme.• Own the Intune security configuration, maintain device compliance policies, configuration profiles, and security baselines; ensure Intune is configured to enforce the Group endpoint security standard and provides accurate device compliance data to Entra Conditional Access and the Defender estate. E5 Migration, ECIF Engagement & Microsoft Relationship • Act as GCS's primary technical liaison to the Microsoft ECIF (Engineering Co-Investment Fund) team; plan, prioritise, and drive the E5 deployment programme in partnership with the ECIF team, ensuring that Microsoft engineering resources are directed at the highest-value activities and that the Organisation is getting the maximum benefit from the co-investment engagement.• Manage the technical relationship with Microsoft across the security and identity platform; maintain active engagement with Microsoft technical account management, product specialists, and engineering teams; use the account relationship to gain early access to roadmap briefings, preview features, escalation paths, and best-practice guidance relevant to the organisations environment.• Plan and manage the technical delivery of E5 capability rollout across the divisions; sequence deployment activity to maximise early security value, sequence it safely within the change management constraints, and ensure each phase is fully tested, documented, and supported before moving to the next.• Maintain accurate records of Microsoft licence entitlements, feature adoption, and E5 deployment progress; ensure the Group is consuming the capabilities it is paying for, and provide the Security Platform Engineering Manager with clear, up-to-date visibility of licence utilisation and deployment status.• Policy Manifestation, Standards Alignment & Assurance• Translate Group cyber technical standards and security policies into enforceable Microsoft platform configurations; maintain a clear, auditable mapping between each policy requirement and its implementation in Defender, Entra, Intune, or other Microsoft controls, and ensure divergence is identified and remediated promptly.• Work closely with the Director of Cyber Assurance and Assurance leads to support controls assessment of the Microsoft estate; provide technical evidence of configuration compliance, investigate gaps identified through continuous controls monitoring (including Axonius), and drive remediation of control failures to closure . click apply for full job details
23/06/2026
Full time
# Cyber Security Platform Engineer - Microsoft - LondonIT/Information/Cyber SecurityRef:198 Date Posted: Monday 25 May 2026LinkedInFacebookXTitle: Cyber Security Platform Engineer - MicrosoftReference No: 2161Company: FTSE 100Reports to Security Platform Engineering ManagerLocation: LondonWorking Pattern 37.5 hours per week, Monday - Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).Salary: £59,000 - £72,000Benefits Bupa, Matched pension contributions. The Role Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across) the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. This is a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus.It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on.The Security Platform Engineering function is central to that portfolio - responsible for ensuring that the security tools the organisation invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value. Microsoft is the most strategically significant security platform, and the uplift and optimisation of the Microsoft security estate is one of the most consequential engineering challenges in the GCS transformation programme. Role Summary Reporting to the Security Platform Engineering Manager, the Cyber Security Platform Engineer - Microsoft is the Group dedicated technical authority for the Microsoft security platform. The role carries implied ownership of the full Microsoft security stack: the M365 Defender suite, the security-relevant capabilities of Microsoft Entra ID (conditional access, Privileged Identity Management, access packages, and least privilege), Intune, and the foundational configuration of the Microsoft 365 and Azure environments on which all of these depend. This is a role that extends beyond BAU platform management: a significant part of the initial mandate is to critically assess the current state of the Microsoft estate - spanning E3, Active Directory, Entra ID, Intune, and existing Defender deployments - identify the gaps against vendor-recommended best practice and the Group cyber standard, and build a prioritised strategy and plan to close them.This role is the primary technical owner of that relationship on the GCS side - working directly with the Microsoft team to prioritise, plan, and drive the E5 deployment across the estate, and ensuring that the professional services and engineering resources available are directed at the highest-value activities. The role must navigate the realities of the federated organisation with skill: delivery will depend on partnership with divisional IT teams, and getting there will require excellent stakeholder management, a clear change communication approach, and an absolute commitment to end-user experience. Zero tolerance for avoidable downtime is not a preference - it is a non-negotiable operating constraint.The role works in close partnership with the Cyber Architecture Manager, the Group CTO function, the IT Frameworks Director, Assurance leads, Divisional Security Leads, and the Identity Transformation team. It shares the defining mindset of the whole platform engineering function: genuine passion for the Microsoft platform, curiosity about its full capability, and the drive to get to a secure, consistent, vendor-recommended configuration as quickly and as safely as possible. Role Responsibilities / Accountabilities Microsoft Estate Assessment, Gap Analysis & Strategy • Conduct a structured, critical assessment of the current Microsoft security estate, covering Active Directory, Microsoft Entra ID, Intune, M365 (E3 and current Defender deployments), and Azure security configuration; benchmark the current state against Microsoft's secure score recommendations, vendor best practice, and the Group cyber technical standard, and produce a clear, evidence-based gap analysis.• Develop a prioritised Microsoft security uplift strategy and delivery plan that sequences remediation and enhancement activity by risk reduction impact, operational feasibility, and alignment with the E5 migration roadmap; ensure the plan is realistic for federated environment and has clear milestones, owners, and success criteria.• Maintain the Microsoft security uplift plan as a live document; track progress against milestones, report status to the Security Platform Engineering Manager, and adapt the plan to the Groups environment, the threat landscape, and the Microsoft product roadmap evolve. Microsoft Defender Platform Ownership & Engineering • Own the technical configuration, ongoing engineering, and operational health of the full M365 Defender suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and Microsoft Sentinel integration; maintain configurations to the approved baseline and drive continuous improvement against vendor-recommended configuration.• Work closely with the SOC to tune Defender configurations for effective detection and response; adjust detection rules, custom detection queries, and alert thresholds in response to SOC operational feedback, ensuring analysts receive high-fidelity, actionable alerts with minimal noise.• Develop and maintain detailed configuration documentation, runbooks, and change records for all Defender workloads; ensure configuration state is consistently documented, version-controlled, and auditable. Entra ID Security & Identity Controls • Own the security configuration of Microsoft Entra ID across the Group; take implied technical ownership of the security-relevant Entra capabilities including Conditional Access policy design and enforcement, Privileged Identity Management (PIM), access packages and entitlement management, Identity Protection, and the application of least privilege principles across the directory.• Work with the Cyber Architecture Manager, the IT Frameworks Director, and Assurance leads to ensure that GCS policies - including BYOD, remote access, and privilege management policies - are correctly and completely manifested in Entra Conditional Access policies and Intune device compliance rules; maintain a clear mapping between policy intent and platform configuration.• Support the Active Directory to Entra ID modernisation journey; identify legacy AD configurations and hybrid identity risks that need to be addressed as part of the E5 migration, and work with the Identity Transformation team to ensure Entra security configuration activity is co-ordinated with the broader identity programme.• Own the Intune security configuration, maintain device compliance policies, configuration profiles, and security baselines; ensure Intune is configured to enforce the Group endpoint security standard and provides accurate device compliance data to Entra Conditional Access and the Defender estate. E5 Migration, ECIF Engagement & Microsoft Relationship • Act as GCS's primary technical liaison to the Microsoft ECIF (Engineering Co-Investment Fund) team; plan, prioritise, and drive the E5 deployment programme in partnership with the ECIF team, ensuring that Microsoft engineering resources are directed at the highest-value activities and that the Organisation is getting the maximum benefit from the co-investment engagement.• Manage the technical relationship with Microsoft across the security and identity platform; maintain active engagement with Microsoft technical account management, product specialists, and engineering teams; use the account relationship to gain early access to roadmap briefings, preview features, escalation paths, and best-practice guidance relevant to the organisations environment.• Plan and manage the technical delivery of E5 capability rollout across the divisions; sequence deployment activity to maximise early security value, sequence it safely within the change management constraints, and ensure each phase is fully tested, documented, and supported before moving to the next.• Maintain accurate records of Microsoft licence entitlements, feature adoption, and E5 deployment progress; ensure the Group is consuming the capabilities it is paying for, and provide the Security Platform Engineering Manager with clear, up-to-date visibility of licence utilisation and deployment status.• Policy Manifestation, Standards Alignment & Assurance• Translate Group cyber technical standards and security policies into enforceable Microsoft platform configurations; maintain a clear, auditable mapping between each policy requirement and its implementation in Defender, Entra, Intune, or other Microsoft controls, and ensure divergence is identified and remediated promptly.• Work closely with the Director of Cyber Assurance and Assurance leads to support controls assessment of the Microsoft estate; provide technical evidence of configuration compliance, investigate gaps identified through continuous controls monitoring (including Axonius), and drive remediation of control failures to closure . click apply for full job details
Cyber Security Sales Specialist Role Purpose The Cyber Security Sales Specialist is responsible for driving cybersecurity sales growth across existing customer base by working in partnership with Account Directors, technical consultants, and vendor partners. The role will identify, develop, and close cybersecurity opportunities whilst supporting the growth of recurring managed security services and strategic security programmes. Key Responsibilities Business Development Identify cybersecurity opportunities within existing customer accounts. Develop account-specific security growth plans. Build and maintain a qualified cybersecurity sales pipeline. Support Account Directors in developing security-led opportunities. Engage with customer stakeholders to understand business risks and security challenges. Customer Engagement Lead cybersecurity discovery workshops and customer discussions. Engage with CIOs, CISOs, IT Directors, Compliance Managers, and business leaders. Translate technical cybersecurity solutions into business outcomes and risk reduction. Present cybersecurity strategies, roadmaps, and investment recommendations. Solution Sales Position and sell cybersecurity solutions and services including: Managed Detection & Response (MDR) Security Operations Centre (SOC) services Microsoft Security solutions Identity & Access Management Cloud Security Vulnerability Management Security Assessments Compliance and Governance Services Security Awareness Training Work with technical architects and consultants to develop customer proposals and business cases. Vendor Management Develop strong relationships with strategic security vendors. Leverage vendor funding, campaigns, and lead generation initiatives. Participate in joint customer engagements and marketing activities. Sales Enablement Increase cybersecurity awareness and capability across the sales organisation. Provide coaching and guidance to Account Directors. Share market trends, competitive intelligence, and best practices. Support internal training and sales campaigns. Experience & Skills Essential Proven experience selling cybersecurity solutions or services. Strong understanding of the cybersecurity market and threat landscape. Experience engaging with senior customer stakeholders. Ability to develop and execute sales strategies. Strong commercial and business development skills. Experience working with technology vendors and partner ecosystems. Excellent presentation, communication, and stakeholder management skills. Desirable Experience within an MSP, MSSP, VAR, or systems integrator. Knowledge of Microsoft Security, Sentinel, Defender, Entra, and Security Copilot. Understanding of ISO27001, Cyber Essentials, NIS2, and GDPR. Relevant cybersecurity or sales certifications. Key Performance Indicators Cybersecurity pipeline generated. Cybersecurity revenue won. Managed Security Services ARR growth. Number of security assessments sold. Number of strategic customer security plans developed. Vendor-funded opportunities generated. Security revenue growth across strategic accounts. Personal Attributes Consultative and customer-focused. Commercially driven. Credible at executive level. Collaborative team player. Self-motivated and proactive. Passionate about cybersecurity and emerging technologies. Role Success Statement Success in this role will be measured by the growth of cybersecurity revenue, recurring managed services, and the ability to establish as a trusted cybersecurity advisor within its customer base.
23/06/2026
Full time
Cyber Security Sales Specialist Role Purpose The Cyber Security Sales Specialist is responsible for driving cybersecurity sales growth across existing customer base by working in partnership with Account Directors, technical consultants, and vendor partners. The role will identify, develop, and close cybersecurity opportunities whilst supporting the growth of recurring managed security services and strategic security programmes. Key Responsibilities Business Development Identify cybersecurity opportunities within existing customer accounts. Develop account-specific security growth plans. Build and maintain a qualified cybersecurity sales pipeline. Support Account Directors in developing security-led opportunities. Engage with customer stakeholders to understand business risks and security challenges. Customer Engagement Lead cybersecurity discovery workshops and customer discussions. Engage with CIOs, CISOs, IT Directors, Compliance Managers, and business leaders. Translate technical cybersecurity solutions into business outcomes and risk reduction. Present cybersecurity strategies, roadmaps, and investment recommendations. Solution Sales Position and sell cybersecurity solutions and services including: Managed Detection & Response (MDR) Security Operations Centre (SOC) services Microsoft Security solutions Identity & Access Management Cloud Security Vulnerability Management Security Assessments Compliance and Governance Services Security Awareness Training Work with technical architects and consultants to develop customer proposals and business cases. Vendor Management Develop strong relationships with strategic security vendors. Leverage vendor funding, campaigns, and lead generation initiatives. Participate in joint customer engagements and marketing activities. Sales Enablement Increase cybersecurity awareness and capability across the sales organisation. Provide coaching and guidance to Account Directors. Share market trends, competitive intelligence, and best practices. Support internal training and sales campaigns. Experience & Skills Essential Proven experience selling cybersecurity solutions or services. Strong understanding of the cybersecurity market and threat landscape. Experience engaging with senior customer stakeholders. Ability to develop and execute sales strategies. Strong commercial and business development skills. Experience working with technology vendors and partner ecosystems. Excellent presentation, communication, and stakeholder management skills. Desirable Experience within an MSP, MSSP, VAR, or systems integrator. Knowledge of Microsoft Security, Sentinel, Defender, Entra, and Security Copilot. Understanding of ISO27001, Cyber Essentials, NIS2, and GDPR. Relevant cybersecurity or sales certifications. Key Performance Indicators Cybersecurity pipeline generated. Cybersecurity revenue won. Managed Security Services ARR growth. Number of security assessments sold. Number of strategic customer security plans developed. Vendor-funded opportunities generated. Security revenue growth across strategic accounts. Personal Attributes Consultative and customer-focused. Commercially driven. Credible at executive level. Collaborative team player. Self-motivated and proactive. Passionate about cybersecurity and emerging technologies. Role Success Statement Success in this role will be measured by the growth of cybersecurity revenue, recurring managed services, and the ability to establish as a trusted cybersecurity advisor within its customer base.
This Cyber Security OT Engineer will report to the Cyber Security OT Engineering Manager and will work within The Information Systems directorate based in our Ipswich office. You will be a permanent employee. You will attract a salary of up to £66,000.00 depending on skills, qualifications and experience and a bonus of 7.5%. This role is office based 5 days a week ONLY. Close Date: 02/07/2026 We also provide the following additional benefits Reservist Leave - Additional 18 days full pay and 22 unpaid Personal Pension Plan - Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%) Tenancy Loan Deposit Scheme, Season Ticket Loan Tax efficient benefits: Cycle to Work, Home & Tech, and Green Car Leasing Schemes Occupational Health support Switched On - scheme providing discount on hundreds of retailers' products Discounted gym membership Employee Assistance Programme Job purpose You will support the Operational Technology (OT) Engineering Manager to ensure that UK Power Networks information systems that support the essential function and users are adequately protected from cyber threats. You will also ensure continuous safe and effective business operation, in line with the NCSC NIS Regulation goals. You will work with the IS managed service providers and all partners to implement and operate cyber security systems. Dimensions You will support the Implementation, Administration, Support and Maintenance of the Critical UK Power Networks OT Systems Security Infrastructure Portfolio. This includes FortiNet Firewalls, Switches and Products, Centralised Security Management and Logging Systems, SIEM, PAM, Endpoint, IDS and Cisco ISE Supporting Infrastructure. People - work collaboratively in a team of circa 8 permanent and temporary cyber security architecture resources. Suppliers - regular interaction with 3rd party service providers, specialist technical consultants and cyber security tooling vendors. Communication - the ability to communicate technical cyber security concepts to technical and non-technical colleagues across different levels of seniority to facilitate and ensure understanding of decisions taken across the business. Stakeholders - establish and maintain collaborative working relationships with internal and external technology teams and third-party providers, suppliers, and partners to improve outcomes and create agreement around a course of action. Principal accountabilities Ensure highest standards of safety are applied across all responsibilities Work within the security team and together with Incident Management to resolve customer incidents to agreed SLA and provide timely and accurate feedback. Work within the security team and in conjunction with Problem Management to resolve customer problems, providing in-depth root cause analysis. Organise, prepare, test and implement production changes to the OT Security Infrastructure following strict Change Control Management Processes. Participate in the change authority board. Support the OT Security Infrastructure Setup, Configuration, Performance, Monitoring and Preventative Maintenance tasks. Involved in OT Projects driven by the business to support the security requirements and regulated NISD compliance. Support OT specific cyber security testing concerning project-driven material change within the technology environment and support the wider team on tracking the implementation of resulting remedial actions Help deliver activities within the continuous programme of cyber security improvement relating to OT security enhancements across the SCADA environment Establish and maintain relationships with important partners that maintain business support for OT security measures and improvements Support the wider team to guide root cause analysis of OT related security incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen relevant cyber security controls Cyber security incident response and recovery activities in relation to OT systems to support the Cyber Security Operations Lead and the wider cyber security management capability. Work with cyber security vendors when specifying and testing new hardware, systems or concepts. Provide technical guidance in relation to WAN/LAN and SCADA Networks in relation to security design, implementation, and resilience. You will be responsible for supporting the resilience of the network information systems in relation to the essential function are tested within the agreed schedule. Deputise for the OT Security Engineer (Senior) as and when required. Maintain awareness of emerging security trends, threats, and risks within the Operational Technology (OT) domain. Nature and scope The Technology Department works across UK Power Networks, supporting the company in the achievement of its strategy and vision to become the best performing DNO. The team achieve this through the provision of technology solutions, as well as the optimisation of current solutions to improve how the company operates. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security. You will work with the Operational Technology (OT) Security Lead, OT focused support teams and partners, the rest of Technology team, IT Service Providers and business stakeholders across UKPN to implement and optimise cyber security arrangements. You will blend several skillsets including cyber security and network technology assessment, design, implementation, operation, governance, change management and communications. The main measure of success for this role is upholding the IT/OT and organisational resilience of UKPN concerning cyber threats and incidents. The protective security infrastructure is critical for the safety and reliable communications from the control systems to the 33,000 secondary RTUs, 5,000 Primary RTU's as well as all integrated systems, interfaces and user connections. Qualifications You will have at least 5 years+ experience of Cyber Security or a Networking background in an industrial environment and be able to demonstrate a high level of initiative and commitment towards safety, meeting business objectives and finding solutions. Will be highly self-motivated and be able to work well within a team in providing a great place Preferable Skills and Experience. Working knowledge of Industrial cyber security and data communications Understanding of Industrial protocols such as DNP3, ICCP, IEC 61850 - (MMS and GOOSE) Understanding of NISD Guidance and NCSC CAF, ISA-99/IEC 62443 ISO/IEC 27001/27002 Standards Understanding of the Purdue Model Understanding of SCADA systems within the electricity distribution environment Understanding of Network Communication Mediums (Mobile/Satellite/BGAN/ADSL/Fibre) Technical Expertise in Secure IPSec VPN Technologies Technical Expertise in Networking/Dynamic Routing Technical Expertise in Network Security (FortiNet Products) Technical Expertise in AAA Solutions (Cisco ISE) Technical Expertise in Securing Microsoft Operating Systems Technical Expertise in Securing Linux Operating Systems Technical Expertise in Virtualised Infrastructure (VMware) Understanding of PKI and Certificates Understanding of Scripting Languages such as PowerShell, Python Experience of managing cyber security in the IT/OT environment with both internal and external service provision notably in the area of continuous cyber monitoring and incident response Experience driving continuous cyber security improvements activities Establish excellent relationships with senior colleagues and external stakeholders A UK national suitable for completing UK Government security vetting up to SC level Beneficial in holding an industry renowned information security qualification such as NSE, CCNA, CCNP, CCIE) Health & Safety Responsibilities Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees, those under their control and those who might be affected by the work undertaken, i.e. public, visitors and employees of other organisations. This includes briefing individuals working for them and ensuring there is the necessary understanding, competence and application of requirements to work safely and without harming the environment. Employees will ensure they understand the health and safety risks involved in their work activities and their responsibility to apply the controls needed to manage those risks to acceptable levels. Similarly where work activities can have an adverse impact upon the environment, and where there are legal requirements, employees will understand those impacts and the controls they must ensure are applied. We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
23/06/2026
Full time
This Cyber Security OT Engineer will report to the Cyber Security OT Engineering Manager and will work within The Information Systems directorate based in our Ipswich office. You will be a permanent employee. You will attract a salary of up to £66,000.00 depending on skills, qualifications and experience and a bonus of 7.5%. This role is office based 5 days a week ONLY. Close Date: 02/07/2026 We also provide the following additional benefits Reservist Leave - Additional 18 days full pay and 22 unpaid Personal Pension Plan - Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%) Tenancy Loan Deposit Scheme, Season Ticket Loan Tax efficient benefits: Cycle to Work, Home & Tech, and Green Car Leasing Schemes Occupational Health support Switched On - scheme providing discount on hundreds of retailers' products Discounted gym membership Employee Assistance Programme Job purpose You will support the Operational Technology (OT) Engineering Manager to ensure that UK Power Networks information systems that support the essential function and users are adequately protected from cyber threats. You will also ensure continuous safe and effective business operation, in line with the NCSC NIS Regulation goals. You will work with the IS managed service providers and all partners to implement and operate cyber security systems. Dimensions You will support the Implementation, Administration, Support and Maintenance of the Critical UK Power Networks OT Systems Security Infrastructure Portfolio. This includes FortiNet Firewalls, Switches and Products, Centralised Security Management and Logging Systems, SIEM, PAM, Endpoint, IDS and Cisco ISE Supporting Infrastructure. People - work collaboratively in a team of circa 8 permanent and temporary cyber security architecture resources. Suppliers - regular interaction with 3rd party service providers, specialist technical consultants and cyber security tooling vendors. Communication - the ability to communicate technical cyber security concepts to technical and non-technical colleagues across different levels of seniority to facilitate and ensure understanding of decisions taken across the business. Stakeholders - establish and maintain collaborative working relationships with internal and external technology teams and third-party providers, suppliers, and partners to improve outcomes and create agreement around a course of action. Principal accountabilities Ensure highest standards of safety are applied across all responsibilities Work within the security team and together with Incident Management to resolve customer incidents to agreed SLA and provide timely and accurate feedback. Work within the security team and in conjunction with Problem Management to resolve customer problems, providing in-depth root cause analysis. Organise, prepare, test and implement production changes to the OT Security Infrastructure following strict Change Control Management Processes. Participate in the change authority board. Support the OT Security Infrastructure Setup, Configuration, Performance, Monitoring and Preventative Maintenance tasks. Involved in OT Projects driven by the business to support the security requirements and regulated NISD compliance. Support OT specific cyber security testing concerning project-driven material change within the technology environment and support the wider team on tracking the implementation of resulting remedial actions Help deliver activities within the continuous programme of cyber security improvement relating to OT security enhancements across the SCADA environment Establish and maintain relationships with important partners that maintain business support for OT security measures and improvements Support the wider team to guide root cause analysis of OT related security incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen relevant cyber security controls Cyber security incident response and recovery activities in relation to OT systems to support the Cyber Security Operations Lead and the wider cyber security management capability. Work with cyber security vendors when specifying and testing new hardware, systems or concepts. Provide technical guidance in relation to WAN/LAN and SCADA Networks in relation to security design, implementation, and resilience. You will be responsible for supporting the resilience of the network information systems in relation to the essential function are tested within the agreed schedule. Deputise for the OT Security Engineer (Senior) as and when required. Maintain awareness of emerging security trends, threats, and risks within the Operational Technology (OT) domain. Nature and scope The Technology Department works across UK Power Networks, supporting the company in the achievement of its strategy and vision to become the best performing DNO. The team achieve this through the provision of technology solutions, as well as the optimisation of current solutions to improve how the company operates. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security. You will work with the Operational Technology (OT) Security Lead, OT focused support teams and partners, the rest of Technology team, IT Service Providers and business stakeholders across UKPN to implement and optimise cyber security arrangements. You will blend several skillsets including cyber security and network technology assessment, design, implementation, operation, governance, change management and communications. The main measure of success for this role is upholding the IT/OT and organisational resilience of UKPN concerning cyber threats and incidents. The protective security infrastructure is critical for the safety and reliable communications from the control systems to the 33,000 secondary RTUs, 5,000 Primary RTU's as well as all integrated systems, interfaces and user connections. Qualifications You will have at least 5 years+ experience of Cyber Security or a Networking background in an industrial environment and be able to demonstrate a high level of initiative and commitment towards safety, meeting business objectives and finding solutions. Will be highly self-motivated and be able to work well within a team in providing a great place Preferable Skills and Experience. Working knowledge of Industrial cyber security and data communications Understanding of Industrial protocols such as DNP3, ICCP, IEC 61850 - (MMS and GOOSE) Understanding of NISD Guidance and NCSC CAF, ISA-99/IEC 62443 ISO/IEC 27001/27002 Standards Understanding of the Purdue Model Understanding of SCADA systems within the electricity distribution environment Understanding of Network Communication Mediums (Mobile/Satellite/BGAN/ADSL/Fibre) Technical Expertise in Secure IPSec VPN Technologies Technical Expertise in Networking/Dynamic Routing Technical Expertise in Network Security (FortiNet Products) Technical Expertise in AAA Solutions (Cisco ISE) Technical Expertise in Securing Microsoft Operating Systems Technical Expertise in Securing Linux Operating Systems Technical Expertise in Virtualised Infrastructure (VMware) Understanding of PKI and Certificates Understanding of Scripting Languages such as PowerShell, Python Experience of managing cyber security in the IT/OT environment with both internal and external service provision notably in the area of continuous cyber monitoring and incident response Experience driving continuous cyber security improvements activities Establish excellent relationships with senior colleagues and external stakeholders A UK national suitable for completing UK Government security vetting up to SC level Beneficial in holding an industry renowned information security qualification such as NSE, CCNA, CCNP, CCIE) Health & Safety Responsibilities Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees, those under their control and those who might be affected by the work undertaken, i.e. public, visitors and employees of other organisations. This includes briefing individuals working for them and ensuring there is the necessary understanding, competence and application of requirements to work safely and without harming the environment. Employees will ensure they understand the health and safety risks involved in their work activities and their responsibility to apply the controls needed to manage those risks to acceptable levels. Similarly where work activities can have an adverse impact upon the environment, and where there are legal requirements, employees will understand those impacts and the controls they must ensure are applied. We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
Senior Cyber Security Analyst The closing date is 01 July 2026 We are seeking a highly skilled and motivated Senior Cyber Security Analyst to join our Digital team. This is a pivotal role within the Digital Team in delivering cyber security services across the Trust and wider health and care system. This role is ideal for someone who brings experience of cyber operations and can apply that knowledge to strengthen and evolve our detection and response capability in a complex NHS environment, where patient safety and operational continuity are critical. The role will be involved in delivering digital safety, security and overall improvement, adhering to the Trusts objectives. The post holder will manage the delivery of all cyber security related services and applications, including cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber related assertions, policy and procedure lifecycle management, cyber alerts or other accreditations, ensuring appropriate responses to NHSE, Cyber Auditors and any other 3rd parties and ensuring the Trust's information compliance adheres to standards and industry frameworks for cyber security. Main duties of the job Lead the day-to-day operation and ongoing development of our SOC and SIEM capability Own and continuously improve detection use cases, alerting, triage, and response processes Act as a technical lead for monitoring and detection, ensuring controls are effective, proportionate, and aligned to risk Investigate and respond to security incidents, providing clear, risk-based analysis and recommendations Use threat intelligence and operational insight to continually improve detection capability Provide meaningful reporting and assurance on SOC performance and cyber posture Support the evolution of our future SOC model, including partnership working where required Provide guidance and mentoring to colleagues, helping to build capability and embed effective SOC and incident response practices across the team. Why this role matters You will play a key role in strengthening our cyber resilience You will have real ownership and influence over how SOC services are delivered You will help build a capable, sustainable internal cyber function About us Royal Papworth Hospital NHS Foundation Trust is the UK's leading heart and lung hospital, delivering care to more than 50,000 patients a year in its new state of the art hospital in Cambridge. We perform the most heart and/or lung transplants in the UK and carried out the UK's first successful heart transplant in 1979. It also offers emergency heart attack treatment, sleep centre care and is one of just five centres nationally for those in severe respiratory failure. Based on the Cambridge Biomedical Campus - the largest centre of medical research and health science in Europe - the Trust is at the heart of treatments of the future. Royal Papworth became the first hospital trust in the country to be rated outstanding in all five areas assessed by the Care Quality Commission - a rating it still holds today. The Trust holds its values of compassion, excellence & collaboration at its core, and all colleagues joining the team are expected to uphold these in their day-to-day roles & interactions. Royal Papworth is proud of its diverse workforce and encourages people to embrace their individuality. The Trust values difference and welcomes all applications irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy & maternity, race, religion & belief, sex and sexual orientation. Providing they meet the minimum post criteria, applicants with disabilities will be offered an interview. Person Specification Qualifications Degree level qualification relevant for the role or demonstrable equivalent level of experience. Specialist cyber related qualifications such as CISSP, CompTIA, ISACA etc. Previous experience of working in digital in the NHS or a healthcare setting. Previous experience of managing a team. Experience Evidence of continued professional development. Ability to generate statistics/analysis, write reports and develop business cases. Ability to prepare and produce concise yet insightful communications for dissemination to senior stakeholders and a broad range of external stakeholders and business partners as required. Previous experience of working to tight KPI's/targets. Previous experience of imputing into strategic plans and policies. Previous experience of project and change management skills and/or techniques. Experience of Threat Hunting and Intelligence gathering along with associated methodologies. Good understanding of ISO 27001, 27002, GDPR, NIST, CSF, OWASP & ATT&CK Framework. IT security assessment and risk management using best practice IT security standards. Experience in working with SIEM tools, Microsoft Defender for Endpoint, XDR, Network Intrusion Detection & Prevention Systems, Firewalls/Proxies. Ability to work proactively under own initiative, take responsibility and demonstrate leadership. AV system design implementation and concept documentation. Good understanding of TCP/IP. Ability to deal with many conflicting priorities. Ability to cope with new and changing demands, dealing with complex issues requiring good analytical and problem-solving skills. Ability to work autonomously. Experience of managing, leading and motivating a team. Handling complex organisational issues and constraints. Experience of facilitating change in practice to improve services. Leading projects. Knowledge of the Information Governance Toolkit (or equivalent standards). Business case development and annual long term planning. Leading service changes to improve performance. Identifying and interpreting national policy and implementing required changes. Additional Criteria As well as being able to demonstrate examples of how they work in a way that is consistent with our values of compassion, excellence and collaboration the successful candidate will be able to clearly demonstrate a commitment to driving culture change through equality, diversity and inclusion. Treat all colleagues, patients, visitors in a manner that meets equal opportunities and good practice. Able to foster excellent working relationships at all levels. Able to build relationships with ease, gaining trust and maintaining confidentiality. Demonstrates care and compassion in all aspects of work. Commitment to CPD of self and others; maintaining up to date knowledge of the appropriate regulations to enable adherence and to implement new regulations as required. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Royal Papworth Hospital NHS Foundation Trust
23/06/2026
Full time
Senior Cyber Security Analyst The closing date is 01 July 2026 We are seeking a highly skilled and motivated Senior Cyber Security Analyst to join our Digital team. This is a pivotal role within the Digital Team in delivering cyber security services across the Trust and wider health and care system. This role is ideal for someone who brings experience of cyber operations and can apply that knowledge to strengthen and evolve our detection and response capability in a complex NHS environment, where patient safety and operational continuity are critical. The role will be involved in delivering digital safety, security and overall improvement, adhering to the Trusts objectives. The post holder will manage the delivery of all cyber security related services and applications, including cyber risk management, Data Security Protection Toolkit (DSPT) compliance against cyber related assertions, policy and procedure lifecycle management, cyber alerts or other accreditations, ensuring appropriate responses to NHSE, Cyber Auditors and any other 3rd parties and ensuring the Trust's information compliance adheres to standards and industry frameworks for cyber security. Main duties of the job Lead the day-to-day operation and ongoing development of our SOC and SIEM capability Own and continuously improve detection use cases, alerting, triage, and response processes Act as a technical lead for monitoring and detection, ensuring controls are effective, proportionate, and aligned to risk Investigate and respond to security incidents, providing clear, risk-based analysis and recommendations Use threat intelligence and operational insight to continually improve detection capability Provide meaningful reporting and assurance on SOC performance and cyber posture Support the evolution of our future SOC model, including partnership working where required Provide guidance and mentoring to colleagues, helping to build capability and embed effective SOC and incident response practices across the team. Why this role matters You will play a key role in strengthening our cyber resilience You will have real ownership and influence over how SOC services are delivered You will help build a capable, sustainable internal cyber function About us Royal Papworth Hospital NHS Foundation Trust is the UK's leading heart and lung hospital, delivering care to more than 50,000 patients a year in its new state of the art hospital in Cambridge. We perform the most heart and/or lung transplants in the UK and carried out the UK's first successful heart transplant in 1979. It also offers emergency heart attack treatment, sleep centre care and is one of just five centres nationally for those in severe respiratory failure. Based on the Cambridge Biomedical Campus - the largest centre of medical research and health science in Europe - the Trust is at the heart of treatments of the future. Royal Papworth became the first hospital trust in the country to be rated outstanding in all five areas assessed by the Care Quality Commission - a rating it still holds today. The Trust holds its values of compassion, excellence & collaboration at its core, and all colleagues joining the team are expected to uphold these in their day-to-day roles & interactions. Royal Papworth is proud of its diverse workforce and encourages people to embrace their individuality. The Trust values difference and welcomes all applications irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy & maternity, race, religion & belief, sex and sexual orientation. Providing they meet the minimum post criteria, applicants with disabilities will be offered an interview. Person Specification Qualifications Degree level qualification relevant for the role or demonstrable equivalent level of experience. Specialist cyber related qualifications such as CISSP, CompTIA, ISACA etc. Previous experience of working in digital in the NHS or a healthcare setting. Previous experience of managing a team. Experience Evidence of continued professional development. Ability to generate statistics/analysis, write reports and develop business cases. Ability to prepare and produce concise yet insightful communications for dissemination to senior stakeholders and a broad range of external stakeholders and business partners as required. Previous experience of working to tight KPI's/targets. Previous experience of imputing into strategic plans and policies. Previous experience of project and change management skills and/or techniques. Experience of Threat Hunting and Intelligence gathering along with associated methodologies. Good understanding of ISO 27001, 27002, GDPR, NIST, CSF, OWASP & ATT&CK Framework. IT security assessment and risk management using best practice IT security standards. Experience in working with SIEM tools, Microsoft Defender for Endpoint, XDR, Network Intrusion Detection & Prevention Systems, Firewalls/Proxies. Ability to work proactively under own initiative, take responsibility and demonstrate leadership. AV system design implementation and concept documentation. Good understanding of TCP/IP. Ability to deal with many conflicting priorities. Ability to cope with new and changing demands, dealing with complex issues requiring good analytical and problem-solving skills. Ability to work autonomously. Experience of managing, leading and motivating a team. Handling complex organisational issues and constraints. Experience of facilitating change in practice to improve services. Leading projects. Knowledge of the Information Governance Toolkit (or equivalent standards). Business case development and annual long term planning. Leading service changes to improve performance. Identifying and interpreting national policy and implementing required changes. Additional Criteria As well as being able to demonstrate examples of how they work in a way that is consistent with our values of compassion, excellence and collaboration the successful candidate will be able to clearly demonstrate a commitment to driving culture change through equality, diversity and inclusion. Treat all colleagues, patients, visitors in a manner that meets equal opportunities and good practice. Able to foster excellent working relationships at all levels. Able to build relationships with ease, gaining trust and maintaining confidentiality. Demonstrates care and compassion in all aspects of work. Commitment to CPD of self and others; maintaining up to date knowledge of the appropriate regulations to enable adherence and to implement new regulations as required. Disclosure and Barring Service Check This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. Royal Papworth Hospital NHS Foundation Trust
Information Security Specialist ?Bristol Hybrid Working Up to £55,000 + Bonus Artis Recruitment is delighted to be partnering with a leading professional services organisation in the search for an Information Security Specialist. This is an excellent opportunity to join a well-established business where information security is a key strategic priority. Working closely with technology teams, business stakeholders and external security partners, you will help protect the organisation's information assets, support security governance activities and contribute to the ongoing development of its security posture. The successful candidate will play a broad role across information security, including risk management, incident response, compliance, security awareness and client assurance activities. This position offers genuine variety and the opportunity to influence security practices across the wider organisation. Key Responsibilities Support and maintain the organisation's Information Security Management System (ISMS). Identify, assess and mitigate information security risks across the business. Investigate and respond to security incidents, working with internal teams and external security partners. Support compliance activities, audits and security certifications including ISO 27001 and Cyber Essentials Plus. Respond to client security enquiries and assist with supplier security assessments. Promote security awareness and best practice throughout the organisation. About You To be successful in this role, you will have previous experience in an Information Security, Cyber Security or Security Governance position and possess a strong understanding of security principles, risk management and security frameworks. You will also demonstrate: Experience working with frameworks such as ISO 27001 and Cyber Essentials Plus. Knowledge of security incident management and threat mitigation. Strong communication and stakeholder management skills. A proactive approach to continuous improvement and professional development. A genuine passion for information security and emerging technologies. Relevant certifications such as CISSP, CISM or CompTIA Security+ would be advantageous but are not essential. Package & Benefits Salary up to £55,000 Annual bonus Private Medical Insurance (BUPA) Competitive pension scheme 25 days annual leave Travel-related benefits Hybrid working model Ongoing training and development opportunities This is a fantastic opportunity to join a respected organisation that is investing heavily in its information security capability and offers excellent long-term career prospects.
23/06/2026
Full time
Information Security Specialist ?Bristol Hybrid Working Up to £55,000 + Bonus Artis Recruitment is delighted to be partnering with a leading professional services organisation in the search for an Information Security Specialist. This is an excellent opportunity to join a well-established business where information security is a key strategic priority. Working closely with technology teams, business stakeholders and external security partners, you will help protect the organisation's information assets, support security governance activities and contribute to the ongoing development of its security posture. The successful candidate will play a broad role across information security, including risk management, incident response, compliance, security awareness and client assurance activities. This position offers genuine variety and the opportunity to influence security practices across the wider organisation. Key Responsibilities Support and maintain the organisation's Information Security Management System (ISMS). Identify, assess and mitigate information security risks across the business. Investigate and respond to security incidents, working with internal teams and external security partners. Support compliance activities, audits and security certifications including ISO 27001 and Cyber Essentials Plus. Respond to client security enquiries and assist with supplier security assessments. Promote security awareness and best practice throughout the organisation. About You To be successful in this role, you will have previous experience in an Information Security, Cyber Security or Security Governance position and possess a strong understanding of security principles, risk management and security frameworks. You will also demonstrate: Experience working with frameworks such as ISO 27001 and Cyber Essentials Plus. Knowledge of security incident management and threat mitigation. Strong communication and stakeholder management skills. A proactive approach to continuous improvement and professional development. A genuine passion for information security and emerging technologies. Relevant certifications such as CISSP, CISM or CompTIA Security+ would be advantageous but are not essential. Package & Benefits Salary up to £55,000 Annual bonus Private Medical Insurance (BUPA) Competitive pension scheme 25 days annual leave Travel-related benefits Hybrid working model Ongoing training and development opportunities This is a fantastic opportunity to join a respected organisation that is investing heavily in its information security capability and offers excellent long-term career prospects.
Outside IR35 Hybrid (2/3 days in the London office a week) We're supporting a leading financial services organisation in the search for an experienced Vulnerability Manager to join their Cyber Security team on an initial 6-month contract. This is a hands-on role for a cyber security professional who can take ownership of the vulnerability management lifecycle from end to end. You'll assess the current framework, identify gaps in processes and controls, improve vulnerability management capabilities, and work closely with technology teams to drive remediation activities. We're looking for a do-er rather than a project manager - someone who is comfortable getting into the detail, analysing security risks, challenging stakeholders, and helping the business reduce its overall attack surface. Key Responsibilities: Manage the full vulnerability management lifecycle, from identification through to remediation and closure. Conduct vulnerability assessments and analyse findings across infrastructure, cloud and endpoint environments. Identify gaps in existing processes, tooling and controls, and recommend improvements. Work closely with technology teams to prioritise and remediate security vulnerabilities. Produce meaningful reporting, metrics and dashboards for stakeholders. Support ISO27001 and wider cyber security governance requirements. Leverage Microsoft security technologies to improve vulnerability visibility and management. Key Skills & Experience: Proven experience managing vulnerability management programmes within complex enterprise environments. Strong understanding of vulnerability assessment, risk prioritisation and remediation processes. Hands-on experience with Microsoft Defender and the wider Microsoft security ecosystem. Experience using Microsoft Security Copilot. Strong KQL (Kusto Query Language) skills. Ability to identify weaknesses, implement improvements and drive security best practice. Excellent stakeholder management and communication skills. If you're an experienced vulnerability management specialist with strong Microsoft security expertise and are available for a new contract opportunity, I'd be keen to hear from you.
23/06/2026
Contractor
Outside IR35 Hybrid (2/3 days in the London office a week) We're supporting a leading financial services organisation in the search for an experienced Vulnerability Manager to join their Cyber Security team on an initial 6-month contract. This is a hands-on role for a cyber security professional who can take ownership of the vulnerability management lifecycle from end to end. You'll assess the current framework, identify gaps in processes and controls, improve vulnerability management capabilities, and work closely with technology teams to drive remediation activities. We're looking for a do-er rather than a project manager - someone who is comfortable getting into the detail, analysing security risks, challenging stakeholders, and helping the business reduce its overall attack surface. Key Responsibilities: Manage the full vulnerability management lifecycle, from identification through to remediation and closure. Conduct vulnerability assessments and analyse findings across infrastructure, cloud and endpoint environments. Identify gaps in existing processes, tooling and controls, and recommend improvements. Work closely with technology teams to prioritise and remediate security vulnerabilities. Produce meaningful reporting, metrics and dashboards for stakeholders. Support ISO27001 and wider cyber security governance requirements. Leverage Microsoft security technologies to improve vulnerability visibility and management. Key Skills & Experience: Proven experience managing vulnerability management programmes within complex enterprise environments. Strong understanding of vulnerability assessment, risk prioritisation and remediation processes. Hands-on experience with Microsoft Defender and the wider Microsoft security ecosystem. Experience using Microsoft Security Copilot. Strong KQL (Kusto Query Language) skills. Ability to identify weaknesses, implement improvements and drive security best practice. Excellent stakeholder management and communication skills. If you're an experienced vulnerability management specialist with strong Microsoft security expertise and are available for a new contract opportunity, I'd be keen to hear from you.
OT Analyst/TechnicianApplylocations: Windsortime type: Full timeposted on: Posted 8 Days Agotime left to apply: End Date: May 23, 2026 (6 days left to apply)job requisition id: R Join us, be part of more. We're so much more than an energy company. We're a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn't rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That's why working here is . We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. As part of Centricas new transformation, you have an opportunity to play your part - Our Operational Technology keeps energy moving safely and reliably - and this role plays a vital part in protecting it. As an OT Analyst/Technician, you'll provide hands on support across our OT cybersecurity and resilience activities, ensuring that industrial control systems remain secure, compliant and operationally robust.You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement of our OT controls, processes and tooling, making use of data driven and automated capabilities to streamline routine tasks and enhance the quality and speed of delivery.This is a technically focused role with real operational impact, offering the opportunity to build deep OT expertise while contributing directly to the safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate and monitor OT cybersecurity controls across Centrica Power sites, performing routine health checks, maintenance, and configuration validation in line with Security Operations processes. Contribute to OT risk, compliance, and audit activities, including risk reviews, penetration testing, regulatory evidence preparation, and validation of remediation actions against standards such as NIS and ISO 27001. Maintain accurate OT asset, patch, backup, and recovery records, validating third party activities and ensuring systems remain resilient, recoverable, and compliant with Centrica security standards. Implement and support secure OT connectivity, including network configurations and vendor remote access, monitoring sessions, escalating anomalies, and supporting vendor assessments. Maintain OT cybersecurity documentation and registers, support resilience testing and recovery drills, assist with tooling and process improvements, and contribute to OT security awareness and training activities. What we need from you Experience working hands on with, or closely alongside, Operational Technology and industrial control systems within energy or large industrial environments, with a good understanding of how OT operates. Practical knowledge of automation, controls, OT networks, protocols, and security controls. Experience supporting OT cybersecurity activities such as incident response, monitoring, patching, backups, and secure remote access. Working knowledge of OT security frameworks and regulations (e.g. IEC 62443, NIS, ISO 27001). Ability to work effectively with engineers, vendors, and cybersecurity teams to maintain secure and resilient OT operations. Degree in Cybersecurity, IT/Engineering (or equivalent experience); relevant OT security certifications preferred. Excellent collaboration and communication skills, enabling effective facilitation across operations, finance, compliance, architecture, and delivery teams for both technical and non-technical audiences. AI / Digital fluency skills Demonstrates the safe and responsible use of AI tools, with clear knowledge of when AI use is appropriate and strong awareness of accuracy, bias and compliance. Bringing the ability to design and reuse prompt templates to support consistent, high-quality workflow outputs, and skilled in using AI to triage, classify and analyse information within Centrica policy guardrails. Strong ability to recognise higher-risk scenarios and escalate to governance or security as needed. Alongside this, showing proficiency in enterprise AI co-pilots, knowledge assistants and AI-enhanced productivity tools. Why should you apply? We're not a perfect place - but we're a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That's why we've designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we're a great place to work and what being part of more means for you. you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
23/06/2026
Full time
OT Analyst/TechnicianApplylocations: Windsortime type: Full timeposted on: Posted 8 Days Agotime left to apply: End Date: May 23, 2026 (6 days left to apply)job requisition id: R Join us, be part of more. We're so much more than an energy company. We're a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn't rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That's why working here is . We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. As part of Centricas new transformation, you have an opportunity to play your part - Our Operational Technology keeps energy moving safely and reliably - and this role plays a vital part in protecting it. As an OT Analyst/Technician, you'll provide hands on support across our OT cybersecurity and resilience activities, ensuring that industrial control systems remain secure, compliant and operationally robust.You'll work closely with engineers, cybersecurity specialists, and external partners to monitor OT environments, support incident response, maintain asset and patch records, and contribute to risk, compliance and audit activities. The role also supports the ongoing improvement of our OT controls, processes and tooling, making use of data driven and automated capabilities to streamline routine tasks and enhance the quality and speed of delivery.This is a technically focused role with real operational impact, offering the opportunity to build deep OT expertise while contributing directly to the safe, secure and continuous delivery of energy to millions. Location: UK-based hybrid role, Occasional travel to site. Day to day Support OT cybersecurity incident response, including investigation, evidence gathering, containment, remediation, and technical actions such as system isolation and patching, under CSIRT and GSOC guidance. Operate and monitor OT cybersecurity controls across Centrica Power sites, performing routine health checks, maintenance, and configuration validation in line with Security Operations processes. Contribute to OT risk, compliance, and audit activities, including risk reviews, penetration testing, regulatory evidence preparation, and validation of remediation actions against standards such as NIS and ISO 27001. Maintain accurate OT asset, patch, backup, and recovery records, validating third party activities and ensuring systems remain resilient, recoverable, and compliant with Centrica security standards. Implement and support secure OT connectivity, including network configurations and vendor remote access, monitoring sessions, escalating anomalies, and supporting vendor assessments. Maintain OT cybersecurity documentation and registers, support resilience testing and recovery drills, assist with tooling and process improvements, and contribute to OT security awareness and training activities. What we need from you Experience working hands on with, or closely alongside, Operational Technology and industrial control systems within energy or large industrial environments, with a good understanding of how OT operates. Practical knowledge of automation, controls, OT networks, protocols, and security controls. Experience supporting OT cybersecurity activities such as incident response, monitoring, patching, backups, and secure remote access. Working knowledge of OT security frameworks and regulations (e.g. IEC 62443, NIS, ISO 27001). Ability to work effectively with engineers, vendors, and cybersecurity teams to maintain secure and resilient OT operations. Degree in Cybersecurity, IT/Engineering (or equivalent experience); relevant OT security certifications preferred. Excellent collaboration and communication skills, enabling effective facilitation across operations, finance, compliance, architecture, and delivery teams for both technical and non-technical audiences. AI / Digital fluency skills Demonstrates the safe and responsible use of AI tools, with clear knowledge of when AI use is appropriate and strong awareness of accuracy, bias and compliance. Bringing the ability to design and reuse prompt templates to support consistent, high-quality workflow outputs, and skilled in using AI to triage, classify and analyse information within Centrica policy guardrails. Strong ability to recognise higher-risk scenarios and escalate to governance or security as needed. Alongside this, showing proficiency in enterprise AI co-pilots, knowledge assistants and AI-enhanced productivity tools. Why should you apply? We're not a perfect place - but we're a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That's why we've designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we're a great place to work and what being part of more means for you. you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
Information Security Specialist Bristol Hybrid Working Up to £55,000 + Bonus Artis Recruitment is delighted to be partnering with a leading professional services organisation in the search for an Information Security Specialist. This is an excellent opportunity to join a well-established business where information security is a key strategic priority. Working closely with technology teams, business stakeholders and external security partners, you will help protect the organisation's information assets, support security governance activities and contribute to the ongoing development of its security posture. The successful candidate will play a broad role across information security, including risk management, incident response, compliance, security awareness and client assurance activities. This position offers genuine variety and the opportunity to influence security practices across the wider organisation. Key Responsibilities Support and maintain the organisation's Information Security Management System (ISMS). Identify, assess and mitigate information security risks across the business. Investigate and respond to security incidents, working with internal teams and external security partners. Support compliance activities, audits and security certifications including ISO 27001 and Cyber Essentials Plus. Respond to client security enquiries and assist with supplier security assessments. Promote security awareness and best practice throughout the organisation. About You To be successful in this role, you will have previous experience in an Information Security, Cyber Security or Security Governance position and possess a strong understanding of security principles, risk management and security frameworks. You will also demonstrate: Experience working with frameworks such as ISO 27001 and Cyber Essentials Plus. Knowledge of security incident management and threat mitigation.Strong communication and stakeholder management skills. A proactive approach to continuous improvement and professional development. A genuine passion for information security and emerging technologies. Relevant certifications such as CISSP, CISM or CompTIA Security+ would be advantageous but are not essential. Salary up to £55,000 Annual bonus Private Medical Insurance (BUPA) 25 days annual leave Travel-related benefits Ongoing training and development opportunities This is a fantastic opportunity to join a respected organisation that is investing heavily in its information security capability and offers excellent long-term career prospects.
23/06/2026
Full time
Information Security Specialist Bristol Hybrid Working Up to £55,000 + Bonus Artis Recruitment is delighted to be partnering with a leading professional services organisation in the search for an Information Security Specialist. This is an excellent opportunity to join a well-established business where information security is a key strategic priority. Working closely with technology teams, business stakeholders and external security partners, you will help protect the organisation's information assets, support security governance activities and contribute to the ongoing development of its security posture. The successful candidate will play a broad role across information security, including risk management, incident response, compliance, security awareness and client assurance activities. This position offers genuine variety and the opportunity to influence security practices across the wider organisation. Key Responsibilities Support and maintain the organisation's Information Security Management System (ISMS). Identify, assess and mitigate information security risks across the business. Investigate and respond to security incidents, working with internal teams and external security partners. Support compliance activities, audits and security certifications including ISO 27001 and Cyber Essentials Plus. Respond to client security enquiries and assist with supplier security assessments. Promote security awareness and best practice throughout the organisation. About You To be successful in this role, you will have previous experience in an Information Security, Cyber Security or Security Governance position and possess a strong understanding of security principles, risk management and security frameworks. You will also demonstrate: Experience working with frameworks such as ISO 27001 and Cyber Essentials Plus. Knowledge of security incident management and threat mitigation.Strong communication and stakeholder management skills. A proactive approach to continuous improvement and professional development. A genuine passion for information security and emerging technologies. Relevant certifications such as CISSP, CISM or CompTIA Security+ would be advantageous but are not essential. Salary up to £55,000 Annual bonus Private Medical Insurance (BUPA) 25 days annual leave Travel-related benefits Ongoing training and development opportunities This is a fantastic opportunity to join a respected organisation that is investing heavily in its information security capability and offers excellent long-term career prospects.
Why work for us? A career at Janus Henderson is more than a job, it's about investing in a brighter future together. Our Mission Janus Henderson's mission is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world class service. We do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right. Our Values Clients Come First - Always Execution Supersedes Intention Together We Win Diversity Improves Results Truth Builds Trust If our mission, values, and purpose align with your own, we would love to hear from you! Your opportunity Policy Development and Management Develop and maintain comprehensive cybersecurity policies and procedures. Ensure these policies align with industry standards and regulatory requirements. Assist in the integration of security practices and controls across various technical and non technical departments, enhancing workflow and operational processes. Risk Management Conduct regular risk assessments to help identify vulnerabilities and threats. Collaborate and oversee the implementation of risk mitigation strategies. Monitor emerging threats and evolving technologies to continuously refine risk assessment protocols. Design and evaluate control metrics for assessing the effectiveness of cybersecurity measures. Collaborate with Enterprise Risk Management to embed cyber risk into broader risk registers and board level reporting. Compliance Management Monitor and ensure compliance with internal policies, industry standards, and regulatory requirements. Engage with required stakeholders in Technology, Legal, Compliance and Internal Audit as required. Compile and deliver detailed compliance reports to senior management. Monitor upcoming regulations and prepare compliance roadmaps. Training and Awareness Support and enhance engaging cybersecurity awareness training programs. Foster a company wide culture of cybersecurity awareness. Keep current with the latest cybersecurity trends and best practices to inform training content and security measures. Train and guide wider tech team members on best practices in cybersecurity risk management. Incident Management Actively participate in the response to security incidents. Support post incident evaluations and reporting. Collaborate with relevant stakeholders to devise and enforce corrective measures aimed at bolstering defences against future incidents. Stakeholder Engagement Maintain clear and effective communication with stakeholders at all levels. Provide expert guidance on cybersecurity best practices. Work collaboratively with Technology and other departments to achieve comprehensive security objectives. Must have skills Bachelor's Degree in Information Technology, Cybersecurity, or a related field; equivalent work experience also considered. 3 to 5 years of professional experience in information security. Certification such as Certified Information Systems Security Professional (CISSP) strongly preferred. Deep understanding of cybersecurity principles, frameworks (such as NIST, ISO/IEC 27001), and compliance standards. Experience with financial service regulations and regulations such as FCA, SEC, MAS, DORA. Proficient knowledge of network security principles and controls such as firewalls, IPS/IPD, TCP/IP, DHCP, and DNS. Extensive experience in securing operating systems such as Windows, UNIX/Linux and Mac systems, including security access rights, implementing configuration best practices. Knowledge of cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid, community) and experience in implementing and managing cloud security best practices. In depth knowledge of IAM principles and technologies to manage digital identities and control user access, and experience with Single Sign On (SSO), Multi Factor Authentication (MFA), and role based access control (RBAC) systems to enhance security and operational efficiency. Understanding of Secure DevOps/CI/CD pipeline governance. No supervisory responsibilities. You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role. At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from candidates from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at . LN2 HYBRID Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion). All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
23/06/2026
Full time
Why work for us? A career at Janus Henderson is more than a job, it's about investing in a brighter future together. Our Mission Janus Henderson's mission is to help clients define and achieve superior financial outcomes through differentiated insights, disciplined investments, and world class service. We do this by protecting and growing our core business, amplifying our strengths and diversifying where we have the right. Our Values Clients Come First - Always Execution Supersedes Intention Together We Win Diversity Improves Results Truth Builds Trust If our mission, values, and purpose align with your own, we would love to hear from you! Your opportunity Policy Development and Management Develop and maintain comprehensive cybersecurity policies and procedures. Ensure these policies align with industry standards and regulatory requirements. Assist in the integration of security practices and controls across various technical and non technical departments, enhancing workflow and operational processes. Risk Management Conduct regular risk assessments to help identify vulnerabilities and threats. Collaborate and oversee the implementation of risk mitigation strategies. Monitor emerging threats and evolving technologies to continuously refine risk assessment protocols. Design and evaluate control metrics for assessing the effectiveness of cybersecurity measures. Collaborate with Enterprise Risk Management to embed cyber risk into broader risk registers and board level reporting. Compliance Management Monitor and ensure compliance with internal policies, industry standards, and regulatory requirements. Engage with required stakeholders in Technology, Legal, Compliance and Internal Audit as required. Compile and deliver detailed compliance reports to senior management. Monitor upcoming regulations and prepare compliance roadmaps. Training and Awareness Support and enhance engaging cybersecurity awareness training programs. Foster a company wide culture of cybersecurity awareness. Keep current with the latest cybersecurity trends and best practices to inform training content and security measures. Train and guide wider tech team members on best practices in cybersecurity risk management. Incident Management Actively participate in the response to security incidents. Support post incident evaluations and reporting. Collaborate with relevant stakeholders to devise and enforce corrective measures aimed at bolstering defences against future incidents. Stakeholder Engagement Maintain clear and effective communication with stakeholders at all levels. Provide expert guidance on cybersecurity best practices. Work collaboratively with Technology and other departments to achieve comprehensive security objectives. Must have skills Bachelor's Degree in Information Technology, Cybersecurity, or a related field; equivalent work experience also considered. 3 to 5 years of professional experience in information security. Certification such as Certified Information Systems Security Professional (CISSP) strongly preferred. Deep understanding of cybersecurity principles, frameworks (such as NIST, ISO/IEC 27001), and compliance standards. Experience with financial service regulations and regulations such as FCA, SEC, MAS, DORA. Proficient knowledge of network security principles and controls such as firewalls, IPS/IPD, TCP/IP, DHCP, and DNS. Extensive experience in securing operating systems such as Windows, UNIX/Linux and Mac systems, including security access rights, implementing configuration best practices. Knowledge of cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid, community) and experience in implementing and managing cloud security best practices. In depth knowledge of IAM principles and technologies to manage digital identities and control user access, and experience with Single Sign On (SSO), Multi Factor Authentication (MFA), and role based access control (RBAC) systems to enhance security and operational efficiency. Understanding of Secure DevOps/CI/CD pipeline governance. No supervisory responsibilities. You will be expected to understand the regulatory obligations of the firm, and abide by the regulated entity requirements and JHI policies applicable for your role. At Janus Henderson Investors we're committed to an inclusive and supportive environment. We believe diversity improves results and we welcome applications from candidates from all backgrounds. Don't worry if you don't think you tick every box, we still want to hear from you! We understand everyone has different commitments and while we can't accommodate every flexible working request we're happy to be asked about work flexibility and our hybrid working environment. If you need any reasonable accommodations during our recruitment process, please get in touch and let us know at . LN2 HYBRID Janus Henderson (including its subsidiaries) will not maintain existing or sponsor new industry registrations or licenses where not supported by an employee's job functions (as determined by Janus Henderson at its sole discretion). All applicants must be willing to comply with the provisions of Janus Henderson Investment Advisory Code of Ethics related to personal securities activities and other disclosure and certification requirements, including past political contributions and political activities. Applicants' past political contributions or activity may impact applicants' eligibility for this position. Janus Henderson is an equal opportunity /Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. All applications are subject to background checks.
Daintta is a rapidly growing, values-driven team of specialists who work with public sector and government clients across Cyber, Telecommunications and Data. We are seeking a talented and motivated Cyber Security Consultant to join our team and contribute to our mission of protecting the UK through data-driven insights and solutions. We are looking for a Strategy, Engagement & Risk Consultant who intuitively understands clients' needs, considers both immediate and strategic goals, and can apply their experience creatively to meet new and complex challenges. Key Responsibilities Cyber Strategy Development: Supporting the development and roll out of cyber security strategies, capabilities, and operating models to meet our clients' goals. Stakeholder Management: Understanding our clients' needs, challenges, and opportunities, and building strong relationships with key stakeholders as a trusted partner and 'critical friend'. Risk Management: Undertaking risk and maturity assessments, providing strategic guidance on how to improve cybersecurity posture using a risk-based approach with articulation of mitigations/ controls and their respective impact on reducing risk. Communication: Utilising strong written and verbal communication skills to support presentations, reports, and broader communications to a diverse set of audiences including C-Suite stakeholders, including the translation of technical concepts into business language. Control Implementation: Implement security controls utilising knowledge of how security controls interact with IT service delivery. Delivery: Accurately delivering high quality work to agreed timelines, taking the initiative, utilising the strength of the wider team appropriately to support you, and knowing how to jump straight in. Growth: Helping to support & grow Daintta by actively contributing towards the company strategy and helping to shape our future. Our Values: Representing us and our core values: transparency, fairness and daring. Skills/Knowledge You have relevant industry experience undertaking strategic, cyber security projects. You may have a degree or qualification in cybersecurity, IT or a related area, or otherwise demonstrable experience in a related field. You have working knowledge and/or experience of best practice industry frameworks and standards, such as NIST, CAF and ISO27001. You demonstrate continued personal development through relevant certifications, academic qualifications, hobbies, and/or wider interests. You have strong interpersonal skills. You have UK security clearance at SC or above or are eligible and willing to go through clearance. Location? Hybrid, with 2-3 days working from Daintta office (London or Cheltenham) or on client site as required. Benefits We believe in supporting our people both professionally and personally. Here's what you can expect when you join us: Time Off 25 days annual leave, plus bank holidays Up to 5 days annual training leave with a dedicated training budget Up to 3 days annual volunteering leave - give back to the community Competitive maternity, paternity, shared parental leave & compassionate leave Health & Wellness Comprehensive Private Health Insurance Employee Assistance Programme - 24/7 support services £2,000 Flex Cash Allowance, paid pro-rata over the year Financial Benefits 5% pension contribution Discretionary company awards and bonuses, based on performance and company targets Professional Development Up to £1,000 annual training budget (access to additional training and development budget via business case) Up to 5 days annual training leave 1 professional membership paid annually Up to £200 of additional IT budget for new joiners Perks Free breakfast every Tuesday in the London office Fortnightly drinks - in London Regular social events, quizzes, and guest workshops Huckletree perks - including gym and restaurant discounts Employee referral programme Monthly breakfast club in our Cheltenham office What's in it for you? You will be joining the company at Daintta "Consultant" grade. In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Security Information Due to clients' requirements, all applications are strictly subject to security clearance requirements relevant to the role.
23/06/2026
Full time
Daintta is a rapidly growing, values-driven team of specialists who work with public sector and government clients across Cyber, Telecommunications and Data. We are seeking a talented and motivated Cyber Security Consultant to join our team and contribute to our mission of protecting the UK through data-driven insights and solutions. We are looking for a Strategy, Engagement & Risk Consultant who intuitively understands clients' needs, considers both immediate and strategic goals, and can apply their experience creatively to meet new and complex challenges. Key Responsibilities Cyber Strategy Development: Supporting the development and roll out of cyber security strategies, capabilities, and operating models to meet our clients' goals. Stakeholder Management: Understanding our clients' needs, challenges, and opportunities, and building strong relationships with key stakeholders as a trusted partner and 'critical friend'. Risk Management: Undertaking risk and maturity assessments, providing strategic guidance on how to improve cybersecurity posture using a risk-based approach with articulation of mitigations/ controls and their respective impact on reducing risk. Communication: Utilising strong written and verbal communication skills to support presentations, reports, and broader communications to a diverse set of audiences including C-Suite stakeholders, including the translation of technical concepts into business language. Control Implementation: Implement security controls utilising knowledge of how security controls interact with IT service delivery. Delivery: Accurately delivering high quality work to agreed timelines, taking the initiative, utilising the strength of the wider team appropriately to support you, and knowing how to jump straight in. Growth: Helping to support & grow Daintta by actively contributing towards the company strategy and helping to shape our future. Our Values: Representing us and our core values: transparency, fairness and daring. Skills/Knowledge You have relevant industry experience undertaking strategic, cyber security projects. You may have a degree or qualification in cybersecurity, IT or a related area, or otherwise demonstrable experience in a related field. You have working knowledge and/or experience of best practice industry frameworks and standards, such as NIST, CAF and ISO27001. You demonstrate continued personal development through relevant certifications, academic qualifications, hobbies, and/or wider interests. You have strong interpersonal skills. You have UK security clearance at SC or above or are eligible and willing to go through clearance. Location? Hybrid, with 2-3 days working from Daintta office (London or Cheltenham) or on client site as required. Benefits We believe in supporting our people both professionally and personally. Here's what you can expect when you join us: Time Off 25 days annual leave, plus bank holidays Up to 5 days annual training leave with a dedicated training budget Up to 3 days annual volunteering leave - give back to the community Competitive maternity, paternity, shared parental leave & compassionate leave Health & Wellness Comprehensive Private Health Insurance Employee Assistance Programme - 24/7 support services £2,000 Flex Cash Allowance, paid pro-rata over the year Financial Benefits 5% pension contribution Discretionary company awards and bonuses, based on performance and company targets Professional Development Up to £1,000 annual training budget (access to additional training and development budget via business case) Up to 5 days annual training leave 1 professional membership paid annually Up to £200 of additional IT budget for new joiners Perks Free breakfast every Tuesday in the London office Fortnightly drinks - in London Regular social events, quizzes, and guest workshops Huckletree perks - including gym and restaurant discounts Employee referral programme Monthly breakfast club in our Cheltenham office What's in it for you? You will be joining the company at Daintta "Consultant" grade. In addition to being rewarded fairly for your contribution to the business, you get to work in a dynamic organisation that is agile and responsive. A business that is growing fast and where you get to drive and shape the future. A place where you are respected by everyone and your voice is important. Somewhere where you can be innovative and creative. A place where you have the opportunity to learn about all aspects of business from marketing to sales, to delivery and business operations. Security Information Due to clients' requirements, all applications are strictly subject to security clearance requirements relevant to the role.
Software EngineerApplylocations: Windsortime type: Full timeposted on: Posted 8 Days Agotime left to apply: End Date: May 23, 2026 (6 days left to apply)job requisition id: R Join us, be part of more. We're so much more than an energy company. We're a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn't rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That's why working here is . We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. Centrica, Technology is a core driver of how we deliver our strategy. You'll join a team modernising our platforms, strengthening cyber and operational resilience, and advancing a product led way of working that brings engineers, data specialists and business experts together to deliver meaningful outcomes at pace.We're scaling automation and AI from proof of concept into real, end to end change - improving customer journeys, reducing cost to serve, accelerating delivery, and building the digital foundations that underpin everything from energy trading and risk to field operations and critical infrastructure.If you want to work on complex, high impact problems using modern engineering practices, and help build reusable platforms that will shape how Centrica operates over the next decade, this is the place to do it. An opportunity to play your part - The Software Engineer is responsible for designing, building and maintaining high quality software solutions that support critical customer and business platforms. This role focuses on delivering reliable, secure and maintainable services, working as part of a cross-functional team to turn product requirements into working software that operates at scale. The Software Engineer contributes to the full software lifecycle, from design and development through to testing, deployment and live support, while continuously improving engineering practices and developing their technical capability. Location : UK-based hybrid role, Occasional travel to site. Day to day: Design, build, test and maintain high quality software solutions across the Customer Platform, contributing to services built on Salesforce, Microsoft Dynamics 365 Finance & Operations and AWS. Deliver well structured, secure and maintainable code that meets agreed functional and non-functional requirements, following established engineering standards and best practices. Work as part of a cross-functional squad, collaborating closely with Product, QA, Architecture and Operations to deliver customer and business outcomes. Contribute to the design of integrations and APIs that support end to end customer journeys across multiple platforms and systems. Participate in code reviews, design discussions and technical refinement sessions, providing constructive input and learning from others. Own the quality of your work through automated testing, peer review and proactive defect resolution. Support the operation of live services by contributing to incident investigation, root cause analysis and ongoing platform improvements. Continuously improve your technical skills and understanding of the platform, tools and domain, applying a growth mindset to both delivery and learning. Follow security, compliance and data protection requirements, ensuring customer and business data is handled responsibly. Take ownership for delivering agreed work items to a high standard, raising risks and blockers early and contributing positively to team delivery. What we need from you: 5 plus years in software development delivering scalable production systems. Experience in cloud based and API driven architectures.Strong coding capability in relevant languages and frameworks. Experience with CI CD, automated testing and secure coding practices. Ability to design maintainable and resilient solutions.Degree in Computer Science, Engineering or related field, or equivalent practical experience.No mandatory certification required, though cloud platform certifications such as AWS are desirable.Demonstrated experience working as a software engineer within a cross-functional delivery team in a modern product or platform environment. Hands-on experience designing, building and supporting software solutions within at least one of the following domains: Salesforce, Microsoft Dynamics 365 Finance & Operations, or cloud-based services on AWS. Experience building and consuming APIs and integrations to support end-to-end customer or business processes across multiple systems. Working knowledge of modern software engineering practices including source control, CI/CD pipelines, automated testing and code review. Experience writing secure, maintainable and well-tested code, with an understanding of non-functional requirements such as performance, resilience and scalability. Familiarity with cloud-native concepts such as event-driven architectures, asynchronous processing and managed services. Experience supporting live services, including participation in incident investigation, defect resolution and continuous improvement activities. Understanding of security, data protection and compliance principles relevant to customer platforms and enterprise systems. Ability to analyse problems, troubleshoot issues and contribute to technical solutions with appropriate guidance. Strong communication skills, with the ability to collaborate effectively with engineers, product managers, QA and other stakeholders. Core Behaviours: Take Ownership Work as One Team Develop a Growth Mindset Strive to Innovate Champion Customers AI / Digital fluency skills: Ability to design, integrate and operate AI enabled solutions within enterprise environments, including prompt driven workflows, retrieval augmented systems and AI agents. Applying structured evaluation, testing and monitoring practices to ensure AI outputs are reliable, secure and compliant with organisational guardrails. Prepares and manages data used in AI workflows and take responsibility for the responsible lifecycle of AI features from experimentation through to deployment and continuous improvement. Why should you apply? We're not a perfect place - but we're a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That's why we've designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we're a great place to work and what being part of more means for you. you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
23/06/2026
Full time
Software EngineerApplylocations: Windsortime type: Full timeposted on: Posted 8 Days Agotime left to apply: End Date: May 23, 2026 (6 days left to apply)job requisition id: R Join us, be part of more. We're so much more than an energy company. We're a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn't rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That's why working here is . We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. Centrica, Technology is a core driver of how we deliver our strategy. You'll join a team modernising our platforms, strengthening cyber and operational resilience, and advancing a product led way of working that brings engineers, data specialists and business experts together to deliver meaningful outcomes at pace.We're scaling automation and AI from proof of concept into real, end to end change - improving customer journeys, reducing cost to serve, accelerating delivery, and building the digital foundations that underpin everything from energy trading and risk to field operations and critical infrastructure.If you want to work on complex, high impact problems using modern engineering practices, and help build reusable platforms that will shape how Centrica operates over the next decade, this is the place to do it. An opportunity to play your part - The Software Engineer is responsible for designing, building and maintaining high quality software solutions that support critical customer and business platforms. This role focuses on delivering reliable, secure and maintainable services, working as part of a cross-functional team to turn product requirements into working software that operates at scale. The Software Engineer contributes to the full software lifecycle, from design and development through to testing, deployment and live support, while continuously improving engineering practices and developing their technical capability. Location : UK-based hybrid role, Occasional travel to site. Day to day: Design, build, test and maintain high quality software solutions across the Customer Platform, contributing to services built on Salesforce, Microsoft Dynamics 365 Finance & Operations and AWS. Deliver well structured, secure and maintainable code that meets agreed functional and non-functional requirements, following established engineering standards and best practices. Work as part of a cross-functional squad, collaborating closely with Product, QA, Architecture and Operations to deliver customer and business outcomes. Contribute to the design of integrations and APIs that support end to end customer journeys across multiple platforms and systems. Participate in code reviews, design discussions and technical refinement sessions, providing constructive input and learning from others. Own the quality of your work through automated testing, peer review and proactive defect resolution. Support the operation of live services by contributing to incident investigation, root cause analysis and ongoing platform improvements. Continuously improve your technical skills and understanding of the platform, tools and domain, applying a growth mindset to both delivery and learning. Follow security, compliance and data protection requirements, ensuring customer and business data is handled responsibly. Take ownership for delivering agreed work items to a high standard, raising risks and blockers early and contributing positively to team delivery. What we need from you: 5 plus years in software development delivering scalable production systems. Experience in cloud based and API driven architectures.Strong coding capability in relevant languages and frameworks. Experience with CI CD, automated testing and secure coding practices. Ability to design maintainable and resilient solutions.Degree in Computer Science, Engineering or related field, or equivalent practical experience.No mandatory certification required, though cloud platform certifications such as AWS are desirable.Demonstrated experience working as a software engineer within a cross-functional delivery team in a modern product or platform environment. Hands-on experience designing, building and supporting software solutions within at least one of the following domains: Salesforce, Microsoft Dynamics 365 Finance & Operations, or cloud-based services on AWS. Experience building and consuming APIs and integrations to support end-to-end customer or business processes across multiple systems. Working knowledge of modern software engineering practices including source control, CI/CD pipelines, automated testing and code review. Experience writing secure, maintainable and well-tested code, with an understanding of non-functional requirements such as performance, resilience and scalability. Familiarity with cloud-native concepts such as event-driven architectures, asynchronous processing and managed services. Experience supporting live services, including participation in incident investigation, defect resolution and continuous improvement activities. Understanding of security, data protection and compliance principles relevant to customer platforms and enterprise systems. Ability to analyse problems, troubleshoot issues and contribute to technical solutions with appropriate guidance. Strong communication skills, with the ability to collaborate effectively with engineers, product managers, QA and other stakeholders. Core Behaviours: Take Ownership Work as One Team Develop a Growth Mindset Strive to Innovate Champion Customers AI / Digital fluency skills: Ability to design, integrate and operate AI enabled solutions within enterprise environments, including prompt driven workflows, retrieval augmented systems and AI agents. Applying structured evaluation, testing and monitoring practices to ensure AI outputs are reliable, secure and compliant with organisational guardrails. Prepares and manages data used in AI workflows and take responsibility for the responsible lifecycle of AI features from experimentation through to deployment and continuous improvement. Why should you apply? We're not a perfect place - but we're a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That's why we've designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we're a great place to work and what being part of more means for you. you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
Work with usOur team are passionate in the pursuit of excellence and in pushing the boundaries of cancer therapy and Autoimmune disease to deliver life-changing treatments to patients.Whilst working at Autolus you will enjoy a flexible, diverse and dynamic working environment which actively promotes creativity, leadership and teamwork - together we are ONE Autolus.Job Description:Job Title: Senior Applications Manager (Corporate & Commercial Applications)Reports to Senior Director, Application ManagementDepartment: ITHours: Monday - Friday (core office hours)Location: Mediaworks (London) Hybrid working with occasional travel to StevenageAbout AutolusAutolus is a biopharmaceutical company, advancing innovative therapies at both clinical and commercial stages of development, focused on next-generation, programmed T cell therapies for the treatment of cancer. Using a broad suite of proprietary and modular T cell programming technologies, the company is engineering precisely targeted, controlled, and highly active T cell therapies designed to better recognize cancer cells, break down their defence mechanisms, and eliminate these cells. Autolus has a pipeline of product candidates in development for the treatment of haematological malignancies, solid tumours, and autoimmune diseases.Why AutolusOur team is passionate in the pursuit of excellence and in pushing the boundaries of cancer therapy and autoimmune diseases to deliver life-changing treatments to patients. Whilst working at Autolus you will enjoy a flexible, diverse, and dynamic working environment which actively promotes creativity, leadership and teamwork. In addition to this Autolus is proud to offer a competitive salary, performance related bonus as well as a comprehensive benefits package.Our PromiseAutolus is developing complex, breakthrough therapies for a globally diverse market and equally recognises that diversity amongst our people is critical to our mission. As we draw on our differences, what we've experienced, and how we work, we celebrate diversity and are committed to creating an inclusive environment for all employees.Role SummaryThe Senior Applications Manager is responsible for owning and overseeing a portfolio of enterprise applications, including systems such as CRM, ERP, HRIS, and their associated integrations, which support key corporate and commercial business functions.This role is accountable for ensuring that these applications consistently deliver reliable, high-quality, secure, and cost-effective outcomes for the organisation. While not directly responsible for day-to-day support operations, the role provides strategic direction to service delivery teams and holds them accountable for performance, service quality, and adherence to agreed SLAs and operational standards.A key aspect of the position is maintaining oversight of application health, performance, resilience, and stability across the portfolio, ensuring systems remain fit for purpose, compliant, and aligned with evolving business needs. The role is also responsible for establishing, maturing, and embedding effective governance frameworks and operational rhythms that support the ongoing health, stability, and continuous improvement of applications within a BAU environment. This includes implementing structured review cadences, service governance forums, risk and issue management processes, change oversight, vendor performance management, and KPI reporting mechanisms to drive operational excellence and accountability across the application landscape.The Senior Applications Manager will chair or contribute to governance forums and ensure appropriate controls, policies, and standards are implemented across the application portfolio. This includes ensuring that application changes are assessed, prioritised, approved, and delivered in line with business priorities, regulatory expectations, cybersecurity requirements, and IT governance standards.The role works closely with business stakeholders to understand strategic priorities, shape demand, and ensure application roadmaps, investment decisions, and enhancement activities are aligned with organisational objectives. In addition, the role acts as a key escalation and decision-making point for application-related risks, issues, technical debt, and continuous improvement opportunities across the portfolio.Key ResponsibilitiesSupport Oversight (via Service Delivery)Partner with Service Delivery Managers (SDMs) and support teams to ensure strong application support performanceDefine expectations for support quality, SLAs, and user experienceReview incident trends and ensure systemic issues are identified and resolvedHold vendors and support teams accountable for outcomes, not just activityBusiness Partnering and Demand PrioritizationWork closely with Business Stakeholders (BSOs) to understand day-to-day operational needs.Translate needs into a prioritized backlog based on business impact and urgencyMake clear trade-offs across competing demands and limited capacityEnsure delivery is high quality and cost-conscious, not just fastFinancial Ownership & OptimizationOwn budget for applications, including licenses, vendors, and run costsIdentify and drive opportunities for cost optimization and efficiencyEnsure the application landscape scales in a financially sustainable way as the business growsManage renewals, contracts, and commercial negotiationsVendor & Contract ManagementManage third-party vendors and partners delivering support and enhancementsNegotiate and manage contracts, scope, and commercial termsEnsure vendors are delivering value for money and meeting expectationsDrive accountability and performance improvements where neededData-Driven Decision MakingUse data (ticket trends, usage metrics, cost data, performance metrics) to guide decisionsContinuously reassess priorities and approaches based on new informationBe willing to challenge assumptions and adjust direction when neededIntegration & System Landscape OversightMaintain visibility across integrations between systems (e.g., CRM ERPHRIS)Ensure changes are considered in the context of the broader application ecosystemWork with technical teams to manage dependencies and avoid downstream issuesDemonstrated skills and competenciesE - EssentialP - PreferredExperience7-12+ years working with enterprise applications (CRM, ERP, HRIS, or similar) (E)Experience owning or managing application portfolios, not just individual systems (E)Strong experience managing third-party vendors and commercial relationships (E)Experience working in environments with separate support/service delivery functions (E)Experience in regulated industries (e.g., pharma, biotech, healthcare) (P)Familiarity with compliance requirements (e.g., GxP, SOX) (P)Experience with systems such as Salesforce, Dynamics 365, Workday, or similar (P)QualificationsBachelor's degree in Information Technology, Computer Science, Business Information Systems, or a related discipline (P)Equivalent professional experience may be accepted in place of a degreeSkills/Specialist knowledgeStrong ability to prioritize and make trade-offs across competing business needs (E)Comfortable operating with budget ownership and cost accountability (E)Data-driven mindset with the ability to turn insights into action (E)Excellent stakeholder management and influencing skills (E)Ability to operate across both business and technical contexts (E)Autolus Core CompetenciesFocus on Results: Works to meet business goals set by management and leadersBuilds Trust and Relationships: Ensures trust with internal and external partners by delivering on commitmentsResilience: Has the capacity to recover quickly from difficulties; toughnessCommunicates and Collaborates: Builds partnerships and works collaboratively with others to meet objectivesAutolus is committed to the protection of the personal information that we collect & process and we are fully compliant with General Data Protection Regulations (GDPR).Autolus is committed to providing an inclusive and fair workplace for all. We are an equal opportunity employer and do not discriminate on the basis of race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other legally protected characteristic. We also provide reasonable accommodations throughout the recruitment process.Autolus' success is driven by equality and inclusion; we believe all voices are of equal value and must be heard. Whilst operating with focus and integrity, we are committed to improving diversity and inclusion within our business and our industry.
23/06/2026
Full time
Work with usOur team are passionate in the pursuit of excellence and in pushing the boundaries of cancer therapy and Autoimmune disease to deliver life-changing treatments to patients.Whilst working at Autolus you will enjoy a flexible, diverse and dynamic working environment which actively promotes creativity, leadership and teamwork - together we are ONE Autolus.Job Description:Job Title: Senior Applications Manager (Corporate & Commercial Applications)Reports to Senior Director, Application ManagementDepartment: ITHours: Monday - Friday (core office hours)Location: Mediaworks (London) Hybrid working with occasional travel to StevenageAbout AutolusAutolus is a biopharmaceutical company, advancing innovative therapies at both clinical and commercial stages of development, focused on next-generation, programmed T cell therapies for the treatment of cancer. Using a broad suite of proprietary and modular T cell programming technologies, the company is engineering precisely targeted, controlled, and highly active T cell therapies designed to better recognize cancer cells, break down their defence mechanisms, and eliminate these cells. Autolus has a pipeline of product candidates in development for the treatment of haematological malignancies, solid tumours, and autoimmune diseases.Why AutolusOur team is passionate in the pursuit of excellence and in pushing the boundaries of cancer therapy and autoimmune diseases to deliver life-changing treatments to patients. Whilst working at Autolus you will enjoy a flexible, diverse, and dynamic working environment which actively promotes creativity, leadership and teamwork. In addition to this Autolus is proud to offer a competitive salary, performance related bonus as well as a comprehensive benefits package.Our PromiseAutolus is developing complex, breakthrough therapies for a globally diverse market and equally recognises that diversity amongst our people is critical to our mission. As we draw on our differences, what we've experienced, and how we work, we celebrate diversity and are committed to creating an inclusive environment for all employees.Role SummaryThe Senior Applications Manager is responsible for owning and overseeing a portfolio of enterprise applications, including systems such as CRM, ERP, HRIS, and their associated integrations, which support key corporate and commercial business functions.This role is accountable for ensuring that these applications consistently deliver reliable, high-quality, secure, and cost-effective outcomes for the organisation. While not directly responsible for day-to-day support operations, the role provides strategic direction to service delivery teams and holds them accountable for performance, service quality, and adherence to agreed SLAs and operational standards.A key aspect of the position is maintaining oversight of application health, performance, resilience, and stability across the portfolio, ensuring systems remain fit for purpose, compliant, and aligned with evolving business needs. The role is also responsible for establishing, maturing, and embedding effective governance frameworks and operational rhythms that support the ongoing health, stability, and continuous improvement of applications within a BAU environment. This includes implementing structured review cadences, service governance forums, risk and issue management processes, change oversight, vendor performance management, and KPI reporting mechanisms to drive operational excellence and accountability across the application landscape.The Senior Applications Manager will chair or contribute to governance forums and ensure appropriate controls, policies, and standards are implemented across the application portfolio. This includes ensuring that application changes are assessed, prioritised, approved, and delivered in line with business priorities, regulatory expectations, cybersecurity requirements, and IT governance standards.The role works closely with business stakeholders to understand strategic priorities, shape demand, and ensure application roadmaps, investment decisions, and enhancement activities are aligned with organisational objectives. In addition, the role acts as a key escalation and decision-making point for application-related risks, issues, technical debt, and continuous improvement opportunities across the portfolio.Key ResponsibilitiesSupport Oversight (via Service Delivery)Partner with Service Delivery Managers (SDMs) and support teams to ensure strong application support performanceDefine expectations for support quality, SLAs, and user experienceReview incident trends and ensure systemic issues are identified and resolvedHold vendors and support teams accountable for outcomes, not just activityBusiness Partnering and Demand PrioritizationWork closely with Business Stakeholders (BSOs) to understand day-to-day operational needs.Translate needs into a prioritized backlog based on business impact and urgencyMake clear trade-offs across competing demands and limited capacityEnsure delivery is high quality and cost-conscious, not just fastFinancial Ownership & OptimizationOwn budget for applications, including licenses, vendors, and run costsIdentify and drive opportunities for cost optimization and efficiencyEnsure the application landscape scales in a financially sustainable way as the business growsManage renewals, contracts, and commercial negotiationsVendor & Contract ManagementManage third-party vendors and partners delivering support and enhancementsNegotiate and manage contracts, scope, and commercial termsEnsure vendors are delivering value for money and meeting expectationsDrive accountability and performance improvements where neededData-Driven Decision MakingUse data (ticket trends, usage metrics, cost data, performance metrics) to guide decisionsContinuously reassess priorities and approaches based on new informationBe willing to challenge assumptions and adjust direction when neededIntegration & System Landscape OversightMaintain visibility across integrations between systems (e.g., CRM ERPHRIS)Ensure changes are considered in the context of the broader application ecosystemWork with technical teams to manage dependencies and avoid downstream issuesDemonstrated skills and competenciesE - EssentialP - PreferredExperience7-12+ years working with enterprise applications (CRM, ERP, HRIS, or similar) (E)Experience owning or managing application portfolios, not just individual systems (E)Strong experience managing third-party vendors and commercial relationships (E)Experience working in environments with separate support/service delivery functions (E)Experience in regulated industries (e.g., pharma, biotech, healthcare) (P)Familiarity with compliance requirements (e.g., GxP, SOX) (P)Experience with systems such as Salesforce, Dynamics 365, Workday, or similar (P)QualificationsBachelor's degree in Information Technology, Computer Science, Business Information Systems, or a related discipline (P)Equivalent professional experience may be accepted in place of a degreeSkills/Specialist knowledgeStrong ability to prioritize and make trade-offs across competing business needs (E)Comfortable operating with budget ownership and cost accountability (E)Data-driven mindset with the ability to turn insights into action (E)Excellent stakeholder management and influencing skills (E)Ability to operate across both business and technical contexts (E)Autolus Core CompetenciesFocus on Results: Works to meet business goals set by management and leadersBuilds Trust and Relationships: Ensures trust with internal and external partners by delivering on commitmentsResilience: Has the capacity to recover quickly from difficulties; toughnessCommunicates and Collaborates: Builds partnerships and works collaboratively with others to meet objectivesAutolus is committed to the protection of the personal information that we collect & process and we are fully compliant with General Data Protection Regulations (GDPR).Autolus is committed to providing an inclusive and fair workplace for all. We are an equal opportunity employer and do not discriminate on the basis of race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other legally protected characteristic. We also provide reasonable accommodations throughout the recruitment process.Autolus' success is driven by equality and inclusion; we believe all voices are of equal value and must be heard. Whilst operating with focus and integrity, we are committed to improving diversity and inclusion within our business and our industry.
Join our team at the Guardian and be a part of a diverse and inclusive global organisation that delivers fearless, investigative journalism, and holds power to account. Our team of award-winning journalists, cutting-edge commercial professionals, and industry-leading digital experts are committed to making a difference and represent a wide range of backgrounds and perspectives. We offer a challenging and exciting environment for career development, with a focus on training, growth and fostering an inclusive culture. The Information Security team is the organisational cybersecurity centre of excellence. We are responsible for driving the organisational cyber security improvements, implementing core security controls and supporting other technical teams in implementing the required security standards in a diverse technology ecosystem. The Security Architect supports strategic and technical leadership for information security architecture across the organisation. They define security frameworks, review solution designs, establish security standards, and work closely with engineering, infrastructure, cloud, and business teams to ensure that security controls are embedded throughout the technology lifecycle. The role supports regulatory compliance, risk management, and resilience objectives while enabling the secure adoption of new technologies. We are looking for a hands on security architect with experience in both cloud security and traditional security controls design and implementation. About the role Provide security architecture guidance and oversight for business, technology, and transformation initiatives. Review solution, application, infrastructure, and cloud designs to ensure security requirements are incorporated from the outset. Conduct threat modelling, security risk assessments, and architecture reviews to identify and mitigate security risks. Collaborate with engineering, infrastructure, product, and business teams to embed security by design practices across the technology lifecycle. Develop and maintain security reference architectures, design standards, and technical security controls. Ensure compliance with relevant regulatory, legal, and industry requirements, including data protection and information security standards. Evaluate emerging technologies and provide recommendations on secure adoption and implementation. Support incident response, vulnerability management, and remediation activities by providing architectural expertise and guidance. Work closely with governance, risk, and compliance teams to align security architecture with enterprise risk management objectives. About you Proven experience as a Security Architect, within a complex enterprise environment. Strong understanding of security architecture principles across cloud, infrastructure, networks, applications, and data platforms. Experience designing and implementing security controls in cloud environments such as AWS, Azure, or Google Cloud Platform. Knowledge of industry security frameworks and standards, including ISO 27001, NIST, CIS Controls, and OWASP. Experience conducting security architecture reviews, threat modelling, and risk assessments. Strong understanding of identity and access management, network security, encryption, vulnerability management, and security monitoring technologies. Ability to balance security requirements with business objectives and operational needs. Excellent stakeholder management and communication skills, with the ability to influence technical and non technical audiences. Experience working within agile delivery teams and providing security guidance throughout the software development lifecycle. Relevant professional certifications such as CISSP, CCSP, SABSA, TOGAF, AWS Certified Security Specialist, AWS Certified Solutions Architect. A collaborative mindset, strong problem solving skills, and a passion for enabling secure innovation. We actively encourage applications from groups traditionally underrepresented in the UK media We operate in a hybrid environment working 3 days a week from our offices in Kings Cross and 2 days a week remotely. We value and respect all differences (seen and unseen) in all people. We aspire to have inclusive working experiences and an environment that reflects the audience we serve, where our people have equal access to career development opportunities, their voices are heard and can contribute to our future. We actively encourage applications from people of all backgrounds. Many of our staff work flexibly and we will consider all requests for flexible working arrangements. Benefits at the Guardian You'll have 30 days of annual leave per year (plus bank holidays) with the option to purchase an additional 5 days. Our pension scheme is generous; if you contribute 5% then we will contribute 8 12% (depending on your age). We believe in giving back, which is why employees are given 2 volunteering days annually and the option of payroll giving. Season ticket loans are also available. You are entitled to private healthcare, life cover, income protection, and eye tests. You can also opt in to dental insurance. We have enhanced maternity, paternity, adoption and shared parental leave policies in place. We also support our employees by offering an IVF, menopause, baby loss, and trans equality policy. Culture and wellbeing We want everyone to feel like they belong at the Guardian and we champion diversity of thought. Our various employee forums provide a platform to use their voice to foster an inclusive workplace. We became the first major media organisation to achieve B Corp status. We offer tools to help you prioritise your wellbeing including access to our employee benefits platform which provides tailored support for health and wellbeing. In addition, we also offer free yoga and pilates classes. These run alongside our corporate gym membership and cycle to work scheme. Our canteen has views overlooking the Regents Canal and caters for breakfast, lunch and dinner. Learning and development We encourage personal and professional growth. Employees have access to a broad range of tools and solutions, and we are happy to support the pursuit of professional qualifications through vocational courses and apprenticeships.
22/06/2026
Full time
Join our team at the Guardian and be a part of a diverse and inclusive global organisation that delivers fearless, investigative journalism, and holds power to account. Our team of award-winning journalists, cutting-edge commercial professionals, and industry-leading digital experts are committed to making a difference and represent a wide range of backgrounds and perspectives. We offer a challenging and exciting environment for career development, with a focus on training, growth and fostering an inclusive culture. The Information Security team is the organisational cybersecurity centre of excellence. We are responsible for driving the organisational cyber security improvements, implementing core security controls and supporting other technical teams in implementing the required security standards in a diverse technology ecosystem. The Security Architect supports strategic and technical leadership for information security architecture across the organisation. They define security frameworks, review solution designs, establish security standards, and work closely with engineering, infrastructure, cloud, and business teams to ensure that security controls are embedded throughout the technology lifecycle. The role supports regulatory compliance, risk management, and resilience objectives while enabling the secure adoption of new technologies. We are looking for a hands on security architect with experience in both cloud security and traditional security controls design and implementation. About the role Provide security architecture guidance and oversight for business, technology, and transformation initiatives. Review solution, application, infrastructure, and cloud designs to ensure security requirements are incorporated from the outset. Conduct threat modelling, security risk assessments, and architecture reviews to identify and mitigate security risks. Collaborate with engineering, infrastructure, product, and business teams to embed security by design practices across the technology lifecycle. Develop and maintain security reference architectures, design standards, and technical security controls. Ensure compliance with relevant regulatory, legal, and industry requirements, including data protection and information security standards. Evaluate emerging technologies and provide recommendations on secure adoption and implementation. Support incident response, vulnerability management, and remediation activities by providing architectural expertise and guidance. Work closely with governance, risk, and compliance teams to align security architecture with enterprise risk management objectives. About you Proven experience as a Security Architect, within a complex enterprise environment. Strong understanding of security architecture principles across cloud, infrastructure, networks, applications, and data platforms. Experience designing and implementing security controls in cloud environments such as AWS, Azure, or Google Cloud Platform. Knowledge of industry security frameworks and standards, including ISO 27001, NIST, CIS Controls, and OWASP. Experience conducting security architecture reviews, threat modelling, and risk assessments. Strong understanding of identity and access management, network security, encryption, vulnerability management, and security monitoring technologies. Ability to balance security requirements with business objectives and operational needs. Excellent stakeholder management and communication skills, with the ability to influence technical and non technical audiences. Experience working within agile delivery teams and providing security guidance throughout the software development lifecycle. Relevant professional certifications such as CISSP, CCSP, SABSA, TOGAF, AWS Certified Security Specialist, AWS Certified Solutions Architect. A collaborative mindset, strong problem solving skills, and a passion for enabling secure innovation. We actively encourage applications from groups traditionally underrepresented in the UK media We operate in a hybrid environment working 3 days a week from our offices in Kings Cross and 2 days a week remotely. We value and respect all differences (seen and unseen) in all people. We aspire to have inclusive working experiences and an environment that reflects the audience we serve, where our people have equal access to career development opportunities, their voices are heard and can contribute to our future. We actively encourage applications from people of all backgrounds. Many of our staff work flexibly and we will consider all requests for flexible working arrangements. Benefits at the Guardian You'll have 30 days of annual leave per year (plus bank holidays) with the option to purchase an additional 5 days. Our pension scheme is generous; if you contribute 5% then we will contribute 8 12% (depending on your age). We believe in giving back, which is why employees are given 2 volunteering days annually and the option of payroll giving. Season ticket loans are also available. You are entitled to private healthcare, life cover, income protection, and eye tests. You can also opt in to dental insurance. We have enhanced maternity, paternity, adoption and shared parental leave policies in place. We also support our employees by offering an IVF, menopause, baby loss, and trans equality policy. Culture and wellbeing We want everyone to feel like they belong at the Guardian and we champion diversity of thought. Our various employee forums provide a platform to use their voice to foster an inclusive workplace. We became the first major media organisation to achieve B Corp status. We offer tools to help you prioritise your wellbeing including access to our employee benefits platform which provides tailored support for health and wellbeing. In addition, we also offer free yoga and pilates classes. These run alongside our corporate gym membership and cycle to work scheme. Our canteen has views overlooking the Regents Canal and caters for breakfast, lunch and dinner. Learning and development We encourage personal and professional growth. Employees have access to a broad range of tools and solutions, and we are happy to support the pursuit of professional qualifications through vocational courses and apprenticeships.
Join Barclays as a DFIR Lead Cyber Operations Analyst, a VP-level role at the centre of the bank's cyber defence, delivering advanced digital forensics and incident response. You will analyse malware, malicious samples and network activity to support complex investigations, working closely with internal teams, external partners and law enforcement. This is a highly technical, hands on position suited to an experienced cyber or digital forensics professional, with passion for deep investigation, and the ability to produce clear, high quality reporting in a fast paced, high pressure environment. Please note that this role includes an on-call support rotation. Occasional additional support may be required, including extended hours and weekend work. To be successful in this role, you will need the following: Digital forensics and incident response expertise, including host, network, cloud and live forensic analysis, supported by rigorous documentation practices. Excellent written and verbal communication skills, with the ability to clearly articulate complex technical findings to senior stakeholders and non-technical business teams. Proven leadership under pressure, including coordinating investigations, managing cross-functional stakeholders, and operating effectively within a regulated banking environment. Some other highly valued skills may include: Cloud investigation experience across platforms such as AWS, Azure, or Google Cloud. Scripting and automation capabilities, using languages such as Python, PowerShell, Bash, or JavaScript. Relevant industry certifications, such as GCFA, GNFA, GCFE, or GREM. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job specific technical skills. The successful candidate will be based in Knutsford (Radbroke Hall). Purpose of the role To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats. Accountabilities Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage. Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise. Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats. Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network. Management of cyber security incidents including remediation & driving to closure. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/processes; deliver continuous improvements and elevate breaches of policies/procedures. Define jobs and responsibilities, plan for the department's future needs and operations, counsel employees on performance and contribute to employee pay decisions/changes. Lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. Demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. As an individual contributor, act as a subject matter expert within own discipline and guide technical direction. Lead collaborative, multi year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. Train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.
22/06/2026
Full time
Join Barclays as a DFIR Lead Cyber Operations Analyst, a VP-level role at the centre of the bank's cyber defence, delivering advanced digital forensics and incident response. You will analyse malware, malicious samples and network activity to support complex investigations, working closely with internal teams, external partners and law enforcement. This is a highly technical, hands on position suited to an experienced cyber or digital forensics professional, with passion for deep investigation, and the ability to produce clear, high quality reporting in a fast paced, high pressure environment. Please note that this role includes an on-call support rotation. Occasional additional support may be required, including extended hours and weekend work. To be successful in this role, you will need the following: Digital forensics and incident response expertise, including host, network, cloud and live forensic analysis, supported by rigorous documentation practices. Excellent written and verbal communication skills, with the ability to clearly articulate complex technical findings to senior stakeholders and non-technical business teams. Proven leadership under pressure, including coordinating investigations, managing cross-functional stakeholders, and operating effectively within a regulated banking environment. Some other highly valued skills may include: Cloud investigation experience across platforms such as AWS, Azure, or Google Cloud. Scripting and automation capabilities, using languages such as Python, PowerShell, Bash, or JavaScript. Relevant industry certifications, such as GCFA, GNFA, GCFE, or GREM. You may be assessed on the key critical skills relevant for success in role, such as risk and controls, change and transformation, business acumen, strategic thinking and digital and technology, as well as job specific technical skills. The successful candidate will be based in Knutsford (Radbroke Hall). Purpose of the role To monitor the performance of operational controls, implement and manage security controls and consider lessons learnt in order to protect the bank from potential cyber-attacks and respond to threats. Accountabilities Management of security monitoring systems, including intrusive prevention and detection systems, to alert, detect and block potential cyber security incidents, and provide a prompt response to restore normal operations with minimised system damage. Identification of emerging cyber security threats, attack techniques and technologies to detect/prevent incidents, and collaborate with networks and conferences to gain industry knowledge and expertise. Management and analysis of security information and event management systems to collect, correlate and analyse security logs, events and alerts/potential threats. Triage of data loss prevention alerts to identify and prevent sensitive data for being exfiltrated from the banks network. Management of cyber security incidents including remediation & driving to closure. Vice President Expectations To contribute or set strategy, drive requirements and make recommendations for change. Plan resources, budgets, and policies; manage and maintain policies/processes; deliver continuous improvements and elevate breaches of policies/procedures. Define jobs and responsibilities, plan for the department's future needs and operations, counsel employees on performance and contribute to employee pay decisions/changes. Lead a number of specialists to influence the operations of a department, in alignment with strategic as well as tactical priorities, while balancing short and long term goals and ensuring that budgets and schedules meet corporate requirements. Demonstrate a clear set of leadership behaviours to create an environment for colleagues to thrive and deliver to a consistently excellent standard. The four LEAD behaviours are: L - Listen and be authentic, E - Energise and inspire, A - Align across the enterprise, D - Develop others. As an individual contributor, act as a subject matter expert within own discipline and guide technical direction. Lead collaborative, multi year assignments and guide team members through structured assignments, identify the need for the inclusion of other areas of specialisation to complete assignments. Train, guide and coach less experienced specialists and provide information affecting long term profits, organisational risks and strategic decisions. Advise key stakeholders, including functional leadership teams and senior management on functional and cross functional areas of impact and alignment. Manage and mitigate risks through assessment, in support of the control and governance agenda. Demonstrate leadership and accountability for managing risk and strengthening controls in relation to the work your team does. Demonstrate comprehensive understanding of the organisation functions to contribute to achieving the goals of the business. Collaborate with other areas of work, for business aligned support areas to keep up to speed with business activity and the business strategies. Create solutions based on sophisticated analytical thought comparing and selecting complex alternatives. In depth analysis with interpretative thinking will be required to define problems and develop innovative solutions. Adopt and include the outcomes of extensive research in problem solving processes. Seek out, build and maintain trusting relationships and partnerships with internal and external stakeholders in order to accomplish key business objectives, using influencing and negotiating skills to achieve outcomes. All colleagues will be expected to demonstrate the Barclays Values of Respect, Integrity, Service, Excellence and Stewardship - our moral compass, helping us do what we believe is right. They will also be expected to demonstrate the Barclays Mindset - to Empower, Challenge and Drive - the operating manual for how we behave.
Cyber Governance, Risk & Compliance Reporting Specialist - PowerBI Location: Birmingham (3 days on site). Contract until May 2026. Day rate £500 £550 (Inside IR35). Immediate start preferred. Overview We are partnering with a large public sector organisation to support their cyber function. The specialist will design, develop and maintain PowerBI dashboards and reporting, maintain cyber governance documentation, and support risk assessments and supplier assurance. Key Responsibilities Design, develop and maintain PowerBI dashboards and reporting packs for leadership and governance teams. Create and standardise cyber KPI and performance reporting to improve visibility and decision making. Maintain and update cyber policies, standards and documentation. Support risk assessments, supplier assurance and governance reviews. Collaborate with stakeholders across technology, risk and compliance to ensure alignment and transparency. Drive improvements in cyber reporting consistency, accuracy and quality. Skills & Experience Strong PowerBI design and dashboard development skills. Proven background in Cyber Governance, Risk & Compliance or Information Security. Experience building management and board level reports. Familiarity with CAF, SCF or other security control frameworks such as ISO27001, NIST. Good understanding of risk management and supplier assurance. Excellent communication and stakeholder management skills. Comfortable working in a hybrid model - 3 days per week in Birmingham. Rates depend on experience and client requirements.
22/06/2026
Full time
Cyber Governance, Risk & Compliance Reporting Specialist - PowerBI Location: Birmingham (3 days on site). Contract until May 2026. Day rate £500 £550 (Inside IR35). Immediate start preferred. Overview We are partnering with a large public sector organisation to support their cyber function. The specialist will design, develop and maintain PowerBI dashboards and reporting, maintain cyber governance documentation, and support risk assessments and supplier assurance. Key Responsibilities Design, develop and maintain PowerBI dashboards and reporting packs for leadership and governance teams. Create and standardise cyber KPI and performance reporting to improve visibility and decision making. Maintain and update cyber policies, standards and documentation. Support risk assessments, supplier assurance and governance reviews. Collaborate with stakeholders across technology, risk and compliance to ensure alignment and transparency. Drive improvements in cyber reporting consistency, accuracy and quality. Skills & Experience Strong PowerBI design and dashboard development skills. Proven background in Cyber Governance, Risk & Compliance or Information Security. Experience building management and board level reports. Familiarity with CAF, SCF or other security control frameworks such as ISO27001, NIST. Good understanding of risk management and supplier assurance. Excellent communication and stakeholder management skills. Comfortable working in a hybrid model - 3 days per week in Birmingham. Rates depend on experience and client requirements.
