31 jobs found

Salary £? - ? per year Requirements We require 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. We require strong hands on experience with CrowdStrike Falcon Prevent, Insight, and Discover. We require solid experience writing complex Splunk Search Processing Language (SPL) queries and managing Splunk Enterprise Security (ES). We require a strong understanding of network protocols, cloud security across AWS and Azure, and the MITRE ATT&CK framework. We require the ability to act as a technical escalation point for high priority security incidents. We require experience with vulnerability assessment tools; 2+ years is a bonus. We require familiarity with penetration testing and web application testing. We require foundational cybersecurity certifications such as CompTIA Security+, Network+, CYSA+, or GSEC. We prefer advanced certifications such as CISSP, GCIH, GCIA, or CCSP. We require Splunk Certified Cybersecurity Defence Engineer certification. We ideally have 2 or more CrowdStrike certifications, such as CCFA, CCFR, or CCSE. We require willingness to complete mandatory Right to Work checks as part of the pre screening process. Responsibilities We lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon platform to strengthen our security posture. We collaborate with our SOC partner to design and optimise Splunk dashboards, alerts, and data models to identify sophisticated threats. We act as a technical escalation point for high priority security incidents, using EDR and SIEM tools to enable rapid containment. We develop Security Orchestration, Automation, and Response (SOAR) workflows to reduce manual intervention and improve response times. We proactively hunt for undetected malicious activity using specialised queries. We train and upskill our existing team in CrowdStrike, Splunk, and security analysis to support professional development and leadership. We transform raw security telemetry into actionable intelligence for public sector security operations. Technologies AWS Azure Cloud Support Network Security Splunk Web More We are a leading public sector provider supporting a local government client and offer an opportunity to contribute to public safety and community resilience. This Senior Cyber Security Engineer role is highly technical and focused on CrowdStrike endpoint protection, Splunk security telemetry, incident response, automation, and threat hunting. We are committed to fostering an inclusive workplace that values diversity and equal opportunity.

Engineering Manager - Data PlatformApplylocations: United Kingdom - Londontime type: Full timeposted on: Posted Todayjob requisition id: R28869As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We're always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you. About the Team: The data engineering team is on a mission to create a hyper scale data lake, which helps find bad actors and stop breaches. The team builds and operates systems to centralize all of the data the falcon platform collects, making it easy for internal and external customers to transform and access the data for analytics, machine learning, and threat hunting. As an engineer on the team you will contribute to the full spectrum of our systems, from foundational processing and data storage, through scalable pipelines, to frameworks, tools and applications that make that data available to other teams and systems. About the Role: We're growing and we're looking for a passionate and experienced Engineering Manager to lead a brand-new Data Replay & Recovery Team within our Data Platform organization. This is a opportunity to build a team and product from the ground up - defining the charter, shaping the technology, and delivering a critical data replay application that directly impacts the reliability and resilience of our platform. You'll collaborate with talented engineers across Data Platform, ML Platform, and DevOps teams, working on large-scale distributed systems that matter. If you thrive in a fast-paced environment, love solving complex big data challenges, and are ready to make a lasting organizational impact, we want to hear from you This team would be responsible for driving an application-based, self-service Data Replay that would leverage data within our security data lake and ensure we provide complete Business Continuity and Resiliency for downstream services or peers that ingest and process data within the CrowdStike Cloud Platform. What You'll do: Design, develop, and maintain a data platform that processes petabytes of data. Participate in technical reviews of our products and help us develop new features and enhance stability. Continually help us improve the efficiency of our services so that we can delight our customers. Help us research and implement new ways for both internal stakeholders as well as customers to query their data efficiently and extract results in the format they desire. What You'll need: 3+ years of hands-on management experience leading engineering teams in a big data environment. Degree in Computer Science (or commensurate experience in data structures/algorithms/distributed systems,big data). 7+ years' experience combined between backend/cloud development and data platform engineering roles. A solid understanding of algorithms, distributed systems design and the software development lifecycle Solid background in Java/Scala and a scripting language like Python. Experience building large scale data pipelines Strong familiarity with the Apache Hadoop ecosystem including : Spark, Kafka, Flink, Iceberg/Delta Lake/Hive, Apache Presto/Trino, etc. Experience with relational SQL and NoSQL databases, including Postgres/MySQL, Cassandra, DynamoDB Familiarity with containerized environments (Docker, Kubernetes). Good test driven development discipline Reasonable proficiency with Linux administration tools Proven ability to work effectively with remote teams across time zones. Experience with the following tools is desirable : Go Kubernetes Jenkins Parquet Protocol Buffers/GRPC Benefits of Working at CrowdStrike: Market leader in compensation and equity awards Comprehensive physical and mental wellness programs Competitive vacation and holidays for recharge Paid parental and adoption leaves Professional development opportunities for all employees regardless of level or role Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections Vibrant office culture with world class amenities Great Place to Work CertifiedTM across the globeCrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs on valid job requirements.If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at for further assistance.

Salary: £30,000 - 70,000 per year Requirements We are looking for experience in SOC Engineering, Cloud Security, Infrastructure Security, or Cyber Engineering. We ideally want hands on experience with Microsoft Sentinel and Microsoft Defender. We value experience with EDR, XDR, and MDR technologies. We would like experience with vulnerability management tools such as Tenable or Qualys. We expect familiarity with Azure, Microsoft 365, Intune, or AWS environments. We need experience supporting security tooling, infrastructure, and cloud platforms. We value knowledge of Linux and Windows operating systems. We require experience with SIEM technologies and security monitoring. We look for basic scripting or automation skills using KQL, PowerShell, Python, or Bash. We prefer experience working in ITIL environments and structured change control processes. We value familiarity with firewall, endpoint, or cloud security technologies. We need strong communication skills with both technical and non technical stakeholders. We want someone who is organised, collaborative, proactive, and self driven. We require the ability to work in a customer facing environment and take ownership of issues. Relevant certifications such as SC-200, SC-900, AZ-500, or CISSP are advantageous. Candidates must be eligible for UK Security Clearance, including the right to work in the UK and meeting residency requirements. Responsibilities We act as a technical escalation point and engineering SME across SOC technologies including SIEM, MDR/XDR, EDR, vulnerability management, and cloud security tooling. We support, maintain, and improve cyber security infrastructure across enterprise customer environments. We work with internal teams and customers to onboard, configure, and optimise security technologies and services. We investigate and resolve platform issues, security alerts, log source health problems, and tooling related incidents. We configure and support technologies such as Microsoft Defender, Sentinel, CrowdStrike, Tenable, and related security platforms. We assist with vulnerability scanning, remediation support, and operational security improvements. We contribute to automation and scripting initiatives using KQL, PowerShell, Python, or Bash. We produce and maintain technical documentation, operational runbooks, and security playbooks. We support governance and compliance activities aligned to ISO27001, GDPR, and NCSC guidance. We work collaboratively across infrastructure, cloud, networking, and cyber teams to improve service delivery and operational resilience. We stay up to date with emerging cyber threats, technologies, and security best practice. We contribute to continual improvement initiatives across the SOC function. Technologies AWS Azure Bash Cloud Firewall Support ITIL Linux Microsoft 365 PowerShell Python Security Windows Office 365 More We are a rapidly growing cyber security function within a large enterprise technology organisation, offering a hands on, engineering led SOC role based in Birmingham with a hybrid working pattern of three days onsite. We provide a salary of £45,000 to £50,000 plus an excellent benefits package, a flexible benefits scheme, access to industry leading SOC technology and tooling, dedicated weekly training and development time, fully funded learning opportunities and partner led certifications, conference and industry event opportunities, and strong career progression. Our team is supportive, collaborative, highly technical, and focused on enterprise scale cloud and cyber environments, with the opportunity to help improve customer security capabilities and showcase a cutting edge SOC to visiting customers and stakeholders.

Salary: £45,000 - 60,000 per year Requirements We require strong knowledge of SIEM platforms such as Microsoft Sentinel, Splunk, or Elastic. We require experience writing and tuning queries using Kusto Query Language (KQL), ES QL or Kibana Query Language, and Splunk SPL. We require an understanding of event correlation, alerting, and detection use case development. We require strong knowledge of Linux and Windows operating systems. We require strong knowledge of core networking concepts, including TCP/IP, DNS, HTTP/S, firewalls, and VPNs. We require experience analysing logs across endpoint, identity, network, and cloud environments. We require strong knowledge of EDR/XDR concepts and workflows. We require knowledge of IDS/IPS technologies and signature based detection. We require experience working with tools such as Microsoft Defender, CrowdStrike, SentinelOne, or similar. We require understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they appear in logs and telemetry. We require familiarity with the MITRE ATT&CK framework. We require evidence of staying up to date with emerging threats, adversary tradecraft, and defensive techniques. We require experience handling security incidents through detection and triage, investigation and analysis, and handover to Incident Response teams. We require a strong understanding of incident management processes. We require knowledge of host based forensic concepts. We require the ability to apply post incident review learnings to improve detection and response. We prefer experience within a SOC or cyber defence environment. We prefer exposure to threat hunting or detection engineering. We prefer experience in high security or regulated environments. We prefer relevant cyber security certifications such as Microsoft SC 200, GIAC/SANS, CREST, or other recognised qualifications. We require UK nationality and either current SC clearance or eligibility for SC clearance. Responsibilities We monitor, analyse, and investigate security alerts across SIEM and security tooling. We conduct detailed investigations across log, endpoint, identity, and network telemetry. We develop and optimise detection logic and SIEM queries to improve alert fidelity. We analyse security events and correlate activity across multiple data sources. We support incident response activities, including containment, escalation, and remediation. We perform IOC analysis, enrichment, and validation using threat intelligence sources. We identify gaps in detection capabilities and contribute to continuous improvement. We work closely with infrastructure, SOC, and incident response teams to enhance response capability. We produce clear and structured investigation reports and escalation summaries. Technologies Cloud HTTP Support Kibana Linux Network Security Splunk TCP/IP Windows More We are a global technology organisation with a well established cyber security capability supporting mission critical environments. Cyber security is central to our strategy, and we continue to invest in tooling, threat intelligence, and specialist talent. Our security function operates at a mature level, combining Security Operations, threat detection, incident response, and continuous improvement practices to defend against evolving threats. This is an onsite role based in Berkshire, offering a salary of £45,000 to £60,000 plus excellent benefits and training. We provide strong investment in professional development, certifications, and progression, with opportunities to grow into Senior SIEM Analyst, Detection Engineer, or Threat Hunter roles.

Protect identities at global scale. We're hiring a hands-on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity-based threats across Microsoft Entra ID/Azure AD, on prem Active Directory, and connected SaaS/IaaS. You'll serve as the enterprise SME/administrator for CrowdStrike Identity Protection, tune high-fidelity detections, integrate dark web intelligence, and orchestrate automation that measurably reduces MTTD/MTTR and risk.What you'll doLead identity threat monitoring and triageOperate and tune CrowdStrike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign ins, MFA fatigue, and session hijackingValidate true/false positives, prioritize by business impact, and escalate per playbooks/SLAsDrive rapid containment and remediationExecute containment actions (disable accounts, revoke sessions/tokens, isolate hosts)Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closureOwn identity-focused incident responseLead IR for credential compromise, privilege escalation, directory persistence, and lateral movementEnsure evidence handling, root cause analysis, post incident reviews, and lessons learnedEngineer detections and hunt for threatsBuild and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CKClose visibility gaps, reduce false positives, and expand privileged activity monitoringStrengthen privileged access controlsDetect anomalous privileged behavior via SIEM/UEBA and Netskope telemetryRecommend/enforce JIT, break glass patterns, and mover/leaver privilege hygiene with IAMRespond to dark web/credential exposureIntegrate sources like CyberInt; assess exposure and targeted campaignsOrchestrate takedowns, forced resets, token revocation, and Conditional Access updatesAdminister platforms and sustain hygieneMaintain coverage/health for identity monitoring; manage upgrades and changes via CABKeep operational runbooks, SOPs, and playbooks currentAutomate and orchestrate at scaleUse PowerShell/Python and REST/Graph/CrowdStrike APIs (and SOAR where applicable) to automate enrichment and response, standardize workflows, and improve signal fidelityShape identity policy and controlsAdvise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared responsibility model with IAMReport outcomes and support auditsProduce executive-ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time)Maintain audit-ready evidence and support internal/external auditsWhat you'll bringBachelor's degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience8+ years in IT/cybersecurity, including 3+ years focused on identity security/operations (Entra ID/Azure AD, on prem AD, MFA, Conditional Access, SSO/SCIM)Hands-on enterprise experience administering/operating CrowdStrike Identity ProtectionProficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e.g., Netskope) for identity telemetry, detection, and investigationsDemonstrated experience in identity centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma)Scripting/automation with PowerShell and Python; experience with REST/Graph/CrowdStrike APIs and SOARClear communication and documentation skills; comfortable producing executive ready reports and audit evidenceOperates effectively within change control/CAB and under pressure during high severity incidentsBonus pointsCertifications: Microsoft SC 200/SC 300; Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalentDeep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e.g., Golden/Silver Ticket, DCShadow)Experience with JIT/JEA, PAM concepts, and global on call rotationsLocation, work style, and travelOpportunities in the United States, United Kingdom, and DenmarkOnsite or hybrid depending on location and business needsOccasional on call coverage may be requiredWhy you'll love it hereOwn a mission critical identity defense stack and make measurable impact on MTTD/MTTR and privilege hygieneSolve complex problems from dark web exposure to directory persistence and lateral movementCollaborate with experienced global teams and leading vendors to continuously raise the barGrow your career in a modern, data driven security operations environmentThis is a global position that will support all our FUJIFILM Biotechnologies sites. This position can be based at any of our locations around the globe. Benefits and compensation will be governed by the location that you are based from and considered your home site.As part of any recruitment process, FUJIFILM Diosynth Biotechnologies collects and processes personal data relating to job applicants. The organization is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations and may share this as part of the global recruitment process with hiring managers in Europe and the United States.Please, no phone calls or emails to any employee of FUJIFILM about this requisition. All resumes submitted by search firms/employment agencies to any employee at FUJIFILM via-email, the internet or in any form and/or method will be deemed the sole property of FUJIFILM, unless such search firms/employment agencies were engaged by FUJIFILM for this requisition and a valid agreement with FUJIFILM is in place. In the event a candidate who was submitted outside of the FUJIFILM agency engagement process is hired, no fee or payment of any kind will be paid.

Protect identities at global scale. We're hiring a hands on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity based threats across Microsoft Entra ID/Azure AD, on prem Active Directory, and connected SaaS/IaaS. What you'll do Lead identity threat monitoring and triage Operate and tune CrowdStrike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign ins, MFA fatigue, and session hijacking Validate true/false positives, prioritize by business impact, and expedite per playbooks/SLAs Drive rapid containment and remediation Execute containment actions (disable accounts, revoke sessions/tokens, isolate hosts) Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closure Own identity focused incident response; lead IR for credential compromise, privilege escalation, directory persistence, and lateral movement Ensure evidence handling, root cause analysis, post incident reviews, and lessons learned Engineer detections and hunt for threats Build and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CK Close visibility gaps, reduce false positives, and expand privileged activity monitoring Strengthen privileged access controls; detect anomalous privileged behavior via SIEM/UEBA and Netskope telemetry Recommend/enforce JIT, break glass patterns, and mover/leaver privilege hygiene with IAM Respond to dark web/credential exposure; integrate sources like CyberInt; assess exposure and targeted campaigns Orchestrate takedowns, forced resets, token revocation, and Conditional Access updates Administer platforms and sustain hygiene; maintain coverage/health for identity monitoring; manage upgrades and changes via CAB Keep operational runbooks, SOPs, and playbooks current Automate and orchestrate at scale using PowerShell/Python and REST/Graph/CrowdStrike APIs (and SOAR where applicable) Shape identity policy and controls; advise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared responsibility model with IAM Report outcomes and support audits; produce executive ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time) Maintain audit ready evidence and support internal/external audits What you'll bring Bachelor's degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience 8+ years in IT/cybersecurity, including 3+ years focused on identity security/operations (Entra ID/Azure AD, on prem AD, MFA, Conditional Access, SSO/SCIM) Hands on enterprise experience administering/operating CrowdStrike Identity Protection Proficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e.g., Netskope) for identity telemetry, detection, and investigations Demonstrated experience in identity centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma) Scripting/automation with PowerShell and Python; experience with REST/Graph/CrowdStrike APIs and SOAR Clear communication and documentation skills; comfortable producing executive ready reports and audit evidence Operates effectively within change control/CAB and under pressure during high severity incidents Bonus points Certifications: Microsoft SC 200/SC 300; Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalent Deep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e.g., Golden/Silver Ticket, DCShadow) Experience with JIT/JEA, PAM concepts, and global on call rotations Location, work style, and travel Opportunities in the United States, United Kingdom, and Denmark. Onsite or hybrid depending on location and business needs. Occasional on call coverage may be required. Why you'll love it here Own a mission critical identity defense stack and make measurable impact on MTTD/MTTR and privilege hygiene Solve complex problems from dark web exposure to directory persistence and lateral movement Collaborate with experienced global teams and leading vendors to continuously raise the bar Grow your career in a modern, data driven security operations environment Benefits and compensation will be governed by the location where you are based and considered your home site. This is a global position that will support all our FUJIFILM Biotechnologies sites.

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed - we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. About the Role As a Technical Writer III, you'll write customer focused product documentation that delivers the right content to the right user at the right time. You'll work closely with other writers, content strategists, product managers, engineers, and product designers to develop a deep understanding of complex products and set an example for best practices in user centered technical writing. What You'll Do Produce high quality documentation-including new features, release notes, API docs, and more-to guide and educate customers. Develop deep product knowledge through researching, partnering with SMEs, using the product, and leveraging curiosity and a desire to figure things out. Contribute to the writing team's standards, processes, and best practices. Build strong, cross functional partnerships with designers, developers, and product managers. Advise and assist other writers, and participate in collaborative content reviews. Advocate for the customer in all aspects of the job. Help define the team's strategy and vision while independently managing your own projects. Continuously find ways to integrate AI into our processes to improve quality, drive velocity, and enhance the customer and writer experience. What You'll Need Solid understanding of cloud computing and/or cloud security, including cloud native technologies such as containerization, orchestration, and serverless computing. Experience and/or understanding of DITA/XML and structured authoring. Experience using a technical authoring tool, preferably OxygenXML Editor. Experience using Git, GitHub, GitLab, BitBucket, or other version control and repository hosting technologies. Demonstrated understanding of topic based authoring and reusable information architecture. Ability to thrive in a fast paced, constantly evolving environment with tight deadlines and high expectations. Excellent writing skills, including thoughtful information hierarchy, great sentence structure, and a conversational yet professional voice. Dedicated user centric approach to focus on what the customer needs, not what the system does. Experience exploring a customer's problem space and addressing their needs through documentation. Exceptional audience analysis, written and verbal communication, and problem solving. Strong grasp of user experience fundamentals. Portfolio of writing samples that clearly communicate technical information in a modern, conversational voice and tone. Bonus: Experience writing deployment and integration documentation for technical audiences. Bonus: Experience working with or writing for Kubernetes and Docker. Bonus: Knowledge of and experience writing for the cybersecurity industry. Bonus: Experience using a Component Content Management System (CCMS). Bonus: Passion for and track record of seizing opportunities for improvement at every turn. Benefits of Working at CrowdStrike Market leader in compensation and equity awards. Comprehensive physical and mental wellness programs. Competitive vacation and holidays for recharge. Paid parental and adoption leaves. Professional development opportunities for all employees regardless of level or role. Employee networks, geographic neighborhood groups, and volunteer opportunities to build connections. Vibrant office culture with world class amenities. Great Place to Work Certified across the globe. Equal Employment Opportunity CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions-including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay offs, return from lay off, terminations and social/recreational programs-on valid job requirements.

Join Our DevOps Team! As we grow and take on exciting new challenges, we're on the lookout for exceptional DevOps Engineers to join our team. Our goal is to build a high performing group of DevOps engineers who thrive on innovation and excellence. If you're passionate about cloud technologies, and building scalable solutions, we'd love for you to be part of shaping the future of our products. Senior DevOps About us Mad Devs is a full stack team specializing in developing and administering large scale IT products across various industries. Many of our products are used in Europe, the USA, and Southeast Asia. We are passionate about tackling complex challenges and delivering innovative solutions that make a significant global impact. What will need to do: Identity, SSO & Access Management SSO & IdP - configure and maintain SSO integrations (SAML, OIDC, SCIM) across our SaaS stack, and keep our identity provider clean and well governed. Account management - provision, modify, and deprovision accounts across productivity and engineering tools; manage groups, roles, and permission boundaries. Access requests - triage and fulfill access requests with appropriate approvals; document why access was granted and review it on a regular cadence. Onboarding & Offboarding Onboarding - equip new hires with the accounts, tools, hardware, and access they need before day one, and walk them through it. Offboarding - execute clean, auditable offboarding: revoke access, recover assets, preserve data per policy, and close the loop with people ops. IT Administration & Productivity Systems Day to day admin - administer Google Workspace, Slack, identity providers, MDM, password managers, and the rest of our SaaS productivity stack. Internal support - be the first line of help for employees with IT issues; resolve, elevate, and document. Security Controls & Monitoring Controls - enforce baseline security configurations across SaaS apps, endpoints, and identity (MFA, conditional access, least privilege). Monitoring - watch our security tooling for anomalies and alerts; investigate, triage, and elevate as needed. Compliance support - help keep us audit ready by maintaining clean records of access, changes, and reviews. Automation & Scripting Light coding - automate the parts of the job that should be automated. Expect to write Python, Bash, or TypeScript glue code, hit SaaS APIs, and build small internal tools. Continuous improvement - improve the systems and runbooks you inherit; if a process is painful or manual, fix it. It will be a plus: Experience with an identity provider such as Okta, Google Cloud Identity, etc. Hands on experience administering Google Workspace and a chat platform (Slack/Teams) Experience with SaaS security tooling, SIEM, or endpoint detection (e.g., CrowdStrike, SentinelOne, Sumo Logic, Datadog) Familiarity with compliance frameworks such as SOC 2, ISO 27001, or HIPAA Comfort with infrastructure as code or configuration as code (Terraform, Ansible, or similar) Exposure to cloud platforms (AWS, GCP, or Azure) and basic IAM in those environments Prior experience in a startup or other fast moving environment Requirements: 0-3 years in IT engineering, IT operations, systems administration, or a similar role (internships and substantial side projects count) Working knowledge of SSO and identity concepts: SAML, OIDC, SCIM, MFA, and the difference between authentication and authorization Comfort in a terminal and with at least one scripting language (Python, Bash, or similar). You should be comfortable writing code, testing it, and committing it using git A security first mindset: you understand least privilege, you don't share credentials, and you take audit trails seriously Strong written communication. You can explain a fix to a non technical teammate and document a process so the next person doesn't have to ask A bias toward ownership. When something breaks, you don't wait to be told; you investigate and follow through Availability to work hours that overlap with the US Central Time (CST) zone (at least 4-5 hours of daily overlap with the team) English and Russian at B2 level, for communication with stakeholders and team Location: any, except Russia and Belarus Why Join us At Mad Devs, you will be part of a company that values creativity, strategic thinking, and continuous improvement. You will work on meaningful projects that impact millions of users worldwide alongside a talented and supportive team. By joining our team, you will have the opportunity to make a real impact, grow your career, and contribute to developing cutting edge solutions in the world of backend engineering. Remote first culture Long term projects Salary in dollars Professional communities Onsite business trips Paid conferences

About the role We help regulated and enterprise customers protect their Google Cloud Estates. As a Premier Google Cloud Partner, we deliver Google Unified Security (GUS) engagements across the full stack - from greenfield SIEM/SOAR deployments and SOC modernisation programmes to detection engineering, posture management, threat hunting, and incident response uplift. Secure GCP estates with the adoption of CI/CD pipelines, secure landing zones and cloud posture reviews. Expertise when integrating third party tools such as Wiz. We're looking for a Senior Security Engineer with deep, hands on experience across the GCP and Google Security portfolio. You'll lead the technical work on customer engagements, build reusable content for the practice, and help customers deliver security solutions at scale. This is a hands on senior role. Most of your week is client delivery. The rest goes into our practice - accelerators, parsers, rule packs, playbooks, and points of view that make the next engagement faster than the last. What you'll do Google SecOps (SIEM / SOAR) Lead end to end SecOps deployments - tenant setup, multi tenant architecture, data ingestion, retention design, RBAC, and feed onboarding. Build and maintain parsers, UDM mappings, and data models for Google Cloud, AWS, Azure, endpoint, identity, and network sources. Write, test, and tune YARA L detection rules, including single event, multi event, and composite detections. Design SOAR playbooks and python integrations. Develop custom agents that can be deployed in customer environments using GCP infrastructure. GCP Configure CI/CD pipelines with integrated security tools. Configure GCP security solutions including Security Command Center Enterprise, IAP, VPC Service Controls, and Model Armor. Work with platform teams to support the deployment of secure cloud foundation blueprints. Support clients with secure AI workloads including the use of model armor and agent identities. Google Threat Intelligence Operationalise Google Threat Intelligence inside SecOps - IoC matching, Applied Threat Intelligence, and curated detections. Build threat informed defence programmes tied to customer specific threat profiles (sector, geography, adversary groups). Run threat hunting campaigns using GTI, Mandiant frontline intelligence, and UDM search. Validate detection coverage against MITRE ATT&CK using Mandiant Security Validation where in scope. Practice growth Mentor engineers and consultants; lead internal SecOps and GUS enablement. Represent the practice in pre sales, customer workshops, and Google partner forums. What we're looking for Essential Strong SIEM/SOC delivery experience (any major platform; Google SecOps / Chronicle preferred). Hands on with Google SecOps: UDM, YARA L, parsers, SOAR playbooks, data ingestion patterns. Solid grounding in Google Cloud security primitives: IAM, Organization Policies, VPC Service Controls, Cloud Logging, Cloud KMS. Comfortable with Terraform, CI/CD pipelines and at least one scripting language (Python, Go) for automation, parser development, and integration work. Experience supporting regulated workloads (financial services, public sector, healthcare) and translating compliance requirements into operational controls. Able to explain risk, trade offs, and findings to both SOC analysts and executive stakeholders. Nice to have Google Professional Cloud Security Engineer or Google SecOps certification. Prior SIEM migration experience (Splunk SecOps, Sentinel SecOps, etc.). Experience with adjacent tooling: Wiz, CrowdStrike, Splunk, Sentinel, Snyk. Consulting or systems integrator background. Contributions to open detection content (Sigma, MITRE, public rule repos). Benefits We believe in supporting our team members both professionally and personally. Here's how we invest in you: Compensation and Financial Wellbeing Competitive base salary Matching pension scheme (up to 5%) from day one Discretionary company bonus scheme 4 x annual salary Death in Service coverage from day one Employee referral scheme Tech Scheme Health and Wellness Private medical insurance from day one Optical and dental cashback scheme app: access to remote GP's, second opinions, mental health support, and physiotherapy EAP service Cycle to work scheme Work Life balance and Growth 28 days annual leave (plus bank holidays) An extra paid day off for your birthday Ten paid learning days per year Flexible working hours Work from anywhere (up to 3 weeks per year) Industry recognised training and certifications Bonusly employee recognition and reward platform Clear opportunities for career progression Length of service awards Regular company events Diversity and Inclusion At Beyond we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all.

About the role We help regulated and enterprise customers protect their Google Cloud Estates. As a Premier Google Cloud Partner, we deliver Google Unified Security (GUS) engagements across the full stack - from greenfield SIEM/SOAR deployments and SOC modernisation programmes to detection engineering, posture management, threat hunting, and incident response uplift. Secure GCP estates with the adoption of CI/CD pipelines, secure landing zones and cloud posture reviews. Expertise when integrating third party tools such as Wiz. We're looking for a Senior Security Engineer with deep, hands on experience across the GCP and Google Security portfolio. You'll lead the technical work on customer engagements, build reusable content for the practice, and help customers deliver security solutions at scale. This is a hands on senior role. Most of your week is client delivery. The rest goes into our practice - accelerators, parsers, rule packs, playbooks, and points of view that make the next engagement faster than the last. What you'll do Google SecOps (SIEM / SOAR) Lead end to end SecOps deployments - tenant setup, multi tenant architecture, data ingestion, retention design, RBAC, and feed onboarding. Build and maintain parsers, UDM mappings, and data models for Google Cloud, AWS, Azure, endpoint, identity, and network sources. Write, test, and tune YARA L detection rules, including single event, multi event, and composite detections. Design SOAR playbooks and python integrations. Develop custom agents that can be deployed in customer environments using GCP infrastructure. GCP Configure CI/CD pipelines with integrated security tools. Configure GCP security solutions including Security Command Center Enterprise, IAP, VPC Service Controls, and Model Armor. Work with platform teams to support the deployment of secure cloud foundation blueprints. Support clients with secure AI workloads including the use of model armor and agent identities. Google Threat Intelligence Operationalise Google Threat Intelligence inside SecOps - IoC matching, Applied Threat Intelligence, and curated detections. Build threat informed defence programmes tied to customer specific threat profiles (sector, geography, adversary groups). Run threat hunting campaigns using GTI, Mandiant frontline intelligence, and UDM search. Validate detection coverage against MITRE ATT&CK using Mandiant Security Validation where in scope. Practice growth Mentor engineers and consultants; lead internal SecOps and GUS enablement. Represent the practice in pre sales, customer workshops, and Google partner forums. What we're looking for Essential Strong SIEM/SOC delivery experience (any major platform; Google SecOps / Chronicle preferred). Hands on with Google SecOps: UDM, YARA L, parsers, SOAR playbooks, data ingestion patterns. Solid grounding in Google Cloud security primitives: IAM, Organization Policies, VPC Service Controls, Cloud Logging, Cloud KMS. Comfortable with Terraform, CI/CD pipelines and at least one scripting language (Python, Go) for automation, parser development, and integration work. Experience supporting regulated workloads (financial services, public sector, healthcare) and translating compliance requirements into operational controls. Able to explain risk, trade offs, and findings to both SOC analysts and executive stakeholders. Nice to have Google Professional Cloud Security Engineer or Google SecOps certification. Prior SIEM migration experience (Splunk SecOps, Sentinel SecOps, etc.). Experience with adjacent tooling: Wiz, CrowdStrike, Splunk, Sentinel, Snyk. Consulting or systems integrator background. Contributions to open detection content (Sigma, MITRE, public rule repos). Benefits We believe in supporting our team members both professionally and personally. Here's how we invest in you: Compensation and Financial Wellbeing Competitive base salary Matching pension scheme (up to 5%) from day one Discretionary company bonus scheme 4 x annual salary Death in Service coverage from day one Employee referral scheme Tech Scheme Health and Wellness Private medical insurance from day one Optical and dental cashback scheme app: access to remote GP's, second opinions, mental health support, and physiotherapy EAP service Cycle to work scheme Work Life balance and Growth 28 days annual leave (plus bank holidays) An extra paid day off for your birthday Ten paid learning days per year Flexible working hours Work from anywhere (up to 3 weeks per year) Industry recognised training and certifications Bonusly employee recognition and reward platform Clear opportunities for career progression Length of service awards Regular company events Diversity and Inclusion At Beyond we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all.

About the Role We are seeking a Senior Cloud Software Engineer to join our Threat Detection and Incident Response (TDIR) team, building world class case management and investigation capabilities in Go on our AI native Falcon Next Gen SIEM platform. Your work will help customers detect, investigate, and hunt threats faster and more intelligently at petabyte scale. What You'll Do Own the engineering bar: drive architectural improvements, set code quality standards, and ensure our systems are performant, reliable, and scalable. Lead system design and architecture decisions, including design reviews and RFC processes. Develop Go based microservices supporting threat detection, case management, and incident response workflows, alongside RESTful APIs powering customer facing capabilities. Take end to end ownership of technical initiatives, both individually and as part of a team, across projects of increasing scope and complexity. Collaborate with designers, product managers, and engineers across product groups to understand, design, and implement solutions. Mentor junior and mid level engineers through pair programming, code reviews, and one on one knowledge sharing. Contribute to AI powered capabilities including LLM integration, agentic workflows, and intelligent analyst tooling. Participate in the on call rotation and drive improvements that reduce toil and increase system reliability. Operate with a high degree of autonomy-making decisions and driving outcomes. What You'll Need 8+ years of professional software engineering experience, with 5+ years building and operating distributed systems or cloud native services at scale in production. Solid understanding of distributed systems, scalability, RESTful patterns, and multithreading concepts. Proficiency building and scaling resilient, low latency services using Go, Python, Java, C++, or C#. Hands on experience with Docker, Kubernetes, and cloud platforms, preferably AWS or GCP. Strong communication and collaboration skills, with a bias for ownership and a customer first mindset. Proven ability to translate complex and ambiguous business requirements into technical solutions and deliver projects on schedule. Bonus: Current experience developing Go based microservices for scalable, high throughput architectures. Bonus: Experience in cybersecurity, SIEM, SOAR, or adjacent security domains. Bonus: Hands on experience with LLM integration, prompt engineering, RAG pipelines, or agentic AI frameworks. Benefits of Working at CrowdStrike Competitive compensation and equity awards. Comprehensive physical and mental wellness programs. Paid parental and adoption leave. Competitive vacation and holidays. Professional development opportunities for all employees. Employee networks and volunteer opportunities to build connections. Vibrant office culture with world class amenities. Equal Opportunity Employer CrowdStrike is an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program. CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex, sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions-including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay offs, return from lay off, terminations and social/recreational programs-on valid job requirements.

About the role We help regulated and enterprise customers protect their Google Cloud Estates. As a Premier Google Cloud Partner, we deliver Google Unified Security (GUS) engagements across the full stack - from greenfield SIEM/SOAR deployments and SOC modernisation programmes to detection engineering, posture management, threat hunting, and incident response uplift. Secure GCP estates with the adoption of CI/CD pipelines, secure landing zones and cloud posture reviews. Expertise when integrating third party tools such as Wiz. We're looking for a Senior Security Engineer with deep, hands on experience across the GCP and Google Security portfolio. You'll lead the technical work on customer engagements, build reusable content for the practice, and help customers deliver security solutions at scale. This is a hands on senior role. Most of your week is client delivery. The rest goes into our practice - accelerators, parsers, rule packs, playbooks, and points of view that make the next engagement faster than the last. What you'll do Google SecOps (SIEM / SOAR) Lead end to end SecOps deployments - tenant setup, multi tenant architecture, data ingestion, retention design, RBAC, and feed onboarding. Build and maintain parsers, UDM mappings, and data models for Google Cloud, AWS, Azure, endpoint, identity, and network sources. Write, test, and tune YARA L detection rules, including single event, multi event, and composite detections. Design SOAR playbooks and python integrations. Develop custom agents that can be deployed in customer environments using GCP infrastructure. GCP Configure CI/CD pipelines with integrated security tools. Configure GCP security solutions including Security Command Center Enterprise, IAP, VPC Service Controls, and Model Armor. Work with platform teams to support the deployment of secure cloud foundation blueprints. Support clients with secure AI workloads including the use of model armor and agent identities. Google Threat Intelligence Operationalise Google Threat Intelligence inside SecOps - IoC matching, Applied Threat Intelligence, and curated detections. Build threat informed defence programmes tied to customer specific threat profiles (sector, geography, adversary groups). Run threat hunting campaigns using GTI, Mandiant frontline intelligence, and UDM search. Validate detection coverage against MITRE ATT&CK using Mandiant Security Validation where in scope. Practice growth Mentor engineers and consultants; lead internal SecOps and GUS enablement. Represent the practice in pre sales, customer workshops, and Google partner forums. What we're looking for Essential Strong SIEM/SOC delivery experience (any major platform; Google SecOps / Chronicle preferred). Hands on with Google SecOps: UDM, YARA L, parsers, SOAR playbooks, data ingestion patterns. Solid grounding in Google Cloud security primitives: IAM, Organization Policies, VPC Service Controls, Cloud Logging, Cloud KMS. Comfortable with Terraform, CI/CD pipelines and at least one scripting language (Python, Go) for automation, parser development, and integration work. Experience supporting regulated workloads (financial services, public sector, healthcare) and translating compliance requirements into operational controls. Able to explain risk, trade offs, and findings to both SOC analysts and executive stakeholders. Nice to have Google Professional Cloud Security Engineer or Google SecOps certification. Prior SIEM migration experience (Splunk SecOps, Sentinel SecOps, etc.). Experience with adjacent tooling: Wiz, CrowdStrike, Splunk, Sentinel, Snyk. Consulting or systems integrator background. Contributions to open detection content (Sigma, MITRE, public rule repos). Benefits We believe in supporting our team members both professionally and personally. Here's how we invest in you: Compensation and Financial Wellbeing Competitive base salary Matching pension scheme (up to 5%) from day one Discretionary company bonus scheme 4 x annual salary Death in Service coverage from day one Employee referral scheme Tech Scheme Health and Wellness Private medical insurance from day one Optical and dental cashback scheme app: access to remote GP's, second opinions, mental health support, and physiotherapy EAP service Cycle to work scheme Work Life balance and Growth 28 days annual leave (plus bank holidays) An extra paid day off for your birthday Ten paid learning days per year Flexible working hours Work from anywhere (up to 3 weeks per year) Industry recognised training and certifications Bonusly employee recognition and reward platform Clear opportunities for career progression Length of service awards Regular company events Diversity and Inclusion At Beyond we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all.

About the role We help regulated and enterprise customers protect their Google Cloud Estates. As a Premier Google Cloud Partner, we deliver Google Unified Security (GUS) engagements across the full stack - from greenfield SIEM/SOAR deployments and SOC modernisation programmes to detection engineering, posture management, threat hunting, and incident response uplift. Secure GCP estates with the adoption of CI/CD pipelines, secure landing zones and cloud posture reviews. Expertise when integrating third party tools such as Wiz. We're looking for a Senior Security Engineer with deep, hands on experience across the GCP and Google Security portfolio. You'll lead the technical work on customer engagements, build reusable content for the practice, and help customers deliver security solutions at scale. This is a hands on senior role. Most of your week is client delivery. The rest goes into our practice - accelerators, parsers, rule packs, playbooks, and points of view that make the next engagement faster than the last. What you'll do Google SecOps (SIEM / SOAR) Lead end to end SecOps deployments - tenant setup, multi tenant architecture, data ingestion, retention design, RBAC, and feed onboarding. Build and maintain parsers, UDM mappings, and data models for Google Cloud, AWS, Azure, endpoint, identity, and network sources. Write, test, and tune YARA L detection rules, including single event, multi event, and composite detections. Design SOAR playbooks and python integrations. Develop custom agents that can be deployed in customer environments using GCP infrastructure. GCP Configure CI/CD pipelines with integrated security tools. Configure GCP security solutions including Security Command Center Enterprise, IAP, VPC Service Controls, and Model Armor. Work with platform teams to support the deployment of secure cloud foundation blueprints. Support clients with secure AI workloads including the use of model armor and agent identities. Google Threat Intelligence Operationalise Google Threat Intelligence inside SecOps - IoC matching, Applied Threat Intelligence, and curated detections. Build threat informed defence programmes tied to customer specific threat profiles (sector, geography, adversary groups). Run threat hunting campaigns using GTI, Mandiant frontline intelligence, and UDM search. Validate detection coverage against MITRE ATT&CK using Mandiant Security Validation where in scope. Practice growth Mentor engineers and consultants; lead internal SecOps and GUS enablement. Represent the practice in pre sales, customer workshops, and Google partner forums. What we're looking for Essential Strong SIEM/SOC delivery experience (any major platform; Google SecOps / Chronicle preferred). Hands on with Google SecOps: UDM, YARA L, parsers, SOAR playbooks, data ingestion patterns. Solid grounding in Google Cloud security primitives: IAM, Organization Policies, VPC Service Controls, Cloud Logging, Cloud KMS. Comfortable with Terraform, CI/CD pipelines and at least one scripting language (Python, Go) for automation, parser development, and integration work. Experience supporting regulated workloads (financial services, public sector, healthcare) and translating compliance requirements into operational controls. Able to explain risk, trade offs, and findings to both SOC analysts and executive stakeholders. Nice to have Google Professional Cloud Security Engineer or Google SecOps certification. Prior SIEM migration experience (Splunk SecOps, Sentinel SecOps, etc.). Experience with adjacent tooling: Wiz, CrowdStrike, Splunk, Sentinel, Snyk. Consulting or systems integrator background. Contributions to open detection content (Sigma, MITRE, public rule repos). Benefits We believe in supporting our team members both professionally and personally. Here's how we invest in you: Compensation and Financial Wellbeing Competitive base salary Matching pension scheme (up to 5%) from day one Discretionary company bonus scheme 4 x annual salary Death in Service coverage from day one Employee referral scheme Tech Scheme Health and Wellness Private medical insurance from day one Optical and dental cashback scheme app: access to remote GP's, second opinions, mental health support, and physiotherapy EAP service Cycle to work scheme Work Life balance and Growth 28 days annual leave (plus bank holidays) An extra paid day off for your birthday Ten paid learning days per year Flexible working hours Work from anywhere (up to 3 weeks per year) Industry recognised training and certifications Bonusly employee recognition and reward platform Clear opportunities for career progression Length of service awards Regular company events Diversity and Inclusion At Beyond we champion diversity and inclusion. We believe that a career in IT should be open to everyone, regardless of race, ethnicity, gender, age, sexual orientation, disability or neurotype. We value the unique talents and perspectives that each individual brings to our team, and we strive to create a fair and accessible hiring process for all.

Overview Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (Vista), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. Job Overview The Senior Security Engineer is responsible for protecting the organisation's digital assets, infrastructure, and data through the design, implementation, and maintenance of security systems and controls. This role involves managing security tools, conducting risk assessments, responding to incidents, and ensuring adherence to applicable security standards and frameworks. The successful candidate will work closely with teams across Menlo to embed security best practices across all technology initiatives, supporting the organisation's security posture and resilience. Key Responsibilities Security Operations & Monitoring Monitor and manage the SIEM platform and security alerts to identify, investigate, and respond to potential threats. Administer and optimise EDR solutions (CrowdStrike) to ensure comprehensive endpoint protection across the organisation. Lead incident response activities, including investigation, containment, remediation, and post-incident analysis. Vulnerability & Risk Management Manage the vulnerability management programme, including scanning, prioritisation, and coordination of remediation efforts. Conduct risk assessments and develop risk mitigation strategies in collaboration with stakeholders. Implement and maintain CIS Benchmarks and similar baselines across systems and infrastructure to ensure secure configurations. Identity, Access & SaaS Security Configure and manage identity and access management (IAM) solutions, ensuring appropriate access controls are in place. Oversee SaaS security posture, including configuration reviews, access governance, and data protection controls. Manage data loss prevention technologies (Code42, Google Workspace) to protect sensitive information and ensure compliance with data handling policies. Security Engineering & Automation Develop and implement automation to improve security operations efficiency and reduce manual workload. Support network security initiatives, ensuring secure architecture and appropriate controls are maintained. Evaluate and contribute to AI security initiatives, ensuring appropriate controls for AI/MCP systems and emerging technologies. Policy, Process & Advisory Develop, document, and maintain security policies, standards, and procedures. Provide security guidance and consultancy to IT and other Menlo teams on projects and initiatives. Stay current with emerging threats, vulnerabilities, and security technologies to continuously improve the organisation's security posture. Qualifications The successful candidate will have some combination of the following education and experience: Bachelor's degree in Cybersecurity, Computer Science, or Information Technology, Relevant certifications (CISSP, CCSP, Security+, or similar), and/or Minimum of 3-5 years' experience in security engineering or adjacent roles. Hands-on experience with SIEM platforms, EDR solutions (ideally CrowdStrike), and vulnerability management tools. Experience with IAM solutions, SaaS security, and data protection tools. Strong understanding of networking concepts, protocols, and security architecture. Experience with security automation and scripting required. Strong understanding of cloud security concepts is beneficial. Excellent analytical, problem-solving, and communication skills. Working Conditions Full-time position with occasional out-of-hours support coverage as required. Hybrid working arrangement with in-office presence required 1-2 days per week. Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we're aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security's policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.

London, United Kingdom Posted on 07/06/2026 Engagement:Inside IR35 Start Date:ASAP Overview We are supporting a leading investment banking client in London who is seeking an experiencedCyber Technical Delivery Managerto join a large-scale Cyber Security Transformation Programme. This role will be responsible for the successful delivery of complex cyber security initiatives across multiple technology domains, including Identity & Access Management (IAM), Security Operations, Cloud Security, Vulnerability Management, Data Protection, and Regulatory Compliance. The successful candidate will act as the bridge between technical engineering teams, cyber security stakeholders, business leaders, and third-party vendors, ensuring projects are delivered on time, within budget, and in line with regulatory and security requirements. Key Responsibilities Lead the end-to-end delivery of cyber security projects and workstreams. Develop and maintain project plans, milestones, RAID logs, budgets, and resource plans. Ensure delivery aligns with business objectives, security standards, and regulatory requirements. Manage dependencies across multiple technology and business teams. Drive project governance and reporting activities. Cyber Security Delivery Deliver initiatives across: Identity & Access Management (IAM) Privileged Access Management (PAM) Security Operations (SOC) SIEM Platforms Cloud Security Vulnerability Management Data Protection and DLP Security Monitoring and Threat Detection Secure File Transfer and Encryption Programmes Coordinate technical teams to ensure successful implementation of security controls and technologies. Stakeholder Management Engage with senior stakeholders across Cyber Security, Infrastructure, Cloud, Risk, Compliance, and Business Functions. Provide regular programme updates to senior management and governance forums. Manage relationships with third-party suppliers and technology vendors. Facilitate workshops, steering committees, and technical review sessions. Identify, manage, and mitigate project risks and issues. Ensure compliance with internal security policies and regulatory frameworks. Support audit, risk, and compliance activities. Track and report programme KPIs and delivery metrics. Requirements Required Skills & Experience Cyber Security Experience Strong understanding of enterprise cyber security principles and controls. IAM and Access Governance PAM Solutions SIEM and Security Monitoring Vulnerability Management Data Protection Security Compliance Programmes Familiarity with security frameworks and standards such as: NIST ISO 27001 CIS Controls Cyber Essentials Regulatory requirements within Financial Services Technical Knowledge Good understanding of: Microsoft Azure AWS Active Directory / Entra ID Security Monitoring Platforms Identity Management Solutions Network and Infrastructure Security Ability to engage effectively with technical architects, engineers, and security specialists. Delivery Management Proven experience delivering complex technology or cyber programmes within large enterprise environments. Strong project and programme management experience. Experience managing multiple workstreams simultaneously. Excellent RAID management and governance skills. Strong budget and financial management experience. Previous experience working within Investment Banking, Banking, or Financial Services. Experience delivering cyber security transformation programmes. Experience operating within regulated environments. Strong stakeholder management skills with the ability to engage at Executive and C-Level. Experience managing third-party suppliers and system integrators. Experience with: Microsoft Sentinel Splunk SailPoint CyberArk Okta CrowdStrike Microsoft Defender Suite Knowledge of DevSecOps practices. Exposure to cloud migration and security transformation programmes. Experience supporting regulatory remediation initiatives. Qualifications & Certifications One or more of the following would be advantageous: PMP CISSP CISM CISA CRISC Personal Attributes Strong leadership and organisational skills. Excellent communication and presentation abilities. Ability to influence stakeholders at all levels. Strong analytical and problem-solving mindset. Ability to operate effectively in fast-paced, complex environments. Self-motivated with a strong focus on delivery and outcomes. Successful delivery of cyber security projects and workstreams. Effective management of risks, issues, and dependencies. Timely implementation of security controls and technologies. Improved cyber security posture and compliance alignment. High-quality governance reporting and stakeholder engagement.

Cyber Technical Delivery Manager Location: London (Hybrid - 4 Days per Week Onsite) Contract Length:12 Months Engagement:Inside IR35 Industry:Investment Banking / Financial Services Start Date:ASAP Overview We are supporting a leading investment banking client in London who is seeking an experienced Cyber Technical Delivery Manager to join a large-scale Cyber Security Transformation Programme. This role will be responsible for the successful delivery of complex cyber security initiatives across multiple technology domains, including Identity & Access Management (IAM), Security Operations, Cloud Security, Vulnerability Management, Data Protection, and Regulatory Compliance. The successful candidate will act as the bridge between technical engineering teams, cyber security stakeholders, business leaders, and third-party vendors, ensuring projects are delivered on time, within budget, and in line with regulatory and security requirements. Key Responsibilities Programme & Project Delivery Lead the end-to-end delivery of cyber security projects and workstreams. Develop and maintain project plans, milestones, RAID logs, budgets, and resource plans. Ensure delivery aligns with business objectives, security standards, and regulatory requirements. Manage dependencies across multiple technology and business teams. Drive project governance and reporting activities. Cyber Security Delivery Deliver initiatives across: Identity & Access Management (IAM) Privileged Access Management (PAM) Security Operations (SOC) SIEM Platforms Cloud Security Vulnerability Management Data Protection and DLP Security Monitoring and Threat Detection Secure File Transfer and Encryption Programmes Coordinate technical teams to ensure successful implementation of security controls and technologies. Stakeholder Management Engage with senior stakeholders across Cyber Security, Infrastructure, Cloud, Risk, Compliance, and Business Functions. Provide regular programme updates to senior management and governance forums. Manage relationships with third-party suppliers and technology vendors. Facilitate workshops, steering committees, and technical review sessions. Risk & Governance Identify, manage, and mitigate project risks and issues. Ensure compliance with internal security policies and regulatory frameworks. Support audit, risk, and compliance activities. Track and report programme KPIs and delivery metrics. Requirements Required Skills & Experience Cyber Security Experience Strong understanding of enterprise cyber security principles and controls. Experience delivering projects involving: IAM and Access Governance PAM Solutions SIEM and Security Monitoring Cloud Security Endpoint Security Vulnerability Management Data Protection Security Compliance Programmes Familiarity with security frameworks and standards such as: NIST ISO 27001 CIS Controls Cyber Essentials Regulatory requirements within Financial Services Technical Knowledge Good understanding of: Microsoft Azure AWS Active Directory / Entra ID Security Monitoring Platforms Identity Management Solutions Network and Infrastructure Security Ability to engage effectively with technical architects, engineers, and security specialists. Delivery Management Proven experience delivering complex technology or cyber programmes within large enterprise environments. Strong project and programme management experience. Experience managing multiple workstreams simultaneously. Excellent RAID management and governance skills. Strong budget and financial management experience. Essential Experience Previous experience working within Investment Banking, Banking, or Financial Services. Experience delivering cyber security transformation programmes. Experience operating within regulated environments. Strong stakeholder management skills with the ability to engage at Executive and C-Level. Experience managing third-party suppliers and system integrators. Desirable Skills Experience with: Microsoft Sentinel Splunk SailPoint CyberArk Okta CrowdStrike Microsoft Defender Suite Knowledge of DevSecOps practices. Exposure to cloud migration and security transformation programmes. Experience supporting regulatory remediation initiatives. Qualifications & Certifications One or more of the following would be advantageous: PRINCE2 Practitioner PMP Agile Practitioner / Scrum Certification CISSP CISM CISA CRISC Personal Attributes Strong leadership and organisational skills. Excellent communication and presentation abilities. Ability to influence stakeholders at all levels. Strong analytical and problem-solving mindset. Ability to operate effectively in fast-paced, complex environments. Self motivated with a strong focus on delivery and outcomes. Key Deliverables Successful delivery of cyber security projects and workstreams. Effective management of risks, issues, and dependencies. Timely implementation of security controls and technologies. Improved cyber security posture and compliance alignment. High quality governance reporting and stakeholder engagement.

Senior Security Engineer (AI & DevSecOps) at iProov About iProov iProov provides science-based biometric solutions that enable the world's most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences. Trusted by leading governments and enterprises, including the U.S. Department of Homeland Security, U.K. Home Office, GovTech Singapore, ING, and UBS, iProov sets the standard in biometric identity assurance. This global trust is built not only on our technology but on the strength of the people behind it. For us, diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose. The Role Reports to: Head of Cybersecurity Location: WeWork Waterloo - Hybrid Comp: $ (Base) + Company Performance Bonus (20%) + Share Options + US iProov Benefits The role was created specifically to provide the technical security depth that will allow us to accelerate our adoption of agentic AI, equipping developers and data scientists building our biometric products with the tools and workflows to use AI safely and at pace. You will work as the direct counterpart to our GRC focused InfoSec Manager, owning the engineering and implementation side of our security posture across cloud infrastructure, developer workflows, AI systems, and our core security toolstack. This is a role for someone who has built and shipped software or infrastructure and brings that experience into a security context. How you can make an impact Architect and deploy the secure technical framework that governs the security controls for how our developers and scientists use agentic AI, including AI coding assistants, autonomous agents, and LLM integrated tooling. Given that these systems can autonomously access data, execute code, and interact with external services, the guardrails you design will need to address a substantially broader attack surface than traditional AI tooling, and must hold up in a context where the underlying data is among the most sensitive we handle. Be the primary technical security voice in decisions around the use and deployment of externally developed AI, ensuring the right controls are in place from the onset. Continuously mature automated security controls into CI/CD pipelines and infrastructure as code deployments, championing the DevSecOps culture across a large engineering organisation. Take hands on ownership of our core security technology stack, including Wiz, CrowdStrike, Google SecOps, and Tailscale, ensuring these platforms are correctly configured, tuned, and integrated. Drive continuous technical delivery of strategic security initiatives, systematically identifying, triaging, and closing gaps across our cloud environments, internal networks, and developer workflows. Provide technical oversight of the security of the data pipelines feeding our internal AI systems and, critically, the permissions and access boundaries of agentic AI systems reaching out into other environments, enforcing the principle of least privilege, maintaining audit trails, and ensuring sensitive data and code integrity is handled with the rigour required. Complement the work of our existing biometric and product focused Red Team by owning security coverage of the DevSecOps surface, the build pipeline, internal toolchain, cloud environments and developer infrastructure. Act as the primary technical security partner to our GRC focused InfoSec Manager, translating governance and compliance mandates into concrete, automated engineering controls. Represent the technical security function in external audits. This includes presenting evidence of controls, articulating the security posture of our cloud and AI environments to auditors, and working closely with the InfoSec Manager to ensure the technical substance behind our compliance position is clearly and credibly communicated. Qualifications A foundational background in software engineering or DevOps before moving into a dedicated security role: you understand how code is written, tested, and deployed, and that experience is central to how you approach security problems. Proven, hands on experience securing modern cloud infrastructure and containerised environments, with a solid understanding of infrastructure as code principles and the security implications of how infrastructure is defined and provisioned. Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero trust networking. A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM specific attack vectors. Scripting and automation capability, particularly in Python, to build internal tooling, automate security checks, and reduce reliance on manual processes across the security function. Prior experience or a demonstrated practical interest in securing AI workloads, data pipelines, and machine learning environments. The communication skills to collaborate effectively with highly technical stakeholders, champion security initiatives without hindering developer productivity, and translate risk into language that resonates with both engineering peers and business leadership, including the confidence to present technical security evidence clearly in formal external audit settings. Benefits 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service) Growth Shares allocated after passing probation (6 months of service) Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme Nursery Sacrifice Scheme Work Overseas Perk - Work globally for up to 2 weeks Life Assurance SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family Benefit from personalized 1:1 career coaching with our in house Occupational Psychologist Award winning L&D platform with personal allocated training budgets Enhanced paid family leave Flexible hybrid working environment Free Barista Coffee/Tea, biscuits with fruit in the WeWork office Free access to WeWork discounts and free online well being sessions Vitality Health - a range of options available on this below The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example: Private Health cover including Dental, Optical, and Audiology 50% off monthly gym memberships Apple watches significantly discounted based member vitality status Half price trainers with Runners Need Weekly rewards - Free coffee with Café Nero Monthly rewards - Free Cinema ticket Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status Amazon prime free months based on activity Up to 25% cashback at Waitrose when buying healthy foods75% off stays at Champneys Health Spas Allen Carr's £299 no smoking programme for free Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace Discounts on Weight Watchers As an equal opportunities employer, we encourage applications from people of all backgrounds. We're committed to building a workforce that is representative of the people we serve.