340 jobs found

SC Cleared Security Consultant - 3 days a week on site As a Security Consultant, you'll assist in the design, build, and delivery of secure digital solutions in highly secure environments. You'll work alongside engineers, architects, and delivery specialists. You work will include cyber risk management, providing strategic security direction of projects and producing evidence to meet various MOD regulations. What We're Looking For skills/experience in: Working on risk assessments using industry approved methodologies (such as NIST 800-30, ISO 27005). Identification of suitable risk management activities (technical, physical, or procedural) to treat/mitigate the identified risks. Creation of security documentation to support the development of an information system, these could include: Security Aspects of Design, Risk Assessments, Risk Management Plans, Security Policies, Security Test Plans/Results. Support development in a secure-by-design methodology. Experience working on technical low-level security designs. Knowledge of Legal and regulatory topics that merit consideration when conducting various activities in the field of cyber security. Knowledge of MOD policies (JSP 440, 453/604, 892) Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments Appreciation of the constraints and requirements imposed on development within secure, safety critical environments. Experience of working with MOD Cyber Assurance/Accreditors. Security Clearance Due to the nature of the work, candidates must be UK sole nationals and hold current SC clearance JBRP1_UKTJ

Role: Cyber Security Consultant Location: Hybrid - 2 days in the Nottingham office Salary: £625-£750 per day - Initial 3 month contract I m working with a growing software business in Nottingham who are looking for an experienced Cyber Security Consultant to come in on an initial 3-month contract. This is not an automation testing role, and it s not a pure penetration testing assignment either. They need someone who can come in, take a step back, and look at the wider business from a cyber security perspective. The focus is around understanding where the vulnerabilities are, how security is currently approached, and what needs to be improved across the product and business environment. They currently have vulnerability scanning tooling in place, which has been used for the last couple of years, but they now want someone to review how effective that approach is and whether they are getting the right level of value, visibility and control from it. This is a proper zoom out piece of work. They need someone who can assess, challenge, prioritise and give them a clear plan of action. What you ll be doing You ll be carrying out an initial cyber security review across the business and product environment. This will include: Reviewing the current security posture across the business Looking at the wider product landscape from a security perspective Assessing the current approach to vulnerability management Reviewing how existing security tooling is being used Looking at the overall approach to testing from a security point of view Identifying vulnerabilities, gaps, risks and areas of exposure Speaking with technical and non-technical stakeholders Producing clear findings and practical recommendations Helping shape a sensible remediation roadmap What they re looking for This would suit someone who has operated as a Cyber Security Consultant , Security Assurance Consultant , Information Security Consultant , Application Security Consultant , or similar. You ll need experience across areas such as: Cyber security audits / assessments Vulnerability management Product or application security Security testing strategy Secure SDLC Risk, controls and remediation planning OWASP principles Reviewing security tooling and processes Translating technical findings into clear business language You don t need to be a pure pen tester for this role. They are looking for someone who can take a wider view and help the business understand what needs tightening up. The setup Initial 3-month contract Nottingham office twice per week Product-led software environment Practical security review rather than box-ticking Interested? Drop me a message and I ll talk you through the details - Yas at Rebel Recruiters We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.

IAM Consultant (CyberArk) Position Description Trusted to see the whole picture If you're ahead of the game on cyber security, systems and operations risk we can secure your career ambitions. We are looking for an experienced and highly skilled IAM Consultant with experience of CyberArk to join our team. The ideal candidate will have a strong track record in deploying and integrating CyberArk / IAM solutions, particularly in secure environments. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance. Your future duties and responsibilities This role requires deep knowledge of Identity and Access Management (IAM) and the ability to operate effectively within complex infrastructures. Experience with broader IAM solutions, such as Identity Governance and Administration (IGA) and cloud-native or standalone access control systems. Required qualifications to be successful in this role • IAM / CyberArk Expertise: Extensive experience in deploying and integrating IAM / CyberArk solutions with various targets, including but not limited to: oActive Directory oLDAP directories oNetwork appliances oDatabases • Technical Proficiency: In-depth knowledge of CyberArk's suite of products, including: oPrivileged Access Security (PAS) oEnterprise Password Vault (EPV) oPrivileged Session Manager (PSM) • Integration Experience: Strong understanding of how to integrate CyberArk with other security tools and infrastructure components. Preferred Qualifications: • Security Architecture: Expertise in security architecture with a focus on designing and implementing comprehensive IAM solutions in complex, diverse IT environments. • IAM Solutions: Experience in deploying broader IAM solutions such as IGA (e.g. Sailpoint) and other access control systems. A proven ability to define and implement IAM strategies in large-scale infrastructures. Advantageous Skills: • Cybersecurity certifications, such as CISSP or CCSP. • Familiarity with regulatory and compliance requirements in secure environments. Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

Cloud Security Consultant Position Description At CGI, we're shaping the future of secure digital transformation helping clients across industries protect their most valuable assets in the cloud. As a Cloud Security Consultant, you'll play a key role in building trusted, resilient cloud environments that enable innovation and drive business success. You'll work within one of the UK's largest and most respected cyber consultancies, influencing major cloud programmes that safeguard national infrastructure, modernise operations, and empower clients to grow with confidence. Join us to make an impact where it truly matters combining your technical expertise with creativity and ownership to deliver lasting change. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK 'Best Employer' by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This is a hybrid position. Your future duties and responsibilities In this role, you will lead and support cloud security initiatives that protect client systems, data, and operations. You'll work closely with cross-functional teams to design, assess, and enhance secure cloud architectures across AWS, Azure, and GCP environments. By combining technical depth with strategic insight, you'll help organisations adopt cloud technologies confidently balancing security, innovation, and performance. You'll be empowered to take ownership of projects, apply creativity to complex challenges, and collaborate within a supportive community of cyber professionals who are passionate about making a difference. Key responsibilities include: Design & Implement: Develop secure architectures and solutions across public, private, and hybrid cloud environments. Assess & Advise: Conduct risk assessments, threat modelling, and compliance audits. Embed & Automate: Integrate security within DevOps and CI/CD pipelines. Govern & Guide: Provide expert advice on cloud governance, identity, and access management. Support & Protect: Align client operations with leading frameworks and regulatory standards. Required qualifications to be successful in this role ou should have a solid understanding of cloud security principles and proven experience securing complex cloud infrastructures. Strong communication, analytical, and problem-solving skills are essential, alongside the ability to translate technical risks into actionable recommendations for clients. You should have: Proven experience in cloud security architecture and assurance Strong knowledge of AWS, Azure, or GCP environments Understanding of security frameworks such as ISO 27001, NIST, NCSC CAF, and Cyber Essentials/Plus Experience in identity and access management, data protection, and cloud governance Knowledge of network and infrastructure security in cloud contexts Familiarity with business continuity, resilience, and incident response Desirable certifications: CISSP, CISM, CCSP, AZ-500, AWS Security Specialty, CCP, or equivalent Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

Cyber Security & Trust, Vice President At Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. Your Role As the demand for robust cybersecurity and trust solutions grows, we are seeking a Vice President (VP) to drive forward the sales, strategy, and delivery of our Digital Trust and Cyber security consulting offerings in the UK market. Role Overview: This role will play a critical role in establishing Capgemini Invent as a leading provider of cybersecurity and digital trust consulting services within the UK market. This executive will be responsible for driving the sales and business development of digital trust and cybersecurity solutions, developing trusted relationships with senior stakeholders, and managing the strategic direction of cybersecurity offerings. The role will involve leading large scale client engagements, developing new opportunities, and driving the delivery of cyber solutions in alignment with client needs and Capgemini Invent's strategic goals. Key Responsibilities: Sales & Business Development: Drive the sales strategy for Digital Trust and Security across the UK, developing go to market plans, securing large contracts, and expanding Capgemini Invent's portfolio within existing and new client accounts. Lead high level sales conversations with C level executives, articulating the business value of cybersecurity and trust solutions and driving significant business growth. Build and nurture relationships with key stakeholders, including senior client executives, business partners, and industry leaders, to position Capgemini Invent as the partner of choice for cybersecurity and digital trust solutions. Identify new business opportunities, foster strategic alliances, and create an environment where new clients and markets can be penetrated effectively. Define and execute the vision and strategy for Capgemini Invent's Digital Trust and Security offerings in the UK market, ensuring alignment with both client needs and Capgemini's broader business objectives. Lead and manage a team of consultant security experts, consultants, and delivery managers, providing direction, mentorship, and resources to ensure high performance delivery and client success. Ensure the continuous evolution of cybersecurity services and solutions, keeping pace with changing regulatory landscapes, emerging cyber threats, and technological advancements in a consulting environment. Collaborate with other leaders across Capgemini Invent to deliver integrated, end to end solutions that meet clients' security, trust, and compliance needs. Lead and oversee complex digital security trust consultancy programmes for large enterprise clients, ensuring they are delivered on time, within scope, and within budget. Take ownership of client relationships, ensuring that Capgemini Invent delivers value and demonstrates thought leadership in cybersecurity. Serve as the primary point of escalation for critical client issues, providing high level strategic guidance and solutions. Actively participate in the development of proposals, RFP responses, and presentations for potential clients, demonstrating deep expertise in cybersecurity strategy and implementation and working with other parts of the Capgemini Group. Innovation & Thought Leadership: Lead efforts to identify and leverage innovative technologies and approaches in the cybersecurity space, ensuring Capgemini Invent remains at the forefront of cybersecurity and digital trust. Represent Capgemini Invent at key cybersecurity events, conferences, and industry forums, contributing thought leadership and insights on current trends, challenges, and solutions in cybersecurity. Drive the development of intellectual property, including frameworks, methodologies, and best practices for cybersecurity and trust solutions, to enhance Capgemini Invent's market positioning. Performance & Reporting: Be able to sell £4M of Cybersecurity solutions/year. Ensure the business unit maintains high levels of client satisfaction, as well as operational efficiency, across cybersecurity engagements. Your Profile Extensive experience in leading and growing a cybersecurity business unit, ideally within a consulting technology services environment. Proven track record in selling and delivering large scale, complex cybersecurity and trust solutions in a consultancy environment, including managing high profile client accounts and multi million pound deals. Experience managing teams of cybersecurity professionals, providing strategic direction, coaching, and mentoring. Demonstrated experience working with C suite executives to influence and drive cybersecurity strategies at the enterprise level. Strong business development skills, with the ability to drive growth through the identification of new business opportunities, strategic partnerships, and sales. Excellent leadership skills, with the ability to inspire, motivate, and develop high performing teams. Exceptional communication, presentation, and negotiation skills, with the ability to translate complex cybersecurity concepts into actionable business insights. Strong financial acumen, with the ability to manage budgets, forecasts, and resource allocation for large scale cybersecurity/Digital Trust projects. Ability to work collaboratively with other senior leaders across the organization to drive overall business success. Need to Know At Capgemini we don't just believe in inclusion, we actively go out to make it a working reality. Driven by our core values and Inclusive Futures for All campaign, we build environments where you can bring your whole self to work. We aim to build an environment where employees can enjoy a positive work life balance. We embed hybrid working in all that we do and make flexible working arrangements the day to day reality for our people. All UK employees are eligible to request flexible working arrangements. Employee wellbeing is vitally important to us as an organisation. We see a healthy and happy workforce as a critical component for us to achieve our organisational ambitions. To help support wellbeing we have trained 'Mental Health Champions' across each of our business areas. We have also invested in wellbeing apps such as Thrive and Peppy. CSR: We're also focused on using tech to have a positive social impact. So, we're working to reduce our own carbon footprint and improve everyone's access to a digital world. It's something we're really serious about. In fact, we were even named as one of the world's most ethical companies by the Ethisphere Institute for the 10th year. When you join Capgemini, you'll join a team that does the right thing. Whilst you will have London as an office base location, you must be fully flexible in terms of assignment location, as these roles may involve periods of time away from home at short notice. We offer a remuneration package which includes flexible benefits options for you to choose to suit your own personal circumstances and a variable element dependent grade and on company and personal performance. Ref. code: 125872 Posted on: 13 Mar 2026 Experience Level: Executives Contract Type: Permanent Location: London, GB

Cyber Security Consultant Location: Remote (UK-based) with very occasional travel to HQ and client sites Eligibility: Must be eligible for SC clearance About the Role We are seeking two Cyber Security consultants to join a growing cyber security team. This is a varied, hands-on role combining Identity & Access Management (IDAM), security architecture, and security engineering responsibilities. Working across a range of central government client environments; you will design, implement, and improve secure solutions while helping clients understand their security challenges and identify practical, effective improvements. The role offers significant variety, combining technical delivery with client-facing consultancy. This is a primarily remote position, with very occasional travel to company offices and client sites as required. Key Responsibilities Design, implement, and support Identity & Access Management (IDAM) solutions Contribute to security architecture activities across client environments Support the engineering and delivery of secure systems and solutions Assess security requirements and recommend pragmatic improvements Work directly with clients to understand business and security challenges Collaborate with technical and non-technical stakeholders Contribute to the development of security best practices and standards About You To be successful in this Cyber Security Consultant, you will have: Experience working with Identity & Access Management (IDAM) technologies and processes A solid understanding of security architecture principles Broad knowledge across multiple cybersecurity domains Strong communication and stakeholder management skills A practical, solutions-focused approach to problem solving The ability to work independently and manage priorities effectively in a remote environment What's on Offer Fully remote UK-based working Exposure to a wide variety of cybersecurity projects and technologies Direct client engagement and meaningful project ownership Flexible and supportive working environment Opportunity to develop expertise across architecture, engineering, and IAM disciplines A culture focused on trust, autonomy, and delivering real value Please note: Applicants must be eligible for SC clearance to be considered for this Cyber Security Consultant position.

Title Cyber Advisory Lead Reference No 2162 Company FTSE 100 Reports to Cyber Advisory Services Manager Location London Working Pattern 37.5 hours per week, Monday - Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place). Salary £59,000 - £72,000 Benefits Bupa, Matched pension contributions. Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi year transformation programme underway to build new security capabilities at pace. GCS sets the Group cyber standard, measures compliance against it across all the businesses, and delivers a portfolio of centrally managed security services that divisions can rely on. The Cyber Advisory Services function is the critical bridge between Group standards and divisional reality - translating GCS expertise into practical, context sensitive support that helps divisions understand, adopt, and embed the Group cyber standard in their specific environments. Role Summary Reporting to the Cyber Advisory Services Manager, the Cyber Advisory Lead is a senior individual contributor and the primary delivery resource within the advisory function. The role provides expert cyber security advice and guidance directly to the divisions, business units, and Group functions - operating as a trusted consultant who helps translate Group cyber standards into practical action on the ground. The Cyber Advisory Lead is the person divisions call when they need a credible, knowledgeable partner to work through a cyber security challenge with them: someone who understands both the Group standard and the operational reality of divisional environments. The role delivers a wide range of advisory services including technical standards interpretation and guidance, firewall rule base and security policy review, security input to non functional requirements for Group and divisional programmes, and advisory support to merger, acquisition, and divestiture activity. The Cyber Advisory Lead also plays a key role in managing and briefing flexible resources drawn from the GCS resourcing pool, ensuring they are deployed effectively and maintain the quality standards expected of the advisory function. This is a hands on role that demands breadth, consulting confidence, and the ability to calibrate advice to the needs and maturity of each divisional audience. Role Responsibilities / Accountabilities Technical Standards Advisory & Interpretation Act as the primary advisory point of contact for divisions and business units seeking guidance on the interpretation and application of Group cyber technical standards; provide clear, practical, and risk proportionate advice that helps divisions understand what compliance looks like in their specific environment. Translate Group technical standards into actionable divisional guidance; develop worked examples, implementation notes, and practical toolkits that make standards easier for divisional IT and security teams to adopt without losing the intent of the underlying requirement. Capture intelligence from advisory engagements - recurring questions, implementation blockers, divisional gaps - and feed it back to the Cyber Advisory Services Manager to inform improvements to standards, guidance materials, and the advisory service offering. Rule Base Assessment & Security Policy Review Plan and conduct firewall rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and produce clear, risk prioritised findings reports with actionable remediation guidance. Review and assess security policy change requests from divisions, evaluating proposed changes against Group standards and architectural principles and providing a clear recommendation with supporting rationale; act as a constructive challenge function rather than a bureaucratic gate. Support divisional teams in understanding and implementing remediation actions following rule base and policy reviews; track agreed actions to closure and provide follow up assurance that improvements have been embedded sustainably. Non Functional Security Requirements Engage with Group and divisional programme teams to define and validate non functional security requirements (NFRs); ensure that security properties - covering authentication, authorisation, encryption, logging, resilience, and data classification - are specified clearly and in a form that project and engineering teams can act on. Apply the Group NFR library to programme and project engagements, tailoring standard requirements to the specific technology context; identify where project proposals deviate from Group security expectations and work with project teams to find compliant or risk accepted alternatives. Contribute to the ongoing development and maintenance of the Group NFR library; identify gaps, outdated requirements, and emerging security considerations that should be reflected in standard NFR content. M&A, Project & Programme Advisory Support Provide cyber security advisory input to merger, acquisition, and divestiture activity, supporting the Cyber Advisory Services Manager in delivering the GCS M&A workstream; conduct cyber due diligence assessments, identify security risks associated with target entities, and develop recommendations for integration or separation. Support the delivery of cyber advisory input to Group and divisional strategic programmes - including technology transformations, cloud migrations, and ERP deployments - ensuring security considerations are raised and addressed at the right stage of each programme lifecycle. Produce high quality advisory outputs - reports, briefing notes, findings summaries, and recommendations - that reflect well on GCS and provide divisional stakeholders with clear, actionable intelligence. Flexible Resource Management & Divisional Engagement Support the Cyber Advisory Services Manager in managing the GCS flexible resourcing pool; brief and onboard flexible resources ahead of divisional deployments, maintain quality standards throughout engagements, and provide day to day direction to consultants and contractors working within the advisory function. Build and maintain trusted working relationships with divisional security leads, IT directors, and BISOs; position yourself as an accessible, credible, and practically minded partner who divisions want to engage with rather than a compliance overhead. Act as an active intelligence gatherer during divisional engagements; identify common challenges, recurring themes, and emerging risks across the estate, and feed structured insight back to the Cyber Advisory Services Manager and the wider GCS Leadership Team. Experience, Knowledge, Skills & Attributes Essential Experience 6+ years in cyber security, with a significant portion in advisory, consulting, or technical security roles requiring breadth across multiple domains. Demonstrable experience delivering cyber security advisory services to business units or divisions within a large organisation, or to enterprise clients as an external consultant. Hands on experience conducting firewall rule base reviews and security policy assessments, producing structured findings reports with risk prioritised recommendations. Experience defining or reviewing non functional security requirements for technology programmes, and the ability to translate security standards into specific, measurable project requirements. Experience providing cyber security input to M&A or other major business change programmes, including due diligence support and integration planning. Knowledge & Skills Broad technical knowledge spanning the core cyber security domains - network security, identity and access management, endpoint protection, cloud security, application security, and data protection - sufficient to advise credibly across all of them. Strong consulting and communication skills: able to listen carefully, form a well reasoned view, and articulate it clearly - whether in a written advisory report, a divisional workshop, or a one to one conversation with a BISO or IT director. Ability to translate Group technical standards into practical, context sensitive guidance that maintains the intent of the standard while acknowledging legitimate operational constraints of the division. Strong written output skills; able to produce high quality advisory reports and briefing materials that are accurate, clearly structured, and appropriate for a senior divisional or Group audience. Qualifications Degree level education in computer science, information security, or a related discipline; or equivalent professional experience. Professional certification in cyber security: CISSP, CISM, CompTIA Security+, or equivalent demonstrating technical breadth. Experience within a Big Four, specialist cyber consultancy, or in house advisory function of a large FTSE listed organisation . click apply for full job details

Junior Cyber Security Consultant / Analyst An exciting opportunity for a Junior Cyber Security Consultant / Analyst to join a growing technology consultancy delivering cyber security, Microsoft 365 security, Azure cloud and IT support solutions. Ideal for candidates passionate about cyber security compliance, cloud computing and client advisory services. If you've also worked in the following roles, we'd also like to hear from you: Cyber Security Consultant, IT Security Analyst, Information Security Analyst, Cyber Security Advisor, Microsoft Security Analyst, Cyber Security Analyst, Information Security Consultant Recent Graduates and Experience Candidates Considered If you're a smart, driven, problem-solver, with a passion for technology, a hunger for continuous learning, and a desire to add value to clients, you could be exactly who the organisation is looking for. SALARY: £30,000 - £35,000 per annum (DOE) + Benefits LOCATION: Hybrid working 3 days from the City of London office (Faringdon / Chancery Lane) (EC1N) and 2 days from home JOB TYPE: Full-Time, Permanent WORKING HOURS: 35 hours per week, Monday to Friday JOB OVERVIEW We have a fantastic new job opportunity for a Junior Cyber Security Consultant / Analyst to join a supportive and forward-thinking technology consultancy based in Central London. As a Junior Cyber Security Consultant / Analyst you will support professional service clients with cyber security audits, Microsoft 365 and Azure security controls, security compliance and cloud-based risk management. You will work across Cyber Essentials, ISO27001 and security awareness programmes while building strong client relationships. The successful Junior Cyber Security Consultant / Analyst will combine technical knowledge with excellent communication skills, delivering high-quality consultancy, security reporting and customer-focused support within a fast-paced managed services environment. DUTIES Your duties as a Junior Cyber Security Consultant / Analyst will include: Conducting Security Audits: Undertaking audits of client systems to assess cyber security compliance and identify areas for improvement Producing Client Reports: Creating detailed security reports with practical recommendations and remediation guidance Supporting Security Compliance: Assisting clients with Cyber Essentials, Cyber Essentials Plus, LOCS:23 and ISO27001 accreditation processes Implementing Security Controls: Configuring and maintaining cyber security controls across Microsoft 365 and cloud-based environments Delivering Client Meetings: Engaging with technical and non-technical stakeholders to review security posture and recommend improvements Managing Awareness Programmes: Supporting phishing simulations and security awareness training campaigns for client organisations Completing Vendor Assessments: Conducting vendor security reviews and cyber insurance audits relating to client systems Collaborating with Teams: Working closely with internal technical teams to deliver high-quality consultancy and support services CANDIDATE REQUIREMENTS Have a Cyber Security, IT or Computer Science related degree (or relevant experience) Have previous experience in a technology or consultancy role (desirable) Have strong interpersonal and communication skills and be able to communicate technical information to non-technical stakeholders Be passionate about delivering excellent customer service through professional communication Have a strong knowledge of cybersecurity frameworks and fundamental concepts Foundational technical knowledge in networking and cloud services Experience with Microsoft 365, Azure, and scripting with PowerShell is beneficial Be a self-starter and a proud tech geek who loves to dig deep until the problem is solved Communicate clearly without the tech jargon, ensuring clients understand every step along the way Be driven by growth - actively seeking learning opportunities, certifications and new cloud technologies Deliver top-notch client service in a fast-paced environment, balancing urgency with precision and quality Be a team player and collaborate closely within an inclusive and supportive team culture Have a strong work ethic BENEFITS Learning and development opportunities including Microsoft certifications and training programmes Career progression opportunities 21 days holiday increasing with length of service plus public holidays Birthday day off Private healthcare after probation Discounted gym membership Pension scheme from day one Cycle to work scheme Eyecare vouchers Regular social events Electric car scheme after qualifying service Recruitment referral scheme To be considered for this role, please ensure you complete your application on the company's careers portal. Incomplete applications will not be reviewed . APPLY TODAY By submitting your job application to us you are hereby giving us your express consent to submit your details to our Client for this purpose. JOB REF: AWDO-P14730 Full-Time, Permanent IT Jobs, Careers and Vacancies. Find a new job and work in City of London / Hybrid. Multi-Job Board Advertising and CV Sourcing Recruitment Services provided by AWD online. AWD online specialise in sourcing candidates and advertising vacancies on multiple job boards for companies on a non-commission basis. AWD online operates as an employment agency. AWD-IN-SPJ

Rail Cyber Security Lead Application Deadline: 22 May 2026 Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR London Reporting To: Gary Cannon Description We are seeking a highly skilled Cyber Security Rail Lead to join our Global Transport practice. This role is pivotal in strengthening and expanding our cyber security capability within the global rail ecosystem, while also supporting cross-domain engagements in maritime, automotive, and aviation as needed. The ideal candidate will bring deep knowledge of operational technology (OT), rail systems, relevant international cyber security standards (including IEC 62443, TS 50701, IEC 63452), penetration testing methodologies, and the broader transport ecosystem. In addition to technical leadership, the individual will play a key role in supporting business development, building client trust, and elevating NCC Group's profile within the rail sector. This is a client facing role requiring strong collaboration, communication and leadership skills. Key Responsibilities 1. Technical Leadership (Rail Cyber Security) Serve as the subject matter expert (SME) for rail cyber security across global engagements. Lead, design, and deliver complex cyber security assessments across both operational technology (OT) and information technology (IT) environments. Apply deep knowledge of rail specific standards and frameworks, including: IEC 62443 (Industrial Cyber Security) TS 50701 (Railway Cyber Security) IEC 63452 (Railway Rolling Stock Cyber Security) Conduct or oversee penetration testing activities, vulnerability assessments, architecture reviews, risk assessment and threat modelling for rail clients. Provide expert interpretation of cyber security requirements for railway operators, manufacturers, and integrators. Ensure security recommendations are aligned with safety, operational continuity, and regulatory requirements across the rail ecosystem. 2. Rail Domain Expertise Provide expert understanding of the rail ecosystem, including: Signalling systems Rolling stock Control centres Wayside and trackside equipment Rail operational processes and safety requirements Translate complex rail operations knowledge into training and mentorship for internal teams. Act as the internal thought leader on emerging rail threats, vulnerabilities, and industry trends. 3. Business Development & Practice Growth Support the creation and growth of new rail opportunities globally. Build NCC Group's market presence in the rail sector through: Thought leadership (whitepapers, webinars, industry events) Client engagements and pre sales support Partnerships with key rail OEMs, operators, and regulators Collaborate with engagement managers and leadership to define rail focused service offerings. Contribute to bids, proposals, and technical scoping activities for prospective customers. 4. Cross Domain Support (Multi Modal Transport) Potentially support projects across maritime, automotive, and aviation domains as required, with team backing. Maintain awareness of common OT and safety critical technologies across transport sectors. Promote knowledge sharing across the wider Transport Cyber Security practice. 5. Teamwork, Collaboration & Mentorship Provide mentoring, guidance, and technical leadership to consultants at various levels. Work closely with colleagues across global teams to deliver integrated and high quality engagements. Promote a collaborative, supportive, and inclusive team culture. 6. Client Engagement & Delivery Excellence Act as a trusted advisor to clients, providing clear, actionable cyber security recommendations. Communicate complex concepts in a clear, professional, and client friendly manner. Ensure high quality deliverables and maintain strong client satisfaction throughout engagements. Skills, Knowledge and Expertise Technical Experience Proven experience in rail cyber security, ideally within operators, OEMs, integrators, or a cyber consultancy. Strong experience working with and applying: IEC 62443 (critical infrastructure cyber security) TS 50701 (railway cyber security framework) IEC 63452 (rolling stock cyber security) Strong understanding of OT systems and technologies, including SCADA, industrial control systems (ICS), and safety critical environments. Practical experience in penetration testing or security assessment methodologies (not necessarily a full time tester, but capable). Experience with secure architecture review, threat modelling, and risk assessment in industrial or transport environments. Domain Knowledge In depth understanding of the rail operational ecosystem, including signalling, rolling stock, safety systems, and regulatory standards. Direct experience working within or for rail operators, system suppliers, or rail integrated cyber projects. Soft Skills & Professional Attributes Excellent communication skills in both technical and non technical contexts. Strong client facing experience and relationship management skills. Ability to lead engagements and influence stakeholders at all levels. Willingness to work collaboratively across geographies and disciplines. Ability to teach and mentor others on rail systems and cyber security. Desirable (Not Mandatory) Recognised cyber certifications (e.g., CISSP, GICSP, ISA/IEC 62443 CyberSecurity Expert). Experience contributing to industry standards or regulatory consultations. Background in safety engineering or systems engineering in transport. Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave differs for SOC shift workers, please speak to your TA partner for more information). Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

Role: Technical Pre-Sales Consultant Location: Office based in the East Midlands Working Arrangement: REMOTE AND ON CLIENT SITES ACOUND THE M4 CORRIDOR. WITH TEAM VISITS TO EAST MIDLANDS OCCASSIONALLY Salary: Up to £110k (wiggle room for the right candidate We are seeking an experienced Technical Pre-Sales Consultant to bridge the gap between customer requirements, cyber security challenges, and technical solution delivery. This role combines cyber security consultancy, solution architecture, technical leadership, and business development, supporting customers throughout the early stages of complex technology programmes. Working closely with senior customer stakeholders, architects, engineering teams, and business leaders, you will act as a trusted technical advisor, helping organisations define requirements, shape secure architectures, and develop solutions that address operational and business objectives. The position requires a strong blend of technical credibility, customer engagement skills, and commercial awareness. You will lead technical pre-sales engagements across cyber security, networking, cloud, and information assurance domains, engaging confidently with senior responsible owners, programme directors, chief architects, and technical decision-makers. Capture, analyse, and translate customer business and technical requirements into solution architectures, technical proposals, statements of work, and bid responses. Provide technical leadership throughout the sales lifecycle, ensuring proposed solutions are technically robust, commercially viable, and aligned with customer objectives. Develop high-level and detailed solution architectures encompassing secure systems integration, interoperability, cross-domain information sharing, cloud infrastructure, network design, and security controls. Work closely with engineering and product teams to ensure customer requirements are clearly understood and reflected in solution delivery. Provide technical oversight and assurance for bids, proposals, and customer-facing documentation, ensuring accuracy, consistency, and alignment with industry standards and best practices. Support security accreditation and assurance activities, collaborating with security authorities, accrediting bodies, and customer security teams to address technical risks and define compliant architectures. Maintain a detailed understanding of cyber security technologies, market trends, emerging threats, and competitor capabilities, using this knowledge to identify opportunities, influence product direction, and support strategic growth initiatives. Represent the organisation at customer meetings, industry events, workshops, demonstrations, and technical presentations, acting as a recognised subject matter expert across security architecture, secure information exchange, and systems integration. The successful candidate will demonstrate experience in technical pre-sales, solution architecture, cyber security consulting, or systems engineering within complex enterprise, defence, government, or critical national infrastructure environments. You should have a proven ability to engage with both business and technical stakeholders, produce high-quality technical documentation, and communicate complex concepts at multiple levels of technical detail. Strong knowledge of cyber security principles, information assurance frameworks, secure systems design, networking technologies, and cloud infrastructure is essential. Experience designing and integrating secure solutions across heterogeneous environments is highly desirable. The role requires excellent communication and presentation skills, strong stakeholder management capabilities, and the ability to lead technical discussions from initial discovery through to solution definition and customer approval. Desirable Knowledge Experience with security accreditation processes, risk management frameworks, secure-by-design methodologies, and government or defence security environments. Understanding of enterprise networking technologies, including segmentation, VLAN design, routing, fibre-optic infrastructure, and secure communications. Familiarity with Agile delivery methodologies and the challenges associated with integrating complex technology solutions across multi-vendor environments. We welcome diverse applicants and are dedicated to treating all applicants with dignity and respect, regardless of background.

Cyber Security Risk & Compliance Framework Consultant (Contract) Duration: 12 months IR35: In scope Rate: 600 per day Location: 60% on site per month in either Bristol or London We're looking for an experienced Cyber Security Risk & GRC Consultant to help transform how a large, complex organisation measures, manages, and communicates cyber risk. This is a high-impact, business-critical role focused on building a clear, practical, and transparent approach to security risk - with a strong emphasis on compliance frameworks, measurable controls, and decision-ready reporting for governance boards. Define and implement meaningful cyber security risk metrics aligned to compliance frameworks (e.g. national and international standards) Establish a robust, repeatable method to measure performance against these frameworks - turning compliance into something measurable, not theoretical Create clear, transparent data that shows: Current risk exposure Performance against controls Trends and direction of travel over time Design concise, plain-English reporting for senior stakeholders and governance boards No jargon - just clear insight, impact, and action Map compliance frameworks to real business risks, bridging the gap between: Technical controls Governance requirements Operational reality Build practical reporting artefacts, dashboards, and templates to improve visibility and consistency Work closely with stakeholders to ensure outputs are: Credible Usable Aligned to executive decision-making needs Sought: Drive a step-change in how cyber risk is measured, understood, and communicated - using compliance frameworks as the backbone, and clear data as the enabler. Strong experience in Cyber Security GRC (Governance, Risk & Compliance) Proven ability to work with and measure performance against compliance frameworks Deep understanding of: Security risk metrics & KPIs Risk appetite & governance reporting Ability to translate technical security data into plain English insights for senior audiences Strong analytical and data skills - able to turn complex datasets into clear narratives Solid technical awareness of cyber security principles, controls, and risks (without needing to be hands-on engineering) Confident engaging with senior stakeholders and governance boards Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

On behalf of the MOD, we are looking for a Security Assurance Coordinator (Inside IR35) for a 9 Month contract based Hybrid in either Abbeywood or Corsham. The Ministry of Defence (MOD) is a central government department with a mission to protect our country and provide the ultimate guarantee of its security and independence, as well as helping to protect its values and interests abroad. The MOD is one of the biggest public procurement organisations in Europe and the single largest customer for UK industry. It currently manages approximately £20 billion of spend on capital investments in equipment and infrastructure every year. Over the next decade the MOD is committed to spending over £190 billion on equipment and support. The MOD's customers include both the armed forces and national security agencies, and it has a diverse range of requirements, including military fighting vehicles, education services, nuclear submarines and facilities management. The MOD's aim is to provide its armed forces with the best capabilities to enable them to protect the UK's security and advance national interests, both now and in the long term. To do this the MOD has an annual budget of almost £53 billion and a workforce comprising 197,000 people. of which 54,000 are civilians working for the UK MOD. The work really matters; the MOD offers a range of engaging roles which have a direct impact on the quality of services they provide, in many locations across the UK. We support teams working in HR, Primary Health Care, Corporate Services, and many others. SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks. Please note, due to the exceptional requirements of this position (short-term nature of this role and speed at which we require a postholder in situ) preference may be given to candidates who meet all of the essential criteria and hold active security clearance. As a Security Assurance Coordinator, your main responsibilities will be: . Coordinate security assurance activities across Foundry products and services in line with MOD and Defence Digital security policies. . Support agile delivery teams to understand and implement security requirements throughout the product life cycle. . Act as the primary point of contact for security assurance planning, tracking security actions, risks, and dependencies. . Assist in the production, maintenance, and quality assurance of Risk Management and Accreditation Document Sets (RMADS). . Ensure supporting security evidence is identified, captured, and maintained. . Manage version control, assurance milestones, and approvals for security documentation. . Liaise with accreditation, cyber security, and risk stakeholders to support timely assurance decisions. Essential: . Experience supporting cyber security or information assurance activities in a digital or IT delivery environment. . Understanding of risk-based security assurance principles within MOD, HMG, or similar regulated environments. . Experience contributing to or coordinating RMADS or equivalent security documentation. . Strong stakeholder engagement and communication skills across technical and non-technical audiences. . Ability to manage multiple assurance activities concurrently in a fast-paced delivery context. Desirable: . Experience working within Defence Digital, MOD, or wider UK Government. . Familiarity with agile, product-centric, or user-centred delivery models. . Experience working with NCSC-accredited CLAS consultants or external assurance providers. . Knowledge of cloud hosting platforms and modern digital architectures. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the MOD guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. Armed Forces Covenant The MOD guarantees to interview veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.

Cyber Security Delivery Manager £80-90k Portsmouth (Hybrid) SC Clearance Eligibility essential Are you a senior cyber security professional who can lead from the front - advising at board level one day and getting hands-on with a security architecture review the next? We're recruiting on behalf of a well-regarded cyber security consultancy based in Hampshire. They work with a range of clients on complex, meaningful security challenges - and they're looking for an experienced Cyber Manager to join the senior team. This isn't a purely strategic role. You'll lead engagements, grow client relationships, and help shape the direction of the business - but you'll also roll your sleeves up when the work demands it. Salary: £ Package: Gym, private medical insurance, company pension, work from home flex Working Structure: Hybrid remote in Portsmouth (2 days onsite) Security Clearance: Active or Eligible for SC clearance. The Role: As Cyber Security Delivery Manager, you'll take ownership of client engagements from start to finish, covering risk assessments, security architecture reviews, policy development, incident response planning, and governance work. You'll be the senior point of contact on engagements, ensuring quality and consistency across everything that goes out the door. What You'll Be Doing: Leading end-to-end cyber security engagements across advisory and hands-on delivery Managing multiple projects simultaneously, ensuring delivery quality and client satisfaction Building and maintaining strong relationships with clients, including at CISO and board level Leading proposals and bids, contributing to go-to-market strategy and service development Supporting and developing junior and mid-level consultants through active mentoring Putting sensible operational processes in place and keeping day-to-day delivery on track Contributing to hiring decisions as the team grows What You'll Need: Significant experience delivering cyber security projects in a consultancy or professional services environment Strong technical knowledge across core cyber domains - risk management, security architecture, governance, assurance, or incident response CISSP, CISM, or equivalent professional certification A proven track record of leading teams and managing senior client relationships The ability to communicate complex security topics clearly to both technical and non-technical stakeholders Eligibility to obtain or active SC (Security Clearance) Self-motivated, decisive, and comfortable operating with a high degree of autonomy Desired but not essential: Experience across multiple disciplines such as GRC, penetration testing, SOC, cloud security, or OT security Familiarity with frameworks including NIST, ISO 27001, CAF, or Cyber Essentials Experience working with government, defence, or critical national infrastructure clients Additional certifications such as CREST, OSCP, or NCSC Certified Professional If this sounds like the right next step, apply now or get in touch for a confidential conversation. Candidates must be eligible to work in the UK and able to obtain Security Clearance. Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.