Ready to take the next step in your career? Join one of the world's leading IT services, consulting, and business solutions organization. Backed by decades of experience, the company consistently ranks among the top global IT service providers. With an international presence across multiple countries, the company has built a reputation for delivering high-quality technology services across industries including banking, healthcare, telecommunications, and retail. The consulting firm is looking for a Microsoft Entra ID Application Proxy Specialist on a 6-month full-time contract in London, supporting a large-scale enterprise security transformation programme within the travel and tourism sector. The role focuses on enabling secure remote access to business-critical applications through modern, identity-driven access solutions. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities Implement and configure Microsoft Entra ID Application Proxy for secure remote access, onboarding web-based enterprise applications in line with defined architecture Configure and validate authentication integrations including SSO, pre authentication, Kerberos Constrained Delegation, MFA, and Conditional Access policies Align application access configuration with existing Active Directory group and OU structures, and validate group based access controls Perform end to end testing including SSO validation, group based access validation, and application connectivity testing, troubleshooting issues as they arise Support user rollout activities, ensure full documentation of configurations and onboarding steps, and deliver knowledge transfer to BAU operations Required Skills/Qualifications Strong hands on experience with Microsoft Entra ID Application Proxy, including enterprise application onboarding and integration Deep knowledge of authentication protocols, SAML, OAuth, OpenID Connect, Kerberos, and NTLM - with practical SSO and MFA implementation experience Experience implementing Conditional Access policies and identity driven access control models in hybrid identity environments Knowledge of Active Directory Domain Services, group based access control, and application connectivity requirements including DNS, ports, and protocols Proven experience working on enterprise application onboarding or transformation programmes, with strong documentation and cross team collaboration skills Contract Details Contract Type: Initial 6 month contract (Inside IR35) Location: 5x a week in London (Soho) Salary £525 per day Inside IR35
09/06/2026
Full time
Ready to take the next step in your career? Join one of the world's leading IT services, consulting, and business solutions organization. Backed by decades of experience, the company consistently ranks among the top global IT service providers. With an international presence across multiple countries, the company has built a reputation for delivering high-quality technology services across industries including banking, healthcare, telecommunications, and retail. The consulting firm is looking for a Microsoft Entra ID Application Proxy Specialist on a 6-month full-time contract in London, supporting a large-scale enterprise security transformation programme within the travel and tourism sector. The role focuses on enabling secure remote access to business-critical applications through modern, identity-driven access solutions. If you would like to learn more about this opportunity, feel free to reach out and apply today! Responsibilities Implement and configure Microsoft Entra ID Application Proxy for secure remote access, onboarding web-based enterprise applications in line with defined architecture Configure and validate authentication integrations including SSO, pre authentication, Kerberos Constrained Delegation, MFA, and Conditional Access policies Align application access configuration with existing Active Directory group and OU structures, and validate group based access controls Perform end to end testing including SSO validation, group based access validation, and application connectivity testing, troubleshooting issues as they arise Support user rollout activities, ensure full documentation of configurations and onboarding steps, and deliver knowledge transfer to BAU operations Required Skills/Qualifications Strong hands on experience with Microsoft Entra ID Application Proxy, including enterprise application onboarding and integration Deep knowledge of authentication protocols, SAML, OAuth, OpenID Connect, Kerberos, and NTLM - with practical SSO and MFA implementation experience Experience implementing Conditional Access policies and identity driven access control models in hybrid identity environments Knowledge of Active Directory Domain Services, group based access control, and application connectivity requirements including DNS, ports, and protocols Proven experience working on enterprise application onboarding or transformation programmes, with strong documentation and cross team collaboration skills Contract Details Contract Type: Initial 6 month contract (Inside IR35) Location: 5x a week in London (Soho) Salary £525 per day Inside IR35
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
09/06/2026
Full time
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
Cyber Advisory Services Manager Location: London or Peterborough with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place). Working Pattern: 37.5 hours per week, Monday - Friday. Salary: £84,000 - £100,000 Benefits: Car allowance, Bupa, Matched pension contributions. Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on. Role Summary Reporting to the Deputy Group CISO, the Cyber Advisory Services Manager leads the GCS consulting and advisory capability - the function that turns Group cyber standards and expertise into practical, tailored support for all the divisions. This is a role for a confident, credible cyber security generalist with strong consulting instincts: someone who is equally comfortable advising a divisional CIO on strategic security posture, reviewing a firewall ruleset for technical debt, or scoping the cyber workstream of a merger integration programme. The role provides a broad portfolio of advisory services to the Group and its divisions, including technical standards advice and interpretation; security configuration, rule base assessment and policy change support; input to non functional security requirements for Group and divisional programmes; cyber security input to mergers, acquisitions, and divestiture activity; and the deployment of specialist consulting resource into divisions that need temporary uplift in cyber capability. The Cyber Advisory Services Manager acts as an important feedback loop into GCS: gathering intelligence from divisional engagements that informs the evolution of Group standards, identifies emerging needs, and ensures that GCS remains relevant and responsive to the businesses it serves. The role works in close partnership with the Cyber Architecture Manager, the Head of Cyber Assurance, and the Security Platform Engineering Manager to ensure that advisory activity is consistent with and supportive of the broader GCS strategy. Technical Standards Advisory & Interpretation Provide authoritative advice to divisions, business units, and Group functions on the interpretation and practical application of the Group cyber technical standards and security policies; acting as the primary advisory interface between GCS and the divisions on matters of standards compliance, technology and implementation. Help divisions translate Group cyber standards into their specific operational context - providing pragmatic, risk proportionate guidance on what good looks like in their environment, and a credible path from current state to compliant state. Feed intelligence from divisional advisory engagements back into the standards development process; identify where standards are unclear, impractical, or creating unintended barriers, and work with the Cyber Architecture Manager and Head of Cyber Assurance to drive improvements. Rule Base Assessment & Security Policy Change Lead and deliver security configuration and rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and provide clear, prioritised remediation recommendations. Provide technical review and advisory support for security policy change requests from divisions, assessing proposed changes against Group standards and architectural principles, and providing a clear recommendation with appropriate justification. Develop and maintain a structured approach to rule base and policy review across the Group, including tooling, methodology, scheduling, and output standards, ensuring consistent and repeatable assessment quality across different divisional environments. Non Functional Security Requirements Provide security input to non functional requirements (NFRs) for Group and divisional programmes and projects; define the security properties that technology solutions must meet - covering areas such as authentication, authorisation, encryption, logging, resilience, and data classification - in a form that is actionable by project and engineering teams. Maintain and evolve a Group standard NFR library derived from the Group cyber technical standards, enabling consistent security requirements to be applied across the programme portfolio without reinventing them for each project; work with the Cyber Architecture Manager to ensure NFRs remain aligned to the enterprise architecture. Engage with divisional and Group programme teams at the point where security NFRs are being defined, ensuring security is embedded by design rather than added retrospectively; provide advisory support through the project lifecycle where security design decisions need to be revisited or refined. Mergers, Acquisitions & Strategic Project Support Lead the GCS advisory contribution to mergers, acquisitions, and divestiture activity; scope and deliver the cyber workstream in M&A programmes, covering pre deal due diligence support, integration planning, and the transition of acquired entities onto the Group cyber standard. Provide cyber advisory resource and expertise to other significant Group and divisional strategic programmes - including major technology transformations, ERP deployments, cloud migrations, and site openings or closures - ensuring security considerations are addressed at the right point in the programme lifecycle. Maintain a forward view of the M&A and strategic programme pipeline in collaboration with Group corporate development and divisional leadership, enabling advisory resource to be planned and mobilised proactively rather than reactively. Divisional Resource Augmentation & Flexible Resourcing Pool Manage the GCS flexible resourcing pool as an advisory and consulting resource, deploying cyber consultants and specialist advisors into divisions that require temporary uplift in security capability - whether to support a programme, fill a capability gap, or accelerate compliance with Group standards. Work with divisional BISOs, CIOs, and IT security leads to understand their advisory and resource needs; define the scope and objectives of each deployment clearly, brief and onboard resources appropriately, and ensure that the output of each engagement meets the division's needs and GCS quality standards. Manage the demand pipeline for advisory and flexible resource deployments; prioritise requests in line with Group risk priorities, balance supply against demand, and ensure that resourcing decisions are transparent and agreed with the Deputy CISO and relevant divisional stakeholders. Ensure that flexible resources deployed into divisions are competent, well briefed on standards and culture, and set up to add genuine value from day one; maintain quality standards across the pool and build a pipeline of trusted specialists who understand the environment. Divisional Engagement & GCS Intelligence Loop Build and sustain trusted relationships with divisional BISOs, security leads, CIOs, and IT directors across all 11 divisions; position the Cyber Advisory Services function as a valued, accessible, and practical source of cyber expertise - not a bureaucratic overhead. Use divisional advisory engagements as an active intelligence gathering mechanism; identify common themes, recurring challenges, emerging risks, and capability gaps across the estate, and bring these insights back to the GCS Leadership Team to inform strategy, standards development, and investment priorities. Champion the GCS advisory model as a two way relationship; ensure divisions feel heard and that their feedback genuinely influences how GCS operates, while maintaining the Group standards and non negotiables that the advisory function exists to support. Team Leadership, Quality & Continuous Improvement Lead and develop the permanent Cyber Advisory Services team; set clear standards of advisory quality, professional conduct, and output, and foster a culture where consultants take personal pride in the value they add to the divisions they support. Develop and maintain a service catalogue for the Cyber Advisory Services function that clearly articulates what the function offers, how to engage it, what divisions can expect, and how outcomes will be measured; make the function easy to access and straightforward to work with. Work in close partnership with the Cyber Architecture Manager, Head of Cyber Assurance, and Security Platform Engineering Manager to ensure advisory activity is consistent with the GCS strategy, avoids duplication of effort, and is integrated into the broader GCS operating model. Experience, Knowledge, Skills & Attributes - Essential Experience 10+ years in cyber security, with a significant portion in advisory, consulting, or technical leadership roles requiring breadth across multiple security domains click apply for full job details
09/06/2026
Full time
Cyber Advisory Services Manager Location: London or Peterborough with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place). Working Pattern: 37.5 hours per week, Monday - Friday. Salary: £84,000 - £100,000 Benefits: Car allowance, Bupa, Matched pension contributions. Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on. Role Summary Reporting to the Deputy Group CISO, the Cyber Advisory Services Manager leads the GCS consulting and advisory capability - the function that turns Group cyber standards and expertise into practical, tailored support for all the divisions. This is a role for a confident, credible cyber security generalist with strong consulting instincts: someone who is equally comfortable advising a divisional CIO on strategic security posture, reviewing a firewall ruleset for technical debt, or scoping the cyber workstream of a merger integration programme. The role provides a broad portfolio of advisory services to the Group and its divisions, including technical standards advice and interpretation; security configuration, rule base assessment and policy change support; input to non functional security requirements for Group and divisional programmes; cyber security input to mergers, acquisitions, and divestiture activity; and the deployment of specialist consulting resource into divisions that need temporary uplift in cyber capability. The Cyber Advisory Services Manager acts as an important feedback loop into GCS: gathering intelligence from divisional engagements that informs the evolution of Group standards, identifies emerging needs, and ensures that GCS remains relevant and responsive to the businesses it serves. The role works in close partnership with the Cyber Architecture Manager, the Head of Cyber Assurance, and the Security Platform Engineering Manager to ensure that advisory activity is consistent with and supportive of the broader GCS strategy. Technical Standards Advisory & Interpretation Provide authoritative advice to divisions, business units, and Group functions on the interpretation and practical application of the Group cyber technical standards and security policies; acting as the primary advisory interface between GCS and the divisions on matters of standards compliance, technology and implementation. Help divisions translate Group cyber standards into their specific operational context - providing pragmatic, risk proportionate guidance on what good looks like in their environment, and a credible path from current state to compliant state. Feed intelligence from divisional advisory engagements back into the standards development process; identify where standards are unclear, impractical, or creating unintended barriers, and work with the Cyber Architecture Manager and Head of Cyber Assurance to drive improvements. Rule Base Assessment & Security Policy Change Lead and deliver security configuration and rule base reviews and security policy assessments for Group and divisional environments; identify technical debt, overly permissive rules, obsolete entries, and configuration drift, and provide clear, prioritised remediation recommendations. Provide technical review and advisory support for security policy change requests from divisions, assessing proposed changes against Group standards and architectural principles, and providing a clear recommendation with appropriate justification. Develop and maintain a structured approach to rule base and policy review across the Group, including tooling, methodology, scheduling, and output standards, ensuring consistent and repeatable assessment quality across different divisional environments. Non Functional Security Requirements Provide security input to non functional requirements (NFRs) for Group and divisional programmes and projects; define the security properties that technology solutions must meet - covering areas such as authentication, authorisation, encryption, logging, resilience, and data classification - in a form that is actionable by project and engineering teams. Maintain and evolve a Group standard NFR library derived from the Group cyber technical standards, enabling consistent security requirements to be applied across the programme portfolio without reinventing them for each project; work with the Cyber Architecture Manager to ensure NFRs remain aligned to the enterprise architecture. Engage with divisional and Group programme teams at the point where security NFRs are being defined, ensuring security is embedded by design rather than added retrospectively; provide advisory support through the project lifecycle where security design decisions need to be revisited or refined. Mergers, Acquisitions & Strategic Project Support Lead the GCS advisory contribution to mergers, acquisitions, and divestiture activity; scope and deliver the cyber workstream in M&A programmes, covering pre deal due diligence support, integration planning, and the transition of acquired entities onto the Group cyber standard. Provide cyber advisory resource and expertise to other significant Group and divisional strategic programmes - including major technology transformations, ERP deployments, cloud migrations, and site openings or closures - ensuring security considerations are addressed at the right point in the programme lifecycle. Maintain a forward view of the M&A and strategic programme pipeline in collaboration with Group corporate development and divisional leadership, enabling advisory resource to be planned and mobilised proactively rather than reactively. Divisional Resource Augmentation & Flexible Resourcing Pool Manage the GCS flexible resourcing pool as an advisory and consulting resource, deploying cyber consultants and specialist advisors into divisions that require temporary uplift in security capability - whether to support a programme, fill a capability gap, or accelerate compliance with Group standards. Work with divisional BISOs, CIOs, and IT security leads to understand their advisory and resource needs; define the scope and objectives of each deployment clearly, brief and onboard resources appropriately, and ensure that the output of each engagement meets the division's needs and GCS quality standards. Manage the demand pipeline for advisory and flexible resource deployments; prioritise requests in line with Group risk priorities, balance supply against demand, and ensure that resourcing decisions are transparent and agreed with the Deputy CISO and relevant divisional stakeholders. Ensure that flexible resources deployed into divisions are competent, well briefed on standards and culture, and set up to add genuine value from day one; maintain quality standards across the pool and build a pipeline of trusted specialists who understand the environment. Divisional Engagement & GCS Intelligence Loop Build and sustain trusted relationships with divisional BISOs, security leads, CIOs, and IT directors across all 11 divisions; position the Cyber Advisory Services function as a valued, accessible, and practical source of cyber expertise - not a bureaucratic overhead. Use divisional advisory engagements as an active intelligence gathering mechanism; identify common themes, recurring challenges, emerging risks, and capability gaps across the estate, and bring these insights back to the GCS Leadership Team to inform strategy, standards development, and investment priorities. Champion the GCS advisory model as a two way relationship; ensure divisions feel heard and that their feedback genuinely influences how GCS operates, while maintaining the Group standards and non negotiables that the advisory function exists to support. Team Leadership, Quality & Continuous Improvement Lead and develop the permanent Cyber Advisory Services team; set clear standards of advisory quality, professional conduct, and output, and foster a culture where consultants take personal pride in the value they add to the divisions they support. Develop and maintain a service catalogue for the Cyber Advisory Services function that clearly articulates what the function offers, how to engage it, what divisions can expect, and how outcomes will be measured; make the function easy to access and straightforward to work with. Work in close partnership with the Cyber Architecture Manager, Head of Cyber Assurance, and Security Platform Engineering Manager to ensure advisory activity is consistent with the GCS strategy, avoids duplication of effort, and is integrated into the broader GCS operating model. Experience, Knowledge, Skills & Attributes - Essential Experience 10+ years in cyber security, with a significant portion in advisory, consulting, or technical leadership roles requiring breadth across multiple security domains click apply for full job details
Overview IT Manager - Enterprise Infrastructure & Cloud (Contract) Location: Remote-first (UK) with occasional travel to London Contract: Initial 6 months (likely to extend) Start: ASAP We're supporting a major global technology and network services organisation as they continue to strengthen their enterprise infrastructure capability following a large-scale transformation programme. As part of this effort, they are looking to appoint an experienced IT Manager - Enterprise Infrastructure & Cloud to lead a distributed engineering team while remaining hands-on across core infrastructure platforms. This role is ideal for a technically strong infrastructure leader who thrives in complex enterprise environments and has experience stabilising and modernising infrastructure platforms following significant operational or security challenges. Responsibilities Infrastructure Leadership Lead and mentor a distributed team of infrastructure engineers Manage workload prioritisation, service delivery, and technical standards Foster a collaborative, security-focused engineering culture Enterprise Infrastructure Management Oversee day-to-day operation of Windows Server environments Manage VDI and Citrix platforms supporting enterprise users Support Microsoft 365 services including Exchange Online, Teams, and SharePoint Ensure robust governance and operational standards across cloud environments Technical Escalation & Engineering Act as a senior technical SME for complex infrastructure issues Lead root cause analysis and service improvement initiatives Support infrastructure design and architecture decisions Cloud & Automation Contribute to the design and governance of Azure and multi-cloud platforms Drive automation initiatives using scripting and infrastructure-as-code Standardise infrastructure provisioning and operational processes Infrastructure Recovery & Resilience Support infrastructure hardening and operational resilience initiatives Contribute to stabilisation and rebuilding of infrastructure services where required Ensure enterprise platforms are secure, resilient, and operationally efficient Technical Environment Key technologies in the environment include: Windows Server (2016/2019/2022) Active Directory, Group Policy, DNS, DHCP Citrix Virtual Apps & Desktops / VDI platforms Microsoft 365 (Exchange Online, Teams, SharePoint) Azure and enterprise cloud platforms Infrastructure automation (PowerShell, Terraform) VMware environments (working knowledge) Experience across identity platforms, conditional access, and modern security practices is highly beneficial. What We're Looking For Proven experience leading enterprise infrastructure teams Strong hands-on experience with Windows Server and Active Directory Experience supporting or managing Citrix / VDI environments Deep familiarity with Microsoft 365 services and identity platforms Experience operating within large enterprise cloud environments Strong troubleshooting and root cause analysis capability Experience contributing to infrastructure recovery, remediation, or stabilisation initiatives Ability to operate as both a technical leader and hands-on engineer Contract Details Initial 6-month contract Strong likelihood of extension Remote-first working with occasional travel to London for key meetings Opportunity to work within a large-scale enterprise infrastructure environment undergoing significant modernisation If you are an experienced infrastructure leader who enjoys solving complex technical challenges and driving enterprise platform stability, we'd be keen to hear from you.
09/06/2026
Full time
Overview IT Manager - Enterprise Infrastructure & Cloud (Contract) Location: Remote-first (UK) with occasional travel to London Contract: Initial 6 months (likely to extend) Start: ASAP We're supporting a major global technology and network services organisation as they continue to strengthen their enterprise infrastructure capability following a large-scale transformation programme. As part of this effort, they are looking to appoint an experienced IT Manager - Enterprise Infrastructure & Cloud to lead a distributed engineering team while remaining hands-on across core infrastructure platforms. This role is ideal for a technically strong infrastructure leader who thrives in complex enterprise environments and has experience stabilising and modernising infrastructure platforms following significant operational or security challenges. Responsibilities Infrastructure Leadership Lead and mentor a distributed team of infrastructure engineers Manage workload prioritisation, service delivery, and technical standards Foster a collaborative, security-focused engineering culture Enterprise Infrastructure Management Oversee day-to-day operation of Windows Server environments Manage VDI and Citrix platforms supporting enterprise users Support Microsoft 365 services including Exchange Online, Teams, and SharePoint Ensure robust governance and operational standards across cloud environments Technical Escalation & Engineering Act as a senior technical SME for complex infrastructure issues Lead root cause analysis and service improvement initiatives Support infrastructure design and architecture decisions Cloud & Automation Contribute to the design and governance of Azure and multi-cloud platforms Drive automation initiatives using scripting and infrastructure-as-code Standardise infrastructure provisioning and operational processes Infrastructure Recovery & Resilience Support infrastructure hardening and operational resilience initiatives Contribute to stabilisation and rebuilding of infrastructure services where required Ensure enterprise platforms are secure, resilient, and operationally efficient Technical Environment Key technologies in the environment include: Windows Server (2016/2019/2022) Active Directory, Group Policy, DNS, DHCP Citrix Virtual Apps & Desktops / VDI platforms Microsoft 365 (Exchange Online, Teams, SharePoint) Azure and enterprise cloud platforms Infrastructure automation (PowerShell, Terraform) VMware environments (working knowledge) Experience across identity platforms, conditional access, and modern security practices is highly beneficial. What We're Looking For Proven experience leading enterprise infrastructure teams Strong hands-on experience with Windows Server and Active Directory Experience supporting or managing Citrix / VDI environments Deep familiarity with Microsoft 365 services and identity platforms Experience operating within large enterprise cloud environments Strong troubleshooting and root cause analysis capability Experience contributing to infrastructure recovery, remediation, or stabilisation initiatives Ability to operate as both a technical leader and hands-on engineer Contract Details Initial 6-month contract Strong likelihood of extension Remote-first working with occasional travel to London for key meetings Opportunity to work within a large-scale enterprise infrastructure environment undergoing significant modernisation If you are an experienced infrastructure leader who enjoys solving complex technical challenges and driving enterprise platform stability, we'd be keen to hear from you.
At BUUK Infrastructure, our vision is to be the leading utility partner to accelerate the UK towards net zero for all our customers. Our group of companies has been the major drive for change and innovation over 30 years. We provide a supportive environment that is committed to enabling our people to be the best ensuring they feel proud to be themselves and part of BUUK Infrastructure. We are looking for Senior Infrastructure Administrator who would like to help us reach our mission to earn customer loyalty and drive business growth by providing consistently excellent service. Purpose of this role To design, build and maintain ICT infrastructure solutions ensuring security and availability of systems is the highest priority. To assist in ensuring disaster recovery environments are working correctly through regular testing and are suitable. Your key responsibilities are Aid the design, implementation, and management of robust ICT back-end infrastructure in collaboration with the wider ICT Infrastructure team. This includes servers, cloud platforms, network architecture, WAN, and related systems and facilities across BUUK Group businesses. Contribute towards the creation and maintenance of a highly secure and adaptable infrastructure linking all BUUK Group entities, optimising connectivity between head offices, regional offices, and depots. Work with team to develop comprehensive schedules and replacement plans for future infrastructure requirements, ensuring proactive maintenance and system upgrades. Monitor and assess server and infrastructure life cycles, ensuring timely maintenance and upgrades to uphold system efficiency. Work with team to design, implement, and perform regular testing of Disaster Recovery plans in collaboration with Information Security and Business Continuity teams, ensuring uninterrupted business operations during crisis situations. Ensure the establishment of robust system backup and replication procedures for all systems, aligning with defined policies and procedures. Collaborate with Information Security, Business Continuity, and broader IT teams to incorporate business application needs into the Disaster Recovery plan. BUUK operate a security-first approach in system architecture, ensuring the highest standards of security protocols are embedded. Manage and maintain group-wide firewalls, antivirus systems, SIEM platforms, and Network Access Control systems, in conjunction with Information Security Team. Ensure proactive system monitoring and effective incident resolution, partnering with the Information Security team for comprehensive root cause analysis of any security incidents. Plan and prepare for BUUK Group expansions and changes, ensuring scalable and adaptable infrastructure aligned with established processes. Collaborate with IT Infrastructure Manager to establish clear communication and escalation guidelines for critical issues, minimising business disruptions due to infrastructure challenges. Contribute to the documentation and dissemination of group-wide IT policies, ensuring compliance with recognised governance frameworks. Utilise ITSM systems for meticulous logging and tracking of all work activities and changes. Other duties as assigned by the manager. Qualifications Relevant degree, technical Microsoft Certification or equivalent experience. Experience/Knowledge Expert knowledge of Active Directory, Federation Services, Exchange and the Microsoft Server product family within an enterprise environment. Knowledge of the Microsoft Cloud platform, including Entra ID, Azure and the associated services. In depth knowledge of virtualisation platforms, specifically Microsoft Hyper-V and VMware. Knowledge of network hardware configuration and management, including routers, firewalls, TCP/IP. Experience of Veeam Backup and Replication. Knowledge of multifactor authentication systems. Abilities/Skills Effective visualisation and articulation of problems and solutions. Excellent verbal and written communication skills. Breaking down a complex problem and working to accepted resolution. Excellent ability to deliver to expectation on time. Effective in taking proactive & independent ownership of problems to solution. Work well within a team - contributing ideas and onboarding ideas from others. Actively support colleagues in their work. Work with colleagues in the ICT department to improve and maintain levels of efficiency. Desirable Knowledge of Mimecast platform. Experience of Microsoft DPM. Knowledge of VPN platforms. Experience of managing antivirus systems. What can you expect from us Cost of living annual pay review. Company pension contributions up to 10% if employees contribute 5%. 33 days holiday including bank holidays with the ability to purchase an additional 2 weeks. Enhanced maternity, paternity and adoption pay. To say thank you, each time you successfully refer someone you will receive a referral payment of £1000 (net of tax). Hybrid working for eligible roles. Development opportunities to reach your career aspirations. BUUK has an award-winning culture. We care about your wellbeing and safety as we all deserve the right to go home safe, every day. We are proud to be an equal opportunity employer, we respect each other and advocate for equity, diversity and inclusion in all we do. Research shows that women and people from different underrepresented backgrounds often only apply for a job if they meet 100% of the listed qualifications. If you would like to be a part of our team and you meet many, but not all our requirements for this role, please apply. You can also ask us about flexible working options. Please note we reserve the right to close the role early. Therefore, if you're interested in this role, we encourage you to apply as soon as possible. JBRP1_UKTJ
09/06/2026
Full time
At BUUK Infrastructure, our vision is to be the leading utility partner to accelerate the UK towards net zero for all our customers. Our group of companies has been the major drive for change and innovation over 30 years. We provide a supportive environment that is committed to enabling our people to be the best ensuring they feel proud to be themselves and part of BUUK Infrastructure. We are looking for Senior Infrastructure Administrator who would like to help us reach our mission to earn customer loyalty and drive business growth by providing consistently excellent service. Purpose of this role To design, build and maintain ICT infrastructure solutions ensuring security and availability of systems is the highest priority. To assist in ensuring disaster recovery environments are working correctly through regular testing and are suitable. Your key responsibilities are Aid the design, implementation, and management of robust ICT back-end infrastructure in collaboration with the wider ICT Infrastructure team. This includes servers, cloud platforms, network architecture, WAN, and related systems and facilities across BUUK Group businesses. Contribute towards the creation and maintenance of a highly secure and adaptable infrastructure linking all BUUK Group entities, optimising connectivity between head offices, regional offices, and depots. Work with team to develop comprehensive schedules and replacement plans for future infrastructure requirements, ensuring proactive maintenance and system upgrades. Monitor and assess server and infrastructure life cycles, ensuring timely maintenance and upgrades to uphold system efficiency. Work with team to design, implement, and perform regular testing of Disaster Recovery plans in collaboration with Information Security and Business Continuity teams, ensuring uninterrupted business operations during crisis situations. Ensure the establishment of robust system backup and replication procedures for all systems, aligning with defined policies and procedures. Collaborate with Information Security, Business Continuity, and broader IT teams to incorporate business application needs into the Disaster Recovery plan. BUUK operate a security-first approach in system architecture, ensuring the highest standards of security protocols are embedded. Manage and maintain group-wide firewalls, antivirus systems, SIEM platforms, and Network Access Control systems, in conjunction with Information Security Team. Ensure proactive system monitoring and effective incident resolution, partnering with the Information Security team for comprehensive root cause analysis of any security incidents. Plan and prepare for BUUK Group expansions and changes, ensuring scalable and adaptable infrastructure aligned with established processes. Collaborate with IT Infrastructure Manager to establish clear communication and escalation guidelines for critical issues, minimising business disruptions due to infrastructure challenges. Contribute to the documentation and dissemination of group-wide IT policies, ensuring compliance with recognised governance frameworks. Utilise ITSM systems for meticulous logging and tracking of all work activities and changes. Other duties as assigned by the manager. Qualifications Relevant degree, technical Microsoft Certification or equivalent experience. Experience/Knowledge Expert knowledge of Active Directory, Federation Services, Exchange and the Microsoft Server product family within an enterprise environment. Knowledge of the Microsoft Cloud platform, including Entra ID, Azure and the associated services. In depth knowledge of virtualisation platforms, specifically Microsoft Hyper-V and VMware. Knowledge of network hardware configuration and management, including routers, firewalls, TCP/IP. Experience of Veeam Backup and Replication. Knowledge of multifactor authentication systems. Abilities/Skills Effective visualisation and articulation of problems and solutions. Excellent verbal and written communication skills. Breaking down a complex problem and working to accepted resolution. Excellent ability to deliver to expectation on time. Effective in taking proactive & independent ownership of problems to solution. Work well within a team - contributing ideas and onboarding ideas from others. Actively support colleagues in their work. Work with colleagues in the ICT department to improve and maintain levels of efficiency. Desirable Knowledge of Mimecast platform. Experience of Microsoft DPM. Knowledge of VPN platforms. Experience of managing antivirus systems. What can you expect from us Cost of living annual pay review. Company pension contributions up to 10% if employees contribute 5%. 33 days holiday including bank holidays with the ability to purchase an additional 2 weeks. Enhanced maternity, paternity and adoption pay. To say thank you, each time you successfully refer someone you will receive a referral payment of £1000 (net of tax). Hybrid working for eligible roles. Development opportunities to reach your career aspirations. BUUK has an award-winning culture. We care about your wellbeing and safety as we all deserve the right to go home safe, every day. We are proud to be an equal opportunity employer, we respect each other and advocate for equity, diversity and inclusion in all we do. Research shows that women and people from different underrepresented backgrounds often only apply for a job if they meet 100% of the listed qualifications. If you would like to be a part of our team and you meet many, but not all our requirements for this role, please apply. You can also ask us about flexible working options. Please note we reserve the right to close the role early. Therefore, if you're interested in this role, we encourage you to apply as soon as possible. JBRP1_UKTJ
Senior Infrastructure Engineer - Enterprise Infrastructure & Cloud (Contract) Location: Remote-first (UK) with occasional travel to London Contract: Initial 6 months (strong likelihood of extension) Start: ASAP We are working with a large global organisation delivering critical digital and network services, currently undergoing a significant infrastructure modernisation programme. As part of this work, they are seeking a Senior Infrastructure Engineer to act as a deep technical specialist across enterprise infrastructure platforms. This role will suit a highly skilled engineer who enjoys operating as a technical subject matter expert, solving complex infrastructure challenges while helping drive platform stability, automation, and security improvements across a large-scale enterprise environment. You will act as a senior technical authority across core infrastructure services including Windows Server, VDI/Citrix platforms, Microsoft 365, and enterprise cloud environments. Working closely with infrastructure, security, and architecture teams, you will contribute to the design, stabilisation, and continuous improvement of critical enterprise platforms. This role is highly hands-on and will involve supporting complex incidents, driving automation initiatives, and contributing to infrastructure architecture and transformation projects. Key Responsibilities Technical Expertise Act as a senior SME across enterprise infrastructure platforms including Windows Server, Citrix, VDI, Microsoft 365, and cloud environments Provide advanced troubleshooting and root cause analysis for complex infrastructure incidents Support infrastructure hardening and operational resilience initiatives Define and implement best practices for infrastructure security, governance, and operational standards Infrastructure Operations Support the stability and performance of Windows Server environments and identity infrastructure Maintain enterprise VDI and Citrix platforms Support Microsoft 365 services including Exchange Online, Teams, and SharePoint Ensure strong governance and operational standards across enterprise cloud environments Automation & Platform Improvement Drive automation initiatives using scripting and infrastructure-as-code approaches Contribute to standardisation of infrastructure provisioning and operational processes Identify opportunities to improve efficiency, reduce operational overhead, and strengthen security posture Project Delivery Contribute to infrastructure projects from design through to implementation Collaborate with architecture, security, and platform teams to deliver scalable, secure solutions Provide technical expertise for infrastructure modernisation initiatives Operational Support Participate in the infrastructure on call rota supporting priority incidents where required Technical Environment Windows Server (2016/2019/2022) Active Directory, Group Policy, DNS, DHCP, PKI Citrix Virtual Apps & Desktops / enterprise VDI platforms Microsoft 365 (Exchange Online, Teams, SharePoint) Azure and enterprise cloud platforms Infrastructure automation (PowerShell, Terraform) VMware environments (working knowledge) Experience working with identity security, conditional access, and modern infrastructure governance practices is highly beneficial. What We're Looking For Strong hands on experience with enterprise Windows Server environments Deep knowledge of Active Directory and identity infrastructure Experience supporting Citrix or VDI platforms in enterprise environments Experience working with Microsoft 365 services and identity platforms Exposure to Azure and modern cloud infrastructure environments Strong troubleshooting and root cause analysis capabilities Experience automating infrastructure operations using scripting or IaC tools Ability to operate as a senior technical SME within complex enterprise environments Experience supporting infrastructure recovery, stabilisation, or remediation following major operational or security incidents would be highly valuable. Contract Details Initial 6 month contract Strong likelihood of extension Remote first working with occasional travel to London Opportunity to work on a large scale enterprise infrastructure transformation programme If you are a senior infrastructure engineer who enjoys solving complex technical problems and contributing to the stability and evolution of enterprise platforms, we would welcome your application.
09/06/2026
Full time
Senior Infrastructure Engineer - Enterprise Infrastructure & Cloud (Contract) Location: Remote-first (UK) with occasional travel to London Contract: Initial 6 months (strong likelihood of extension) Start: ASAP We are working with a large global organisation delivering critical digital and network services, currently undergoing a significant infrastructure modernisation programme. As part of this work, they are seeking a Senior Infrastructure Engineer to act as a deep technical specialist across enterprise infrastructure platforms. This role will suit a highly skilled engineer who enjoys operating as a technical subject matter expert, solving complex infrastructure challenges while helping drive platform stability, automation, and security improvements across a large-scale enterprise environment. You will act as a senior technical authority across core infrastructure services including Windows Server, VDI/Citrix platforms, Microsoft 365, and enterprise cloud environments. Working closely with infrastructure, security, and architecture teams, you will contribute to the design, stabilisation, and continuous improvement of critical enterprise platforms. This role is highly hands-on and will involve supporting complex incidents, driving automation initiatives, and contributing to infrastructure architecture and transformation projects. Key Responsibilities Technical Expertise Act as a senior SME across enterprise infrastructure platforms including Windows Server, Citrix, VDI, Microsoft 365, and cloud environments Provide advanced troubleshooting and root cause analysis for complex infrastructure incidents Support infrastructure hardening and operational resilience initiatives Define and implement best practices for infrastructure security, governance, and operational standards Infrastructure Operations Support the stability and performance of Windows Server environments and identity infrastructure Maintain enterprise VDI and Citrix platforms Support Microsoft 365 services including Exchange Online, Teams, and SharePoint Ensure strong governance and operational standards across enterprise cloud environments Automation & Platform Improvement Drive automation initiatives using scripting and infrastructure-as-code approaches Contribute to standardisation of infrastructure provisioning and operational processes Identify opportunities to improve efficiency, reduce operational overhead, and strengthen security posture Project Delivery Contribute to infrastructure projects from design through to implementation Collaborate with architecture, security, and platform teams to deliver scalable, secure solutions Provide technical expertise for infrastructure modernisation initiatives Operational Support Participate in the infrastructure on call rota supporting priority incidents where required Technical Environment Windows Server (2016/2019/2022) Active Directory, Group Policy, DNS, DHCP, PKI Citrix Virtual Apps & Desktops / enterprise VDI platforms Microsoft 365 (Exchange Online, Teams, SharePoint) Azure and enterprise cloud platforms Infrastructure automation (PowerShell, Terraform) VMware environments (working knowledge) Experience working with identity security, conditional access, and modern infrastructure governance practices is highly beneficial. What We're Looking For Strong hands on experience with enterprise Windows Server environments Deep knowledge of Active Directory and identity infrastructure Experience supporting Citrix or VDI platforms in enterprise environments Experience working with Microsoft 365 services and identity platforms Exposure to Azure and modern cloud infrastructure environments Strong troubleshooting and root cause analysis capabilities Experience automating infrastructure operations using scripting or IaC tools Ability to operate as a senior technical SME within complex enterprise environments Experience supporting infrastructure recovery, stabilisation, or remediation following major operational or security incidents would be highly valuable. Contract Details Initial 6 month contract Strong likelihood of extension Remote first working with occasional travel to London Opportunity to work on a large scale enterprise infrastructure transformation programme If you are a senior infrastructure engineer who enjoys solving complex technical problems and contributing to the stability and evolution of enterprise platforms, we would welcome your application.
Trades Workforce Solutions
Cardiff, South Glamorgan
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
09/06/2026
Full time
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
Cyber Security Manager About the role Reporting to the IT Director, you will lead the cybersecurity function through a modern, 3-Layer Operating Model. Your primary focus is to govern our outsourced Managed Detection & Response (MDR/SOC) partners, own the internal GRC (Governance, Risk, and Compliance) framework, and ensure data protection standards are met. You will act as the strategic link between external security experts and our internal Architecture and Platform Engineering teams to ensure the organisation remains secure, compliant, and AI-ready. About the Group My client is a large, privately owned international business operating across multiple sectors, with a significant presence in retail, wholesale, healthcare, property, manufacturing, and financial services. With operations spanning several regions, the business serves millions of customers and employs a substantial workforce across its various divisions. The company is focused on long-term growth, operational excellence, and innovation, investing in modern technology platforms and data-driven capabilities to support its strategic objectives. Cybersecurity, data protection, and digital transformation are key priorities as the organisation continues to modernise its technology landscape and expand the use of cloud and AI-enabled services. Key Responsibilities Act as the primary owner for our outsourced 24/7 SOC/MDR partners. Monitor their performance against SLAs, manage incident escalations, and ensure they are proactively hunting threats across our Azure and Snowflake environments. Own the implementation and operation of data security to discover, classify, and protect sensitive data across the group, supporting our broader AI roadmap. Maintain the Group Information Security Policy, Cyber Risk Register, and Risk Appetite statements. Lead internal and external security audits, ensuring UK GDPR compliance and managing regulatory reporting. Partner with the technology team to ensure that cybersecurity policies are translated into automated "Golden Path" guardrails. Translate complex security alerts into business-relevant risk stories for the IT Director and the Board. Required Skills and Experience (Must-have) Proven experience managing high-performance external Managed Security Service Providers (MSSP) or MDR vendors. Deep knowledge of ISO 27001, NIST, and UK GDPR. Experience maintaining a formal Enterprise Risk Register. Familiarity with DSPM (Data Security Posture Management) tools like Cyera or similar data discovery platforms. High-level understanding of Azure/AWS security controls, Identity protocols (OIDC/SAML), and MFA strategies (Entra ID). Experience coordinating response and recovery efforts between external forensic teams and internal IT functions. Ability to tell "risk stories" that align security investment to margin preservation and business continuity. Skilled at holding external partners accountable and driving value from service contracts. Focuses on material risk reduction rather than theoretical compliance. For more information, contact or
09/06/2026
Full time
Cyber Security Manager About the role Reporting to the IT Director, you will lead the cybersecurity function through a modern, 3-Layer Operating Model. Your primary focus is to govern our outsourced Managed Detection & Response (MDR/SOC) partners, own the internal GRC (Governance, Risk, and Compliance) framework, and ensure data protection standards are met. You will act as the strategic link between external security experts and our internal Architecture and Platform Engineering teams to ensure the organisation remains secure, compliant, and AI-ready. About the Group My client is a large, privately owned international business operating across multiple sectors, with a significant presence in retail, wholesale, healthcare, property, manufacturing, and financial services. With operations spanning several regions, the business serves millions of customers and employs a substantial workforce across its various divisions. The company is focused on long-term growth, operational excellence, and innovation, investing in modern technology platforms and data-driven capabilities to support its strategic objectives. Cybersecurity, data protection, and digital transformation are key priorities as the organisation continues to modernise its technology landscape and expand the use of cloud and AI-enabled services. Key Responsibilities Act as the primary owner for our outsourced 24/7 SOC/MDR partners. Monitor their performance against SLAs, manage incident escalations, and ensure they are proactively hunting threats across our Azure and Snowflake environments. Own the implementation and operation of data security to discover, classify, and protect sensitive data across the group, supporting our broader AI roadmap. Maintain the Group Information Security Policy, Cyber Risk Register, and Risk Appetite statements. Lead internal and external security audits, ensuring UK GDPR compliance and managing regulatory reporting. Partner with the technology team to ensure that cybersecurity policies are translated into automated "Golden Path" guardrails. Translate complex security alerts into business-relevant risk stories for the IT Director and the Board. Required Skills and Experience (Must-have) Proven experience managing high-performance external Managed Security Service Providers (MSSP) or MDR vendors. Deep knowledge of ISO 27001, NIST, and UK GDPR. Experience maintaining a formal Enterprise Risk Register. Familiarity with DSPM (Data Security Posture Management) tools like Cyera or similar data discovery platforms. High-level understanding of Azure/AWS security controls, Identity protocols (OIDC/SAML), and MFA strategies (Entra ID). Experience coordinating response and recovery efforts between external forensic teams and internal IT functions. Ability to tell "risk stories" that align security investment to margin preservation and business continuity. Skilled at holding external partners accountable and driving value from service contracts. Focuses on material risk reduction rather than theoretical compliance. For more information, contact or
Overview Title: Cyber Security Platform Engineer - Microsoft Reference No: 2161 Company: FTSE 100 Reports to: Security Platform Engineering Manager Location: London Working Pattern: 37.5 hours per week, Monday - Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place). Salary: £59,000 - £72,000 Benefits: Bupa, Matched pension contributions. The Role Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across) the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. This is a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on. The Security Platform Engineering function is central to that portfolio - responsible for ensuring that the security tools the organisation invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value. Microsoft is the most strategically significant security platform, and the uplift and optimisation of the Microsoft security estate is one of the most consequential engineering challenges in the GCS transformation programme. Role Summary Reporting to the Security Platform Engineering Manager, the Cyber Security Platform Engineer - Microsoft is the Group dedicated technical authority for the Microsoft security platform. The role carries implied ownership of the full Microsoft security stack: the M365 Defender suite, the security-relevant capabilities of Microsoft Entra ID (conditional access, Privileged Identity Management, access packages, and least privilege), Intune, and the foundational configuration of the Microsoft 365 and Azure environments on which all of these depend. This is a role that extends beyond BAU platform management: a significant part of the initial mandate is to critically assess the current state of the Microsoft estate - spanning E3, Active Directory, Entra ID, Intune, and existing Defender deployments - identify the gaps against vendor-recommended best practice and the Group cyber standard, and build a prioritised strategy and plan to close them. This role is the primary technical owner of that relationship on the GCS side - working directly with the Microsoft team to prioritise, plan, and drive the E5 deployment across the estate, and ensuring that the professional services and engineering resources available are directed at the highest-value activities. The role must navigate the realities of the federated organisation with skill: delivery will depend on partnership with divisional IT teams, and getting there will require excellent stakeholder management, a clear change communication approach, and an absolute commitment to end-user experience. Zero tolerance for avoidable downtime is not a preference - it is a non-negotiable operating constraint. The role works in close partnership with the Cyber Architecture Manager, the Group CTO function, the IT Frameworks Director, Assurance leads, Divisional Security Leads, and the Identity Transformation team. It shares the defining mindset of the whole platform engineering function: genuine passion for the Microsoft platform, curiosity about its full capability, and the drive to get to a secure, consistent, vendor-recommended configuration as quickly and as safely as possible. Role Responsibilities / Accountabilities Microsoft Estate Assessment, Gap Analysis & Strategy Conduct a structured, critical assessment of the current Microsoft security estate, covering Active Directory, Microsoft Entra ID, Intune, M365 (E3 and current Defender deployments), and Azure security configuration; benchmark the current state against Microsoft's secure score recommendations, vendor best practice, and the Group cyber technical standard, and produce a clear, evidence-based gap analysis. Develop a prioritised Microsoft security uplift strategy and delivery plan that sequences remediation and enhancement activity by risk reduction impact, operational feasibility, and alignment with the E5 migration roadmap; ensure the plan is realistic for federated environment and has clear milestones, owners, and success criteria. Maintain the Microsoft security uplift plan as a live document; track progress against milestones, report status to the Security Platform Engineering Manager, and adapt the plan to the Groups environment, the threat landscape, and the Microsoft product roadmap evolve. Microsoft Defender Platform Ownership & Engineering Own the technical configuration, ongoing engineering, and operational health of the full M365 Defender suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and Microsoft Sentinel integration; maintain configurations to the approved baseline and drive continuous improvement against vendor-recommended configuration. Work closely with the SOC to tune Defender configurations for effective detection and response; adjust detection rules, custom detection queries, and alert thresholds in response to SOC operational feedback, ensuring analysts receive high-fidelity, actionable alerts with minimal noise. Develop and maintain detailed configuration documentation, runbooks, and change records for all Defender workloads; ensure configuration state is consistently documented, version-controlled, and auditable. Entra ID Security & Identity Controls Own the security configuration of Microsoft Entra ID across the Group; take implied technical ownership of the security-relevant Entra capabilities including Conditional Access policy design and enforcement, Privileged Identity Management (PIM), access packages and entitlement management, Identity Protection, and the application of least privilege principles across the directory. Work with the Cyber Architecture Manager, the IT Frameworks Director, and Assurance leads to ensure that GCS policies - including BYOD, remote access, and privilege management policies - are correctly and completely manifested in Entra Conditional Access policies and Intune device compliance rules; maintain a clear mapping between policy intent and platform configuration. Support the Active Directory to Entra ID modernisation journey; identify legacy AD configurations and hybrid identity risks that need to be addressed as part of the E5 migration, and work with the Identity Transformation team to ensure Entra security configuration activity is co-ordinated with the broader identity programme. Own the Intune security configuration, maintain device compliance policies, configuration profiles, and security baselines; ensure Intune is configured to enforce the Group endpoint security standard and provides accurate device compliance data to Entra Conditional Access and the Defender estate. E5 Migration, ECIF Engagement & Microsoft Relationship Act as GCS's primary technical liaison to the Microsoft ECIF (Engineering Co-Investment Fund) team; plan, prioritise, and drive the E5 deployment programme in partnership with the ECIF team, ensuring that Microsoft engineering resources are directed at the highest-value activities and that the Organisation is getting the maximum benefit from the co-investment engagement. Manage the technical relationship with Microsoft across the security and identity platform; maintain active engagement with Microsoft technical account management, product specialists, and engineering teams; use the account relationship to gain early access to roadmap briefings, preview features, escalation paths, and best-practice guidance relevant to the organisations environment. Plan and manage the technical delivery of E5 capability rollout across the divisions; sequence deployment activity to maximise early security value, sequence it safely within the change management constraints, and ensure each phase is fully tested, documented, and supported before moving to the next. Maintain accurate records of Microsoft licence entitlements, feature adoption, and E5 deployment progress; ensure the Group is consuming the capabilities it is paying for, and provide the Security Platform Engineering Manager with clear, up-to-date visibility of licence utilisation and deployment status. Policy Manifestation, Standards Alignment & Assurance Translate Group cyber technical standards and security policies into enforceable Microsoft platform configurations; maintain a clear, auditable mapping between each policy requirement and its implementation in Defender, Entra, Intune, or other Microsoft controls, and ensure divergence is identified and remediated promptly. Work closely with the Director of Cyber Assurance and Assurance leads to support controls assessment of the Microsoft estate; provide technical evidence of configuration compliance . click apply for full job details
09/06/2026
Full time
Overview Title: Cyber Security Platform Engineer - Microsoft Reference No: 2161 Company: FTSE 100 Reports to: Security Platform Engineering Manager Location: London Working Pattern: 37.5 hours per week, Monday - Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place). Salary: £59,000 - £72,000 Benefits: Bupa, Matched pension contributions. The Role Group Cyber Security Overview The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across) the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. This is a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus. It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. GCS is responsible for setting the Group cyber standard, measuring compliance against it across all the businesses, and delivering a portfolio of centrally managed security services that divisions can rely on. The Security Platform Engineering function is central to that portfolio - responsible for ensuring that the security tools the organisation invests in are deeply understood, expertly configured, continuously improved, and consistently delivering their intended security and business value. Microsoft is the most strategically significant security platform, and the uplift and optimisation of the Microsoft security estate is one of the most consequential engineering challenges in the GCS transformation programme. Role Summary Reporting to the Security Platform Engineering Manager, the Cyber Security Platform Engineer - Microsoft is the Group dedicated technical authority for the Microsoft security platform. The role carries implied ownership of the full Microsoft security stack: the M365 Defender suite, the security-relevant capabilities of Microsoft Entra ID (conditional access, Privileged Identity Management, access packages, and least privilege), Intune, and the foundational configuration of the Microsoft 365 and Azure environments on which all of these depend. This is a role that extends beyond BAU platform management: a significant part of the initial mandate is to critically assess the current state of the Microsoft estate - spanning E3, Active Directory, Entra ID, Intune, and existing Defender deployments - identify the gaps against vendor-recommended best practice and the Group cyber standard, and build a prioritised strategy and plan to close them. This role is the primary technical owner of that relationship on the GCS side - working directly with the Microsoft team to prioritise, plan, and drive the E5 deployment across the estate, and ensuring that the professional services and engineering resources available are directed at the highest-value activities. The role must navigate the realities of the federated organisation with skill: delivery will depend on partnership with divisional IT teams, and getting there will require excellent stakeholder management, a clear change communication approach, and an absolute commitment to end-user experience. Zero tolerance for avoidable downtime is not a preference - it is a non-negotiable operating constraint. The role works in close partnership with the Cyber Architecture Manager, the Group CTO function, the IT Frameworks Director, Assurance leads, Divisional Security Leads, and the Identity Transformation team. It shares the defining mindset of the whole platform engineering function: genuine passion for the Microsoft platform, curiosity about its full capability, and the drive to get to a secure, consistent, vendor-recommended configuration as quickly and as safely as possible. Role Responsibilities / Accountabilities Microsoft Estate Assessment, Gap Analysis & Strategy Conduct a structured, critical assessment of the current Microsoft security estate, covering Active Directory, Microsoft Entra ID, Intune, M365 (E3 and current Defender deployments), and Azure security configuration; benchmark the current state against Microsoft's secure score recommendations, vendor best practice, and the Group cyber technical standard, and produce a clear, evidence-based gap analysis. Develop a prioritised Microsoft security uplift strategy and delivery plan that sequences remediation and enhancement activity by risk reduction impact, operational feasibility, and alignment with the E5 migration roadmap; ensure the plan is realistic for federated environment and has clear milestones, owners, and success criteria. Maintain the Microsoft security uplift plan as a live document; track progress against milestones, report status to the Security Platform Engineering Manager, and adapt the plan to the Groups environment, the threat landscape, and the Microsoft product roadmap evolve. Microsoft Defender Platform Ownership & Engineering Own the technical configuration, ongoing engineering, and operational health of the full M365 Defender suite, including Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, Defender for Office 365, and Microsoft Sentinel integration; maintain configurations to the approved baseline and drive continuous improvement against vendor-recommended configuration. Work closely with the SOC to tune Defender configurations for effective detection and response; adjust detection rules, custom detection queries, and alert thresholds in response to SOC operational feedback, ensuring analysts receive high-fidelity, actionable alerts with minimal noise. Develop and maintain detailed configuration documentation, runbooks, and change records for all Defender workloads; ensure configuration state is consistently documented, version-controlled, and auditable. Entra ID Security & Identity Controls Own the security configuration of Microsoft Entra ID across the Group; take implied technical ownership of the security-relevant Entra capabilities including Conditional Access policy design and enforcement, Privileged Identity Management (PIM), access packages and entitlement management, Identity Protection, and the application of least privilege principles across the directory. Work with the Cyber Architecture Manager, the IT Frameworks Director, and Assurance leads to ensure that GCS policies - including BYOD, remote access, and privilege management policies - are correctly and completely manifested in Entra Conditional Access policies and Intune device compliance rules; maintain a clear mapping between policy intent and platform configuration. Support the Active Directory to Entra ID modernisation journey; identify legacy AD configurations and hybrid identity risks that need to be addressed as part of the E5 migration, and work with the Identity Transformation team to ensure Entra security configuration activity is co-ordinated with the broader identity programme. Own the Intune security configuration, maintain device compliance policies, configuration profiles, and security baselines; ensure Intune is configured to enforce the Group endpoint security standard and provides accurate device compliance data to Entra Conditional Access and the Defender estate. E5 Migration, ECIF Engagement & Microsoft Relationship Act as GCS's primary technical liaison to the Microsoft ECIF (Engineering Co-Investment Fund) team; plan, prioritise, and drive the E5 deployment programme in partnership with the ECIF team, ensuring that Microsoft engineering resources are directed at the highest-value activities and that the Organisation is getting the maximum benefit from the co-investment engagement. Manage the technical relationship with Microsoft across the security and identity platform; maintain active engagement with Microsoft technical account management, product specialists, and engineering teams; use the account relationship to gain early access to roadmap briefings, preview features, escalation paths, and best-practice guidance relevant to the organisations environment. Plan and manage the technical delivery of E5 capability rollout across the divisions; sequence deployment activity to maximise early security value, sequence it safely within the change management constraints, and ensure each phase is fully tested, documented, and supported before moving to the next. Maintain accurate records of Microsoft licence entitlements, feature adoption, and E5 deployment progress; ensure the Group is consuming the capabilities it is paying for, and provide the Security Platform Engineering Manager with clear, up-to-date visibility of licence utilisation and deployment status. Policy Manifestation, Standards Alignment & Assurance Translate Group cyber technical standards and security policies into enforceable Microsoft platform configurations; maintain a clear, auditable mapping between each policy requirement and its implementation in Defender, Entra, Intune, or other Microsoft controls, and ensure divergence is identified and remediated promptly. Work closely with the Director of Cyber Assurance and Assurance leads to support controls assessment of the Microsoft estate; provide technical evidence of configuration compliance . click apply for full job details
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
09/06/2026
Full time
OFFICIAL Role Profile Role Title: Senior Technical Architect (Salesforce) Level: Level 2b Directorate: Digital, Data, and Security Services (DDSS) Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. This role aligns with the Senior Technical Architect role in the Government Digital and Data Capability Profession. Purpose A senior technical architect is responsible for the design and assurance of technical systems that meet business needs. They work on complex projects, providing technical direction and guidance to delivery teams. They ensure that technical designs are aligned with strategic and architectural standards, and that systems are robust, scalable, and maintainable. At Ofgem, this means leading the design and assurance of Salesforce-based solutions that enable secure, scalable, and user-focused digital services. You will work across multiple Salesforce clouds (Service, Experience, PSS, and Core Platform), integrating with enterprise systems and ensuring adherence to Ofgem's architectural, data, and security principles. At this level, you will influence delivery teams, mentor colleagues, and contribute to the evolution of Ofgem's Salesforce architecture community and standards. At this role level, you will: Define and assure technical designs for Salesforce platforms across multiple delivery teams. Guide and support engineers and architects in applying Salesforce standards and patterns, ensuring solutions meet user, business, and security needs and are aligned to Ofgem's technical strategy. Identify and communicate technical risks and dependencies across teams, contributing to the continuous improvement of technical standards, reusable patterns, and design governance. Key Responsibilities Lead the design and documentation of Salesforce solutions, ensuring they meet business needs, align with architectural standards, and deliver value across Ofgem's programmes. Provide technical assurance for Salesforce implementations, ensuring solutions comply with Ofgem's architecture, security, and design principles. Design Salesforce solutions that integrate effectively with enterprise platforms and data systems, ensuring information consistency, interoperability, and adherence to data governance policies. Work with delivery teams to guide technical decisions, resolve design challenges, and ensure high-quality implementations that meet user and business expectations. Mentor associates and technical architects, contributing to the Salesforce Centre of Excellence and promoting the adoption of best practices across teams and projects. Skills Technical architecture Design and describe technical systems and how they fit within a wider architecture. Ensure that technical designs meet user needs and align to organisational standards. Communicate technical decisions and their rationale clearly to stakeholders. Systems integration Design and assure integration patterns for connecting Salesforce to other enterprise systems. Ensure integration solutions are secure, reliable, and support data consistency. Identify opportunities to simplify integration through APIs and reusable services. Technical leadership Guide and support technical teams in implementing Salesforce solutions. Influence decision making and ensure technical alignment across delivery teams. Promote best practice, reusable components, and adherence to technical standards. Technical strategy and governance Understand and apply technical governance frameworks to assure quality and consistency. Contribute to architectural standards and ensure Salesforce solutions align with them. Manage technical risk through structured design and assurance activities. Designing technology solutions Create and maintain Salesforce technical designs that are secure, scalable, and maintainable. Ensure solutions adhere to Salesforce platform best practices and Ofgem's enterprise principles. Review and refine designs through iterative feedback and assurance reviews. Development process optimisation Collaborate with engineering and DevOps teams to support CI/CD and release management within Salesforce environments. Promote automation and efficiency in development and deployment processes. Ensure that testing and quality assurance practices are embedded into the design lifecycle. Security and compliance Apply Ofgem's security, identity, and access control standards within Salesforce solutions. Understand data privacy, encryption, and audit requirements. Work with security teams to identify and address platform risks. Key Outputs and Deliverables Salesforce architecture designs and documentation aligned with Ofgem standards and governance processes. Technical assurance for Salesforce solutions, with compliance to architectural, security, and operational requirements. Technical input for solution options and assessments, enabling informed decision making by delivery teams and business stakeholders. Integration patterns and data models supporting reliable and secure interoperability with Ofgem enterprise platforms. Salesforce CoE contributions, including reusable components, templates, and design patterns promoting best practices. Key Stakeholder Relationships Internal Principal Technical Architect (Salesforce) and Enterprise Architects Programme and Project Managers Developers, Technical Leads, and Product Owners Data and Security Teams Delivery and Operations Managers Salesforce CoE External SI Salesforce Partner and Vendor Teams Cabinet Office and GDS (for standards assurance) System Integrators and Delivery Partners Cross government Salesforce and technical architecture communities Professional certification and training providers Role Criteria Essential Demonstrable experience designing and leading Salesforce solutions across multiple clouds and domains. Demonstrable understanding of core Salesforce Platform, Service cloud, community cloud and Public Sector Solutions. Demonstrable understanding of integration patterns, APIs, and middleware for connecting Salesforce to enterprise systems. Proficiency in architectural modelling tools such as Archi and frameworks, such as ArchiMate, UML, or equivalent, with the ability to create and maintain architectural artefacts. Experience of applying secure design principles and data governance within Salesforce implementations Holds or can obtain the following certifications or equivalent within 6 months: Certified Salesforce Technical Architect or equivalent Formal Architectural Qualification such as BCS EA Certification, The Open Group Architecture Framework (TOGAF) or Zachman Framework Certification. Certified Salesforce Technical Architect or equivalent Desirable Understanding government digital standards and assurance processes. Behaviours Seeing the Big Picture Changing and Improving Making Effective Decisions Leadership Communicating and Influencing Working Together: Developing Self and Others Managing a Quality Service Delivering at Pace OFFICIAL
Role Profile Role Title: Principal Administrator (Salesforce) Level: Level 3 Directorate: DDSS Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. Purpose A principal application operations engineer owns the application strategy and leads, on implementation, support, resourcing, learning and development for their team. At Ofgem, the Principal Salesforce Administrator leads the Salesforce administration team, ensuring robust solution design, effective delivery, platform optimisation, and operational performance across the organisation's Salesforce environment. This role is accountable for maintaining stability, quality, and continuous improvement of complex enterprise Salesforce solutions. Responsibilities include ownership of administration strategy, adherence to best practices, and oversight of systems integrator performance to guarantee that Salesforce services deliver consistent, resilient, and high quality outcomes for both Ofgem and its users. Close collaboration with implementation partners is essential in aligning strategic objectives and operational execution. At this role level, you will: have expert technical understanding be accountable for vendor and supplier management Manage and maintain administration of the Salesforce platform. Key Responsibilities Stakeholder Engagement Engagement with senior stakeholders across digital, data, and operational functions to ensure Salesforce services align with business needs. Provision of authoritative guidance on application operations and influence decision making across programmes and projects. Oversight of systems integrator collaboration to maintain delivery quality and strategic alignment. Technical Oversight and Assurance Operational performance, resilience, and optimisation of Salesforce platforms. Expert assurance of configurations, integrations, automation pipelines, and release processes, ensuring compliance with Ofgem standards and contractual obligations for SI performance. Innovation and Continuous Improvement Platform enhancements through identification of optimisation opportunities, refinement of operational processes, and introduction of new tools or methods that strengthen service reliability and delivery outcomes. Mentorship and Capability Development Development of team capability through coaching administrators, promoting best practices, and setting clear operational standards. Support for learning pathways and contribution to professional development planning. Architectural Leadership Definition and leadership of Salesforce application operations strategy within Ofgem. Alignment with Salesforce architectural direction and leadership of decisions on operational models, platform evolution, and long term technology planning. Skills Asset and configuration management (practitioner) manage configuration items and related information manage service compliance and risk Availability and capacity management (practitioner) ensure the correct implementation of availability and capacity management standards and procedures identify capacity issues and implement the required changes; initiate remedial action Change management (practitioner) manage high impact, complex change requests ensure that release policies, procedures and processes are applied Continual service improvement (practitioner) analyse current processes, and identify and implement opportunities to optimise them lead and develop a team of experts to deliver service improvements help to evaluate and establish requirements for the implementation of changes by setting policy and standards Incident management (practitioner) lead the investigation and resolution of incidents Ownership and initiative (practitioner) take accountability for issues that occur and be proactive in searching for potential problems achieve excellent user outcomes Problem management (practitioner) ensure that the right actions are taken to investigate, resolve and anticipate problems co ordinate the team to investigate problems, implement solutions and take preventive measures Service focus (practitioner) see the bigger picture by taking groups of services and investigating how to get the best of underlying services Service management framework knowledge (practitioner) show you have an expert certificate in the service management framework qualification Technical specialism (expert) understand the direction of future technologies deliver a model to support and maintain those future technologies and any databases that coexist in the current environment Technical understanding (practitioner) show a thorough understanding of the technical concepts required for the role, and can explain how these fit into the wider technical landscape Testing (expert) manage testing activities within development or integration activities manage risks and take preventative action when risks become unacceptable manage customer relations User focus (practitioner) collaborate with user researchers and can represent users internally explain the difference between user needs and the desires of the user champion user research to focus on all users prioritise and define approaches to understand the user story, guiding others in doing so offer recommendations on the best tools and methods to use Key Outputs and Deliverables Stable, high quality Salesforce operational services, ensuring resilience, performance, and reliability across all environments. Compliant release processes, supported by assurance frameworks, documentation standards, and governance controls for every Salesforce deployment. Operational performance reporting and continuous improvement plans, providing visibility, metrics, and strategic insights for service optimisation. Accurate asset records and configuration inventories for all Salesforce environments, enabling traceability, auditability, and effective change management. Third party supplier performance management, including service level compliance, contractual obligations, and quality assurance across delivery partnerships. Key Stakeholder Relationships Internal Head of the Salesforce Centre of Enablement Architecture and Engineering Teams Product Owners and Delivery Managers Service Operations and Support Teams Cyber Security and Data Teams Programme and Portfolio Management External Salesforce and associated vendors Managed service providers and support partners Cross government technical communities External auditors and assurance bodies Industry partners and tooling providers Role Criteria Essential Deep operational expertise in managing complex Salesforce environments. Proven leadership in application operations or platform engineering. Demonstrable experience managing suppliers and technical risk. Demonstrable experience managing a Salesforce Administration team. Holds or can obtain the following certifications or equivalent within 6 months: Salesforce Certified App Builder, and Salesforce Certified Advanced Administrator Desirable Offshore SI management Behaviours Making Effective Decisions Communicating and Influencing Managing a Quality Service
09/06/2026
Full time
Role Profile Role Title: Principal Administrator (Salesforce) Level: Level 3 Directorate: DDSS Location: London / Glasgow / Cardiff Contract Type: Permanent / Fixed-Term Approach: Internal Security Level Required: SC Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe, affordable, and environmentally sustainable energy supply. We are playing a vital part in accelerating the transition to Net Zero and a carbon neutral energy system - a goal that everyone wants to achieve. Whatever your role, you'll be playing your part in creating new energy solutions that are great for customers, and great for the environment. Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work. Purpose A principal application operations engineer owns the application strategy and leads, on implementation, support, resourcing, learning and development for their team. At Ofgem, the Principal Salesforce Administrator leads the Salesforce administration team, ensuring robust solution design, effective delivery, platform optimisation, and operational performance across the organisation's Salesforce environment. This role is accountable for maintaining stability, quality, and continuous improvement of complex enterprise Salesforce solutions. Responsibilities include ownership of administration strategy, adherence to best practices, and oversight of systems integrator performance to guarantee that Salesforce services deliver consistent, resilient, and high quality outcomes for both Ofgem and its users. Close collaboration with implementation partners is essential in aligning strategic objectives and operational execution. At this role level, you will: have expert technical understanding be accountable for vendor and supplier management Manage and maintain administration of the Salesforce platform. Key Responsibilities Stakeholder Engagement Engagement with senior stakeholders across digital, data, and operational functions to ensure Salesforce services align with business needs. Provision of authoritative guidance on application operations and influence decision making across programmes and projects. Oversight of systems integrator collaboration to maintain delivery quality and strategic alignment. Technical Oversight and Assurance Operational performance, resilience, and optimisation of Salesforce platforms. Expert assurance of configurations, integrations, automation pipelines, and release processes, ensuring compliance with Ofgem standards and contractual obligations for SI performance. Innovation and Continuous Improvement Platform enhancements through identification of optimisation opportunities, refinement of operational processes, and introduction of new tools or methods that strengthen service reliability and delivery outcomes. Mentorship and Capability Development Development of team capability through coaching administrators, promoting best practices, and setting clear operational standards. Support for learning pathways and contribution to professional development planning. Architectural Leadership Definition and leadership of Salesforce application operations strategy within Ofgem. Alignment with Salesforce architectural direction and leadership of decisions on operational models, platform evolution, and long term technology planning. Skills Asset and configuration management (practitioner) manage configuration items and related information manage service compliance and risk Availability and capacity management (practitioner) ensure the correct implementation of availability and capacity management standards and procedures identify capacity issues and implement the required changes; initiate remedial action Change management (practitioner) manage high impact, complex change requests ensure that release policies, procedures and processes are applied Continual service improvement (practitioner) analyse current processes, and identify and implement opportunities to optimise them lead and develop a team of experts to deliver service improvements help to evaluate and establish requirements for the implementation of changes by setting policy and standards Incident management (practitioner) lead the investigation and resolution of incidents Ownership and initiative (practitioner) take accountability for issues that occur and be proactive in searching for potential problems achieve excellent user outcomes Problem management (practitioner) ensure that the right actions are taken to investigate, resolve and anticipate problems co ordinate the team to investigate problems, implement solutions and take preventive measures Service focus (practitioner) see the bigger picture by taking groups of services and investigating how to get the best of underlying services Service management framework knowledge (practitioner) show you have an expert certificate in the service management framework qualification Technical specialism (expert) understand the direction of future technologies deliver a model to support and maintain those future technologies and any databases that coexist in the current environment Technical understanding (practitioner) show a thorough understanding of the technical concepts required for the role, and can explain how these fit into the wider technical landscape Testing (expert) manage testing activities within development or integration activities manage risks and take preventative action when risks become unacceptable manage customer relations User focus (practitioner) collaborate with user researchers and can represent users internally explain the difference between user needs and the desires of the user champion user research to focus on all users prioritise and define approaches to understand the user story, guiding others in doing so offer recommendations on the best tools and methods to use Key Outputs and Deliverables Stable, high quality Salesforce operational services, ensuring resilience, performance, and reliability across all environments. Compliant release processes, supported by assurance frameworks, documentation standards, and governance controls for every Salesforce deployment. Operational performance reporting and continuous improvement plans, providing visibility, metrics, and strategic insights for service optimisation. Accurate asset records and configuration inventories for all Salesforce environments, enabling traceability, auditability, and effective change management. Third party supplier performance management, including service level compliance, contractual obligations, and quality assurance across delivery partnerships. Key Stakeholder Relationships Internal Head of the Salesforce Centre of Enablement Architecture and Engineering Teams Product Owners and Delivery Managers Service Operations and Support Teams Cyber Security and Data Teams Programme and Portfolio Management External Salesforce and associated vendors Managed service providers and support partners Cross government technical communities External auditors and assurance bodies Industry partners and tooling providers Role Criteria Essential Deep operational expertise in managing complex Salesforce environments. Proven leadership in application operations or platform engineering. Demonstrable experience managing suppliers and technical risk. Demonstrable experience managing a Salesforce Administration team. Holds or can obtain the following certifications or equivalent within 6 months: Salesforce Certified App Builder, and Salesforce Certified Advanced Administrator Desirable Offshore SI management Behaviours Making Effective Decisions Communicating and Influencing Managing a Quality Service
The consulting firm is looking for a Senior Active Directory Engineer to support a large enterprise infrastructure and security transformation programme. The role involves reviewing, designing, and improving Microsoft Active Directory environments, working with infrastructure, security, and application teams to strengthen security and improve operations. Responsibilities Review and improve existing Active Directory tiering policies. Assess cross-tier dependencies and identify risks. Review and remediate service accounts and scheduled tasks. Implement changes to AD groups, users, and server objects. Validate functionality and access post-change. Prepare deployment plans, runbooks, and remediation plans. Collaborate with stakeholders to deliver successful outcomes. Required Skills/Qualifications Strong hands on experience with Microsoft Active Directory. Expertise in AD architecture: forests, domains, trusts, sites, and replication. Experience managing large scale enterprise AD environments. Strong understanding of AD Tiering (Tier 0, 1, 2) and security models. Experience with OU design, delegation, and Group Policy inheritance. Ability to perform gap analysis and provide clear recommendations. Desirable Skills Experience with Microsoft Entra ID/cloud synchronisation. Exposure to PAM/PIM/identity governance tools. Experience with Jira, Azure DevOps, and ITSM tools. Strong communication and stakeholder management skills. Salary £550 per day
09/06/2026
Full time
The consulting firm is looking for a Senior Active Directory Engineer to support a large enterprise infrastructure and security transformation programme. The role involves reviewing, designing, and improving Microsoft Active Directory environments, working with infrastructure, security, and application teams to strengthen security and improve operations. Responsibilities Review and improve existing Active Directory tiering policies. Assess cross-tier dependencies and identify risks. Review and remediate service accounts and scheduled tasks. Implement changes to AD groups, users, and server objects. Validate functionality and access post-change. Prepare deployment plans, runbooks, and remediation plans. Collaborate with stakeholders to deliver successful outcomes. Required Skills/Qualifications Strong hands on experience with Microsoft Active Directory. Expertise in AD architecture: forests, domains, trusts, sites, and replication. Experience managing large scale enterprise AD environments. Strong understanding of AD Tiering (Tier 0, 1, 2) and security models. Experience with OU design, delegation, and Group Policy inheritance. Ability to perform gap analysis and provide clear recommendations. Desirable Skills Experience with Microsoft Entra ID/cloud synchronisation. Exposure to PAM/PIM/identity governance tools. Experience with Jira, Azure DevOps, and ITSM tools. Strong communication and stakeholder management skills. Salary £550 per day
IT Director - South West A high profile financial services organisation is seeking an experienced IT Director to provide strategic technology leadership across a complex, large scale environment. This is a pivotal position, joining both an executive leadership team and the companies global technology leadership group. The IT Director will have significant influence over business critical technology, digital strategy, and organisational change. As IT Director the successful candidate will drive the end to end technology strategy, oversee large scale change programmes and ensure alignment with global platforms and enterprise wide transformation initiatives. In this role the successful candidate would be managing a technology operation of approximately 300 people with five senior direct reports across areas such as Information Security, Architecture, Software Engineering, Digital platforms and Data. This is an outstanding opportunity for a senior technology leader who thrives in complex, regulated environments and enjoys leading modernisation at scale. Responsibilities Define and execute the technology strategy Lead large scale digital, data, and systems transformation initiatives. Oversee service delivery, engineering, architecture, and core platform evolution. Provide proactive leadership as part of the executive team, shaping organisational direction. Represent the UK within a global technology leadership community. Own senior level stakeholder engagement across business, operations, and global functions. Drive performance, capability uplift, and cultural alignment across a distributed technology function. Ensure technology governance, operational resilience, and compliance within a regulated environment. Qualifications Proven Senior IT leadership experience within highly regulated environments and in the Financial Services sector. A track record of leading enterprise wide technology change at pace and scale. Experience managing large multi disciplinary technology teams. Strong exposure to outsourcing / offshoring, vendor management, or complex delivery models. Experience with platform consolidation, integration and merger driven technology change. Clear strategic vision combined with hands on leadership of operations, delivery, and transformation Previous experience working in a post merger environment Benefits This role is being offered as a 12 Month Fixed Term contract opportunity, in addition to the base salary this role will come with an excellent benefits package including bonus, car and generous pension.
09/06/2026
Full time
IT Director - South West A high profile financial services organisation is seeking an experienced IT Director to provide strategic technology leadership across a complex, large scale environment. This is a pivotal position, joining both an executive leadership team and the companies global technology leadership group. The IT Director will have significant influence over business critical technology, digital strategy, and organisational change. As IT Director the successful candidate will drive the end to end technology strategy, oversee large scale change programmes and ensure alignment with global platforms and enterprise wide transformation initiatives. In this role the successful candidate would be managing a technology operation of approximately 300 people with five senior direct reports across areas such as Information Security, Architecture, Software Engineering, Digital platforms and Data. This is an outstanding opportunity for a senior technology leader who thrives in complex, regulated environments and enjoys leading modernisation at scale. Responsibilities Define and execute the technology strategy Lead large scale digital, data, and systems transformation initiatives. Oversee service delivery, engineering, architecture, and core platform evolution. Provide proactive leadership as part of the executive team, shaping organisational direction. Represent the UK within a global technology leadership community. Own senior level stakeholder engagement across business, operations, and global functions. Drive performance, capability uplift, and cultural alignment across a distributed technology function. Ensure technology governance, operational resilience, and compliance within a regulated environment. Qualifications Proven Senior IT leadership experience within highly regulated environments and in the Financial Services sector. A track record of leading enterprise wide technology change at pace and scale. Experience managing large multi disciplinary technology teams. Strong exposure to outsourcing / offshoring, vendor management, or complex delivery models. Experience with platform consolidation, integration and merger driven technology change. Clear strategic vision combined with hands on leadership of operations, delivery, and transformation Previous experience working in a post merger environment Benefits This role is being offered as a 12 Month Fixed Term contract opportunity, in addition to the base salary this role will come with an excellent benefits package including bonus, car and generous pension.
Location: This role is UK based, with occasional travel to London and Peterborough (approximately 1-2 times per quarter). Potentially some international travel required on an ad hoc basis. Our Team: How we enrich everyday life You'll be joining our Global Digital Workplace team, part of Bauer's wider Enterprise Technology Group, working at the heart of how our 12,000+ colleagues around Europe connect, collaborate, and stay secure. You'll be working alongside other Intune and M365 specialists, engineering leads, service owners and platform teams, all committed to improving how our people work every day through intuitive tooling, seamless device experiences, and great customer service. The Difference you will make In this role, you will be central to shaping and supporting Bauer's endpoint strategy, ensuring thousands of devices across Windows, macOS, iOS and Android remain secure, compliant, and easy to use. You'll help design, deploy, and optimise Microsoft Intune and associated Microsoft 365 services, empowering our colleagues to work safely from anywhere while maintaining the highest standards of security and performance. You will also play a key part in enhancing and maturing our Intune landscape, driving automation, supporting critical incidents, mentoring less experienced engineers, and contributing to the continued improvement of Bauer's global digital workplace experience. Your Role You will focus on the end to end management of Microsoft Intune and M365 services, ensuring devices and applications are deployed, secured, updated, compliant, and fully aligned with Bauer's global standards. Your responsibilities include, but are not limited to: Managing Windows, macOS, iOS, and Android devices through Intune. Application deployment, packaging and patch management. Implementing and maintaining Conditional Access and security policies. Enhancing endpoint security through configuration, compliance and monitoring. Creating, maintaining, and improving Intune architecture and service roadmaps. Providing 2nd/3rd line support for Intune and M365 services. Supporting major incidents and collaborating with cross functional teams. Integrating Intune with Azure AD, Microsoft 365 and third party tools. Producing high quality documentation and contributing to change management. Working with Microsoft and partner vendors on feature releases and roadmap updates. Delivering automation through PowerShell and Graph API. Coaching team members and supporting knowledge transfer. The Skills you will bring Required: 3+ years' experience working with Microsoft Intune and Microsoft 365. Strong endpoint management expertise across Windows, macOS, iOS and Android. Hands on experience with Intune device compliance, configuration profiles, app deployment and security baselines. Solid experience with PowerShell scripting and automation. Strong understanding of M365 services including Azure AD/Entra ID, Exchange Online, SharePoint, Teams and Power Platform. Knowledge of security principles including MFA, encryption, and Conditional Access. Ability to troubleshoot complex issues across devices, applications and cloud services. Collaborative working style and excellent communication skills. Highly organised, analytical, and able to self manage effectively. Experience working with SCCM/MECM, Windows Server or on premises Active Directory. Experience with Graph API, Azure Functions or Power Platform. Understanding of ITIL, Agile or DevOps ways of working. Experience in multinational environments. German or Polish language skills. About Bauer Media Group We are a media business focused on creating content that matters to millions of people across Europe. Our offering extends from print and online publishing to audio broadcasting and entertainment, alongside investments in other media related sectors. With more than 500 million copies sold each year, we are one of Europe's largest Publishers. From women's and celebrities' magazines to TV listings to food and special interest, we own some of the most popular publishing brands in Germany, UK, Poland and France - both digital and print. But not only that. Reaching over 61 million listeners weekly, we operate over 150 radio and podcast brands in nine countries, spanning the UK, Ireland, Poland, Slovakia, Denmark, Sweden, Finland, Norway and Portugal. Family owned in the 5th generation, Bauer Media focuses on the long term, with a consumer first mindset that guides us across our diverse portfolio. Our workforce of 12,000 shares a common purpose: to deliver content and services that enrich people's everyday lives. What's in it for you You'll have 28 days holiday, bank holidays & 2 volunteer days to use. Your development matters, so access to our internal training provider - Bauer Academy, is a huge win. We have enhanced Maternity/Adoption, Paternity and Shared Parental Leave Pay. You'll have the opportunity for flexible working. And much more! Find the full details of our benefits here We are an international employer and equal opportunities are important to us. That's why we welcome everyone in their uniqueness, regardless of e.g. religion, gender, skin color, disability in our house. We are committed to ensuring our recruitment process is inclusive and accessible to all. If you have a disability or a long term health condition, and need us to make any reasonable adjustments or do anything differently during any stage of the recruitment process, please let us know by emailing .
09/06/2026
Full time
Location: This role is UK based, with occasional travel to London and Peterborough (approximately 1-2 times per quarter). Potentially some international travel required on an ad hoc basis. Our Team: How we enrich everyday life You'll be joining our Global Digital Workplace team, part of Bauer's wider Enterprise Technology Group, working at the heart of how our 12,000+ colleagues around Europe connect, collaborate, and stay secure. You'll be working alongside other Intune and M365 specialists, engineering leads, service owners and platform teams, all committed to improving how our people work every day through intuitive tooling, seamless device experiences, and great customer service. The Difference you will make In this role, you will be central to shaping and supporting Bauer's endpoint strategy, ensuring thousands of devices across Windows, macOS, iOS and Android remain secure, compliant, and easy to use. You'll help design, deploy, and optimise Microsoft Intune and associated Microsoft 365 services, empowering our colleagues to work safely from anywhere while maintaining the highest standards of security and performance. You will also play a key part in enhancing and maturing our Intune landscape, driving automation, supporting critical incidents, mentoring less experienced engineers, and contributing to the continued improvement of Bauer's global digital workplace experience. Your Role You will focus on the end to end management of Microsoft Intune and M365 services, ensuring devices and applications are deployed, secured, updated, compliant, and fully aligned with Bauer's global standards. Your responsibilities include, but are not limited to: Managing Windows, macOS, iOS, and Android devices through Intune. Application deployment, packaging and patch management. Implementing and maintaining Conditional Access and security policies. Enhancing endpoint security through configuration, compliance and monitoring. Creating, maintaining, and improving Intune architecture and service roadmaps. Providing 2nd/3rd line support for Intune and M365 services. Supporting major incidents and collaborating with cross functional teams. Integrating Intune with Azure AD, Microsoft 365 and third party tools. Producing high quality documentation and contributing to change management. Working with Microsoft and partner vendors on feature releases and roadmap updates. Delivering automation through PowerShell and Graph API. Coaching team members and supporting knowledge transfer. The Skills you will bring Required: 3+ years' experience working with Microsoft Intune and Microsoft 365. Strong endpoint management expertise across Windows, macOS, iOS and Android. Hands on experience with Intune device compliance, configuration profiles, app deployment and security baselines. Solid experience with PowerShell scripting and automation. Strong understanding of M365 services including Azure AD/Entra ID, Exchange Online, SharePoint, Teams and Power Platform. Knowledge of security principles including MFA, encryption, and Conditional Access. Ability to troubleshoot complex issues across devices, applications and cloud services. Collaborative working style and excellent communication skills. Highly organised, analytical, and able to self manage effectively. Experience working with SCCM/MECM, Windows Server or on premises Active Directory. Experience with Graph API, Azure Functions or Power Platform. Understanding of ITIL, Agile or DevOps ways of working. Experience in multinational environments. German or Polish language skills. About Bauer Media Group We are a media business focused on creating content that matters to millions of people across Europe. Our offering extends from print and online publishing to audio broadcasting and entertainment, alongside investments in other media related sectors. With more than 500 million copies sold each year, we are one of Europe's largest Publishers. From women's and celebrities' magazines to TV listings to food and special interest, we own some of the most popular publishing brands in Germany, UK, Poland and France - both digital and print. But not only that. Reaching over 61 million listeners weekly, we operate over 150 radio and podcast brands in nine countries, spanning the UK, Ireland, Poland, Slovakia, Denmark, Sweden, Finland, Norway and Portugal. Family owned in the 5th generation, Bauer Media focuses on the long term, with a consumer first mindset that guides us across our diverse portfolio. Our workforce of 12,000 shares a common purpose: to deliver content and services that enrich people's everyday lives. What's in it for you You'll have 28 days holiday, bank holidays & 2 volunteer days to use. Your development matters, so access to our internal training provider - Bauer Academy, is a huge win. We have enhanced Maternity/Adoption, Paternity and Shared Parental Leave Pay. You'll have the opportunity for flexible working. And much more! Find the full details of our benefits here We are an international employer and equal opportunities are important to us. That's why we welcome everyone in their uniqueness, regardless of e.g. religion, gender, skin color, disability in our house. We are committed to ensuring our recruitment process is inclusive and accessible to all. If you have a disability or a long term health condition, and need us to make any reasonable adjustments or do anything differently during any stage of the recruitment process, please let us know by emailing .
Location This role is UK based, with occasional travel to London and Peterborough (approximately 1-2 times per quarter). Potentially some international travel required on an ad hoc basis. Our Team: How we enrich everyday life You'll be joining our Global Digital Workplace team, part of Bauer's wider Enterprise Technology Group, working at the heart of how our 12,000+ colleagues around Europe connect, collaborate, and stay secure. We're a friendly, international team operating across the UK, Germany, Poland and other territories, focused on delivering a modern, efficient, secure workplace experience. You'll be working alongside other Intune and M365 specialists, engineering leads, service owners and platform teams, all committed to improving how our people work every day through intuitive tooling, seamless device experiences, and great customer service. The Difference you will make In this role, you will be central to shaping and supporting Bauer's endpoint strategy, ensuring thousands of devices across Windows, macOS, iOS and Android remain secure, compliant and easy to use. You'll help design, deploy, and optimise Microsoft Intune and associated Microsoft 365 services, empowering our colleagues to work safely from anywhere while maintaining the highest standards of security and performance. You will also play a key part in enhancing and maturing our Intune landscape, driving automation, supporting critical incidents, mentoring less experienced engineers, and contributing to the continued improvement of Bauer's global digital workplace experience. Your Role You will focus on the end to end management of Microsoft Intune and M365 services, ensuring devices and applications are deployed, secured, updated, compliant, and fully aligned with Bauer's global standards. Your responsibilities include, but are not limited to: Managing Windows, macOS, iOS, and Android devices through Intune. Application deployment, packaging and patch management. Implementing and maintaining Conditional Access and security policies. Enhancing endpoint security through configuration, compliance and monitoring. Creating, maintaining, and improving Intune architecture and service roadmaps. Providing 2nd/3rd line support for Intune and M365 services.11; (see original full list) Coaching team members and supporting knowledge transfer. The Skills you will bring Required: 3+ years' experience working with Microsoft Intune and Microsoft 365. Strong endpoint management expertise across Windows, macOS, iOS and Android. Hands on experience with Intune device compliance, configuration profiles, app deployment and security baselines. Solid experience with PowerShell scripting and automation. Strong understanding of M365 services including Azure AD/Entra ID, Exchange Online, SharePoint, Teams and Power Platform. Knowledge of security principles including MFA, encryption, and Conditional Access. Ability to troubleshoot complex issues across devices, applications and cloud services. Collaborative working style and excellent communication skills. Highly organised, analytical, and able to self manage effectively. Experience working with SCCM/MECM, Windows Server or on premises Active Directory. Experience with Graph API, Azure Functions or Power Platform. Understanding of ITIL, Agile or DevOps ways of working. Experience in multinational environments. German or Polish language skills. What's in it for you You'll have 28 days holiday, bank holidays & 2 volunteer days to use. Your development matters, so access to our internal training provider - Bauer Academy - is a huge win. We have enhanced Maternity/Adoption, Paternity and Shared Parental Leave Pay. You'll have the opportunity for flexible working. And much more! Find the full details of our benefits here. Equal Opportunity and Accessibility We are an international employer and equal opportunities are important to us. We welcome everyone in their uniqueness, regardless of religion, gender, skin colour, disability and other protected characteristics. We are committed to ensuring our recruitment process is inclusive and accessible to all. If you have a disability or a long term health condition, and need us to make any reasonable adjustments or do anything differently during any stage of the recruitment process, please let us know by emailing . We are actively recruiting for this position, so the job advert may close earlier than expected. Location: London, GB, NW1 2PL; Peterborough, GB, PE2 6EA
09/06/2026
Full time
Location This role is UK based, with occasional travel to London and Peterborough (approximately 1-2 times per quarter). Potentially some international travel required on an ad hoc basis. Our Team: How we enrich everyday life You'll be joining our Global Digital Workplace team, part of Bauer's wider Enterprise Technology Group, working at the heart of how our 12,000+ colleagues around Europe connect, collaborate, and stay secure. We're a friendly, international team operating across the UK, Germany, Poland and other territories, focused on delivering a modern, efficient, secure workplace experience. You'll be working alongside other Intune and M365 specialists, engineering leads, service owners and platform teams, all committed to improving how our people work every day through intuitive tooling, seamless device experiences, and great customer service. The Difference you will make In this role, you will be central to shaping and supporting Bauer's endpoint strategy, ensuring thousands of devices across Windows, macOS, iOS and Android remain secure, compliant and easy to use. You'll help design, deploy, and optimise Microsoft Intune and associated Microsoft 365 services, empowering our colleagues to work safely from anywhere while maintaining the highest standards of security and performance. You will also play a key part in enhancing and maturing our Intune landscape, driving automation, supporting critical incidents, mentoring less experienced engineers, and contributing to the continued improvement of Bauer's global digital workplace experience. Your Role You will focus on the end to end management of Microsoft Intune and M365 services, ensuring devices and applications are deployed, secured, updated, compliant, and fully aligned with Bauer's global standards. Your responsibilities include, but are not limited to: Managing Windows, macOS, iOS, and Android devices through Intune. Application deployment, packaging and patch management. Implementing and maintaining Conditional Access and security policies. Enhancing endpoint security through configuration, compliance and monitoring. Creating, maintaining, and improving Intune architecture and service roadmaps. Providing 2nd/3rd line support for Intune and M365 services.11; (see original full list) Coaching team members and supporting knowledge transfer. The Skills you will bring Required: 3+ years' experience working with Microsoft Intune and Microsoft 365. Strong endpoint management expertise across Windows, macOS, iOS and Android. Hands on experience with Intune device compliance, configuration profiles, app deployment and security baselines. Solid experience with PowerShell scripting and automation. Strong understanding of M365 services including Azure AD/Entra ID, Exchange Online, SharePoint, Teams and Power Platform. Knowledge of security principles including MFA, encryption, and Conditional Access. Ability to troubleshoot complex issues across devices, applications and cloud services. Collaborative working style and excellent communication skills. Highly organised, analytical, and able to self manage effectively. Experience working with SCCM/MECM, Windows Server or on premises Active Directory. Experience with Graph API, Azure Functions or Power Platform. Understanding of ITIL, Agile or DevOps ways of working. Experience in multinational environments. German or Polish language skills. What's in it for you You'll have 28 days holiday, bank holidays & 2 volunteer days to use. Your development matters, so access to our internal training provider - Bauer Academy - is a huge win. We have enhanced Maternity/Adoption, Paternity and Shared Parental Leave Pay. You'll have the opportunity for flexible working. And much more! Find the full details of our benefits here. Equal Opportunity and Accessibility We are an international employer and equal opportunities are important to us. We welcome everyone in their uniqueness, regardless of religion, gender, skin colour, disability and other protected characteristics. We are committed to ensuring our recruitment process is inclusive and accessible to all. If you have a disability or a long term health condition, and need us to make any reasonable adjustments or do anything differently during any stage of the recruitment process, please let us know by emailing . We are actively recruiting for this position, so the job advert may close earlier than expected. Location: London, GB, NW1 2PL; Peterborough, GB, PE2 6EA
Overview Shaping a smarter, more agile world! AtkinsRéalis is growing its Digital Blueprint consulting team and is looking for Digital Architects who are curious, who want to become part of our customers' digital journey and who want to have a voice in shaping our future digital world. Is this you? We are looking to build our multi-disciplinary team with people from diverse backgrounds who bring architecture expertise to the digital transformation of our stakeholder's workforce and technologies. You may be a digital consultant, or an enterprise or business architect seeking a new challenge. We welcome applications from creative and adaptable systems thinkers who want to be part of shaping the future, whilst expanding your own career potential. When it comes to living your life, we want your role with AtkinsRéalis to be a key part of your personal journey. We have a collaborative inclusive team culture where people will help, guide and mentor you to help you grow. We pitch in and help colleagues because we succeed as a team. Our flexible and remote working policies are designed to support different personal priorities and needs. As a Digital Architect in our Secure Government business unit you'll be helping our clients on a wide variety of digital transformation programmes. This could involve working in private and public sector environments and could provide opportunities for overseas working if that's what interests you. AtkinsRéalis provides significant investment in training and development: we want to help you be successful. Your role The role as a Digital Architect in Digital Blueprint will involve: Working alongside AtkinsRéalis Technical Directors and with teams across AtkinsRéalis to shape and deliver digital transformation for our customers. Working in cross-functional teams to develop deep insight in specific market areas and the key drivers for change. Developing target architectures and operating models and, detailing the complex changes of people, process, information, and technical landscape. Developing roadmaps enabling us to collaborate with project delivery and ensuring that the implementation reflects the strategic intent. Visualising complex business problems to enable leaders and stakeholders make evidence-based decisions and drive change aligned with their requirements and business goals. Helping to research the key disruptive technologies of the future and how these will impact our customers, society, and the world we live in. Driving industry thought leadership and helping AtkinsRéalis to continuously develop its services and value propositions for customers. On a day-to-day basis, working on specific programmes and projects to deliver high quality value driven outcomes for our clients. Ensuring that the advice we give our customers reflects our principles for inclusion, diversity, equality, and sustainability and delivers social value as well as specific programme outcomes. About you Systems Thinking, a consultative mindset and an innate ability to address complex problems Experience in Enterprise or Business Architecture methods (TOGAF, Agile Architecture, BIZBOK), languages (ArchiMate, BPMN and UML) and tools (BiZZdesign and Sparx). A consultative mindset, working collaboratively with senior stakeholders in technology-led transformation programmes, across strategy, business design and change management. Digital savvy, with a passion for innovative and quality digital products, and confident working in an agile environment. Analysing complex problems, designing innovative solutions, and communicating them effectively to a wide range of audiences. Exemplary stakeholder engagement, management and facilitation skills. Contributing to the sale of consulting work, including bid development and presentations. You will have experience in one or more of our key markets (Defence, Aerospace, Security, Energy, Utilities, Highways, Rail or the Public Sector). Taking a proactive role in our communities and the growth of our team to shape the AtkinsRéalis of the future. Rewards & benefits Explore the rewards and benefits that help you thrive - at every stage of your life and your career. Enjoy competitive salaries, employee rewards and a brilliant range of benefits you can tailor to suit your own health, wellbeing, financial and lifestyle choices. Make the most of a myriad of opportunities for training and professional development to grow your skills and expertise. And combine our hybrid working culture and flexible holiday allowances to balance a great job and fulfilling personal life. Be rewarded. Find out more. About AtkinsRéalis We're AtkinsRéalis, a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. We're committed to leading our clients across our various end markets to engineer a better future for our planet and its people. Find out more. Additional information Security clearance This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary, it will be discussed with you at interview. The vetting process is delivered by United Kingdom Security Vetting (UKSV) and may require candidates to provide proof of residency in the UK of 5 years or longer. If applying to this role please do not make reference to (in conversation) or include in your application or CV, details of any current or previously held security clearance. We are committed to creating a culture where everyone feels that they belong - a place where we can all be ourselves, thrive and develop to be the best we can be. So, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee resource groups to support all employees. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.
09/06/2026
Full time
Overview Shaping a smarter, more agile world! AtkinsRéalis is growing its Digital Blueprint consulting team and is looking for Digital Architects who are curious, who want to become part of our customers' digital journey and who want to have a voice in shaping our future digital world. Is this you? We are looking to build our multi-disciplinary team with people from diverse backgrounds who bring architecture expertise to the digital transformation of our stakeholder's workforce and technologies. You may be a digital consultant, or an enterprise or business architect seeking a new challenge. We welcome applications from creative and adaptable systems thinkers who want to be part of shaping the future, whilst expanding your own career potential. When it comes to living your life, we want your role with AtkinsRéalis to be a key part of your personal journey. We have a collaborative inclusive team culture where people will help, guide and mentor you to help you grow. We pitch in and help colleagues because we succeed as a team. Our flexible and remote working policies are designed to support different personal priorities and needs. As a Digital Architect in our Secure Government business unit you'll be helping our clients on a wide variety of digital transformation programmes. This could involve working in private and public sector environments and could provide opportunities for overseas working if that's what interests you. AtkinsRéalis provides significant investment in training and development: we want to help you be successful. Your role The role as a Digital Architect in Digital Blueprint will involve: Working alongside AtkinsRéalis Technical Directors and with teams across AtkinsRéalis to shape and deliver digital transformation for our customers. Working in cross-functional teams to develop deep insight in specific market areas and the key drivers for change. Developing target architectures and operating models and, detailing the complex changes of people, process, information, and technical landscape. Developing roadmaps enabling us to collaborate with project delivery and ensuring that the implementation reflects the strategic intent. Visualising complex business problems to enable leaders and stakeholders make evidence-based decisions and drive change aligned with their requirements and business goals. Helping to research the key disruptive technologies of the future and how these will impact our customers, society, and the world we live in. Driving industry thought leadership and helping AtkinsRéalis to continuously develop its services and value propositions for customers. On a day-to-day basis, working on specific programmes and projects to deliver high quality value driven outcomes for our clients. Ensuring that the advice we give our customers reflects our principles for inclusion, diversity, equality, and sustainability and delivers social value as well as specific programme outcomes. About you Systems Thinking, a consultative mindset and an innate ability to address complex problems Experience in Enterprise or Business Architecture methods (TOGAF, Agile Architecture, BIZBOK), languages (ArchiMate, BPMN and UML) and tools (BiZZdesign and Sparx). A consultative mindset, working collaboratively with senior stakeholders in technology-led transformation programmes, across strategy, business design and change management. Digital savvy, with a passion for innovative and quality digital products, and confident working in an agile environment. Analysing complex problems, designing innovative solutions, and communicating them effectively to a wide range of audiences. Exemplary stakeholder engagement, management and facilitation skills. Contributing to the sale of consulting work, including bid development and presentations. You will have experience in one or more of our key markets (Defence, Aerospace, Security, Energy, Utilities, Highways, Rail or the Public Sector). Taking a proactive role in our communities and the growth of our team to shape the AtkinsRéalis of the future. Rewards & benefits Explore the rewards and benefits that help you thrive - at every stage of your life and your career. Enjoy competitive salaries, employee rewards and a brilliant range of benefits you can tailor to suit your own health, wellbeing, financial and lifestyle choices. Make the most of a myriad of opportunities for training and professional development to grow your skills and expertise. And combine our hybrid working culture and flexible holiday allowances to balance a great job and fulfilling personal life. Be rewarded. Find out more. About AtkinsRéalis We're AtkinsRéalis, a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. We're committed to leading our clients across our various end markets to engineer a better future for our planet and its people. Find out more. Additional information Security clearance This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary, it will be discussed with you at interview. The vetting process is delivered by United Kingdom Security Vetting (UKSV) and may require candidates to provide proof of residency in the UK of 5 years or longer. If applying to this role please do not make reference to (in conversation) or include in your application or CV, details of any current or previously held security clearance. We are committed to creating a culture where everyone feels that they belong - a place where we can all be ourselves, thrive and develop to be the best we can be. So, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee resource groups to support all employees. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.
The Lead Solution Architect oversees a team of permanent and contractor Solution Architects, and provides dotted line leadership to Digital Product Solution Architects to manage the Solution Architecture practice at OUP. The role is responsible for ensuring consistent, high quality architectural delivery across all portfolio and product workstreams. The postholder is responsible for resource and demand planning for their reports - balancing workload, forecasting capacity needs, and ensuring the right architectural skills are aligned to organisational priorities. You will define, implement, and continuously refine the practice's ways of working, establishing clear methodologies, standards, and processes. In addition, you will ensure robust technical governance and architectural assurance are consistently applied so that all solutions align with agreed technology standards, principles, and strategic direction. You will be able to perform the role of Solution Architect if needed and provide hands on guidance to mentor, coach and develop the team. You are responsible for managing and developing the solution architects, supporting career growth, building their capability and performance management. Over time you will build succession and reduce single points of failure, and you will have the ability to lead, coach, and shape a high performing architecture community across both line managed and dotted line relationships. Reporting to the Director of Architecture Services and embedded in a team of Enterprise and Solution Architects you will lead the Solution Architecture practice. Key responsibilities in this role will include: Lead and develop the Solution Architecture (SA) team and wider ways of working/ SA practice (dotted line to Digital Product SA) Own solution architecture demand intake, prioritisation, capacity and resource planning and budgeting Ensure architectural governance, assurance, and compliance to standards/principles Define and improve practice ways of working, templates, and engagement model Triage demand, identify the need for solution architecture and provide early shaping/steer in line with demand and Enterprise Architecture guidance Potentially lead solution design for complex/high risk initiatives and assure wider delivery Influence stakeholders, drive alignment, document and evidence key technology decisions Build reusable architecture assets and continuously raise solution architecture maturity within the Press Manage contractor architects and ensure quality, value and knowledge transfer Own design artefacts such as the High Level Design (HLD), Non functional requirements (NFR's) and design patterns, ensuring documentation is both useful and guides development and delivery. We operate a hybrid working policy that requires a minimum of 2 days per week in the Oxford office. About You To be successful in this role, you will ideally have/be: Proven leadership of solution architects or senior technology resource Proven experience in solution architecture within complex, multi team technology environments. Strong understanding of architecture frameworks, documentation, patterns and methods, applied pragmatically. Broad technical knowledge across cloud technologies, integration, data, security, and applications. Ability to produce and assure end to end solution designs including complex programmes Experience with architectural governance, including operating or contributing to Architecture Review Boards (ARB). Knowledge of technology standards and reference architectures and patterns, and how to use and enforce them effectively. Strong capability in project/programme delivery environments, including stage gates and risk management. Experience defining and embedding architecture ways of working, templates, engagement models, reusable architecture assets, patterns and reference designs Skilled in managing architecture demand and resource allocation, including capacity planning. Balanced strategic and pragmatic mindset, able to consider both long term direction and immediate delivery needs. Experience facilitating design clinics, communities of practice or technical forums. Excellent stakeholder communication and influencing skills, including with senior leadership. Commercial and vendor management awareness, including working with outsourced teams, SI partners and contractor oversight. Understanding of sector related compliance, regulatory or security frameworks. Strong workshop and facilitation skills to drive alignment across diverse technical and business groups. Familiarity with enterprise architecture strategy development, capability modelling, or roadmap planning. We care about work/life balance here at OUP. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3 days) and a 35 hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of private medical insurance and a management bonus. Please see our Rewards and Recognition page for more information. We are committed to supporting diversity in our workforce, and ensuring an inclusive environment where all individuals can thrive. We seek to employ a workforce representative of the markets that we serve and encourage applications from all.
08/06/2026
Full time
The Lead Solution Architect oversees a team of permanent and contractor Solution Architects, and provides dotted line leadership to Digital Product Solution Architects to manage the Solution Architecture practice at OUP. The role is responsible for ensuring consistent, high quality architectural delivery across all portfolio and product workstreams. The postholder is responsible for resource and demand planning for their reports - balancing workload, forecasting capacity needs, and ensuring the right architectural skills are aligned to organisational priorities. You will define, implement, and continuously refine the practice's ways of working, establishing clear methodologies, standards, and processes. In addition, you will ensure robust technical governance and architectural assurance are consistently applied so that all solutions align with agreed technology standards, principles, and strategic direction. You will be able to perform the role of Solution Architect if needed and provide hands on guidance to mentor, coach and develop the team. You are responsible for managing and developing the solution architects, supporting career growth, building their capability and performance management. Over time you will build succession and reduce single points of failure, and you will have the ability to lead, coach, and shape a high performing architecture community across both line managed and dotted line relationships. Reporting to the Director of Architecture Services and embedded in a team of Enterprise and Solution Architects you will lead the Solution Architecture practice. Key responsibilities in this role will include: Lead and develop the Solution Architecture (SA) team and wider ways of working/ SA practice (dotted line to Digital Product SA) Own solution architecture demand intake, prioritisation, capacity and resource planning and budgeting Ensure architectural governance, assurance, and compliance to standards/principles Define and improve practice ways of working, templates, and engagement model Triage demand, identify the need for solution architecture and provide early shaping/steer in line with demand and Enterprise Architecture guidance Potentially lead solution design for complex/high risk initiatives and assure wider delivery Influence stakeholders, drive alignment, document and evidence key technology decisions Build reusable architecture assets and continuously raise solution architecture maturity within the Press Manage contractor architects and ensure quality, value and knowledge transfer Own design artefacts such as the High Level Design (HLD), Non functional requirements (NFR's) and design patterns, ensuring documentation is both useful and guides development and delivery. We operate a hybrid working policy that requires a minimum of 2 days per week in the Oxford office. About You To be successful in this role, you will ideally have/be: Proven leadership of solution architects or senior technology resource Proven experience in solution architecture within complex, multi team technology environments. Strong understanding of architecture frameworks, documentation, patterns and methods, applied pragmatically. Broad technical knowledge across cloud technologies, integration, data, security, and applications. Ability to produce and assure end to end solution designs including complex programmes Experience with architectural governance, including operating or contributing to Architecture Review Boards (ARB). Knowledge of technology standards and reference architectures and patterns, and how to use and enforce them effectively. Strong capability in project/programme delivery environments, including stage gates and risk management. Experience defining and embedding architecture ways of working, templates, engagement models, reusable architecture assets, patterns and reference designs Skilled in managing architecture demand and resource allocation, including capacity planning. Balanced strategic and pragmatic mindset, able to consider both long term direction and immediate delivery needs. Experience facilitating design clinics, communities of practice or technical forums. Excellent stakeholder communication and influencing skills, including with senior leadership. Commercial and vendor management awareness, including working with outsourced teams, SI partners and contractor oversight. Understanding of sector related compliance, regulatory or security frameworks. Strong workshop and facilitation skills to drive alignment across diverse technical and business groups. Familiarity with enterprise architecture strategy development, capability modelling, or roadmap planning. We care about work/life balance here at OUP. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3 days) and a 35 hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of private medical insurance and a management bonus. Please see our Rewards and Recognition page for more information. We are committed to supporting diversity in our workforce, and ensuring an inclusive environment where all individuals can thrive. We seek to employ a workforce representative of the markets that we serve and encourage applications from all.
We're looking for an experienced Zero Trust Identity and Access Management (IAM) Security Architect to shape how Arm secures its global workforce and systems. You'll design and guide the strategy behind secure, scalable identity solutions that enable employees, contractors and third parties to work safely anywhere. You'll work across enterprise IT, security architecture and engineering to define IAM standards, integrate new technologies and make identity simple and secure for every team. Responsibilities: Lead the design and implementation of enterprise Zero Trust IAM architecture across AD, Entra ID, SSO, MFA, PAM, and PKI. Create and maintain Zero Trust IAM security roadmaps, patterns, and reference designs. Supporting and partner with IT, GRC, and Engineering teams to ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. Required Skills and Experience: Extensive practical experience in designing and running Identity and Access Management (IAM) solutions for both human and non-human identities within large-scale, complex environments. Deep knowledge of identity protocols (SAML, OAuth2, OIDC, SCIM, LDAP/AD, PKI). Expertise in at least two IAM product areas (e.g., PAM, SSO/MFA) such as Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Good understanding of LDAP directories preferably Oracle Strong understanding of security frameworks and compliance (NIST, ISO 27001, SOX, GDPR). Experience working with cloud identity (Azure, AWS, or GCP). Nice To Have Skills and Experience: CISSP, CISM, CIAM, or similar security certification Familiarity with automation, API protection, or security orchestration. Experience with API security or microservices identity patterns. In Return: Arm offers a challenging role with opportunities for impact and growth. Details of compensation will be discussed during the interview process. Accommodations at Arm At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Hybrid Working at Arm Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you. Equal Opportunities at Arm Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
08/06/2026
Full time
We're looking for an experienced Zero Trust Identity and Access Management (IAM) Security Architect to shape how Arm secures its global workforce and systems. You'll design and guide the strategy behind secure, scalable identity solutions that enable employees, contractors and third parties to work safely anywhere. You'll work across enterprise IT, security architecture and engineering to define IAM standards, integrate new technologies and make identity simple and secure for every team. Responsibilities: Lead the design and implementation of enterprise Zero Trust IAM architecture across AD, Entra ID, SSO, MFA, PAM, and PKI. Create and maintain Zero Trust IAM security roadmaps, patterns, and reference designs. Supporting and partner with IT, GRC, and Engineering teams to ensure compliance and security standard processes. Evaluate and integrate new identity tools, authentication platforms and access capabilities. Drive continuous improvement through risk assessments, threat modelling, and automation. Required Skills and Experience: Extensive practical experience in designing and running Identity and Access Management (IAM) solutions for both human and non-human identities within large-scale, complex environments. Deep knowledge of identity protocols (SAML, OAuth2, OIDC, SCIM, LDAP/AD, PKI). Expertise in at least two IAM product areas (e.g., PAM, SSO/MFA) such as Okta, CyberArk, Ping, or preferably Microsoft Entra ID. Good understanding of LDAP directories preferably Oracle Strong understanding of security frameworks and compliance (NIST, ISO 27001, SOX, GDPR). Experience working with cloud identity (Azure, AWS, or GCP). Nice To Have Skills and Experience: CISSP, CISM, CIAM, or similar security certification Familiarity with automation, API protection, or security orchestration. Experience with API security or microservices identity patterns. In Return: Arm offers a challenging role with opportunities for impact and growth. Details of compensation will be discussed during the interview process. Accommodations at Arm At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Hybrid Working at Arm Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you. Equal Opportunities at Arm Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Senior IT Infrastructure & Systems Manager We are seeking an experienced and highly motivated Senior IT Infrastructure Manager with at least 7 to 10 years of experience to oversee, manage, and continuously improve the organization's IT infrastructure, enterprise systems, network environment, and end user computing services. The successful candidate will ensure the availability, security, performance, and resilience of critical business systems while leading technical teams and supporting key stakeholders across the organization. This role requires a strong blend of technical expertise, leadership capability, operational excellence, and stakeholder management skills, within a complex enterprise environment that includes financial, trading, and treasury systems. Infrastructure & Systems Management Administer, maintain, and optimise Windows and Linux server environments. Manage VMware virtualised infrastructure (vSphere 8 and above). Oversee enterprise backup and disaster recovery solutions using Veeam Backup & Replication. Manage Veeam ONE monitoring and Veeam Recovery Orchestrator (VRO) environments. Administer endpoint security and encryption solutions, including Symantec Endpoint Protection (SEP) and Symantec Endpoint Encryption (SEE). Support endpoint DLP, SIEM, and security monitoring tools (e.g., Splunk, Tenable). Manage patching processes using ManageEngine Patch Manager Plus. Support Microsoft 365 services and related cloud technologies. In depth understanding of Cyber security. Monitor system performance, capacity, availability, and infrastructure health. Ensure compliance with IT governance, security policies, and operational standards. End-User Computing Support Provide advanced desktop, laptop, printer, mobile device (iOS) and branch office IT support. Deliver AV support for meeting rooms, conferencing, presentations, and collaboration systems. Manage OS deployment, imaging, image creation, maintenance, and software packaging. Administer Active Directory (AD), Group Policy Objects (GPOs) and user provisioning and NTFS permissions. Support Microsoft 365 applications including Outlook, Teams, OneDrive, and SharePoint. Resolve technical incidents and service requests in line with agreed SLAs. Enterprise Applications & Financial Systems Support Support and administer Bloomberg FXT. Support and administer Refinitiv Eikon. Support and administer Murex Treasury System. Support and administer SWIFT Alliance Access (SAA). Support and administer 1AML. Support and administer SIBS. Support and administer GFMS. Support and administer COP. Support enterprise file synchronization and replication solutions (e.g. Syncovery, other SFTP). Networking Configure and support Cisco switches and routers. Administer FortiGate firewall environments. Apply strong network fundamentals: DNS, DHCP, TCP/IP, LAN/WAN, routing and connectivity troubleshooting. Monitor network performance, availability, and security posture. Security & Endpoint Management Support vulnerability management using tools such as Tenable. Manage security monitoring and log analysis tools (e.g. Splunk). Perform SSL/TLS certificate lifecycle management using OpenSSL. Create and manage CSRs, certificate chains, and private keys. Ensure adherence to cybersecurity policies, standards, and regulatory requirements. Support physical access control systems (e.g. Paxton). Governance, Documentation & Process Improvement Develop, maintain, and enforce IT policies, standards, and operational procedures. Produce system architecture diagrams, technical documentation, SOPs, and performance reports. Identify and drive opportunities for automation and service improvement. Support technology planning, infrastructure modernization, and transformation initiatives. Operating Systems Windows 11 Windows Server 2019/2022 (or equivalent enterprise environments) Red Hat Linux Infrastructure & Virtualization VMware vSphere / vCenter (v8.0.3 and above) Veeam Backup & Replication Veeam ONE, VRO Microsoft Office 365 ManageEngine Patch Manager Plus SaaS solutions SQL Server Security Symantec Endpoint Protection (SEP) Symantec Endpoint Encryption (SEE) SentinelOne - EDR/XDR Endpoint DLP solutions Firewall administration Vulnerability management tools (e.g., Tenable) SIEM tools (e.g., Splunk) Hardware & Storage Dell PowerEdge Servers Dell PowerVault SAN Storage Technical Competencies Data analysis and operational reporting Desktop and laptop support Infrastructure monitoring and performance management Certificate lifecycle management (SSL/TLS) Windows imaging and deployment, GPO, NTFS PowerShell scripting SQL Server administration Understanding of software development lifecycle (SDLC) and deployment processes Architecture review and systems optimisation Asset management Qualifications 7+ years of experience in enterprise IT infrastructure and systems administration. Experience within financial services, banking, trading, or treasury environments. Proven experience managing mission critical infrastructure and applications. Experience operating within regulated and security focused environments. Able to provide support to VIP stakeholders. This is a hybrid role - 3 days in the office in Central London. Salary for this role will be in the range £55K - £60K.
08/06/2026
Full time
Senior IT Infrastructure & Systems Manager We are seeking an experienced and highly motivated Senior IT Infrastructure Manager with at least 7 to 10 years of experience to oversee, manage, and continuously improve the organization's IT infrastructure, enterprise systems, network environment, and end user computing services. The successful candidate will ensure the availability, security, performance, and resilience of critical business systems while leading technical teams and supporting key stakeholders across the organization. This role requires a strong blend of technical expertise, leadership capability, operational excellence, and stakeholder management skills, within a complex enterprise environment that includes financial, trading, and treasury systems. Infrastructure & Systems Management Administer, maintain, and optimise Windows and Linux server environments. Manage VMware virtualised infrastructure (vSphere 8 and above). Oversee enterprise backup and disaster recovery solutions using Veeam Backup & Replication. Manage Veeam ONE monitoring and Veeam Recovery Orchestrator (VRO) environments. Administer endpoint security and encryption solutions, including Symantec Endpoint Protection (SEP) and Symantec Endpoint Encryption (SEE). Support endpoint DLP, SIEM, and security monitoring tools (e.g., Splunk, Tenable). Manage patching processes using ManageEngine Patch Manager Plus. Support Microsoft 365 services and related cloud technologies. In depth understanding of Cyber security. Monitor system performance, capacity, availability, and infrastructure health. Ensure compliance with IT governance, security policies, and operational standards. End-User Computing Support Provide advanced desktop, laptop, printer, mobile device (iOS) and branch office IT support. Deliver AV support for meeting rooms, conferencing, presentations, and collaboration systems. Manage OS deployment, imaging, image creation, maintenance, and software packaging. Administer Active Directory (AD), Group Policy Objects (GPOs) and user provisioning and NTFS permissions. Support Microsoft 365 applications including Outlook, Teams, OneDrive, and SharePoint. Resolve technical incidents and service requests in line with agreed SLAs. Enterprise Applications & Financial Systems Support Support and administer Bloomberg FXT. Support and administer Refinitiv Eikon. Support and administer Murex Treasury System. Support and administer SWIFT Alliance Access (SAA). Support and administer 1AML. Support and administer SIBS. Support and administer GFMS. Support and administer COP. Support enterprise file synchronization and replication solutions (e.g. Syncovery, other SFTP). Networking Configure and support Cisco switches and routers. Administer FortiGate firewall environments. Apply strong network fundamentals: DNS, DHCP, TCP/IP, LAN/WAN, routing and connectivity troubleshooting. Monitor network performance, availability, and security posture. Security & Endpoint Management Support vulnerability management using tools such as Tenable. Manage security monitoring and log analysis tools (e.g. Splunk). Perform SSL/TLS certificate lifecycle management using OpenSSL. Create and manage CSRs, certificate chains, and private keys. Ensure adherence to cybersecurity policies, standards, and regulatory requirements. Support physical access control systems (e.g. Paxton). Governance, Documentation & Process Improvement Develop, maintain, and enforce IT policies, standards, and operational procedures. Produce system architecture diagrams, technical documentation, SOPs, and performance reports. Identify and drive opportunities for automation and service improvement. Support technology planning, infrastructure modernization, and transformation initiatives. Operating Systems Windows 11 Windows Server 2019/2022 (or equivalent enterprise environments) Red Hat Linux Infrastructure & Virtualization VMware vSphere / vCenter (v8.0.3 and above) Veeam Backup & Replication Veeam ONE, VRO Microsoft Office 365 ManageEngine Patch Manager Plus SaaS solutions SQL Server Security Symantec Endpoint Protection (SEP) Symantec Endpoint Encryption (SEE) SentinelOne - EDR/XDR Endpoint DLP solutions Firewall administration Vulnerability management tools (e.g., Tenable) SIEM tools (e.g., Splunk) Hardware & Storage Dell PowerEdge Servers Dell PowerVault SAN Storage Technical Competencies Data analysis and operational reporting Desktop and laptop support Infrastructure monitoring and performance management Certificate lifecycle management (SSL/TLS) Windows imaging and deployment, GPO, NTFS PowerShell scripting SQL Server administration Understanding of software development lifecycle (SDLC) and deployment processes Architecture review and systems optimisation Asset management Qualifications 7+ years of experience in enterprise IT infrastructure and systems administration. Experience within financial services, banking, trading, or treasury environments. Proven experience managing mission critical infrastructure and applications. Experience operating within regulated and security focused environments. Able to provide support to VIP stakeholders. This is a hybrid role - 3 days in the office in Central London. Salary for this role will be in the range £55K - £60K.
Enterprise IAM Architect, GlobalLocation: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA)Make your mark in Information TechnologyAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Security Office (ISO) works closely with the Information Technology (IT) team equipping our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. Innovation in IT drives innovation across the organization.How you will create an impactThe Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value.AIG currently operates an identity ecosystem that includes (as representative examples) technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome- and value-led.Delivery & Engagement ModelIAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance-ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes.The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non-group managed entities (e.g. Israel, China).Strategic AccountabilityYou will be accountable for:Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target-state architectureDeveloping and governing multi-year roadmaps, including transition states and sequencingWorking with other domain leads and architects to define IAM-related projects and transformation initiativesTranslating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise prioritiesEstablishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvementsProviding architectural governance and approval for identity-related initiatives, including standards, patterns, design reviews, and exception managementEnsuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligationsOwned AccountabilityIn collaboration with other domain leads, architects, delivery stakeholders, operations, engineering and the ISO PMO, you own the development of identity-related project and program charters, including:Strategic rationale and business justificationRisk reduction objectives and control outcomesScope boundaries, assumptions, and architectural intentSuccess metrics and measurable value realizationDependencies, sequencing, and transition planningAlignment to enterprise portfolio/funding governance processesYou will ensure initiatives are well-framed, justifiable, architecturally coherent, and outcome-based before entering execution.Core ResponsibilitiesIdentity & Access Architecture & Control DesignDefine the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patternsDevelop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non-human identities)Authentication & Endpoint-Integrated IdentityDefine and steer phishing-resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device-bound authentication, platform authenticators)Define endpoint-integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration)Technology Optimization, Value Realization & ROSIAs part of ongoing architecture governance, continuously evaluate and re-evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomesEnsure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity improvements, audit outcomes)IAM Sourcing & Operating ModelPlay an active role in defining and shaping the IAM sourcing approach and operating modelDefine architecture-led evaluation criteria and control outcomes to support build/buy/partner decisionsDefine and validate service boundaries, accountabilities (RACI), and governance forumsShape system integrator and managed service engagement models (where applicable) to ensure quality, control effectiveness, auditability, and sustainable run-state operationsGovernance & Partner OversightProvide architectural oversight of system integration partners and consultancies, validating deliverables and ensuring alignment to enterprise standards and target-state intentEnsure alignment to enterprise security architecture frameworks (e.g., SABSA, TOGAF) and industry frameworks (e.g., NIST, ISO/IEC), producing audit-defensible designsRequired Experience and Qualificationsin depth experience in cybersecurity and/or identity architecture (IAM/CIAM), including enterprise-scale transformationProven experience defining enterprise IAM/CIAM strategy, target-state architecture, and roadmapsDemonstrable experience shaping initiatives and developing project/program charters for portfolio governance and fundingExperience working effectively with PMO/program governance functionsExperience working with system integrators and consultancies, including architectural oversight and design authority engagementStrong knowledge of workforce and/or customer identity platforms and controls-examples include Entra ID, hybrid AD, Intune, Windows Hello for Business, Okta, SailPoint IIQ, HYPR (or equivalent)Knowledge of industry frameworks (NIST, ISO/IEC) and control-driven design in regulated environmentsStrong stakeholder management and executive communication skills (risk/value trade-offs, decision support, influencing without direct authority)Core CompetenciesMastery level knowledge of workforce IAM and customer IAMExperience of defining defendable / resilient security architecturesRisk- and controls-driven architecture with measurable outcomesTechnology-agnostic judgement; capability-first designROSI-led decision making and value realization thinkingGovernance and design authority leadershipCross-functional influence without direct delivery ownershipExecutive communication and facilitation of decisions and trade-offs AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what's most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security-as well as your professional development-to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world's most far-reaching property casualty networks. It is an exciting time to join us - across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of inclusionWe're committed to creating a culture that truly respects and celebrates each other's talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG's greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to Area:IT - Information TechnologyAmerican International Group UK Limited, Ireland Branch & AIG Europe S.A. (Ireland Branch)
08/06/2026
Full time
Enterprise IAM Architect, GlobalLocation: can be based in one of our AIG offices in London (UK), Dublin (Ireland), Reston, VA (USA), or Charlotte, NC (USA)Make your mark in Information TechnologyAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Security Office (ISO) works closely with the Information Technology (IT) team equipping our colleagues with the latest tools to complete their work efficiently, with the highest standards of excellence. The team is responsible for shielding the company's systems from security risks, while designing technology strategies that enable AIG's businesses to achieve their goals. Innovation in IT drives innovation across the organization.How you will create an impactThe Enterprise IAM Architect is accountable for defining and governing the enterprise Identity and Access Management (IAM) target state and shaping the transformation portfolio required to achieve it. This role sits within the Information Security Office (ISO), within the Enterprise Security Architecture function, focusing on process design, risk reduction, control effectiveness, and measurable business value.AIG currently operates an identity ecosystem that includes (as representative examples) technologies such as Microsoft Entra ID, hybrid Active Directory, Okta (Workforce and Customer Identity), SailPoint IdentityIQ (IIQ), Microsoft Intune, Windows Hello for Business, and HYPR. These are examples of the current operating environment; however, the role is not product-bound and is expected to remain outcome- and value-led.Delivery & Engagement ModelIAM delivery execution is managed through the ISO Program Management Office (PMO) in partnership with the relevant engineering, operational teams (e.g. IAM, security, infrastructure, and applications) and the business. This role shapes and governs delivery by defining architectural intent, control outcomes, sequencing, and design governance-ensuring initiatives remain aligned to roadmap objectives and value/risk outcomes.The Global, Enterprise IAM Architect will focus on group managed entities (e.g. US, EMEA and UK) and will support and guide the non-group managed entities (e.g. Israel, China).Strategic AccountabilityYou will be accountable for:Defining and maintaining the workforce IAM and customer IAM (CIAM) strategy and target-state architectureDeveloping and governing multi-year roadmaps, including transition states and sequencingWorking with other domain leads and architects to define IAM-related projects and transformation initiativesTranslating capability gaps and risk exposure into structured, fundable initiatives aligned to enterprise prioritiesEstablishing outcome measures and architectural guardrails to ensure initiatives deliver measurable risk and control improvementsProviding architectural governance and approval for identity-related initiatives, including standards, patterns, design reviews, and exception managementEnsuring alignment with wider enterprise security architecture direction, risk appetite, and regulatory obligationsOwned AccountabilityIn collaboration with other domain leads, architects, delivery stakeholders, operations, engineering and the ISO PMO, you own the development of identity-related project and program charters, including:Strategic rationale and business justificationRisk reduction objectives and control outcomesScope boundaries, assumptions, and architectural intentSuccess metrics and measurable value realizationDependencies, sequencing, and transition planningAlignment to enterprise portfolio/funding governance processesYou will ensure initiatives are well-framed, justifiable, architecturally coherent, and outcome-based before entering execution.Core ResponsibilitiesIdentity & Access Architecture & Control DesignDefine the workforce IAM and CIAM target state architectures, controls, standards, principles, and design patternsDevelop identity response strategies for emerging technologies, including IAM implications for Agentic AI and autonomous systems (e.g. non-human identities)Authentication & Endpoint-Integrated IdentityDefine and steer phishing-resistant and passwordless strategy (e.g., FIDO2/WebAuthn, device-bound authentication, platform authenticators)Define endpoint-integrated trust models in partnership with endpoint/EUC teams (e.g., Intune device posture, compliant device enforcement, conditional access integration)Technology Optimization, Value Realization & ROSIAs part of ongoing architecture governance, continuously evaluate and re-evaluate identity technologies and investments to maximise Return on Security Investment (ROSI), drive cost efficiency, identify optimisation opportunities, and ensure spend is aligned to measurable risk and control outcomesEnsure business cases and charters quantify expected value (risk reduction, incident reduction, operational efficiencies, productivity improvements, audit outcomes)IAM Sourcing & Operating ModelPlay an active role in defining and shaping the IAM sourcing approach and operating modelDefine architecture-led evaluation criteria and control outcomes to support build/buy/partner decisionsDefine and validate service boundaries, accountabilities (RACI), and governance forumsShape system integrator and managed service engagement models (where applicable) to ensure quality, control effectiveness, auditability, and sustainable run-state operationsGovernance & Partner OversightProvide architectural oversight of system integration partners and consultancies, validating deliverables and ensuring alignment to enterprise standards and target-state intentEnsure alignment to enterprise security architecture frameworks (e.g., SABSA, TOGAF) and industry frameworks (e.g., NIST, ISO/IEC), producing audit-defensible designsRequired Experience and Qualificationsin depth experience in cybersecurity and/or identity architecture (IAM/CIAM), including enterprise-scale transformationProven experience defining enterprise IAM/CIAM strategy, target-state architecture, and roadmapsDemonstrable experience shaping initiatives and developing project/program charters for portfolio governance and fundingExperience working effectively with PMO/program governance functionsExperience working with system integrators and consultancies, including architectural oversight and design authority engagementStrong knowledge of workforce and/or customer identity platforms and controls-examples include Entra ID, hybrid AD, Intune, Windows Hello for Business, Okta, SailPoint IIQ, HYPR (or equivalent)Knowledge of industry frameworks (NIST, ISO/IEC) and control-driven design in regulated environmentsStrong stakeholder management and executive communication skills (risk/value trade-offs, decision support, influencing without direct authority)Core CompetenciesMastery level knowledge of workforce IAM and customer IAMExperience of defining defendable / resilient security architecturesRisk- and controls-driven architecture with measurable outcomesTechnology-agnostic judgement; capability-first designROSI-led decision making and value realization thinkingGovernance and design authority leadershipCross-functional influence without direct delivery ownershipExecutive communication and facilitation of decisions and trade-offs AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what's most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security-as well as your professional development-to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world's most far-reaching property casualty networks. It is an exciting time to join us - across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of inclusionWe're committed to creating a culture that truly respects and celebrates each other's talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG's greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to Area:IT - Information TechnologyAmerican International Group UK Limited, Ireland Branch & AIG Europe S.A. (Ireland Branch)
