42 jobs found

Do you want to do work that matters, alongside supportive leaders who will help you grow faster than you ever thought possible? Are you a creative problem-solver who is energized by challenges? You've come to the right place. YOUR IMPACT You will act as a security point of contact for QuantumBlack, AI by McKinsey and McKinsey Technology Practices with additional support from the rest of the Tech Ecosystem organization as and when required. You will drive the promotion and adoption of the Secure Development Lifecycle, DevSecOps and Cloud security policies, and contribute to the development and continual improvement of the Tech Ecosystem security strategy. You will provide reporting on security compliance, incidents, Key Performance Indicators (KPIs) and Objectives and Key Results (OKRs). You will also deliver and represent the priorities of the Practice back to Tech Ecosystem Leadership. You will conduct comprehensive product security reviews and assist products in vulnerability management. Your work will help secure the products created by the developers and engineers at McKinsey that enable our consulting teams to deliver the value and impact McKinsey is known for. You will be based in one of our offices located in Prague, London, San Jose, or Sao Paulo. YOUR GROWTH You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact. In return for your drive, determination, and curiosity, we'll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference. When you join us, you will have: Continuous learning:Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey. A voice that matters:From day one, we value your ideas and contributions. You'll make a tangible impact by offering innovative ideas and practical solutions, all while upholding our unwavering commitment to ethics and integrity. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes. Global community:With colleagues across 65+ countries and over 100 different nationalities, our firm's diversity fuels creativity and helps us come up with the best solutions. Plus, you'll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences. Exceptional benefits:On top of a competitive salary (based on your location, experience, and skills), we provide a comprehensive benefits package to enable holistic well-being for you and your family. YOUR QUALIFICATIONS AND SKILLS 5+ years of corporate and/or professional services experience in Cyber or a similar information security role Technical understanding of a range of enterprise IT and cloud-based architectures and technologies (AWS, Azure, etc.) Experience conducting product security reviews and knowledge of vulnerability management Working Knowledge of common information security controls, guidelines and standards, such as ISO27001, SOC 2, NIST CSF, NIST SP800-53, GDPR, etc. Strong analytical and organizational skills and the ability to work independently, as well as part of a wider team, with minimal supervision Professional certifications such as CISSP, CISM, CCSK, or cloud security specialty certifications are preferred but not required Demonstrated interest in and hands on experience with AI technologies, including the use of generative AI tools to improve productivity, security analysis, research, or operational processes. Awareness of emerging AI security risks and considerations, with a willingness to learn and apply evolving best practices related to AI governance, data protection, and responsible AI use. Strong written and verbal communication skills with the ability to converse effectively at all levels of seniority, both internally and externally FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law. FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites.

Role Title: Lead Enterprise Engineer/Architect Duration: contract to run until 09/04/2027 Location: Sheffield, Hybrid 3 days per week onsite Rate: up to £529 p/d Umbrella inside IR35 Role purpose / summary Big Bank Funding. FinTech Thinking Our technology teams work closely with our client's global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world's leading international bank. Our multi-disciplined teams include DevOps engineers, IT architects, front and back-end developers, infrastructure specialists, cyber experts, as well as project and programme managers. Following extensive investment across our Technology and Digital domains and with plans for continued expansion throughout 2026 and beyond, we are currently seeking a Lead Enterprise Engineer / Architect to assist in the development of an Engineering Excellence Practice. Brief overview of the business areas Cybersecurity Technology & Engineering is responsible for fielding solutions that help defend our client against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across our client, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: "Enabling our client to be safely successful everywhere the Firm chooses to do business". The Engineering Excellence and Enablement Team We are a team of multi skilled engineers / architects who design and build integration solutions for Cyber services across our client. Our overall aims are to improve the security of the bank by removing friction from the cyber services engineers consume, and to improve how Cyber engineers its own services. This includes working with teams to improve their DevSecOps practices, pipeline integration with cyber services, and working with the Principal Engineering community across the bank to run POCs for improvements to existing services, or development of new services and features. This can require small optimisations or complete reimagining of the solution, and the way we achieve the overall outcomes. What you will be doing In addition to direct involvement with engineering teams across the bank we are also driving the adoption of engineering best practice across Cyber and are establishing an Engineering Excellence practice. We require an experienced engineer who has worked in high performing teams and has a broad knowledge, not just hands on development but also organisationally and has a proven track record in driving automation, efficiency quality and continuous improvement. This is an engineering led initiative by engineers for engineers looking at how to mature and improve engineering practice both within individual engineering teams and horizontally across cyber. Responsibilities Assist in establishing the engineering excellence program across Cyber, building a community of practice to drive consistency standardisation and a culture of automation and continuous improvement across teams. Embed engineering efficiency, improvement and engineering best practice across cyber with clarity on process, system and tools. Partnering with the Engineering leads and capability owners to ensure desired outcomes are achieved. Work with the engineering teams in setting requirements that develop services and capabilities that meet the controls needed but also appeal to a broad customer base and enable operational efficiency throughout our value stream. Facilitate the creation, evolution and implementation of standard build and deployment pipelines across Cyber. Engage with Cyber engineering teams to build, enhance and adopt these pipelines. Champion cross functional reuse across new product introduction, gaining clear ownership and accountability to improve our product time to market. Engage with other engineering teams across Cyber and business to create a build once and use many times approach. Coach and support the Agile teams to ensure full consideration of 'concept to product to customer' is achieved through the upfront obsession of customer needs, adoption of standard patterns / approaches and drive a culture of inner sourcing and reuse. Identify standards and patterns which need to be developed / adopted to drive consistency and efficiency in our ways of working, and lead on their production and implementation. Partner with the product management teams to enable improved business case outcomes when selecting external products through a standardised product selection approach ensuring non functional engineering requirements needed for effective operation are included as standard and not just functional requirements. What you will bring to the role Strong DevOps skills and experience - both hands on and at design level. Have degree (or equivalent) in Engineering or a related Scientific discipline. Have extensive experience working as a senior engineer or Technical Architect. Have extensive experience leading in high tech or high change environments, with a proven ability to build, develop, and lead high performing, cross functional teams. Have led or significantly contributed to one or more engineering improvement initiatives in large complex organisations. Be technically resilient and solutions focused, with strong analytical thinking and the ability to assess complex technical, commercial, and regulatory inputs. Have strong demonstrated people management capability, with experience operating across global, decentralised teams. Have proven ability to influence, build relationships, and drive strategic plans with clear, actionable outcomes. Be action orientated and shown track record of delivery to commitments. Have a track record of delivering results in complex, matrixed environments, with a deep understanding of design authority, engineering quality, safety and compliance. Be experienced in systems engineering and requirements management to enable innovative, scalable solutions. Have excellent communication, influencing, and negotiation skills, with the presence to engage effectively at senior levels across diverse culture. Fluent in spoken and written English, with the ability to communicate clearly and effectively across global teams. It is a advantage if you Have worked in finance sector or a related highly regulated industry. Have worked in Cyber Security, or have good experience in Cyber Security tools and standards.

Manager, Partner SSAApplylocations: Readingtime type: Full timeposted on: Posted 30+ Days Agojob requisition id: RCome work at a place where innovation and teamwork come together to support the most exciting missions in the world! Description: The Partner Security Solutions Architect is a Trusted Technical Advisor for Qualys Partners. They lead the technical enablement, readiness, joint solutions architectures, partner services development, Qualys platform adoption and integrations, etc. Acts as the primary technical contact for partners, facilitates the technical interface between partners and Qualys Product Management, SMEs and Engineering teams. Responsibilities: Become the Trusted Technical Advisor for both Qualys Partners and internal Qualys Partner teams. Develop Qualys Partner Services, build Managed Security Services, Integrate 3rd-party Systems / Tools Help Partners build Joint Solution Architectures, adopt Qualys Platform, and expand service practices. Provide guidance to Partners on Product Architecture, Deployment, Operations, Troubleshooting Train and enable partners on existing and new Qualys solutions / Monitor and ensure partner technical readiness. Identify recurrent needs and develop scalable technical enablement initiatives / programs / engines. Act as the main technical liaison / escalation point between Partners and Qualys Product PMs / SMEs Act as the Partner advocate for key technical issues / Monitor and improve Partner Satisfaction KPIs Creates, supports, and executes scalable operational mechanisms supporting certifications, the partner portal, and product launches for partners Coordinates and delivers an enablement calendar virtually and in-person for key partners Skills: BS / MS degree and strong technical Saas background 7+ years of relevant hands-on experience. Proficient overall knowledge of the cybersecurity market, key vendors & their value-add, competitive landscape. Excellent understanding of technical sales activities and experienced in partner enablement activities. Strong communication and presentation skills, as well as organizational skills, multi-task / prioritization Self-starter with a "can-do" attitude and passion for leveraging technology to solve business problems. Continuously learn and develop all necessary skills to achieve & maintain technical thought-leadership. Experience with Microsoft products, SFDC, Asana, and PRMs Excellent cross-functional collaboration and coordination Requirements - Must Have: Experience and skills with partner/alliance engineering, support, and enablement Strong Networking - Deep TCP/IP, routing, L2/L3/L4+ technologies, troubleshoot design & ops issues. Strong OS - Windows, Linux, MAC, Hypervisors - admin level, OS architecture, troubleshoot key issues. Strong Cloud - AWS, Azure, GCP - securing I/P/S-aaS workloads, cloud architectures, best practices. Strong Security - Firewalls, IDS/IPS, EDR / EPP, Patching, Asset Management, Certificates, WebApps. Experienced building & operating AM / VM / PC / PM programs, workflows, key metrics, best practices Experienced in Cyber-Risk frameworks, Prioritization / Remediation + Scanning / Reporting strategies. Breadth and depth of knowledge on the cybersecurity general threat landscape and attack techniques Familiarity and hands-on experience with key industry vendors in all the required technology domains Additional Requirements Desired DevSecOps - Experienced in CI/CD pipeline workflows, shift-left strategies, security scanning & tooling. Container Security - Experienced in Docker frameworks, CI/CD, Orchestration, Scanning and Reporting SOC - Experienced in Security Ops, Incident Response, Threat Hunting, Malware / Forensic Analysis WebApps - Experienced in WebApp DevSecOps best practices, WebApp scanning for OWASP top 10. Good understanding of GRC strategies and tools, Threat Intelligence, SIEMs, XDR, ICS/OT security Relevant industry certifications: CISSP, CEH, CCNP, Public Cloud (certified solutions architect level)

Location United Kingdom Employment Type Full time Location Type Remote Department Product A platform you can believe in: Immersive One is the leading cyber resilience solution across the globe. Build and scale a best in class platform alongside a team of the brightest minds in cybersecurity At Immersive, we're uniquely positioned to future-proof organizations against any cyber challenge. If that excites you, read on! Immersive help prove and improve your cyber resilience, by simulating real-world threats, testing your skills, and measuring performance. We put your readiness to the ultimate test. From sharpening technical capabilities to making high-pressure decisions, our platform allows you to assess every angle, pinpoint areas for growth, and prove your ability to tackle evolving threats with unwavering confidence. Immersive was founded in 2017, from a cargo container in Bristol, UK we've grown to over 300 employees globally, announced funding of more than £150 million and been voted a Best place to work on multiple occasions! Lead Product Manager Immersive is hiring! Could you be our next Product Manager? We're looking for an experienced, customer centric and data driven individual to join our Product team as a Lead Product Manager. As a voice and advocate for Product excellence within Immersive, you will be a key driver of the evolution of our flagship Immersive One platform, ensuring we continue to delight our users and expand our market leadership. Reporting directly to our Chief Product Officer and based out of the UK, you will be responsible for defining the vision and prioritising the initiatives for your product area to achieve maximum business outcome. You love to go through customer and user feedback, research, prioritise, and validate your assumptions with data. You will be instrumental in shaping the future of our products, guiding the end to end product development lifecycle from discovery to launch and beyond. Your product output will drive measurable business outcomes that shape the future of hands on security training for enterprises around the globe. Our most successful product managers here bring a potent mix of strategic vision, user empathy, and analytical rigor to their work, while constantly expanding their knowledge through cross team collaboration. You should be the sparring partner for the Product Designers and Engineer teams with a close eye for scalability and commerciality. Additionally you will build and leverage relationships with Go To Market, Product Marketing and our Cyber teams. Key Responsibilities Become an expert in how the major elements of the product work, providing product support to Sales and Customer Success, demonstrating product features and eliciting user feedback. Drive a data driven, analytical approach to prioritising and refining new features and product enhancements that meet customer and business needs. Set, track and optimise success metrics to ensure that deliverables are defined and measurable. Prioritise and organise features and technical requirements for your product area, ensuring a focus is maintained on delivering value to customers. Ensure a clear Product Roadmap is created, managed and communicated so that development work, marketing and release can be planned. Work closely with the marketing and sales teams to ensure effective go to market. Collaborate cross product with other Product Managers to ensure any inter team dependencies are taken into account during planning, and to share best practice. Inspire the Product delivery teams, ensuring they have the rationale and motivation required to deliver the product vision. Develop user stories with agreed acceptance criteria. Work with agile Design and Engineering teams to ensure stories are correctly refined, technical constraints, dependencies and prerequisites are identified and that the product vision is realised. Ensure a balance of Technical Debt, feature development and Technical Prerequisite work is undertaken in a responsible and timely manner to ensure feature delivery and product performance. Develop and maintain strong market awareness and deep understanding of the cyber landscape. Desired Experience Background in enterprise or SaaS technology - owning the launch of new tech products/solutions to market. Experience working in a Cybersecurity company would also be very advantageous. Proven experience taking ownership and accountability for product marketing for key products/solutions, with the ability to be hands on and operate autonomously. You'll be comfortable engaging and negotiating with stakeholders cross culturally across the business, leading conversations and influencing decision making processes. Ability to work in a fast moving, scale up environment, where processes are still being defined. Previous experience working with Product teams, and experience of how customer/prospect feedback is taken back into Product and roadmap planning. A solid foundation of technical knowledge to build upon, and yet be straightforward and "jargon free" in your approach to translating product specs into consumable prospect messaging and sales enablement. A nice to have but not essential would be some understanding of cybersecurity, application security, DevSecOps, and risk, as well as any experience working with channel partners. We are looking for our Lead Product Manager to be based in the UK, and we offer both remote and hybrid working options. Our Core Values Driven - We push the boundaries of innovation, acting swiftly to achieve ambitious outcomes. Our drive embodies a culture of ambition, where challenges are stepping stones to excellence. Inclusive - Our strength lies in diversity, fostering a culture where every individual contributes to our collective strength. We champion open dialogue and empathy, ensuring a collaborative, inclusive workplace. Customer Centric - We seek to develop deep relationships with our customers to help them achieve their business outcomes. We exceed our customers and partners' expectations by crafting products, services and experiences that surprise, delight and ensure they feel valued and supported every day. One Team - We are a talented global team working together to achieve our vision. Central to our ethos, resilience means adapting and thriving in adversity. It guides our innovation, ensuring we and our clients are prepared for the future. We encourage people of all different backgrounds and identities to apply. We are committed to maintaining an inclusive, supportive place for you to be you and do your very best work. Benefits Time off, flexible and remote working so you can work when is best for you, includes 25 days annual leave + 2 volunteering days and birthday day off. Look after your family and yourself with enhanced parental leave, mindfulness groups, critical illness cover. Career and learning development through the platform and our 'Learn Anything' fund. Share in the companies success with share options, sales incentives and Recognition & Rewards for doing great work and living our values and behaviours. Informal or formal flexible working options, e.g. flexible start and finish times, reduced hours, job share, remote working. We're a sociable, tight knit team with monthly socials, and sports clubs. Our socials have included everything from pottery painting and paper mask making, to movie nights and escape rooms. While this is a remote position, we do all meet in our EMEA HQ on a bi annual basis and regularly in person in region. Find out more about life at Immersive Labs Cyber threats wait for no one and neither should you. Apply now! If you would like to read more about what you can expect from our recruitment process, you can visit our dedicated interview process page.

Senior Security Engineer (AI & DevSecOps) at iProov About iProov iProov provides science-based biometric solutions that enable the world's most security-conscious organizations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences. Trusted by leading governments and enterprises, including the U.S. Department of Homeland Security, U.K. Home Office, GovTech Singapore, ING, and UBS, iProov sets the standard in biometric identity assurance. This global trust is built not only on our technology but on the strength of the people behind it. For us, diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose. The Role Reports to: Head of Cybersecurity Location: WeWork Waterloo - Hybrid Comp: $ (Base) + Company Performance Bonus (20%) + Share Options + US iProov Benefits The role was created specifically to provide the technical security depth that will allow us to accelerate our adoption of agentic AI, equipping developers and data scientists building our biometric products with the tools and workflows to use AI safely and at pace. You will work as the direct counterpart to our GRC focused InfoSec Manager, owning the engineering and implementation side of our security posture across cloud infrastructure, developer workflows, AI systems, and our core security toolstack. This is a role for someone who has built and shipped software or infrastructure and brings that experience into a security context. How you can make an impact Architect and deploy the secure technical framework that governs the security controls for how our developers and scientists use agentic AI, including AI coding assistants, autonomous agents, and LLM integrated tooling. Given that these systems can autonomously access data, execute code, and interact with external services, the guardrails you design will need to address a substantially broader attack surface than traditional AI tooling, and must hold up in a context where the underlying data is among the most sensitive we handle. Be the primary technical security voice in decisions around the use and deployment of externally developed AI, ensuring the right controls are in place from the onset. Continuously mature automated security controls into CI/CD pipelines and infrastructure as code deployments, championing the DevSecOps culture across a large engineering organisation. Take hands on ownership of our core security technology stack, including Wiz, CrowdStrike, Google SecOps, and Tailscale, ensuring these platforms are correctly configured, tuned, and integrated. Drive continuous technical delivery of strategic security initiatives, systematically identifying, triaging, and closing gaps across our cloud environments, internal networks, and developer workflows. Provide technical oversight of the security of the data pipelines feeding our internal AI systems and, critically, the permissions and access boundaries of agentic AI systems reaching out into other environments, enforcing the principle of least privilege, maintaining audit trails, and ensuring sensitive data and code integrity is handled with the rigour required. Complement the work of our existing biometric and product focused Red Team by owning security coverage of the DevSecOps surface, the build pipeline, internal toolchain, cloud environments and developer infrastructure. Act as the primary technical security partner to our GRC focused InfoSec Manager, translating governance and compliance mandates into concrete, automated engineering controls. Represent the technical security function in external audits. This includes presenting evidence of controls, articulating the security posture of our cloud and AI environments to auditors, and working closely with the InfoSec Manager to ensure the technical substance behind our compliance position is clearly and credibly communicated. Qualifications A foundational background in software engineering or DevOps before moving into a dedicated security role: you understand how code is written, tested, and deployed, and that experience is central to how you approach security problems. Proven, hands on experience securing modern cloud infrastructure and containerised environments, with a solid understanding of infrastructure as code principles and the security implications of how infrastructure is defined and provisioned. Proficiency in deploying and administering enterprise security platforms, ideally with direct experience managing tools spanning CNAPP, EDR, SIEM, and zero trust networking. A heavy and active user of AI in both professional and personal contexts, including agentic AI tools and coding assistants, with a grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM specific attack vectors. Scripting and automation capability, particularly in Python, to build internal tooling, automate security checks, and reduce reliance on manual processes across the security function. Prior experience or a demonstrated practical interest in securing AI workloads, data pipelines, and machine learning environments. The communication skills to collaborate effectively with highly technical stakeholders, champion security initiatives without hindering developer productivity, and translate risk into language that resonates with both engineering peers and business leadership, including the confidence to present technical security evidence clearly in formal external audit settings. Benefits 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service) Growth Shares allocated after passing probation (6 months of service) Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme Nursery Sacrifice Scheme Work Overseas Perk - Work globally for up to 2 weeks Life Assurance SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family Benefit from personalized 1:1 career coaching with our in house Occupational Psychologist Award winning L&D platform with personal allocated training budgets Enhanced paid family leave Flexible hybrid working environment Free Barista Coffee/Tea, biscuits with fruit in the WeWork office Free access to WeWork discounts and free online well being sessions Vitality Health - a range of options available on this below The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example: Private Health cover including Dental, Optical, and Audiology 50% off monthly gym memberships Apple watches significantly discounted based member vitality status Half price trainers with Runners Need Weekly rewards - Free coffee with Café Nero Monthly rewards - Free Cinema ticket Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status Amazon prime free months based on activity Up to 25% cashback at Waitrose when buying healthy foods75% off stays at Champneys Health Spas Allen Carr's £299 no smoking programme for free Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace Discounts on Weight Watchers As an equal opportunities employer, we encourage applications from people of all backgrounds. We're committed to building a workforce that is representative of the people we serve.

Black Duck Software, Inc. Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle. Data Science Group Overview The Data Science group serves under the Black Duck Data Engineering organization as a center of excellence in data analysis, statistical interpretation, machine learning engineering, attribution analysis and operational metric review. Our core purview is the application of historical data to drive future decision making, and to develop and maintain machine learning and analytical tools to improve service delivery and advise operational processes. We also serve as mediators of meaning across Black Duck, and as custodians of a shared data ecosystem. This ecosystem serves to empower data consumers to explore client operational and service ops data in more intuitive ways, and supports their ability to share and collaborate on best practices for using this data in truthful, responsible, ethical and efficient ways. Our Values Trust: Our work has no value if it is not trusted by our colleagues/customers, or if our work is not respectable. We will always rather be late than incorrect. Collaboration: We have a "very specific set of skills", however we should humbly respect the subject matter experts we work with in their fields of expertise; we're experts shuffling bits around faster/better/smarter, but they do the real work. Results: For our work to have value, it must speed up, augment, or replace, a current decision making process, or to demonstrate a new product/operational opportunity. While the "value" of a result may not be known for a long time, we are still outcome driven. Curiosity: Exploration and Experimentation is at the heart of what we do, and we empower each other with the freedom to explore, and possibly get lost in, longer term research projects than other groups. However, even those dead ends have value when they're written up. (It's not science unless you write it down) Fun: We're in this business because we enjoy the strange and often incongruous world of data, and what that data can tell us about ourselves. Revel in the comedy of your mistakes and discoveries, and share them with abandon. About the Role As a Data Engineer/Scientist, you will be a custodian of our cross functional data regime, and a driver of innovative uses of Data across our cybersecurity platforms, ranging from predictive analytics and customer behavioural analysis, through to training customised machine learning models on continuously evolving feedback streams from data and decisions that really matter to our thousands of customers that rely on our security assessments for safety, stability, and often, sleep. The ideal candidate is a self starter who is enthusiastic about exploring new technologies. They also enjoy helping their peers and their organization remain at the forefront of our industry by identifying and helping implement the latest industry best practices that boost our organization's productivity and team members' experience. The role is primarily based around our Belfast R&D Site, but UK/EMEA remote or hybrid applicants will be considered. At least Quarterly travel to the Belfast R&D Site is expected, and additional travel / conference opportunities may be available depending on your impact and collaboration. Key Responsibilities Developing and maintaining analytical data pipelines from a range of sources, internal and external Participate in system design discussions and contribute to architectural decisions Evaluating new analytical / technological opportunities for leveraging those data for security/business impact Leading projects from research through to production deployment and operational handover to appropriate teams Partnering with R&D and Engineering teams to develop and share best practices for data tooling, from pipelines and dashboards to ML and LLM integration Key Qualifications 5+ years of experience working in Data Science, AI/Data Engineering, Data Operations, DevOps, Business Analytics, or a related field BSc or MSc in Computer Science, Data Science, Artificial Intelligence, Math, Physics, Engineering or related field/degree Experience in a relevant analytical programming language the point where you can build / deliver a project/module from scratch that can be used by others (Python is our main daily driver, expert level experience in Julia or Rlang could be accepted Experience in Jupyter Notebook / equivalents Experience in Airflow, DBT, Databricks, or equivalent stacks Experience in the PyData / Spark or equivalent analytical stacks Familiarity with Cybersecurity Governance, Application Security Testing, Quality Assurance or similar Experience in data modelling and working with RDBMS (PostgreSQL, Oracle or MySQL) and knowledge of NoSQL databases (e.g., MongoDB) Experience with Machine Learning and AI systems Hands on experience with AI assisted development tools (e.g., GitHub Copilot, Claude Code, Cursor, or similar) Independent project operation and cross functional collaboration Strong or Developing communication skills (in person and remote) Nice to have Familiarity with Data Mesh/Data Product concepts Experience in operating in Linux Command line environments Experience in Langchain or equivalent Agentic development stack Experience in training custom Machine Learning models, including familiarity with evaluation criteria and metric design Experience in integrating AI capabilities into software systems, including prompt engineering, API integration, and leveraging LLM based services for automation and productivity Experience in Enterprise Data Visualisation such as Power BI, Tableau, Grafana, DataBricks, Snowflake etc. Experience deploying ML/AI models in production environments/workloads Experience in developing/working within large enterprise applications using microservices architecture, and container orchestration technologies, running on Kubernetes and/or cloud technologies (AWS, Azure or GCP) Experience in software architecture, systems design, interaction design (to the point where you can have constructive conversations with security / architecture leaders) Equal Opportunity Statement Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.

Cloud Security EngineerApplyremote type: Hybridlocations: Leeds, United Kingdomtime type: Full timeposted on: Posted Todaytime left to apply: End Date: June 19, 2026 (13 days left to apply)job requisition id: JR-022428 Job Summary: Cloud Security Engineer We have an exciting opportunity for a Cloud Security Engineer to join our innovative team. This role is dedicated primarily to establishing and supporting security standards and solutions for Avnet's cloud services. As a member of Avnet's Global Cybersecurity & Compliance (GC&C) team, you will support Avnet's Azure environment, as well as other cloud service providers by identifying, developing, documenting, and communicating cloud security governance, controls, policies, standards, and best practices. What's in it for you? Along with offering a competitive salary package, we also offer: A supportive team environment where everyone really is working toward the same goal. A strong open-door policy within management An environment where you will be given the tools and opportunities to further your career Pension scheme Healthcare Cash Plan 25 days holiday plus bank holidays Onsite Parking Flexible home working Cycle to work Scheme Reward schemes What you will be doing: Research cloud computing and related security technologies, capabilities, and products Configure, deploy, and support the GCC team's enterprise cloud security tools Identify and assess security gaps in cloud services and recommend appropriate solutions Work with IaaS, PaaS, and SaaS owners, administrators, and developers, assisting with their development and implementation of cloud security controls and remediation of vulnerable cloud resources Provide consulting and formal reviews as needed for cloud initiatives and projects Guide project teams, developers, and administrators in the execution of cloud services to adhere to industry best practices for security and align with Avnet's risk appetite and compliance requirements Work closely with Security Operations to ensure adequate visibility and monitoring of security events and alerts, support for vulnerability management and incident response, and collaborate to evaluate threats relevant to cloud workloads and data Understand business goals and needs to provide a balanced security investment What we are looking for: Extensive work experience gained in a similar role with a relevant Batchelor's degree Deep technical knowledge of Azure and strong understanding of SaaS and application workload security in the context of cloud services Strong knowledge of Linux, Windows, networking, storage, containerization, encryption, API security, auditing, access control and authentication -Azure RBAC, Azure AD, SAML/OATH/LDAP Understanding of DevSecOps and infrastructure as code (IaC) Ability to automate tasks through scripting (Powershell, Python, or equivalent). Experience designing, testing, building, deploying, and supporting security tools and secure solutions Knowledge of industry best practices and disciplines to be the subject matter expert within the organization and contribute to the development of new concepts, techniques and standards Ability to develop solutions to highly complex and uniquely challenging situations by extensive evaluation of alternatives and variables Working to make ongoing improvements to policies and procedures Serve as consultant to management and an internal/external spokesperson for the organization on major initiatives related to policies, plans and long-term objectives Excellent communication, collaboration, and interpersonal skills Ability to act as an informal team lead or coach less experienced team members above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.

Job DescriptionLocation: Harwell, Oxfordshire (Hybrid)Company: Agilent Technologies - Spectroscopy & Vacuum DivisionOverviewWe are seeking an experienced Product Cybersecurity Engineer to lead and support cybersecurity activities across our spectroscopy and vacuum product portfolio. This role is critical to ensuring our products meet evolving global cybersecurity regulations, customer requirements, and industry best practices-particularly in regulated markets such as aviation security, customs & borders, pharmaceuticals, and defence.You will work cross-functionally with R&D, Product Security, Agilent IT , Sales, and Marketing teams, ensuring cybersecurity is embedded throughout the product lifecycle-from design and development through to deployment and ongoing support.You will report to the R&D Software Manager as part of the team responsible for writing the software/firmware that runs our instruments but it is expected that this will be a cross-functional and cross-product role.The role will be based out of our Harwell, Oxfordshire office in the UK. There is some expectation to be on-site for hands-on work with our products, but we operate a hybrid model (2-3 days working from home, 2-3 days on-site) as a standard option.Key Responsibilities1. Cybersecurity Compliance & RegulationInterpret and apply global cybersecurity and privacy regulations (e.g. GDPR, EU Cyber Resilience Act). Aligning approach with Legal and the CISO organisation.Act as product line lead for EU CRA readiness, including:Product cybersecurity documentationPolicy and procedure developmentCoordination and collaboration with product teams and central security functionsOwn and track remediation plans to ensure continued product compliance.Maintain and review cybersecurity requirements aligned to target markets (e.g. defence, aviation, customs).Ensure products are GDPR compliant.2. Sales & Customer Cybersecurity SupportSupport Sales and Marketing with cybersecurity content for tenders and bids:Contribute to cybersecurity whitepapers and standard documentationProvide technical input for tender compliance submissionsParticipate in customer-facing cybersecurity discussions, where needed.Review customer and regulatory documentation and translate requirements into product development inputs.Stay aligned with industry developments and best practices.3. Secure Product DevelopmentEnsure products meet:Internal Agilent security policies and proceduresExternal regulatory and customer requirementsDrive a proactive cybersecurity approach within product development.Conduct or support cybersecurity testing and assessments, identifying vulnerabilities and providing reports.Collaborate with R&D to:Analyse vulnerabilitiesIdentify false positives and controlsConduct threat modellingDefine, implement and track remediation plansProvide technical guidance on:Encryption and key managementPatch managementIdentity and user managementContribute to infrastructure security (e.g. certificate and secret management).Support secure product configuration tailored to customer needs.4. DevSecOps & Security EngineeringDrive adoption of DevSecOps practices, including:CI/CD security integrationAutomated vulnerability scanning (e.g. Nessus)Implement and maintain:Static Application Security Testing (SAST)Dynamic Application Security Testing (DAST)Software Composition Analysis (SCA)Lead Software Bill of Materials (SBOM) creation and management in the spectroscopy and vacuum product lines.Perform application security and penetration testing in collaboration with the internal Product Security Program team.5. Embedded Systems SecuritySecure Windows 10/11 IoT-based embedded systems, including:Group policy and registry hardeningAttack surface reduction (services, ports, etc.)Patch and update managementEndpoint protection and antivirusMobile Device Management (e.g. Intune)Implement Microsoft security features such as:BitLocker, AppLocker, Unified Write Filter (UWF)Support development and maintenance of embedded OS images.(Desirable) Knowledge of Embedded Linux security.6. Continuous Improvement & Future-ProofingMonitor emerging threats, vulnerabilities, and regulatory changes.Ensure products remain secure throughout their lifecycle.Promote continuous improvement in cybersecurity practices.7. Operational Security ActivitiesManage OS patching and release cycles for product platforms.Maintain secure embedded OS builds (e.g. FFU images).Ensure regular:Vulnerability scanning (e.g. Nessus)Security testing and validationSupport CI/CD environment hardening and security patching.QualificationsEssentialBachelor's or master's degree or equivalentProven experience in product cybersecurity or application security - typically 4+ years relevant experience.Strong understanding of:Secure software development lifecycle (SSDLC)Vulnerability management and remediationRegulatory compliance (GDPR, EU CRA, emerging EU and global regulations)Hands-on experience with:Security testing (SAST, DAST, SCA)Penetration testing or vulnerability analysisThreat modellingKnowledge of Windows OS security (preferably embedded/IoT variants).Experience working with cross-functional engineering teams.DesirableRelevant cybersecurity certifications (e.g. CISSP, CompTIA PenTest, ISC2 CSSLP would be beneficialFamiliarity with DevSecOps tools and CI/CD pipelinesExperience with:Nessus or similar scanning toolsSoftware Bill of Materials (SBOM)Embedded Linux security knowledge.Exposure to regulated industries (defence, aviation, pharma, border security).Experience leveraging modern AI-assisted tools (e.g. Copilot, LLMs) to enhance secure development, documentation, and cybersecurity analysis while applying appropriate engineering judgement and data security controlsPersonal AttributesStrong analytical and problem-solving skillsAbility to translate regulations into actionable engineering requirementsExcellent communication skills, including customer-facing interactionsProactive, self-driven, and detail-orientedComfortable working across multiple stakeholders and geographiesWhat we offerExciting projects in a multifaceted collaborative team grounded on an Agile Culture and ApproachCareer development opportunities in an international companyCompetitive compensation and benefits packageWork-Life-Balance programsPermanent contract in a fast-growing global companyCompany pension schemePrivate health careAgilent inspires and supports discoveries that advance the quality of life. We provide life science, diagnostic and applied market laboratories worldwide with instruments, services, consumables, applications, and expertise. Agilent enables customers to gain the answers and insights they seek, so they can do what they do best: improve the world around us. More about Agilent on DetailsThis job has a full time weekly schedule.Our pay ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. During the hiring process, a recruiter can share more about the specific pay range for a preferred location. Pay and benefit information by country are available at: Technologies Inc. is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other protected categories under all applicable laws.Travel Required:OccasionalShift:DayDuration:No End DateJob Function:R&D

Security Architect Department: Global Security Services Employment Type: Permanent - Full Time Location: UK - London Description CFC is embarking on a major transformation of its core platforms and systems. To ensure these changes are secure, resilient, and compliant, we are seeking an experienced Security Architect. This role is critical to embedding secure by design principles for the future, supporting our Security Maturity Programme, and aligning with the CISO strategy. About the role You will work daily with the Group CISO to ensure consistent high standards in your areas of responsibility and ensure global adherence to security practices. The ideal candidate will have good knowledge of regulatory frameworks such as NYDFS Cybersecurity Regulation, GDPR, and other European and Australian data protection laws, and will bring a proactive, risk based approach to the governance and operationalisation of security architecture. Lead the design and review of secure architecture across strategic change projects. Define and implement SDLC security standards and best practices across change projects. Develop and enforce API security standards and secure integration patterns. Conduct threat modelling and risk assessments for new technology implementations. Ensure alignment with enterprise architecture and regulatory frameworks. Support the integration of DevSecOps practices and secure CI/CD pipelines. Collaborate with engineering, architecture, and compliance teams to embed security from project inception. Provide expert guidance on privacy-by-design and operational resilience requirements. About you Exceptional understanding of secure software development, cloud security, and API security is essential, along with the ability to apply these principles in practical environments. Experience working with DevSecOps, CI/CD pipelines, and modern development practices further strengthens the capability to embed security into every stage of delivery. The role also requires strong skills in conducting threat modelling, performing risk assessments, and reviewing solution architectures, all supported by excellent communication and stakeholder engagement abilities. Candidates should have proven experience as a Security Architect, ideally with more than five years in regulated environments. Familiarity with regulatory frameworks across the US, UK, and Australia is important, as is holding relevant certifications such as CISSP, SABSA, TOGAF, or AWS/Azure Security, which are highly desirable. Core Values Love what you do: We show up each day ready to take on the world. Our passion and intensity set us apart and makes the difference to our colleagues, customers, brokers and carriers. Challenge everything: We're never afraid to question the way that things are done and we constantly challenge ourselves and others to make things better. Have fun, be good: Insurance is a serious business, but we don't take ourselves too seriously. We make it fun to work at CFC, we welcome all viewpoints, and we treat everyone how we would expect to be treated.

Who Are We? Taking care of our customers, our communities and each other. That's the Travelers Promise. By honoring this commitment, we have maintained our reputation as one of the best property casualty insurers in the industry for over 170 years. Join us to discover a culture that is rooted in innovation and thrives on collaboration. Imagine loving what you do and where you do it. Target Openings 1 What Is the Opportunity? As an AVP of Architecture, you will interface directly with senior technology leaders to transform our current business and technology capabilities and pave the way for best-in-class solutions. You will be a dedicated partner to senior Technology and Business leaders as you define a target state, roadmaps and identify new and emerging technologies that will transform and optimize the business. As a successful candidate, you are a visionary executive with a track record of building high-quality enterprise solutions and teams. You are results-driven and bring strong Architecture and engineering skills and a deep understanding of modern technologies including Cloud-native, APIs, AI, and ML. You will work within a community of architecture leaders, charged with establishing and evolving a unified architecture vision. Travelers Europe currently offers flexibility to employees who wish to work on a hybrid basis in accordance with our Hybrid Work Arrangements Policy. This entails full time employees working three days a week in the office and two days at home (or pro rata for part-time employees). This policy may be changed at the Company's discretion. What Will You Do? Organizational responsibility for a major segment of Technology Architecture Works with the Senior leadership within Technology and Business to develop architecture priorities and direction to enable business imperatives Displays strong thought leadership in pursuit of modern architecture principals and technology modernization Drives continuous technology transformation to minimize technical debt Create a partnership with Senior Software Engineering leadership Looks for opportunities to capitalize on technology advances through analysis of key industry and technology trends to assess potential impact on the enterprise Defines and leads technology proof of concepts to ensure feasibility of new technology architecture solutions Defines target state technology architecture and roadmaps Ensures alignment of IT initiatives with the target state Builds strong partnership with engineering to ensure proper alignment of skills with technology direction Prepares and delivers comprehensive communications to convey architectural direction and how it aligns with enterprise strategy Optimizes talent strategy to ensure proper mix of resources and attracts and recruits best talent Continuously improve efficiency and effectiveness of the architecture Perform other duties as assigned. What Will Our Ideal Candidate Have? Bachelor's in technology related field or equivalent with relevant technology Architecture experience. Provided mentorship to architecture leaders. Organizational and transformational Leadership Experience in an agile operating model. Expert level Software Engineering awareness. Led development of strategic technology direction and architecture vision for an organization. Developed technology target state, roadmaps that aligned to Short- and Long-term business goals. Proven track record of Influencing C-level leadership. Insurance technology experience. Strong grasp of value creation and business capability models. Innovation and Continuous Improvement. Demonstrated ability to drive decisions. If Cyber: CISSP, CISM, Security+, CISA or equivalent Cybersecurity certification. Must be passionate about technology transformations. Has hands on experience. Executed technology modernization initiatives including migration to cloud native and API Strategy. Current experience with AWS, APIs, Accelerators, DevSecOps. Cloud Architecture Certification (AWS, GCP, or Azure) or strong architecture experience on Cloud. Good understanding of security. Experienced with large scale technology platforms. What is a Must Have? Bachelor's degree or its equivalent in work experience. Relevant experience in enterprise, application, and/or information architecture within a line of business or enterprise area. Previous management experience. What Is in It for You? Private Medical Insurance: On commencement of employment, you are eligible for single cover provided by Travelers, with the option to add cover for your dependents, at your expense through payroll deduction. Retirement: Travelers will make a core contribution of a percentage of salary to your Pension Plan. Additionally, if you decide to contribute to the plan, you will receive an increased company contribution. Holiday Entitlement: Start your career at Travelers with a minimum of 25 days holiday entitlement annually, plus the opportunity to purchase additional days to allow for up to a total of 35 holidays per year. Wellness Programme: The Travelers wellness programme is comprised of tools, discounts and resources that empower you to achieve your wellness goals and caregiving needs. In addition, our mental health programme provides access to free professional counseling services and other resources that support your daily life needs. Volunteer Encouragement: We have a deep commitment to the communities we serve and encourage our employees to get involved. Travelers has a Matching Gift and Volunteer Rewards programme that enables you to give back to the charity of your choice. Employment Practices Travelers is an equal opportunity employer. We value the unique abilities and talents each individual brings to our organization and recognize that we benefit in numerous ways from our differences. If you are a candidate and have specific questions regarding the physical requirements of this role, please send us an email so we may assist you. Travelers reserves the right to fill this position at a level above or below the level included in this posting. To learn more about our comprehensive benefit programs please visit

Job Title: Product Cybersecurity Engineer Location: Harwell, Oxfordshire (Hybrid) Overview We are seeking an experienced Product Cybersecurity Engineer to lead and support cybersecurity activities across our spectroscopy and vacuum product portfolio. This role is critical to ensuring our products meet evolving global cybersecurity regulations, customer requirements, and industry best practices-particularly in regulated markets such as aviation security, customs & borders, pharmaceuticals, and defence. You will work cross functionally with R&D, Product Security, Agilent IT, Sales, and Marketing teams, ensuring cybersecurity is embedded throughout the product lifecycle-from design and development through to deployment and ongoing support. You will report to the R&D Software Manager and work on the software/firmware that powers our instruments. Key Responsibilities Cybersecurity Compliance & Regulation Interpret and apply global cybersecurity and privacy regulations (e.g., GDPR, EU Cyber Resilience Act). Act as product line lead for EU CRA readiness. Own and track remediation plans to ensure continued product compliance. Sales & Customer Cybersecurity Support Support Sales and Marketing with cybersecurity content for tenders and bids. Contribute to cybersecurity whitepapers and documentation. Participate in customer facing discussions and translate requirements into product development inputs. Secure Product Development Ensure products meet internal security policies, external regulatory and customer requirements. Conduct or support testing and assessments, providing vulnerability reports. Provide guidance on encryption, key management, patch management, identity, and infrastructure security. DevSecOps & Security Engineering Drive adoption of DevSecOps practices within CI/CD pipelines. Implement automated vulnerability scanning, SAST, DAST, and SCA. Lead Software Bill of Materials (SBOM) creation for spectroscopy and vacuum lines. Embedded Systems Security Secure Windows 10/11 IoT based embedded systems (policy hardening, patch management, endpoint protection). Support development of embedded OS images; knowledge of Embedded Linux is desirable. Continuous Improvement & Future Proofing Monitor emerging threats and regulatory changes. Promote continuous improvement in cybersecurity practices across the lifecycle. Operational Security Activities Manage OS patching and release cycles for product platforms. Support CI/CD environment hardening and security patching. Qualifications Essential: Bachelor's or master's degree or equivalent. Proven experience ( 4years) in product cybersecurity or application security. Strong understanding of SSDLC, vulnerability management and regulatory compliance (GDPR, EU CRA). Hands on experience with SAST, DAST, SCA, penetration testing or vulnerability analysis. Knowledge of Windows OS security (embedded/IoT variants) and exposure to regulated industries (defence, aviation, pharma, border security). Experience working with cross functional engineering teams. Desirable Qualifications Relevant certifications (e.g., CISSP, CompTIA PenTest, ISC2 CSSLP). Familiarity with DevSecOps tools and CI/CD pipelines. Experience with Nessus or similar scanning tools, SBOM, Embedded Linux security. Experience leveraging AI assisted tools (e.g., Copilot, LLMs) for secure development and analysis. Personal Attributes Strong analytical and problem solving skills. Ability to translate regulations into actionable engineering requirements. Excellent customer facing communication abilities. Proactive, self driven, and detail oriented. Comfortable working across multiple stakeholders and geographies. What We Offer Exciting projects within an agile collaborative team. Career development opportunities in an international company. Competitive compensation and benefits package. Work life balance programs. Permanent contract with company pension scheme and private health care. Travel Required: Occasional Shift: Day Equal Opportunity Employer Agilent Technologies Inc. is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other protected categories under all applicable laws.

Product Cybersecurity Engineer / SpecialistApplylocations: UK-Harwell: UK-Remote Location-Harwelltime type: Full timeposted on: Posted Todayjob requisition id: Job Description Location: Harwell, Oxfordshire (Hybrid) Company: Agilent Technologies - Spectroscopy & Vacuum Division Overview We are seeking an experienced Product Cybersecurity Engineer to lead and support cybersecurity activities across our spectroscopy and vacuum product portfolio. This role is critical to ensuring our products meet evolving global cybersecurity regulations, customer requirements, and industry best practices-particularly in regulated markets such as aviation security, customs & borders, pharmaceuticals, and defence .You will work cross-functionally with R&D, Product Security, Agilent IT , Sales, and Marketing teams , ensuring cybersecurity is embedded throughout the product lifecycle-from design and development through to deployment and ongoing support.You will report to the R&D Software Manager as part of the team responsible for writing the software/firmware that runs our instruments but it is expected that this will be a cross-functional and cross-product role.The role will be based out of our Harwell, Oxfordshire office in the UK. There is some expectation to be on-site for hands-on work with our products, but we operate a hybrid model (2-3 days working from home, 2-3 days on-site) as a standard option. Key Responsibilities 1. Cybersecurity Compliance & Regulation Interpret and apply global cybersecurity and privacy regulations (e.g. GDPR, EU Cyber Resilience Act). Aligning approach with Legal and the CISO organisation. Act as product line lead for EU CRA readiness , including: + Product cybersecurity documentation + Policy and procedure development + Coordination and collaboration with product teams and central security functions Own and track remediation plans to ensure continued product compliance. Maintain and review cybersecurity requirements aligned to target markets (e.g. defence, aviation, customs). Ensure products are GDPR compliant . 2. Sales & Customer Cybersecurity Support Support Sales and Marketing with cybersecurity content for tenders and bids: + Contribute to cybersecurity whitepapers and standard documentation + Provide technical input for tender compliance submissions Participate in customer-facing cybersecurity discussions , where needed. Review customer and regulatory documentation and translate requirements into product development inputs . Stay aligned with industry developments and best practices . 3. Secure Product Development Ensure products meet: + Internal Agilent security policies and procedures + External regulatory and customer requirements Drive a proactive cybersecurity approach within product development. Conduct or support cybersecurity testing and assessments , identifying vulnerabilities and providing reports. Collaborate with R&D to: + Analyse vulnerabilities + Identify false positives and controls + Conduct threat modelling + Define, implement and track remediation plans Provide technical guidance on: + Encryption and key management + Patch management + Identity and user management Contribute to infrastructure security (e.g. certificate and secret management ). Support secure product configuration tailored to customer needs. 4. DevSecOps & Security Engineering Drive adoption of DevSecOps practices , including: + CI/CD security integration + Automated vulnerability scanning (e.g. Nessus) Implement and maintain: + Static Application Security Testing (SAST) + Dynamic Application Security Testing (DAST) + Software Composition Analysis (SCA) Lead Software Bill of Materials (SBOM) creation and management in the spectroscopy and vacuum product lines. Perform application security and penetration testing in collaboration with the internal Product Security Program team. 5. Embedded Systems Security Secure Windows 10/11 IoT-based embedded systems , including: + Group policy and registry hardening + Attack surface reduction (services, ports, etc.) + Patch and update management + Endpoint protection and antivirus + Mobile Device Management (e.g. Intune) Implement Microsoft security features such as: + BitLocker, AppLocker, Unified Write Filter (UWF) Support development and maintenance of embedded OS images . (Desirable) Knowledge of Embedded Linux security . 6. Continuous Improvement & Future-Proofing Monitor emerging threats, vulnerabilities, and regulatory changes . Ensure products remain secure throughout their lifecycle. Promote continuous improvement in cybersecurity practices . 7. Operational Security Activities Manage OS patching and release cycles for product platforms. Maintain secure embedded OS builds (e.g. FFU images). Ensure regular: + Vulnerability scanning (e.g. Nessus) + Security testing and validation Support CI/CD environment hardening and security patching . Qualifications Essential Bachelor's or master's degree or equivalent Proven experience in product cybersecurity or application security - typically 4+ years relevant experience. Strong understanding of: + Secure software development lifecycle (SSDLC) + Vulnerability management and remediation + Regulatory compliance (GDPR, EU CRA, emerging EU and global regulations) Hands-on experience with: + Security testing (SAST, DAST, SCA) + Penetration testing or vulnerability analysis + Threat modelling Knowledge of Windows OS security (preferably embedded/IoT variants). Experience working with cross-functional engineering teams . Desirable Relevant cybersecurity certifications (e.g. CISSP, CompTIA PenTest, ISC2 CSSLP would be beneficial Familiarity with DevSecOps tools and CI/CD pipelines Experience with: + Nessus or similar scanning tools + Software Bill of Materials (SBOM) Embedded Linux security knowledge. Exposure to regulated industries (defence, aviation, pharma, border security). Experience leveraging modern AI-assisted tools (e.g. Copilot, LLMs) to enhance secure development, documentation, and cybersecurity analysis while applying appropriate engineering judgement and data security controls Personal Attributes Strong analytical and problem-solving skills Ability to translate regulations into actionable engineering requirements Excellent communication skills, including customer-facing interactions Proactive, self-driven, and detail-oriented Comfortable working across multiple stakeholders and geographies What we offer Exciting projects in a multifaceted collaborative team grounded on an Agile Culture and Approach Career development opportunities in an international company Competitive compensation and benefits package Work-Life-Balance programs Permanent contract in a fast-growing global company Company pension scheme Private health careAgilent inspires and supports discoveries that advance the quality of life. We provide life science, diagnostic and applied market laboratories worldwide with instruments, services, consumables, applications, and expertise. Agilent enables customers to gain the answers and insights they seek, so they can do what they do best: improve the world around us. More about Agilent on Additional Details This job has a full time weekly schedule.Our pay ranges are determined by role, level, and location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. During the hiring process, a recruiter can share more about the specific pay range for a preferred location. Pay and benefit information by country are available at: Technologies Inc. is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability or any other protected categories under all applicable laws. Travel Required: Occasional Shift: Day Duration: No End Date

Vice President, Global Cyber Exposure Management & Cyber Engineering and ArchitectureApplyremote type: Hybrid (8 days/month)locations: GBR - Kingston: FRA - Paris, Rue des Archives: NLD - Alphen Aan Den Rijn: ESP - Madrid, Castellana: ESP - Barcelonatime type: Full timeposted on: Posted Todayjob requisition id: R Summary We are seeking a strategic and highly technical Vice President to lead our global Cyber Exposure Management / Cyber Engineering & Architecture organization within a complex, multinational enterprise. This executive will drive modernization of the Company's cyber defense capabilities, shape long-term security architecture strategy, and lead large-scale transformation initiatives across infrastructure, cloud, AI-enabled technologies, operational technology, and enterprise platforms. The ideal candidate combines deep technical credibility with executive leadership, operating effectively across engineering, architecture, operations, and business leadership teams. This leader will influence enterprise technology decisions, guide adoption of emerging technologies, and strengthen the organization's ability to identify, prioritize, reduce, and operationalize cyber risk at scale. This role reports directly to the Chief Information Security Officer (CISO) and partners closely with global technology, infrastructure, cloud, digital transformation, AI, product engineering, and business leaders. Essential Duties and responsibilities Strategic Leadership Define and execute the global strategy for Cyber Exposure Management / Cyber Engineering & Architecture aligned to enterprise priorities and business transformation objectives. Lead multi-year cybersecurity modernization programs across global environments. Establish scalable and measurable security engineering and architecture practices. Serve as a senior advisor to executive leadership on emerging cyber threats and AI security implications. Drive adoption of modern security operating models, automation, and platform standardization. Cyber Exposure Management Leadership Lead enterprise-wide exposure management capabilities including vulnerability management and attack surface management. Mature risk-based prioritization models leveraging threat intelligence and exploitability. Drive continuous reduction of enterprise attack surface. Build integrated exposure management capabilities across security and infrastructure teams. Establish executive-level metrics and dashboards. Cyber Engineering & Architecture Leadership Lead global security engineering and architecture teams. Develop future-state enterprise security architecture supporting cloud transformation and AI adoption. Establish architecture standards and secure-by-design principles. Guide selection and optimization of cybersecurity platforms. Oversee engineering roadmaps for cloud, IAM, endpoint, network, AI, DevSecOps, and OT security. Emerging Technology & AI Leadership Partner with enterprise AI and digital teams to enable secure adoption of AI. Provide leadership around AI security, governance, integration, and model protection. Evaluate emerging technologies and innovative security capabilities. Influence enterprise technology strategies to embed cybersecurity early in transformation initiatives. Executive Influence & Global Collaboration Build strong partnerships across infrastructure, cloud, application, and business leadership functions. Influence senior executives and stakeholders globally. Lead globally distributed teams and develop leadership talent. Present cybersecurity strategy and transformation outcomes to executive leadership and board stakeholders. Success Measures Reduction in enterprise cyber exposure and attack surface risk Improved remediation and engineering delivery Successful modernization of security architecture and engineering capabilities Increased adoption of secure-by-design and automation practices Executive confidence in cybersecurity transformation outcomes Job Qualifications Bachelor's degree in computer science, information security, management information systems or similar. 15+ years of cybersecurity leadership experience in large global enterprises. Proven leadership in Cyber Engineering, Security Architecture, Exposure Management, or Cloud Security. Experience leading large global teams. Strong executive presence and technical credibility. Experience driving enterprise-wide cybersecurity transformation initiatives. Experience in developing and implementing scalable Customer Trust Programs Strong business acumen and the ability to translate complex technical concepts into business value. Professional certifications such as CISSP, CISM, AIGP, AAISM, or equivalent. Significant experience with cloud services and cloud technologies (e.g. AWS and Microsoft Azure). Technical Expertise Enterprise security architecture Cloud security and hybrid infrastructure Exposure management and attack surface reduction Zero Trust architecture AI security and emerging technology risks DevSecOps and secure engineering Identity and access management Leadership Characteristics Strategic thinker with strong execution orientation Highly collaborative and influential leader Strong technical credibility Comfortable operating in ambiguity and transformation environments Skilled at balancing innovation with risk reduction Preferred Qualifications Experience supporting AI transformation initiatives. Experience in multinational Fortune 500 environments. Familiarity with OT and industrial environments. Advanced degree preferred. Relevant certifications such as CCSP, TOGAF, CEH or GIAC preferred. Location We can hire in any European or American country where Wolters Kluwer has an office

Vice President, Global Cyber Exposure Management & Cyber Engineering and ArchitectureApplyremote type: Hybrid (8 days/month)locations: GBR - Kingston: FRA - Paris, Rue des Archives: NLD - Alphen Aan Den Rijn: ESP - Madrid, Castellana: ESP - Barcelonatime type: Full timeposted on: Posted Todayjob requisition id: R Summary We are seeking a strategic and highly technical Vice President to lead our global Cyber Exposure Management / Cyber Engineering & Architecture organization within a complex, multinational enterprise. This executive will drive modernization of the Company's cyber defense capabilities, shape long-term security architecture strategy, and lead large-scale transformation initiatives across infrastructure, cloud, AI-enabled technologies, operational technology, and enterprise platforms. The ideal candidate combines deep technical credibility with executive leadership, operating effectively across engineering, architecture, operations, and business leadership teams. This leader will influence enterprise technology decisions, guide adoption of emerging technologies, and strengthen the organization's ability to identify, prioritize, reduce, and operationalize cyber risk at scale. This role reports directly to the Chief Information Security Officer (CISO) and partners closely with global technology, infrastructure, cloud, digital transformation, AI, product engineering, and business leaders. Essential Duties and responsibilities Strategic Leadership Define and execute the global strategy for Cyber Exposure Management / Cyber Engineering & Architecture aligned to enterprise priorities and business transformation objectives. Lead multi-year cybersecurity modernization programs across global environments. Establish scalable and measurable security engineering and architecture practices. Serve as a senior advisor to executive leadership on emerging cyber threats and AI security implications. Drive adoption of modern security operating models, automation, and platform standardization. Cyber Exposure Management Leadership Lead enterprise-wide exposure management capabilities including vulnerability management and attack surface management. Mature risk-based prioritization models leveraging threat intelligence and exploitability. Drive continuous reduction of enterprise attack surface. Build integrated exposure management capabilities across security and infrastructure teams. Establish executive-level metrics and dashboards. Cyber Engineering & Architecture Leadership Lead global security engineering and architecture teams. Develop future-state enterprise security architecture supporting cloud transformation and AI adoption. Establish architecture standards and secure-by-design principles. Guide selection and optimization of cybersecurity platforms. Oversee engineering roadmaps for cloud, IAM, endpoint, network, AI, DevSecOps, and OT security. Emerging Technology & AI Leadership Partner with enterprise AI and digital teams to enable secure adoption of AI. Provide leadership around AI security, governance, integration, and model protection. Evaluate emerging technologies and innovative security capabilities. Influence enterprise technology strategies to embed cybersecurity early in transformation initiatives. Executive Influence & Global Collaboration Build strong partnerships across infrastructure, cloud, application, and business leadership functions. Influence senior executives and stakeholders globally. Lead globally distributed teams and develop leadership talent. Present cybersecurity strategy and transformation outcomes to executive leadership and board stakeholders. Success Measures Reduction in enterprise cyber exposure and attack surface risk Improved remediation and engineering delivery Successful modernization of security architecture and engineering capabilities Increased adoption of secure-by-design and automation practices Executive confidence in cybersecurity transformation outcomes Job Qualifications Bachelor's degree in computer science, information security, management information systems or similar. 15+ years of cybersecurity leadership experience in large global enterprises. Proven leadership in Cyber Engineering, Security Architecture, Exposure Management, or Cloud Security. Experience leading large global teams. Strong executive presence and technical credibility. Experience driving enterprise-wide cybersecurity transformation initiatives. Experience in developing and implementing scalable Customer Trust Programs Strong business acumen and the ability to translate complex technical concepts into business value. Professional certifications such as CISSP, CISM, AIGP, AAISM, or equivalent. Significant experience with cloud services and cloud technologies (e.g. AWS and Microsoft Azure). Technical Expertise Enterprise security architecture Cloud security and hybrid infrastructure Exposure management and attack surface reduction Zero Trust architecture AI security and emerging technology risks DevSecOps and secure engineering Identity and access management Leadership Characteristics Strategic thinker with strong execution orientation Highly collaborative and influential leader Strong technical credibility Comfortable operating in ambiguity and transformation environments Skilled at balancing innovation with risk reduction Preferred Qualifications Experience supporting AI transformation initiatives. Experience in multinational Fortune 500 environments. Familiarity with OT and industrial environments. Advanced degree preferred. Relevant certifications such as CCSP, TOGAF, CEH or GIAC preferred. Location We can hire in any European or American country where Wolters Kluwer has an office

Overview We are offering a Cloud Security Internship for students and graduates who want to gain hands on experience in securing cloud based environments. This internship will give you exposure to cloud platforms (AWS, Azure, GCP), security monitoring tools, and compliance practices while working alongside cloud and cybersecurity professionals. Roles & Responsibilities Assist in monitoring cloud security alerts and logs. Support vulnerability assessments in cloud environments. Help configure IAM roles, policies, and access controls. Assist with encryption and data protection tasks. Learn and apply compliance frameworks (ISO, GDPR). Support penetration testing for cloud applications. Document cloud security incidents and responses. Research new cloud security tools and techniques. Shadow senior engineers during security reviews. Assist in cloud risk assessments and remediation plans. Contribute to disaster recovery and backup strategies. Help prepare technical documentation and security guidelines. Support DevSecOps activities in project pipelines. Participate in training sessions on ethical hacking. Collaborate with IT teams to enforce cloud security policies. Assist in preparing reports for leadership and compliance teams.

Overview Keysight is hiring a Senior Security Software Engineer to research, design, and build advanced binary and firmware level software composition analysis capabilities for the Keysight SBOM Manager solution. This role focuses on identifying software components, dependencies, and security-relevant metadata from compiled artifacts where source code, package manifests, or traditional package-manager metadata may be unavailable or incomplete. The ideal candidate has strong systems programming skills, experience analyzing compiled software, and the ability to develop practical automated analysis techniques that can scale into production product features. This is a low-level security engineering and product development role. It is not a DevSecOps, compliance, audit, or GRC position. Responsibilities Research and develop techniques for identifying software components in compiled binaries, firmware images, and embedded software artifacts. Analyze compiled formats such as ELF, PE, archives, containers, filesystems, and firmware images. Design and implement production-quality analysis engines, parsers, heuristics, and supporting services. Build capabilities that improve SBOM accuracy, dependency identification, vulnerability mapping, and component provenance. Evaluate open-source and proprietary tooling for binary analysis, firmware extraction, reverse engineering, and SCA workflows. Work with product, research, and engineering teams to turn experimental analysis methods into reliable product functionality. Document technical findings, design decisions, and implementation tradeoffs. Mentor other engineers and contribute to a strong technical engineering culture. Qualifications Required Qualifications Master's degree in Computer Science, Mathematics, Computer Engineering, Cybersecurity, or equivalent practical experience. Experience analyzing compiled artifacts such as ELF, PE, Mach-O, static libraries, shared libraries, firmware images, or embedded software packages. Experience writing production-quality systems software. Strong proficiency in at least one systems programming language such as Rust, C, or C++. Hands-on experience with software dependency analysis beyond package-manager metadata, including compiled artifacts, binary inspection, firmware analysis, or static analysis. Ability to investigate unfamiliar technical problems, form hypotheses, prototype approaches, and turn successful methods into maintainable software. Strong debugging, technical reasoning, and problem-solving skills. Preferred Qualifications Experience developing in Rust. Experience with firmware reverse engineering, vulnerability research, or embedded systems security. Experience with automating binary analysis tasks in one of the widely used RE platforms such as Ghidra, IDA Pro or Radare2. Familiarity with software composition analysis, SBOM formats, package ecosystems, vulnerability databases, or dependency resolution. Experience with file format parsing, archive extraction, symbol analysis, string analysis, fingerprinting, or similarity matching. Experience designing scalable analysis pipelines or backend services. Experience mentoring engineers, leading technical investigations, or guiding research-to-product transitions. Candidate Profile A strong candidate may have a background in one or more of the following areas: Binary analysis Firmware analysis Reverse engineering Vulnerability research Embedded systems security Static analysis Compiler/toolchain internals Systems programming Software supply chain security Security product engineering Keysight is an Equal Opportunity Employer.

Requisition ID11281-Posted - Years of Experience (2) -Technology- Where (1) Spike Reply is the company within the Reply Group focusing on cybersecurity and personal data protection. Its mission is to safeguard the values and privacy of people,companiesand processesin order tosupport the growth of a global, sustainable digital world through innovation.Confidentiality,integrityand availability of systems are top priorities. Together with its partners, the company provides vendor-independent consulting services to help enterprises achieve a group-wide, security-oriented culture. Role Overview As a Cloud Security Architect, you will join Reply's growing cybersecurity practice in a senior consulting role embedded within financial services and public sector organisations. You will take ownership of cloud security architecture, governance, and strategy across multi cloud environments, working at the intersection of technology, risk, and business. You will engage with executive stakeholders, drive compliance programmes, and enable clients to adopt cloud securely and at scale. This is a high impact role suited to a security professional who combines deep technical expertise with the strategic ability to translate complex threats into clear, actionable guidance. Responsibilities Design and own cloud security architecture across AWS, Azure, and/or GCP environments, including the development of reference architectures and reusable solution patterns Define and author enterprise level security policies, controls frameworks, and governance documentation aligned to industry standards Lead risk assessments, threat modelling exercises, and security posture evaluations for cloud platforms and SaaS products, utilising methodologies such as FAIR Drive compliance programmes covering ISO 27001, Cyber Essentials Plus, PCI DSS, and other relevant regulatory frameworks Support DevSecOps adoption and integrate security tooling and controls into CI/CD pipelines across client delivery teams Engage senior stakeholders and executive teams with clear security risk reporting, remediation guidance, and strategic security roadmaps Lead or contribute to Security Champions communities of practice, fostering a security aware engineering culture within client organisations Provide security assurance for software development and third party supplier onboarding, including SSPM tooling and SaaS security reviews Architect secure identity solutions, including centralised and federated authentication models across complex, cross domain environments Support incident response planning and business continuity activities, ensuring cloud hosted services meet resilience and recovery objectives Contribute to FinOps activities from a cybersecurity cost and sustainability perspective, ensuring security investments are well justified and efficiently allocated About the Candidate Bachelor's or Master's degree in Cyber Security, Computer Science, Physics with Computing, or a related discipline; MSc or equivalent postgraduate qualification is advantageous Proven experience in a Cloud Security Architect or Senior Security Consultant role AWS Certified Security - Specialty (required), with CISSP, CRISC, or CCSP strongly preferred; additional certifications such as ISO 27001 Lead Implementer/Auditor, Azure Security Engineer, or GCP Security Engineer are advantageous Hands on experience securing workloads on AWS and/or Microsoft Azure (GCP experience beneficial) Track record of delivering security architecture within financial services and/or public sector environments Experience supporting or achieving ISO 27001 and/or Cyber Essentials Plus accreditation Practical experience with Infrastructure as Code (e.g. Terraform) and secure CI/CD pipeline design, alongside a background in application security, DevSecOps, or secure software engineering Strong knowledge of network protocols including TCP/IP, DNS, VPN, and IPSEC, with experience working in scaled agile environments Excellent stakeholder engagement skills, with the ability to communicate security risks clearly to senior and executive audiences and build trusted client relationships Analytical and pragmatic mindset, with experience mentoring teams, contributing to security communities, and enabling secure innovation while balancing commercial and operational priorities Eligibility: Must be eligible for UK Security Check clearance Reply is an Equal Opportunities Employer and committed to embracing diversity in the workplace. We provide equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type regardless of age, sexual orientation, gender, identity, pregnancy, religion, nationality, ethnic origin, disability, medical history, skincolour, marital status or parental status or any other characteristic protected by the Law. Reply is committed to making sure that our selection methods are fair to everyone. To help you during the recruitment process, please let us know of any Reasonable Adjustments you may need.