58 jobs found

End DateWednesday 13 May 2026Salary Range£72,702 - £80,780We support flexible working - click here for more information on flexible working optionsFlexible Working OptionsHybrid Working, Job ShareJob Description Summary.Job DescriptionJOB TITLE: Cyber Security ConsultantSALARY: £72,702 - £80,780LOCATION(S): Edinburgh, Leeds, Manchester or BristolHOURS: Full-time - 35 hours per weekWORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week currently, or 40% of our time, at our office locations.About this opportunityOur Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms. Join our Chief Security Office here at Lloyds Banking Group as we build the bank of the future.Are you someone who wants to be in the heart of Cyber Security delivering change and working in an agile way? Interested in being a part of shaping our Security Strategy? We have the perfect opportunity for you.We are actively welcoming enthusiastic Cyber Security Professionals from all industries and backgrounds to join our expanding team as we embark on an exciting journey where you will have the opportunity to ensure security by design is embedded across our change portfolio.Cyber Security sits at the heart of our business providing the Group with a secure operating environment, safe from malicious attacks. It is a dynamic and constantly evolving world where your experience and efforts can deliver tangible results to the safety of a huge company and over 30m customers.We're on the mission to build the bank of the future, and we need your help to do it!Why Lloyds Banking GroupLike the modern Britain we serve, we're evolving. Investing billions in our people, data, and tech to transform the way we meet the ever-changing needs of our 26 million customers. We're growing with purpose. Join us on our journey and you will too.What you'll needAbility to develop, design secure solutions and produce a Security Design documenting the controls.The ability to deconstruct a solution / network architecture.Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE)Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact.Effectively communicate technical concepts to both technical and non-technical stakeholders.Skills to produce and articulate Security Designs to all stakeholders within the project and business.Comfortable weighing the risks and benefits of competing Security design options.Comfortable working on multiple challenging projects simultaneously.Any experience of these would be really usefulAwareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASPCertifications in Security Management such as CISSP / CISM / CCSP or equivalentCertifications in technical Security domains such as CEH / OSCP or equivalentExperience of Public and or Private cloud environments.About working for usOur focus is to ensure we're inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it's why we especially welcome applications from under-represented groups. We're disability confident. So, if you'd like reasonable adjustments to be made to our recruitment processes, just let us know.We also offer a wide-ranging benefits package, which includes:A generous pension contribution of up to 15%An annual performance-related bonusShare schemes including free shares.Benefits you can adapt to your lifestyle, such as discounted shopping.Generous holiday allowance, with bank holidays on topA range of wellbeing initiatives and generous parental leave policiesWant to do amazing work, that's interesting and makes a difference to millions of people? Join our journey.At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop.We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person.We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.

First Circle is a fast-growing, profitable, credit-led SME NeoBank in the Philippines whose shareholders include the World Bank Group (IFC). Today, our Business Credit Line and Business Bank Accounts are used by thousands of SMEs to grow and run their business. Our product velocity has accelerated - in the next few months we'll release SME Corporate Cards, Payroll, Invoices, and Solar Financing - redefining the SME NeoBank category through software, financial products, and exceptional risk models. Our culture emphasises building, problem solving, ownership / responsibility, and personal & professional growth. We balance a collegiate atmosphere with free & direct communication which enables us to move very quickly and avoid politics or toxicity. Our team continues to level up quickly, necessary for business to compound more than 100% per year, which we achieve through individual growth and bar-raiser hiring. This is a unique opportunity for a high growth individual to become the first dedicated security professional at a high-growth, regulated bank whose market leadership position lies in its technology. You will define strategy, priorities, and our security operating model aligned to business goals - reporting to the VP Engineering and supported in your development by our world-class CISO Board advisor. As the company continues to grow you'll have unparalleled opportunities for career growth and to build out our infosec team around you. Your first year is about building foundations, addressing primary risks, and ensuring the bar you set is consistently upheld by the wider technology organisation: ISO 27001 certified. You own the certification from scoping to audit pass. Implement external pen test & remediation. Every finding closed or formally risk-accepted. MSSP/SOC live and producing alerts we act on. SLAs measured monthly. Escalation path drilled at least twice. Engineering development processes aligned with security. Embed secure-by-design principles into technology and product development, working closely with engineering and DevOps teams. Full audit trail. Regulatory compliance. Design, implement, and maintain security policies, standards, and procedures aligned to global standards and local regulations: BSP circulars, EPFS and PPMI (payments) requirements, and PCI DSS scope. Mitigate user & device threats. Define, assess, and upgrade the law of least privilege across users & devices. No unmanaged device touches production. A risk register used monthly by the exec team and Board. Internal and external (eg. vendor, supply chain) risks. Tied to mitigation owners and dates. Develop a strong culture & training practice. Phishing simulation, secure-coding standards, IR runbook drilled live at least once. Tooling. Evaluate and implement security tools and technologies, optimising for a lean, scalable security stack. Oversee vulnerability management and remediation, ensuring regular scanning, prioritisation, and tracking of fixes. What you own steady-state The strategy and roadmap with the exec team and Board Risk Committee. The MSSP relationship. Incident response. Vulnerability management. Third party risk - particularly card processors, payment rails, KYC providers. BSP cybersecurity engagement and PCI DSS scope where it applies. Security culture - making it easier to do the right thing than the wrong thing. About You You've built a security function before, hands on. Not advised - built. At a regulated fintech, payments business or bank. Be ready to walk us through what was there when you arrived and what was there when you left. You've led a Sev 1 from page to post mortem. Tell us about one. You've taken an organisation through ISO 27001 as the responsible owner, not a consultant on the sidelines. You've stood up an MSSP - chosen the vendor, defined the use cases, tuned the alerts, fired one when it underperformed. You've written IAM policy that survived contact with real engineers. Azure native (that's our stack). You're hands on enough to read Terraform, open a PR, and debug events. If your last line of code was 5+ years ago, this isn't your role. Certifications - CISSP, CISM, CRISC, or ISO 27001 Lead Implementer/Auditor are useful signals. They're a tiebreaker, not the bar. What this role is not Not a CISO inheriting a team - you'll build it. Year 1 you may have one or two hires. Not a paper driven compliance role - we expect you in the codebase, in the cloud console, on the on call rotation when it matters. Not for someone who needs a clean SOC 2 starting point. We're earlier than that, by design, and moving fast. No fixed budget for this role, we hire globally and adjust offers based on experience and market rate Equity ownership in a 150%+ growing, profitable NeoBank with a market which supports a business x today's size Flexibility around working hours and location. The role can be worked remotely, with the option to work from one of our offices in London, Manila, Singapore, Hong Kong & Belgrade Macbooks, private health insurance, training budgets and more! Periodic travel to HQ in Southeast Asia

Information Security & SOC Consultant Based: Field-based, predominantly in the London area Type: Full-time Salary: £70-80k Eligibility: You must be eligible to work in the UK About the Role As the Smartdesc Information Security Consultant, you will be working with the Information Security team and technical delivery team to deliver security solutions to our customers. You will work with Smartdesc customers providing strategic Information Security guidance, support and roadmaps, driving continuous improvement in their security posture. This will include identifying and overseeing a variety of security projects, including helping our customers to implement security controls, assessing against industry good practice, creating assessment reports to deliver to Senior Leadership Teams and improving organisations security position. The role offers a wide range of work, from strategic Information Security governance and risk management to guiding our non-profit customers to get best value from the Microsoft Business Premium, E3 and E5 security offerings. You will also need to be confident presenting security information at all levels, from part time volunteers to boards. This role will be customer facing requiring a keen eye for detail and proven ability of delivering Information Security good practice. You will be responsible for: Identifying steps that organisations need to take to improve their security position and creating roadmaps for continuous improvement, often maximising the use of existing Microsoft licensing and supporting them through the process. Alignment of good practice frameworks and standards such as Cyber Essentials, NCSC CAF and ISO 27001. Ownership or oversight of key Information Security processes and procedures. Ownership of the Smartdesc MDR management service. Implementation and ownership of Information Security Risk Management programmes. Identifying and managing remediation actions to reduce risks. Ownership or oversight of Information Security Policies. Development and Implementation of general and role/function specific Information Security Training and Awareness programmes. Raising, investigating and managing or supporting IT Security incidents ensuring any necessary follow up actions. Providing IT security support to business functions including digital teams, IT infrastructure and IT Service Desk. Development and ownership of the Information Security Internal Audit programmes. Oversight of rolling programmes of security tests, reviews and audits. Writing Information Security reports and delivering the findings to key stakeholders. Key Skills: Knowledge and experience with technology, security and DP related compliance, legal & regulatory frameworks and standards, including Cyber Essentials, ISO27001, PCI DSS, OWASP, GDPR etc. Knowledge and experience of the Microsoft stack. Purview experience is beneficial. Ability to demonstrate expert knowledge and understanding of information security good practice. Experience in working with technical and non-technical business personnel at various levels, articulating security risks in a manner appropriate to the stakeholders. Strong attention to detail. Knowledge of Information Security principles and concepts and knowledge of technical security controls. Previous consulting experience to SMEs, non-profits or educational settings would be preferred. A positive can-do attitude and a self-starter who can work under their own initiative. Information Security certifications such as CISSP or CISM are beneficial as are Microsoft certifications especially from the SC series such as the SC-400/401. Benefits: Gym membership contribution Health Cash Plan Increased annual leave with length of service Free annual leave on your birthday Length of service bonus Hybrid working Free Will Writing service And more!

We're seeking a Solution Architect to join our professional services team. This role encompasses managing a spectrum of client interactions related to our Retail Cloud offering. From pre-sales support to implementation, you'll spearhead strategic customer implementations that fulfill customer expectations tied to their use of our market leading software. Develop a comprehensive understanding of the Retail Cloud solution and customer business models to drive client business objectives, retention, and achieving customer business objectives. Assist in pre-sales activities to qualify prospects, advise on implementation best practices and define implementation estimates and related timelines. Engage in hands-on management and delivery of complex projects, leveraging your technical and management expertise in areas like APIs, SPI, and retail technology systems (POS, e-commerce platforms). Serve as a technical advisor and partner to clients and or their 3rd party systems implementation partners, aiding in their understanding and utilization of our platform's capabilities. Interact with license sales, sales engineering, product management and professional services colleagues in context of pre-sales and or delivery. Contribute to our implementation best practices strategies, leveraging insight from your work and observations on market trends to continuously improve our delivery motion Drive successful customer outcomes that align with their objectives and growth goals. Develop and manage relationships with professional services sellers and provide presales support to evaluate, scope, estimate and create proposals for prospective projects. Plan, develop and deliver enablement or mentorship programs for sales teams and delivery consultants to help scale the business. Manage to a minimum billable utilization target. Positively contribute to professional services bookings. 5+ years in software systems implementation professional services as a solution architect in a SaaS tech-driven environment. Customer-facing expert. Expertise in in-store retail operations technologies and hardware including credit card devices, tap to pay solutions, barcode scanners, RFID technology, cash drawers, receipt printers, point of sale ("POS") solutions, e-commerce, unified commerce, BOPIS, BORIS and Endless Aisle. Familiarity with integrated payment processing solutions and PCI compliance. Demonstrated technical proficiency with SaaS, microservices, system integration architecture approaches and data schemas. Expertise working with Enterprise customers, including senior-level customer interactions on business and technical sides of customer organization. Excellent written and verbal communication skills, executive level presence and experience in working in a client advisory role. Strong consulting skills, including listening, analysis and delivering prescriptive solution recommendations. Team player who can work independently or as a member of a larger team. Detail-oriented individual with the ability to rapidly learn and take advantage of new concepts, business models, and technologies. Ability to support multiple, concurrent pursuits and projects. Proficiency in JIRA, standard project management tools, and collaboration suites (e.g., Slack) Relevant Salesforce certifications and consulting experience are preferred. Bachelor's degree (or its foreign degree equivalent) in a Technology, Engineering (any field) or a related quantitative discipline. Equivalent demonstrable work experience in lieu of a degree will be considered. Ability to travel; up to 25% Competitive salary packages and bonuses Strong equity / employee stock option package Comprehensive medical, dental and vision insurance Generous vacation and company holidays Paid parental leave for eligible employees Volunteering time off opportunitiesWhen you join Salesforce, you'll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best , and our AI agents accelerate your impact so you can do your best . Together, we'll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine what's possible - for yourself, for AI, and the world.Please note that Salesforce uses artificial intelligence (AI) tools to help our recruiters assess and evaluate candidates' resumes and qualifications throughout the recruiting process. Humans will always make any candidate selection and hiring decisions. Please see our for more information about how we use your personal data and your rights, including with regard to use of AI tools and opt out options.Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

About Us Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories, dedicated to uplifting everyone, everywhere by being the best way to pay and be paid. At Visa, you'll have the opportunity to create impact at scale - tackling meaningful challenges, growing your skills and seeing your contributions impact lives around the world. Join Visa and do work that matters - to you, to your community, and to the world. Progress starts with you. Job Description In your role as Information Security GRC Engineering Consultant - Featurespace, you will help us achieve our goals and deliver success on behalf of our customers by: Building systems and frameworks, in line with industry standards, Visa Key Controls and customer expectations, that make compliance continuous, measurable, and low friction, moving Featurespace away from point in time, audit driven assurance toward scalable, repeatable control based implementation. Acting as a hands on, solutions driven GRC engineering consultant, translating regulatory and control requirements (PCI DSS, SOC 2, Visa KCX) into practical, implementable controls within our products, teams and cloud environments. Designing and implementing automation where it adds genuine value, including control validation, evidence collection, workflow orchestration, and compliance telemetry. Leading compliance outcomes through expertise and influence (not direct line management), working cross functionally with the product, engineering and platform teams in Featurespace, and the central Visa Cyber, Risk and Legal teams. Helping Featurespace integrate effectively into Visa's security and compliance ecosystem, ensuring centrally provided capabilities (policies, third party risk, training, tooling) are correctly applied to Featurespace products, services, and delivery models. Providing assurance to our customers by providing appropriate responses to customer RFP questions and customer audits on topics such as cybersecurity, technology operations, and compliance with standards (e.g., PCI DSS, SOC 2). Responsibilities As a company we hire people with a willingness to adapt to a variable role, so along with the key responsibilities below, we ask for ownership of any other duties as required. 1. Control Framework Ownership & Assurance Lead the implementation and ongoing operation of Featurespace's security controls framework, ensuring alignment with Visa Key Controls, PCI DSS, SOC 2, and other applicable regulatory or customer requirements, and ensuring controls are implemented in a manner appropriate to Featurespace products, services, and delivery models. Coordinate and lead Featurespace's annual certification and assurance activities (e.g. PCI DSS, SOC 2), acting as the primary point of integration between Featurespace internal teams, external auditors, and Visa central control functions, and ensuring audit activities are delivered efficiently, accurately, and on time. Ensure all processes are operating effectively and are correctly evidenced, including the maintenance of appropriate documentation, dependency mapping, and traceability to responsible teams and subject matter experts. 2. GRC Engineering, Integration & Automation Translate regulatory, compliance, and control requirements into practical, product aware implementations, working directly with engineering and platform teams to embed controls into architectures, CI/CD pipelines, cloud environments, and operating processes. Design, build, and maintain automation to support compliance activities where it adds demonstrable value, including: control validation and continuous assurance evidence collection, normalisation, and retention workflow orchestration and exception handling metrics, reporting, and compliance visibility Apply engineering judgement to determine what should be automated in the short term, what requires process or architectural maturity or redesign to be effective, and what is not suitable for automation. Ensure Featurespace teams are effectively integrated with Visa's centrally provided security and compliance capabilities, identifying when changes in Featurespace products, architectures, suppliers, customer requirements, or operating models introduce new or materially changed obligations, and ensuring the appropriate Visa processes and assessments are engaged, including: policy and standards frameworks third party risk management processes security architecture assessments security awareness and training programmes legal and commercial contracting risk management and governance tooling 3. Advisory, Enablement & Secure by Design Act as a trusted advisor and subject matter expert to Featurespace engineering, product, commercial, and leadership teams, helping stakeholders understand information security and compliance expectations and how to meet them pragmatically. Drive a secure by design and shift left mindset, ensuring compliance and assurance considerations are addressed early in delivery rather than deferred to audit windows, and facilitating the timely closure of gaps and findings identified through Visa vulnerability management and secure assessment processes. Develop and maintain repeatable patterns, reference implementations, standards, procedures, and guidance that reduce friction for delivery teams while maintaining strong assurance, consulting with and coordinating input from subject matter experts as required. 4. Risk Management, Audit & External Engagement Conduct security risk assessments and business impact analyses, and recommend appropriate control improvements to address identified risks or weaknesses. Provide oversight and assurance of corrective, preventative, or remediation activities, utilising Visa risk management tooling, working with identified application and service owners, and escalating issues at risk of missing deadlines in a timely and effective manner. Represent Information Security with customers, auditors, and internal stakeholders, particularly during assurance windows and customer security engagements. Coordinate and lead responses to customer RFP questions and security audits, ensuring responses are timely, accurate, repeatable, re usable, traceable to responsible SMEs, and supported by appropriate evidence. Support incident response and recovery activities where compliance or control effectiveness is impacted, ensuring appropriate remediation actions are taken and evidenced. Travel periodically as required for customer, company, or relevant events. This is a hybrid position. Expectation of days in office will be confirmed by your hiring manager.

Description Retail Cloud from Salesforce is the leading commerce platform to connect consumers and store associates with digital experiences. Designed exclusively for brands and retailers, its innovative technology powers Modern POS with store associate apps including mPOS, Inventory Management, Clienteling, Endless Aisle, and Curbside Pickup. Retail Cloud Commerce Platform connects the online and in-store customer journey and enables brands to engage with customers by offering highly personalized interactions and fast and efficient commerce transactions. Retail Cloud Content Management System (CMS), the leading no-code mobile commerce platform enables merchandisers to create on-brand experiences with personalized promotions and loyalty. Founded by the visionary behind Google Shopping, Retail Cloud powers mobile commerce for the world's leading brands and retailers, including Sando, Maje, Deciem and Suitsupply. The Role We're seeking a Solution Architect to join our professional services team. This role encompasses managing a spectrum of client interactions related to our Retail Cloud offering. From pre sales support to implementation, you'll spearhead strategic customer implementations that fulfill customer expectations tied to their use of our market leading software. The Solution Architect will be part of the Commerce Practices team within professional services and work alongside commerce industry experts in B2B, B2C, Order Management and Retail Cloud solutions. The Solution Architect will lead one or more projects for enterprise customers, partnering with key stakeholders to achieve the implementation vision while executing on defined deliverables. They serve as hands on advisors, using strong interpersonal skills, solution and technical knowledge, industry experience, consulting experience, and knowledge of their client's business to deliver customer ROI. What You Will Do Develop a comprehensive understanding of the Retail Cloud solution and customer business models to drive client business objectives, retention, and achieving customer business objectives. Assist in pre sales activities to qualify prospects, advise on implementation best practices and define implementation estimates and related timelines. Engage in hands on management and delivery of complex projects, leveraging your technical and management expertise in areas like APIs, SPI, and retail technology systems (POS, e commerce platforms). Serve as a technical advisor and partner to clients and or their 3rd party systems implementation partners, aiding in their understanding and utilization of our platform's capabilities. Interact with license sales, sales engineering, product management and professional services colleagues in context of pre sales and or delivery. Contribute to our implementation best practices strategies, leveraging insight from your work and observations on market trends to continuously improve our delivery motion. Drive successful customer outcomes that align with their objectives and growth goals. Develop and manage relationships with professional services sellers and provide pre sales support to evaluate, scope, estimate and create proposals for prospective projects. Plan, develop and deliver enablement or mentorship programs for sales teams and delivery consultants to help scale the business. Manage to a minimum billable utilization target. Positively contribute to professional services bookings. Skills & Requirements 5+ years in software systems implementation professional services as a solution architect in a SaaS tech driven environment. Customer facing expert. Expertise in in store retail operations technologies and hardware including credit card devices, tap to pay solutions, barcode scanners, RFID technology, cash drawers, receipt printers, point of sale ("POS") solutions, e commerce, unified commerce, BOPIS, BORIS and Endless Aisle. Familiarity with integrated payment processing solutions and PCI compliance. Demonstrated technical proficiency with SaaS, microservices, system integration architecture approaches and data schemas. Expertise working with Enterprise customers, including senior level customer interactions on business and technical sides of customer organization. Excellent written and verbal communication skills, executive level presence and experience in working in a client advisory role. Strong consulting skills, including listening, analysis and delivering prescriptive solution recommendations. Team player who can work independently or as a member of a larger team. Detail oriented individual with the ability to rapidly learn and take advantage of new concepts, business models, and technologies. Ability to support multiple, concurrent pursuits and projects. Proficiency in JIRA, standard project management tools, and collaboration suites (e.g., Slack) Relevant Salesforce certifications and consulting experience are preferred. Bachelor's degree (or its foreign degree equivalent) in a Technology, Engineering (any field) or a related quantitative discipline. Equivalent demonstrable work experience in lieu of a degree will be considered. Ability to travel; up to 25% Benefits Competitive salary packages and bonuses Strong equity / employee stock option package Comprehensive medical, dental and vision insurance Generous vacation and company holidays Paid parental leave for eligible employees Volunteering time off opportunities

A leading security consultancy in Greater London is seeking an Information Security GRC Engineering Consultant to implement security controls and ensure compliance with regulatory frameworks such as PCI DSS and SOC 2. The successful candidate will be responsible for leading certification activities, providing trusted advisory support to engineering teams, and conducting risk assessments. This hybrid role offers an opportunity to work on impactful projects while contributing to the security ecosystem of cloud environments.

LOCATION(S): Edinburgh, Leeds, Halifax, Manchester or Bristol HOURS: Full-time WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week currently, or 40% of our time, at our office location. About this opportunity Our Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms. Join our Chief Security Office here at Lloyds Banking Group as we build the bank of the future. Are you someone who wants to be in the heart of Cyber Security delivering change and working in an agile way? Interested in being a part of shaping our Security Strategy? We have the perfect opportunity for you. We are actively welcoming enthusiastic Cyber Security Professionals from all industries and backgrounds to join our expanding team as we embark on an exciting journey where you will have the opportunity to ensure security by design is embedded across our change portfolio. Cyber Security sits at the heart of our business providing the Group with a secure operating environment, safe from malicious attacks. It is a dynamic and constantly evolving world where your experience and efforts can deliver tangible results to the safety of a huge company and over 30m customers. We're on the mission to build the bank of the future, and we need your help to do it! What you'll need Ability to develop, design secure solutions and produce a Security Design documenting the controls. The ability to deconstruct a solution / network architecture. Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE). Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact. Effectively communicate technical concepts to both technical and non-technical collaborators. Skills to produce and articulate Security Designs to all collaborators within the project and business. Comfortable weighing the risks and benefits of competing Security design options. Comfortable working on multiple challenging projects simultaneously. Any experience of these would be really useful Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Certifications in Security Management such as CISSP / CISM / CCSP or equivalent. Certifications in technical Security domains such as CEH / OSCP or equivalent. Experience of Public and or Private cloud environments.

Location: Newbury + HybridSalary: Excellent basic salary plus bonus and Vodafone benefitsWorking Hours: Full time 37.5 hours per week - Monday to FridayHybridWe believe that through collaboration and connection with our colleagues we can achieve great things. Our hybrid working approach allows our people to work both in the office and at home, providing the flexibility and resources you need to succeed in your role. We don't require you to be in on specific days; instead, we ask people to come into the office 2-3 days each week, for at least 8 days per month. You should work with your line manager to understand what their expectations are for you, your specific role and your team.Who We AreWe're here to build a network the UK can count on - one that connects people, places and potential. Because no matter where you live, what your background is, or how you get online - we think everyone deserves the same chance to stay connected, and with VodafoneThree, that future's being built - today.We're creating more than the UK's best network. We're helping close the digital divide, empower communities and drive meaningful progress.We believe that everyone should feel they belong. Whoever you are and whatever your story, there's space for you here. We're building a workplace where different perspectives are welcomed, voices are heard, and everyone feels safe to show up as themselves.You'll join a team that genuinely cares - about each other, about our customers, and about the future we're building. From day one, you'll be welcomed, valued and encouraged to bring your whole self to work.Why VodafoneThreeJoin us and you'll be at the heart of change. That means building responsibly, investing sustainably and creating opportunities that last.We're not just expanding connectivity; we're reimagining what a connected nation looks like. With £11bn invested in 5G and digital infrastructure, your work will directly power businesses, services, and communities across the country.You'll work on real challenges, with real impact, across every corner of the country. Wherever you join us, whatever your role, you'll be helping to build a future that works better for everyone.We move at pace, because what we're building matters - and we're learning as we go. We're proud of the progress we've made, but we're just getting started.What you'll doAs a Security Architect within Secure by Design, you will be accountable for embedding security into IT and Digital systems by design, ensuring that security is considered early, applied proportionately, and assured consistently across programmes and business as usual change.You will provide end to end security architecture leadership across VodafoneThree's IT & Digital estate, partnering with delivery teams, architects, and senior stakeholders to ensure that solutions are secure, compliant, resilient, and aligned to regulatory and business obligations.This role plays a critical part in protecting VodafoneThree from persistent cyber threats while enabling safe digital transformation at pace.As a Security Architect in Secure by Design, you will define, document, and assure end to end security architectures that protect the confidentiality, integrity, and availability of VodafoneThree's IT & Digital systems.You will work closely with:UK IT & Digital, Networks and Data & Analytics teamsUK & Group architecture functionsSecure by Design Managers, Consultants, and Cyber Security ChampionsYou will influence senior technical stakeholders to ensure UK security requirements are understood, accepted, and embedded, supporting compliance with TSA, data protection, and other regulatory frameworks.Act as a member of the Secure by Design Security Architecture team, representing IT & Digital domainsOwn and deliver end to end security architecture for assigned initiativesDefine and embed technical and non-technical security controls into solution designsReview and assess solution architectures against VodafoneThree security policies, standards, and patternsApprove compliant designs and escalate deviations and exceptions in line with SbD governanceProvide security input during RFx, supplier selection, contracting, and early design phasesEmbed Secure by Design principles into Agile, DevSecOps, CI/CD and product centric delivery modelsIdentify, assess, and manage cyber security risks-ensuring risks are recorded, owned, and mitigatedSpecify and scope penetration testing and security assurance activities for complex solutionsEnsure vulnerabilities and findings are tracked and remediated prior to go liveEngage business and technology teams to understand roadmaps and future plans, ensuring timely security engagementInfluence internal teams, suppliers, and partners to adopt secure design practicesProvide technical leadership, mentoring, and design guidance to SbD Managers, Consultants, and Cyber Security ChampionsLead or support regulatory, compliance, and audit activities relevant to IT & Digital systemsWho you areExperience in cyber security roles, with strong architecture focusProven experience delivering complex, cross domain IT & Digital security architecturesStrong understanding of security risks, threat modelling, and mitigating controlsHands on experience securing public cloud platforms (AWS, Azure, GCP)Deep knowledge of containerised, virtualised and hybrid infrastructureStrong knowledge of security and compliance frameworks (ISO 27001, NIST, COBIT, SOC2, ITIL)Understanding of regulatory and data protection requirements (PII, PCI DSS, privacy legislation)Ability to influence senior technical and non-technical stakeholdersExcellent documentation, communication, and decision-making skillsSABSA and/or TOGAF architecture qualificationsCISSP, CCSP/CCSK, and cloud provider certificationsWorried that you don't meet all the desired criteria exactly?We know that everyone is unique, with multiple aspects to their identity and different experiences behind them. We are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you're excited about this role but your experience doesn't align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in.What we offerWe care about our people's success by offering great pay, bonuses, up to 28 days off plus bank holidays, and paid time for charity work. You can personalise our benefits for you and your family, like discounts, vouchers, a pension plan and loads more. We help with your career through our amazing learning tools and top-notch parental leave policies.Need to KnowWe are regulated by the Financial Conduct Authority and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet the regulators standards.If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, a sign language interpreter, or assistive technology, please refer to the Accessibility section of our Careers website () for guidance.We use AI in different parts of our business to boost innovation, improve efficiency, and create new opportunities. We know many candidates use AI to fine-tune their CVs or prepare for interviews, but what we really care about is your unique experiences and achievements.During the interview, we want you to rely on your own knowledge and skills to show us who you really are-your personality, creativity, and abilities. Above all, we're looking for authenticity and can't wait to get to know the real you.

VodafoneThree - SbD Security Architect - IT & DigitalNewbury, United Kingdom Location: Newbury + Hybrid Salary: Excellent basic salary plus bonus and Vodafone benefits Working Hours: Full time 37.5 hours per week - Monday to Friday Hybrid We believe that through collaboration and connection with our colleagues we can achieve great things. Our hybrid working approach allows our people to work both in the office and at home, providing the flexibility and resources you need to succeed in your role. We don't require you to be in on specific days; instead, we ask people to come into the office 2-3 days each week, for at least 8 days per month. You should work with your line manager to understand what their expectations are for you, your specific role and your team. Who We Are We're here to build a network the UK can count on - one that connects people, places and potential. Because no matter where you live, what your background is, or how you get online - we think everyone deserves the same chance to stay connected, and with VodafoneThree, that future's being built - today. We're creating more than the UK's best network. We're helping close the digital divide, empower communities and drive meaningful progress. We believe that everyone should feel they belong. Whoever you are and whatever your story, there's space for you here. We're building a workplace where different perspectives are welcomed, voices are heard, and everyone feels safe to show up as themselves. You'll join a team that genuinely cares - about each other, about our customers, and about the future we're building. From day one, you'll be welcomed, valued and encouraged to bring your whole self to work. Why VodafoneThree Join us and you'll be at the heart of change. That means building responsibly, investing sustainably and creating opportunities that last. We're not just expanding connectivity; we're reimagining what a connected nation looks like. With £11bn invested in 5G and digital infrastructure, your work will directly power businesses, services, and communities across the country. You'll work on real challenges, with real impact, across every corner of the country. Wherever you join us, whatever your role, you'll be helping to build a future that works better for everyone. We move at pace, because what we're building matters - and we're learning as we go. We're proud of the progress we've made, but we're just getting started. What you'll do As a Security Architect within Secure by Design, you will be accountable for embedding security into IT and Digital systems by design, ensuring that security is considered early, applied proportionately, and assured consistently across programmes and business as usual change. You will provide end to end security architecture leadership across VodafoneThree's IT & Digital estate, partnering with delivery teams, architects, and senior stakeholders to ensure that solutions are secure, compliant, resilient, and aligned to regulatory and business obligations. This role plays a critical part in protecting VodafoneThree from persistent cyber threats while enabling safe digital transformation at pace. As a Security Architect in Secure by Design, you will define, document, and assure end to end security architectures that protect the confidentiality, integrity, and availability of VodafoneThree's IT & Digital systems. You will work closely with: UK IT & Digital, Networks and Data & Analytics teams UK & Group architecture functions Secure by Design Managers, Consultants, and Cyber Security ChampionsYou will influence senior technical stakeholders to ensure UK security requirements are understood, accepted, and embedded, supporting compliance with TSA, data protection, and other regulatory frameworks. Act as a member of the Secure by Design Security Architecture team, representing IT & Digital domains Own and deliver end to end security architecture for assigned initiatives Define and embed technical and non-technical security controls into solution designs Review and assess solution architectures against VodafoneThree security policies, standards, and patterns Approve compliant designs and escalate deviations and exceptions in line with SbD governance Provide security input during RFx, supplier selection, contracting, and early design phases Embed Secure by Design principles into Agile, DevSecOps, CI/CD and product centric delivery models Identify, assess, and manage cyber security risks-ensuring risks are recorded, owned, and mitigated Specify and scope penetration testing and security assurance activities for complex solutions Ensure vulnerabilities and findings are tracked and remediated prior to go live Engage business and technology teams to understand roadmaps and future plans, ensuring timely security engagement Influence internal teams, suppliers, and partners to adopt secure design practices Provide technical leadership, mentoring, and design guidance to SbD Managers, Consultants, and Cyber Security Champions Lead or support regulatory, compliance, and audit activities relevant to IT & Digital systems Who you are Experience in cyber security roles, with strong architecture focus Proven experience delivering complex, cross domain IT & Digital security architectures Strong understanding of security risks, threat modelling, and mitigating controls Hands on experience securing public cloud platforms (AWS, Azure, GCP) Deep knowledge of containerised, virtualised and hybrid infrastructure Strong knowledge of security and compliance frameworks (ISO 27001, NIST, COBIT, SOC2, ITIL) Understanding of regulatory and data protection requirements (PII, PCI DSS, privacy legislation) Ability to influence senior technical and non-technical stakeholders Excellent documentation, communication, and decision-making skills SABSA and/or TOGAF architecture qualifications CISSP, CCSP/CCSK, and cloud provider certifications We know that everyone is unique, with multiple aspects to their identity and different experiences behind them. We are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you're excited about this role but your experience doesn't align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in. What we offer We care about our people's success by offering great pay, bonuses, up to 28 days off plus bank holidays, and paid time for charity work. You can personalise our benefits for you and your family, like discounts, vouchers, a pension plan and loads more. We help with your career through our amazing learning tools and top-notch parental leave policies. Need to Know We are regulated by the Financial Conduct Authority and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet the regulators standards. If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, a sign language interpreter, or assistive technology, please refer to the Accessibility section of our Careers website () for guidance. We use AI in different parts of our business to boost innovation, improve efficiency, and create new opportunities. We know many candidates use AI to fine-tune their CVs or prepare for interviews, but what we really care about is your unique experiences and achievements. During the interview, we want you to rely on your own knowledge and skills to show us who you really are-your personality, creativity, and abilities.

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients' hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world. But that's not who we are - that's just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. Position Summary At Coalfire as a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will also get to work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables. This is a great opportunity as a Security Consultant to make an impact and enhance clients security posture and business processes affecting information security and data privacy through technical evaluation of governance programs. You will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. As a Consultant you will evaluate the design and operating effectiveness of controls supporting management systems and will help to identify improvement opportunities. You will test technical controls, policies and procedures, laws, regulations, and industry best practices. In this role, as a Consultant you facilitate Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. Our consultants works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables. A Security Consultant on the SOC/PCI team helps to enhance clients' security posture and ensure that business and customer data is properly protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities. This position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred. What You'll Do Work collaboratively with a team of assessors as a compliance specialist in at least one area of expertise and assist with the planning of assessment for clients Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment Autonomously leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements Assess security vulnerabilities against the appropriate security frameworks First-level reviewer of drafted audit planning and reporting materials Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification Assess client provided documentation for compliance with a variety of standards Partner with senior members to prepare and review assessment reports. Educate and interpret compliance activities for clients Manage priorities and tasks to achieve delivery utilization targets Ensures quality products and services are delivered on time per Coalfire quality standards. Continuous professional development; maintain industry specific certifications, depth of knowledge, credentials, and designations Collaborates and communicates successfully with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables. Establish and maintain positive collaborative relationships with clients and stakeholders Identifies upsell and cross sell opportunities and escalates to appropriate leadership Execute, examine, interview and test procedures in accordance with the appropriate control Ensure cyber security policies are adhered to and that required controls are implemented Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable Provides advice to customers on issues affecting the scope of work in a manner that provides additional value Develop documentation and author recommendations associate with your findings on how to improve the customer's security posture in accordance with appropriate controls Travel up to 25% possible What You'll Bring 2+ years of experience as an IT Consultant, IT auditor, Business Analyst, or similar role Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in related field (CIS, MIS, or IT) General knowledge of IT audit procedures and cyber security best practices Experience and demonstrated ability to independently research a technical topic and develop logical testing approaches Experience and demonstrated ability to lead testing sessions for assigned controls. Demonstrated experience reading and interpreting security framework criteria Strong personal initiative to appropriately manage time and meet deadlines Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships Ability to build high-trust relationship and credibility quickly High attention to detail Ability to facilitate meetings to small or large groups Diplomatic and broad minded Strong written and verbal communication skills including quick response time the ability to explain technical matters to a non-technical audience Has a sense of urgency and ability to multi-task Public speaking and executive presence that solicits attention Inquisitive and curious nature with the ability to effectively probe for deeper information Strong technical researcher Bonus Points Cloud experience (AWS, GCP, Azure) Assessment and compliance experience related to the financial services industry, fintech, insurance, banking, and/or B2B enterprise experience CCSK, CCP, Security + certifications AQSA certification One of the following Information Security certifications required or ability to obtain: CISSP, CISM or ISO 27001 Lead Implementer. One of the following Audit certifications required or ability to obtain: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor. £54,514 - £64,677 a year The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. Why You'll Want to Join Us At Coalfire, you'll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you'll work most effectively - whether you're at home or an office. Regardless of location, you'll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You'll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you'll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options. At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at .

Location This role offers flexibility to work remotely from your own home, or as a hybrid arrangement and work from our offices in Oxford or Glasgow, if preferred. There is also a requirement for flexibility from employees to visit client sites across the UK as part of this role. Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, you'll be joining a company that prioritizes both your growth and the safety of our clients. Dionach is also proud to be Great Place To Work Certified , a recognition based entirely on feedback from our team. We're committed to creating an environment where people feel supported, valued and able to grow. Learn more about our certification here: Working at Dionach Great Place to Work UK. We're in an exciting phase of expansion and are looking for self-motivated individuals ready to thrive in a fun, flexible environment. At Dionach by Nomios, your contributions will have a genuine impact on the business, and you'll find opportunities for both interesting work and career development. Benefits Our employees are the heart of our business. We value our employees and invest in their growth and well-being. Here's what we offer: Hybrid Working: Flexibility to work remotely or use our UK offices around client visits. Professional Growth: Access to training labs, certification sponsorship, and time for skill development. Well-being Focus: Private health insurance, eye care plan, income protection, EAP scheme, and well-being platform. Our Commitment to Diversity and Inclusion At Dionach by Nomios, we believe that diversity fuels innovation. We're dedicated to creating an inclusive workplace where everyone feels valued and respected. We welcome applications from all backgrounds, perspectives, and experiences, and we're committed to being an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or any other legally protected status. We encourage candidates from underrepresented groups to apply and are committed to providing a supportive and accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. The salary band advertised for this role is £40,000 to £65,000 per annum, depending on experience. What You'll Do Conduct penetration tests across various environments, including web applications, APIs, Cloud, and network infrastructure. Issue detailed reports outlining findings, risks, and recommendations for remediation. Translate complex technical findings into actionable insights for both technical and non-technical audiences. Stay updated with the latest security trends, tools, and techniques. Participate in research and development projects. Focus on your development by attaining industry recognised certifications. Be available for occasional on-call duties and on-site client engagements, as needed. What We're Looking For Certifications: Relevant certifications such as CREST CRT, CREST CCT, OSCP, OSWE, OSCE, or equivalent level. Experience: At least two years in penetration testing, covering network, web, and internal tests and customer engagements. Tools: Proficiency with tools like Burpsuite Pro, Nessus, and other industry standards. Communication: Strong verbal and written skills for stakeholder management, collaboration and report writing. Independence: Ability to work solo or as part of a team on penetration tests. Eligibility: Right to work in the UK and eligibility for security clearance. Key Attributes Analytical thinker with a proactive, detail oriented approach. Excellent verbal and written communication skills, capable of engaging with technical and non-technical stakeholders. Ability to work effectively under pressure and adapt to rapidly changing threat landscapes. Commitment to maintaining the highest ethical and professional standards. Are you an experienced penetration tester looking to further improve your skills and take on more responsibilities? If so, this opportunity is perfect for you! We look forward to receiving your applications!

Location This role offers flexibility to work remotely, with regular visits to client sites. Alternatively, you can choose a hybrid arrangement and work from our offices in Oxford or Glasgow, if preferred. Why join Dionach by Nomios? Since being acquired by Nomios in late 2024, Dionach by Nomios has continued its dynamic growth as a leading information security company. Specializing in penetration testing and information assurance services, we offer an incredible opportunity to be part of an experienced team, build your skills, and grow professionally. Dionach by Nomios holds impressive certifications, including CREST, CHECK, PCI QSA, and ISO 27001. With our focus on enhancing customers' security and fostering team development, you will be joining a company that prioritizes both your growth and the safety of our clients. Dionach is also proud to be Great Place To Work Certified. We're committed to creating an environment where people feel supported, valued and able to grow. Learn more about our certification here: Working at Dionach Great Place To Work UK. We are in an exciting phase of expansion and are looking for self motivated individuals ready to thrive in a fun, flexible environment. At Dionach by Nomios, your contributions will have a genuine impact on the business, and you will find opportunities for both interesting work and career development. Benefits Our employees are the heart of our business. We value our employees and invest in their growth and well being. Here's what we offer: Hybrid Working: Flexibility to work remotely or use our UK offices around client visits. Professional Growth: Time for skill development. Well being Focus: Private health insurance, eye care plan, income protection, EAP scheme, and well being platform. Our Commitment to Diversity and Inclusion At Dionach by Nomios, we believe that diversity fuels innovation. We are dedicated to creating an inclusive workplace where everyone feels valued and respected. We welcome applications from all backgrounds, perspectives, and experiences, and we are committed to being an equal opportunity employer. We do not discriminate based on race, religion, gender, age, disability, or any other legally protected status. We encourage candidates from underrepresented groups to apply and are committed to providing a supportive and accessible environment for all our employees. If you require accommodations during the application process, let us know, and we'll work to meet your needs. Screening Requirements This role requires successful completion of the Baseline Personnel Security Standard (BPSS) screening prior to commencement. BPSS is a government mandated pre employment check that includes identity verification, right to work, employment history, and criminal record screening. Depending on the nature of the work undertaken, additional security clearance at Security Check (SC) level or above may also be required. Candidates must be eligible to work in the UK and willing to undergo the necessary vetting processes. What You'll Do Deliver cyber security assurance services to identify vulnerabilities in different areas on a variety of technologies, including vulnerability assessments on external networks, internal networks, applications, and enterprise security systems. Deliver presentations to technical and non technical stakeholders. Main role will be as a Junior Cyber Security Consultant, with options in the future to move into penetration testing and to work in other areas of information security consultancy. Focus on your development by attaining industry recognised certifications. Be available for occasional on call duties and on site client engagements, as needed. What We're Looking For Qualifications: Relevant degree or one full year's minimum experience in penetration testing or cyber security assurance. Experience: Some experience of cyber security assessment, vulnerability assessments, or penetration testing. Certifications: CPSA or CEH would be advantageous. Tools: Experience of penetration testing tools, Linux, Windows, and Active Directory. Communication: Strong verbal and written skills for stakeholder management, collaboration and administration tasks. Independence: Ability to work independently or as part of a team. Eligibility: Right to work in the UK and eligibility for security clearance. Key Attributes Analytical thinker with a proactive, detail oriented approach. Excellent verbal and written communication skills. Ability to work effectively under pressure. Commitment to maintaining the highest ethical and professional standards. Do you have experience in cyber security assessment, vulnerability assessments, or penetration testing? Are you looking to further improve your skills and take on more responsibilities? If so, this opportunity is perfect for you!