Job Title: Cyber Security Operations Manager Location: Liverpool City Centre on a Hybrid working basis Salary: Up to 75,000 per annum Depending on experience Job Type: Permanent, Full Time Working Hours: 37.5 hours per week, Monday to Friday Acorn are looking to recruit a brand-new role as a Cyber Security Operations Manager. The Cyber Security Operations Manager will lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams, the manager ensures that security operations are proactive, resilient, and aligned with business needs. Responsibilities: Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review. Coordinate major incident management with IT Infrastructure, Cloud, and Business teams. Ensure lessons learned are captured and drive meaningful improvement. Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks. Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed. Support risk assessment processes and provide input to security governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and knowledge-sharing programmes. Work with technology, business, and leadership teams to communicate risks, incidents, and security posture. Support audits, regulatory assessments, and customer assurance activities About you: Requirements: Experience managing a SOC or security operations function within a complex enterprise environment. Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure, AWS, or GCP). Grow with Acorn: We bring over 40 years of specialist insurance expertise to the table. From humble beginnings, we've grown into a national leader, now employing 1,700+ people across the UK. We're growing fast, with new opportunities emerging every week. That growth is largely due to the values we share: We run through walls for our customers and each other We challenge the status quo We succeed when we help those around us succeed We decide quickly when the smart thing to do is use our judgement Benefits: 35 days' holiday (including bank holidays) with additional buy/sell options 24/7 mental health support & free counselling available Grow with us: Through career fairs, leadership programs, and learning on the go! Flexible benefits, including early access to salary via our internal platform Hybrid working options to support work-life balance and individual needs Recognition awards, social events & more Our Commitment to our colleague's: Earn recognition and accreditation from leading organisations that share our commitment to people and growth: Mindful Employer Disability Confident Level 1 & 2 Menopause Friendly accredited Armed Forces Covenant signatory Great Places to Work 2024/25 Best Place to Work for Development Best Place to Work for Women Before applying, please know: If your application is successful, we will run relevant employment checks prior to your employment with us. These will include a standard criminal record check and an insolvency register check. Visa Requirements We can only consider applicants who have at least one year remaining on their Graduate or Post-Study Work visa. At the moment, we're not able to offer visa sponsorship. We're Here to Support You We're committed to creating an inclusive, supportive workplace where everyone can flourish. If you need any adjustments during the recruitment process-or once you're part of the team-we'll work with you to make sure you can do your best work. Please click the APPLY button to submit your CV for this role. Candidates with experience or relevant job titles of; Cyber Security Consultant, Head of Cyber Security, Cyber Security Operations Supervisor, IT Cloud Operations Manager may also be considered for this role.
02/04/2026
Full time
Job Title: Cyber Security Operations Manager Location: Liverpool City Centre on a Hybrid working basis Salary: Up to 75,000 per annum Depending on experience Job Type: Permanent, Full Time Working Hours: 37.5 hours per week, Monday to Friday Acorn are looking to recruit a brand-new role as a Cyber Security Operations Manager. The Cyber Security Operations Manager will lead the operational security function responsible for protecting the organisation's information assets, technology services, and users. This role oversees all security operation functions, incident response, threat detection, vulnerability management, and continuous improvement of the organisation's security posture. Working closely with Infrastructure, Cloud, Architecture, Governance, Compliance and Risk teams, the manager ensures that security operations are proactive, resilient, and aligned with business needs. Responsibilities: Lead and manage the daily operations of the internal Security Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage, containment, eradication, recovery, and post-incident review. Coordinate major incident management with IT Infrastructure, Cloud, and Business teams. Ensure lessons learned are captured and drive meaningful improvement. Oversee the vulnerability management programme, ensuring timely identification, prioritisation, and remediation of risks. Partner with asset owners to ensure patches, configuration hardening, and remediation actions are completed. Support risk assessment processes and provide input to security governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and knowledge-sharing programmes. Work with technology, business, and leadership teams to communicate risks, incidents, and security posture. Support audits, regulatory assessments, and customer assurance activities About you: Requirements: Experience managing a SOC or security operations function within a complex enterprise environment. Strong understanding of SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure, AWS, or GCP). Grow with Acorn: We bring over 40 years of specialist insurance expertise to the table. From humble beginnings, we've grown into a national leader, now employing 1,700+ people across the UK. We're growing fast, with new opportunities emerging every week. That growth is largely due to the values we share: We run through walls for our customers and each other We challenge the status quo We succeed when we help those around us succeed We decide quickly when the smart thing to do is use our judgement Benefits: 35 days' holiday (including bank holidays) with additional buy/sell options 24/7 mental health support & free counselling available Grow with us: Through career fairs, leadership programs, and learning on the go! Flexible benefits, including early access to salary via our internal platform Hybrid working options to support work-life balance and individual needs Recognition awards, social events & more Our Commitment to our colleague's: Earn recognition and accreditation from leading organisations that share our commitment to people and growth: Mindful Employer Disability Confident Level 1 & 2 Menopause Friendly accredited Armed Forces Covenant signatory Great Places to Work 2024/25 Best Place to Work for Development Best Place to Work for Women Before applying, please know: If your application is successful, we will run relevant employment checks prior to your employment with us. These will include a standard criminal record check and an insolvency register check. Visa Requirements We can only consider applicants who have at least one year remaining on their Graduate or Post-Study Work visa. At the moment, we're not able to offer visa sponsorship. We're Here to Support You We're committed to creating an inclusive, supportive workplace where everyone can flourish. If you need any adjustments during the recruitment process-or once you're part of the team-we'll work with you to make sure you can do your best work. Please click the APPLY button to submit your CV for this role. Candidates with experience or relevant job titles of; Cyber Security Consultant, Head of Cyber Security, Cyber Security Operations Supervisor, IT Cloud Operations Manager may also be considered for this role.
Job Tittle: EUC Architect Location: Belfast, Coleraine, Derry - Londonderry - 1 to 2 days per week onsite Contract Type: Permanent, Full-Time Salary: Circa £45000 - £47,000/Annum Are you ready to take your career to the next level? Our client, a forward-thinking organisation in the Information Technology sector, is seeking an enthusiastic and experienced End User Compute Architect to join their dynamic team. This is a hands-on technical architect role focused on designing, improving, and delivering modern End User Compute (EUC) services. You'll play a key role in shaping how staff and students access IT systems-driving innovation across device management, endpoint security, and cloud-based technologies. About the Role: As the End User Compute Architect, you will be at the forefront of implementing innovative deployment methodologies and technologies that elevate our end-user compute services. You will have the autonomy to influence the adoption of emerging technologies and play a vital role in shaping the future of our organisation's IT landscape. Who You Are: You possess expertise in cloud MDM/MAM technologies and have experience with endpoint management and security tools. You have a knack for Scripting (preferably PowerShell) and a background in managing technical delivery teams. You excel in problem-solving and have strong interpersonal skills to communicate effectively with both technical and non-technical stakeholders. Experienced in Microsoft Endpoint Manager (Intune) or Jamf Pro SCCM/MECM (imaging, patching, application deployment) VDI/Desktop as a Service (eg Azure Virtual Desktop) Endpoint Security (AV, EDR, threat protection) PowerShell Scripting and automation Key Responsibilities: Design and deliver modern End User Compute (EUC) services Lead the implementation of device management and deployment strategies Manage and enhance endpoint platforms (desktop, mobile, VDI) Drive adoption of cloud-based MDM/MAM solutions Manage and coordinate defined "evaluation and investigation" activity aimed at supporting and developing the integration and adoption of the use of corporate approved and centrally managed technology platforms and associated configurations. Initiate and execute centralised service management responsibilities, service performance monitoring, design of software and operating system deployment methods and the production of reporting and monitoring procedures relating to end user device security (eg virus and malware threats). Maintain, manage and develop the endpoint management platforms, endpoint security and Virtual Desktop Infrastructure, including image creation, deployment and maintenance, application packaging and deployment, deployment of security updates and vulnerability management. Research, develop, promote, and support endpoint management and deployment technologies and associated desktop tools. Continuously seek to automate processes including application deployments and management using major Scripting languages such as PowerShell and batch Scripting. Provide a technical consultancy and support service to ICT support staff and to faculty ICT support staff responsible for the deployment and delivery of staff and student services, via managed roll-out projects. Manage and develop the secure configuration and deployment of tailored policies responsible for ensuring effective deployment of endpoint protection capabilities. Represent the department as a technical liaison with maintenance and service providers to resolve operational problems and to contribute to cyclical customer-supplier reviews. Function as the primary technical resource and trusted advisory for internal stakeholder engagements pertaining to endpoint hardware configuration and life cycle management, corresponding procurement activities, endpoint compliance requirements and application requirements. Create technical content and guidance documentation and deliver training courses and knowledge transfer sessions pertaining to new and improved End User Compute services. Why Join Us? Be a part of a supportive and innovative team where your ideas and contributions matter. Enjoy a competitive salary and the opportunity for professional growth. Work in a flexible, hybrid environment that values work-life balance. If you are excited about leveraging technology to improve end-user experiences and meet the qualifications listed above, we would love to hear from you! Apply today to seize this opportunity to make a real impact! Note: Applications must be submitted through the official application form available at [our client's website]. CVs will not be accepted as a substitute for the application form. Join our client in shaping the future of technology. Your journey starts here! Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
02/04/2026
Full time
Job Tittle: EUC Architect Location: Belfast, Coleraine, Derry - Londonderry - 1 to 2 days per week onsite Contract Type: Permanent, Full-Time Salary: Circa £45000 - £47,000/Annum Are you ready to take your career to the next level? Our client, a forward-thinking organisation in the Information Technology sector, is seeking an enthusiastic and experienced End User Compute Architect to join their dynamic team. This is a hands-on technical architect role focused on designing, improving, and delivering modern End User Compute (EUC) services. You'll play a key role in shaping how staff and students access IT systems-driving innovation across device management, endpoint security, and cloud-based technologies. About the Role: As the End User Compute Architect, you will be at the forefront of implementing innovative deployment methodologies and technologies that elevate our end-user compute services. You will have the autonomy to influence the adoption of emerging technologies and play a vital role in shaping the future of our organisation's IT landscape. Who You Are: You possess expertise in cloud MDM/MAM technologies and have experience with endpoint management and security tools. You have a knack for Scripting (preferably PowerShell) and a background in managing technical delivery teams. You excel in problem-solving and have strong interpersonal skills to communicate effectively with both technical and non-technical stakeholders. Experienced in Microsoft Endpoint Manager (Intune) or Jamf Pro SCCM/MECM (imaging, patching, application deployment) VDI/Desktop as a Service (eg Azure Virtual Desktop) Endpoint Security (AV, EDR, threat protection) PowerShell Scripting and automation Key Responsibilities: Design and deliver modern End User Compute (EUC) services Lead the implementation of device management and deployment strategies Manage and enhance endpoint platforms (desktop, mobile, VDI) Drive adoption of cloud-based MDM/MAM solutions Manage and coordinate defined "evaluation and investigation" activity aimed at supporting and developing the integration and adoption of the use of corporate approved and centrally managed technology platforms and associated configurations. Initiate and execute centralised service management responsibilities, service performance monitoring, design of software and operating system deployment methods and the production of reporting and monitoring procedures relating to end user device security (eg virus and malware threats). Maintain, manage and develop the endpoint management platforms, endpoint security and Virtual Desktop Infrastructure, including image creation, deployment and maintenance, application packaging and deployment, deployment of security updates and vulnerability management. Research, develop, promote, and support endpoint management and deployment technologies and associated desktop tools. Continuously seek to automate processes including application deployments and management using major Scripting languages such as PowerShell and batch Scripting. Provide a technical consultancy and support service to ICT support staff and to faculty ICT support staff responsible for the deployment and delivery of staff and student services, via managed roll-out projects. Manage and develop the secure configuration and deployment of tailored policies responsible for ensuring effective deployment of endpoint protection capabilities. Represent the department as a technical liaison with maintenance and service providers to resolve operational problems and to contribute to cyclical customer-supplier reviews. Function as the primary technical resource and trusted advisory for internal stakeholder engagements pertaining to endpoint hardware configuration and life cycle management, corresponding procurement activities, endpoint compliance requirements and application requirements. Create technical content and guidance documentation and deliver training courses and knowledge transfer sessions pertaining to new and improved End User Compute services. Why Join Us? Be a part of a supportive and innovative team where your ideas and contributions matter. Enjoy a competitive salary and the opportunity for professional growth. Work in a flexible, hybrid environment that values work-life balance. If you are excited about leveraging technology to improve end-user experiences and meet the qualifications listed above, we would love to hear from you! Apply today to seize this opportunity to make a real impact! Note: Applications must be submitted through the official application form available at [our client's website]. CVs will not be accepted as a substitute for the application form. Join our client in shaping the future of technology. Your journey starts here! Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.
The Company: A long-established organisation with over a century of experience in manufacturing and defense projects. With a focus on advancing engineering technology through innovative solutions, especially in the field of sustainable propulsion systems-moving from hybrid to alternative fuel technologies, including hydrogen. Their ongoing development is driven by a commitment to core values: safety, sustainability, quality, innovation, excellence, and teamwork. Overview: The IT Manager leads the delivery, security, reliability, and ongoing improvement of IT services and infrastructure, acting as the strategic link between technology and business objectives. Reporting to the Head of Finance and IT, this role oversees IT Infrastructure and Support functions, managing a team of two and ensuring seamless, secure, and scalable IT operations across the business. Key Responsibilities: People Leadership: Manage, mentor, and develop IT Infrastructure Engineer and IT Support Engineer. Oversee performance, resource planning, and foster a culture of accountability and continuous improvement. IT Operations & Service Delivery: Ensure delivery of reliable IT services that meet business SLAs. Oversee incident, problem, and change management processes, serving as an escalation point for technical issues. Infrastructure Management: Direct the design, implementation, and maintenance of on-premises, cloud, and hybrid IT infrastructure. Ensure system availability, resilience, and compliance with recovery and continuity plans. End-User Support: Drive high-quality, consistent end-user support. Oversee device life cycle, onboarding/offboarding, and enhance user satisfaction with a focus on self-service and knowledge sharing. Security & Compliance: Enforce IT security standards and compliance with policies and regulatory requirements. Oversee risk management, vulnerability patching, and audit readiness. Strategy & Budget: Develop and execute IT strategy in alignment with business goals. Manage IT budgets, vendor relationships, and prioritise technology investments. Process & Governance: Implement and maintain IT policies, procedures, and ITIL-aligned service management best practices. Track operational KPIs and optimise processes through documentation and automation. Experience: 5-10+ years' experience in IT operations or infrastructure/support; 2-5+ years in a management role Knowledge of business system/ERP implementation Experience with Cyber Essentials/Cyber Essentials Plus Experience managing infrastructure and service desk teams Strong technical knowledge (enterprise infrastructure, cloud platforms, IT support operations) Experience with ITSM frameworks (ITIL preferred), budgeting, and vendor management Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data:
02/04/2026
Full time
The Company: A long-established organisation with over a century of experience in manufacturing and defense projects. With a focus on advancing engineering technology through innovative solutions, especially in the field of sustainable propulsion systems-moving from hybrid to alternative fuel technologies, including hydrogen. Their ongoing development is driven by a commitment to core values: safety, sustainability, quality, innovation, excellence, and teamwork. Overview: The IT Manager leads the delivery, security, reliability, and ongoing improvement of IT services and infrastructure, acting as the strategic link between technology and business objectives. Reporting to the Head of Finance and IT, this role oversees IT Infrastructure and Support functions, managing a team of two and ensuring seamless, secure, and scalable IT operations across the business. Key Responsibilities: People Leadership: Manage, mentor, and develop IT Infrastructure Engineer and IT Support Engineer. Oversee performance, resource planning, and foster a culture of accountability and continuous improvement. IT Operations & Service Delivery: Ensure delivery of reliable IT services that meet business SLAs. Oversee incident, problem, and change management processes, serving as an escalation point for technical issues. Infrastructure Management: Direct the design, implementation, and maintenance of on-premises, cloud, and hybrid IT infrastructure. Ensure system availability, resilience, and compliance with recovery and continuity plans. End-User Support: Drive high-quality, consistent end-user support. Oversee device life cycle, onboarding/offboarding, and enhance user satisfaction with a focus on self-service and knowledge sharing. Security & Compliance: Enforce IT security standards and compliance with policies and regulatory requirements. Oversee risk management, vulnerability patching, and audit readiness. Strategy & Budget: Develop and execute IT strategy in alignment with business goals. Manage IT budgets, vendor relationships, and prioritise technology investments. Process & Governance: Implement and maintain IT policies, procedures, and ITIL-aligned service management best practices. Track operational KPIs and optimise processes through documentation and automation. Experience: 5-10+ years' experience in IT operations or infrastructure/support; 2-5+ years in a management role Knowledge of business system/ERP implementation Experience with Cyber Essentials/Cyber Essentials Plus Experience managing infrastructure and service desk teams Strong technical knowledge (enterprise infrastructure, cloud platforms, IT support operations) Experience with ITSM frameworks (ITIL preferred), budgeting, and vendor management Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data:
This role has a starting salary of £70,975 per annum, for working 36 hours per week. We are excited to be recruiting a Chief Information Security Officer to join our fantastic team based at Woodhatch Place in Reigate. We offer a hybrid working model with a minimum of two office days per week. Our Offer to You 26 days' holiday, rising to 28 days after 2 years' service and 31 days after 5 years' service (prorated for part time staff) Option to buy up to 10 days of additional annual leave A generous local government salary related pension Up to 5 days of carer's leave and 2 paid volunteering days per year Paternity, adoption and dependents leave An Employee Assistance Programme (EAP) to support health and wellbeing Learning and development hub where you can access a wealth of resources Wellbeing and lifestyle discounts including gym, travel, and shoppingA chance to make a real difference to the lives of our residents. About the Role In this senior leadership role, you will own and drive cyber security strategy, governance and operational resilience across Surrey County Council's complex hybrid environment. Your typical week will include: Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/monitoring, and vulnerability management priorities. Setting clear security expectations and driving cultural change across service owners, technical teams and leadership groups. Developing and maintaining cyber policies, standards and evidence based reporting. This is a hands-on leadership role where strategic thinking and operational decision-making are equally important. You will hold line management responsibility for the cyber security function, including analysts or virtual team members through matrix management, and provide leadership and direction across IT&D and supplier teams. Within your first 12-18 months, you will be expected to lead or significantly contribute to: Delivery of a refreshed cyber security strategy and multi year improvement roadmap Establishment of strengthened cyber governance, including improved reporting, risk tracking and decision making structures Implementation of a formal cyber exercising programme (tabletop and technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. You will directly shape the council's ability to manage and reduce cyber risk, influence technology and service design decisions, and embed a cyber aware culture across one of the UK's largest local government environments. With a dedicated investment programme to drive security improvements, you will have a significant opportunity to transform how the organisation protects its people, data and systems. Your Application In order to be considered for shortlisting, your application will clearly evidence the following skills and align with our behaviours: Significant senior cyber security leadership experience in a complex organisation Strong capability to operate strategically and hands on, delivering measurable security improvements Deep understanding of cyber risk management, governance and assurance frameworks Proven experience leading cyber incidents, including response coordination and exercising Excellent communication and stakeholder influence skills across technical and non technical groups Familiarity with NCSC aligned approaches and/or frameworks such as NIST CSF Relevant professional qualifications such as CISSP or CISM To apply, we request that you submit a CV and you will be asked the following 4 questions: What steps would you take in your first few months to understand our cyber risks and priorities? Can you describe a complex cyber incident you have led, including how you coordinated the response and what improvements were implemented afterwards? How do you balance strategic cyber security planning with hands on delivery to ensure both long term resilience and quick, tactical gains? Which cyber security governance or risk management frameworks (e.g., NCSC CAF, NIST CSF) have you implemented, and how have they influenced decision making and assurance in your previous organisations? The job advert closes at 23:59 on 12/04/2026 with interviews planned shortly afterwards. Local Government Reorganisation (LGR) Surrey County Council is undergoing Local Government Reorganisation, moving from a two-tier system to two new unitary councils in April 2027. If you are employed by Surrey on 1st April 2027, your role will transfer with current terms and conditions to one of the new organisations, supporting local devolution and greater powers for our communities. Join our dynamic team and shape the future of local government. Make a lasting impact with innovative solutions and improved services for our community. Help us build a brighter future for our residents! Our Commitment We are a disability confident employer which means if you have shared a disability on your application form and have evidenced you meet the minimum criteria, we guarantee you an interview. Your skills and experience truly matter to us. From application to your first day, we're committed to supporting you with any adjustments you need, we value inclusion and warmly welcome you to join and help build a workplace where everyone be
02/04/2026
Full time
This role has a starting salary of £70,975 per annum, for working 36 hours per week. We are excited to be recruiting a Chief Information Security Officer to join our fantastic team based at Woodhatch Place in Reigate. We offer a hybrid working model with a minimum of two office days per week. Our Offer to You 26 days' holiday, rising to 28 days after 2 years' service and 31 days after 5 years' service (prorated for part time staff) Option to buy up to 10 days of additional annual leave A generous local government salary related pension Up to 5 days of carer's leave and 2 paid volunteering days per year Paternity, adoption and dependents leave An Employee Assistance Programme (EAP) to support health and wellbeing Learning and development hub where you can access a wealth of resources Wellbeing and lifestyle discounts including gym, travel, and shoppingA chance to make a real difference to the lives of our residents. About the Role In this senior leadership role, you will own and drive cyber security strategy, governance and operational resilience across Surrey County Council's complex hybrid environment. Your typical week will include: Leading cyber risk management, governance forums and assurance activity across IT&D, ensuring risks are identified, assessed and clearly reported to senior stakeholders. Overseeing incident preparedness and live response, including coordination with suppliers, IT operations and information governance. Providing expert direction on security technologies, control effectiveness, logging/monitoring, and vulnerability management priorities. Setting clear security expectations and driving cultural change across service owners, technical teams and leadership groups. Developing and maintaining cyber policies, standards and evidence based reporting. This is a hands-on leadership role where strategic thinking and operational decision-making are equally important. You will hold line management responsibility for the cyber security function, including analysts or virtual team members through matrix management, and provide leadership and direction across IT&D and supplier teams. Within your first 12-18 months, you will be expected to lead or significantly contribute to: Delivery of a refreshed cyber security strategy and multi year improvement roadmap Establishment of strengthened cyber governance, including improved reporting, risk tracking and decision making structures Implementation of a formal cyber exercising programme (tabletop and technical) across IT&D, information governance and key suppliers Measurable improvements in vulnerability management, logging/monitoring coverage and supplier assurance Significant uplift in incident response maturity, including documentation of playbooks, interfaces and recovery expectations. This role is central to strengthening the resilience of essential public services. You will directly shape the council's ability to manage and reduce cyber risk, influence technology and service design decisions, and embed a cyber aware culture across one of the UK's largest local government environments. With a dedicated investment programme to drive security improvements, you will have a significant opportunity to transform how the organisation protects its people, data and systems. Your Application In order to be considered for shortlisting, your application will clearly evidence the following skills and align with our behaviours: Significant senior cyber security leadership experience in a complex organisation Strong capability to operate strategically and hands on, delivering measurable security improvements Deep understanding of cyber risk management, governance and assurance frameworks Proven experience leading cyber incidents, including response coordination and exercising Excellent communication and stakeholder influence skills across technical and non technical groups Familiarity with NCSC aligned approaches and/or frameworks such as NIST CSF Relevant professional qualifications such as CISSP or CISM To apply, we request that you submit a CV and you will be asked the following 4 questions: What steps would you take in your first few months to understand our cyber risks and priorities? Can you describe a complex cyber incident you have led, including how you coordinated the response and what improvements were implemented afterwards? How do you balance strategic cyber security planning with hands on delivery to ensure both long term resilience and quick, tactical gains? Which cyber security governance or risk management frameworks (e.g., NCSC CAF, NIST CSF) have you implemented, and how have they influenced decision making and assurance in your previous organisations? The job advert closes at 23:59 on 12/04/2026 with interviews planned shortly afterwards. Local Government Reorganisation (LGR) Surrey County Council is undergoing Local Government Reorganisation, moving from a two-tier system to two new unitary councils in April 2027. If you are employed by Surrey on 1st April 2027, your role will transfer with current terms and conditions to one of the new organisations, supporting local devolution and greater powers for our communities. Join our dynamic team and shape the future of local government. Make a lasting impact with innovative solutions and improved services for our community. Help us build a brighter future for our residents! Our Commitment We are a disability confident employer which means if you have shared a disability on your application form and have evidenced you meet the minimum criteria, we guarantee you an interview. Your skills and experience truly matter to us. From application to your first day, we're committed to supporting you with any adjustments you need, we value inclusion and warmly welcome you to join and help build a workplace where everyone be
Your New CompanyYou will be joining an organisation that delivers complex hosted solutions across both private and public cloud environments. The company continues to invest in its people, its technology stack and its hosted services, with a strong commitment to developing talent and promoting clear career progression. From your first day, you will be supported by knowledgeable colleagues who are passionate about helping you grow, whether that is through building new technical capability, stepping into leadership opportunities or shaping your long-term career path. Your New RoleThis is a permanent position, predominantly working from home with occasional team/ project meetings in Surrey - your home working location can be flexible, as long as you are able to attend meetings as needed. We are looking for a System Administrator Team Leader who will lead a team of experienced System Administrators who are responsible for delivering secure, high-performing and compliant hosted solutions. You will oversee the administration and enhancement of services across private and public cloud platforms, ensuring availability and performance against agreed SLAs. A key part of the role will involve providing guidance, coaching and mentoring to your team while managing day-to-day activities, performance reviews and task allocation. You will play a significant role in small to medium technical projects and act as a vital link between technical teams, non-technical stakeholders and customers. You will take ownership of infrastructure design, optimisation and maintenance while ensuring that all hosted environments operate reliably and efficiently. This includes monitoring performance, implementing disaster recovery and failover strategies, maintaining robust redundancy and proactively resolving issues before they impact service levels. You will manage the presentation tier using Citrix NetScaler and oversee technologies such as Citrix Virtual Apps, Remote Desktop Services and Azure Virtual Desktop to ensure a seamless experience for end users. In addition, you will administer Windows Server environments across private and public cloud platforms, handling deployments, configurations, GPO management and advanced troubleshooting. You will ensure the organisation maintains strong security and compliance standards by managing firewalls, encryption, access controls, audits, vulnerability assessments and patching. You will also use SCCM for software deployments and compliance monitoring and take responsibility for effective backup management. A further aspect of the role includes developing and maintaining automation processes using PowerShell and other tools such as Ansible to streamline workflows and improve operational efficiency. You will also maintain comprehensive documentation relating to configurations, procedures and troubleshooting, and work collaboratively with cross-functional teams and clients to design and deliver tailored hosted solutions. What You'll Need to SucceedTo succeed in this role, you will demonstrate a strong track record as a Sys Admin - technically hands-on, with previous experience of leading a small team. You will have previous experience delivering hosted services across hybrid infrastructures with strong knowledge relating to Citrix NetScaler, Citrix Virtual Apps, RDS, AVD, Azure, SQL Clustering and SSL certificate management, combined with deep knowledge of Windows Server administration, Active Directory, Group Policy and DNS. You will be confident in handling advanced troubleshooting, system hardening and complex network issues. Experience using SCCM in multi-tenant or cloud-hosted environments will be essential, along with advanced PowerShell scripting skills. Exposure to monitoring tools such as Zabbix or PRTG will also be highly beneficial. Success in this position also calls for excellent communication skills, strong stakeholder engagement and a consultative approach that helps build trust and influence outcomes. You will have a proven ability to deliver customer-focused solutions, manage multiple competing priorities and maintain a high level of accuracy and attention to detail. You will bring strong time management, professionalism and a genuine commitment to service excellence, combined with the ability to form positive, productive working relationships. What You'll Get in ReturnSalary up to 54,000 (some flexibility with this for the right person), home and a comprehensive benefits package (details TBC shortly), along with the opportunity to work in a forward-thinking environment committed to innovation, professional development and continuous improvement. You will be joining a team that values collaboration and supports your career growth. What You Need to Do NowIf you are interested in this role, please apply with an up-to-date CV. If this role isn't quite right for you, but you are exploring new opportunities within Infrastructure or Cloud technology, please get in touch to discuss your next step. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
02/04/2026
Full time
Your New CompanyYou will be joining an organisation that delivers complex hosted solutions across both private and public cloud environments. The company continues to invest in its people, its technology stack and its hosted services, with a strong commitment to developing talent and promoting clear career progression. From your first day, you will be supported by knowledgeable colleagues who are passionate about helping you grow, whether that is through building new technical capability, stepping into leadership opportunities or shaping your long-term career path. Your New RoleThis is a permanent position, predominantly working from home with occasional team/ project meetings in Surrey - your home working location can be flexible, as long as you are able to attend meetings as needed. We are looking for a System Administrator Team Leader who will lead a team of experienced System Administrators who are responsible for delivering secure, high-performing and compliant hosted solutions. You will oversee the administration and enhancement of services across private and public cloud platforms, ensuring availability and performance against agreed SLAs. A key part of the role will involve providing guidance, coaching and mentoring to your team while managing day-to-day activities, performance reviews and task allocation. You will play a significant role in small to medium technical projects and act as a vital link between technical teams, non-technical stakeholders and customers. You will take ownership of infrastructure design, optimisation and maintenance while ensuring that all hosted environments operate reliably and efficiently. This includes monitoring performance, implementing disaster recovery and failover strategies, maintaining robust redundancy and proactively resolving issues before they impact service levels. You will manage the presentation tier using Citrix NetScaler and oversee technologies such as Citrix Virtual Apps, Remote Desktop Services and Azure Virtual Desktop to ensure a seamless experience for end users. In addition, you will administer Windows Server environments across private and public cloud platforms, handling deployments, configurations, GPO management and advanced troubleshooting. You will ensure the organisation maintains strong security and compliance standards by managing firewalls, encryption, access controls, audits, vulnerability assessments and patching. You will also use SCCM for software deployments and compliance monitoring and take responsibility for effective backup management. A further aspect of the role includes developing and maintaining automation processes using PowerShell and other tools such as Ansible to streamline workflows and improve operational efficiency. You will also maintain comprehensive documentation relating to configurations, procedures and troubleshooting, and work collaboratively with cross-functional teams and clients to design and deliver tailored hosted solutions. What You'll Need to SucceedTo succeed in this role, you will demonstrate a strong track record as a Sys Admin - technically hands-on, with previous experience of leading a small team. You will have previous experience delivering hosted services across hybrid infrastructures with strong knowledge relating to Citrix NetScaler, Citrix Virtual Apps, RDS, AVD, Azure, SQL Clustering and SSL certificate management, combined with deep knowledge of Windows Server administration, Active Directory, Group Policy and DNS. You will be confident in handling advanced troubleshooting, system hardening and complex network issues. Experience using SCCM in multi-tenant or cloud-hosted environments will be essential, along with advanced PowerShell scripting skills. Exposure to monitoring tools such as Zabbix or PRTG will also be highly beneficial. Success in this position also calls for excellent communication skills, strong stakeholder engagement and a consultative approach that helps build trust and influence outcomes. You will have a proven ability to deliver customer-focused solutions, manage multiple competing priorities and maintain a high level of accuracy and attention to detail. You will bring strong time management, professionalism and a genuine commitment to service excellence, combined with the ability to form positive, productive working relationships. What You'll Get in ReturnSalary up to 54,000 (some flexibility with this for the right person), home and a comprehensive benefits package (details TBC shortly), along with the opportunity to work in a forward-thinking environment committed to innovation, professional development and continuous improvement. You will be joining a team that values collaboration and supports your career growth. What You Need to Do NowIf you are interested in this role, please apply with an up-to-date CV. If this role isn't quite right for you, but you are exploring new opportunities within Infrastructure or Cloud technology, please get in touch to discuss your next step. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Senior IT Support Engineer / security We are seeking a Senior IT Support Engineer to lead on infrastructure management, systems optimisation, and cyber security maturity. This role provides senior technical expertise, drives secure and reliable IT operations, and supports strategic digital development. Key Responsibilities Systems & Infrastructure Lead systems integration, automation, and optimisation work. Recommend technologies that improve resilience and security. Maintain documentation, configuration standards, and change control. Act as a subject matter expert in Microsoft technologies. Cyber Security Develop and deliver the organisation's cybersecurity roadmap, ensuring compliance with standards such as Cyber Essentials/Cyber Essentials Plus . Lead vulnerability assessments, threat modelling, and incident response planning. Manage and optimise security platforms including endpoint protection, identity management, Defender XDR, and Intune. Strengthen information governance and data protection. Lead security-focused change control and manage penetration testing and remediation. Essential Skills & Experience Strong background in cybersecurity. In-depth knowledge of enterprise systems and Microsoft 365 security tools (e.g., Defender XDR, Intune, IAM, compliance). Strong communication and stakeholder engagement skills. Experience with Cyber Essentials or similar frameworks. Desirable Knowledge of GDPR and data governance. Certifications such as CISSP, CISM, or Microsoft Cybersecurity Architect.
02/04/2026
Full time
Senior IT Support Engineer / security We are seeking a Senior IT Support Engineer to lead on infrastructure management, systems optimisation, and cyber security maturity. This role provides senior technical expertise, drives secure and reliable IT operations, and supports strategic digital development. Key Responsibilities Systems & Infrastructure Lead systems integration, automation, and optimisation work. Recommend technologies that improve resilience and security. Maintain documentation, configuration standards, and change control. Act as a subject matter expert in Microsoft technologies. Cyber Security Develop and deliver the organisation's cybersecurity roadmap, ensuring compliance with standards such as Cyber Essentials/Cyber Essentials Plus . Lead vulnerability assessments, threat modelling, and incident response planning. Manage and optimise security platforms including endpoint protection, identity management, Defender XDR, and Intune. Strengthen information governance and data protection. Lead security-focused change control and manage penetration testing and remediation. Essential Skills & Experience Strong background in cybersecurity. In-depth knowledge of enterprise systems and Microsoft 365 security tools (e.g., Defender XDR, Intune, IAM, compliance). Strong communication and stakeholder engagement skills. Experience with Cyber Essentials or similar frameworks. Desirable Knowledge of GDPR and data governance. Certifications such as CISSP, CISM, or Microsoft Cybersecurity Architect.
Our client, a leading organisation within the defence and advanced technology sector, is seeking a Product Cyber Security Specialist to support the delivery of secure, mission-critical systems. This role offers the opportunity to work across complex engineering programmes, contributing to the protection and resilience of advanced defence platforms. The Role As a Product Cyber Security Specialist, you will provide cyber security expertise across the full systems engineering lifecycle. Working closely with engineering and delivery teams, you will support the identification, assessment and management of cyber risks, ensuring security is embedded throughout product development. You will also contribute to the ongoing development of product cyber security capabilities, including the use of automation and emerging technologies to enhance assurance processes. Key Responsibilities Support and enhance automation of cyber security risk and vulnerability assessment activities, including the use of advanced technologies Provide cyber security expertise across the product systems engineering lifecycle Maintain and manage cyber security risk artefacts, ensuring accuracy and consistency Provide timely technical guidance to engineering and delivery teams Plan cyber security activities and contribute to project estimates and planning Support delivery of proportionate and effective cyber security approaches across programmes Contribute to the development and continuous improvement of cyber security capability Essential Requirements Degree in Engineering, Computer Science, Cyber Security, or equivalent experience Strong background in cyber security and/or engineering environments Interest in cyber security within industrial control systems or operational technology Experience working with engineering or cyber design data Awareness of industrial control systems environments Knowledge of cyber security frameworks such as NIST CSF Experience in threat modelling using frameworks such as MITRE ATT&CK, DEF3ND or EMB3D Experience in cyber security risk management Familiarity with vulnerability, patch and update management processes Desirable Skills Understanding of Secure by Design principles aligned to UK MOD standards (e.g. DEFSTAN 05-139, DEFSTAN 05-138) Familiarity with ISA/IEC 62443 Experience or certifications relating to operational technology or industrial control systems This is an opportunity to join a well-established organisation delivering advanced solutions within the defence sector. The role offers strong potential for professional development and involvement in high-impact, technically challenging programmes.
01/04/2026
Full time
Our client, a leading organisation within the defence and advanced technology sector, is seeking a Product Cyber Security Specialist to support the delivery of secure, mission-critical systems. This role offers the opportunity to work across complex engineering programmes, contributing to the protection and resilience of advanced defence platforms. The Role As a Product Cyber Security Specialist, you will provide cyber security expertise across the full systems engineering lifecycle. Working closely with engineering and delivery teams, you will support the identification, assessment and management of cyber risks, ensuring security is embedded throughout product development. You will also contribute to the ongoing development of product cyber security capabilities, including the use of automation and emerging technologies to enhance assurance processes. Key Responsibilities Support and enhance automation of cyber security risk and vulnerability assessment activities, including the use of advanced technologies Provide cyber security expertise across the product systems engineering lifecycle Maintain and manage cyber security risk artefacts, ensuring accuracy and consistency Provide timely technical guidance to engineering and delivery teams Plan cyber security activities and contribute to project estimates and planning Support delivery of proportionate and effective cyber security approaches across programmes Contribute to the development and continuous improvement of cyber security capability Essential Requirements Degree in Engineering, Computer Science, Cyber Security, or equivalent experience Strong background in cyber security and/or engineering environments Interest in cyber security within industrial control systems or operational technology Experience working with engineering or cyber design data Awareness of industrial control systems environments Knowledge of cyber security frameworks such as NIST CSF Experience in threat modelling using frameworks such as MITRE ATT&CK, DEF3ND or EMB3D Experience in cyber security risk management Familiarity with vulnerability, patch and update management processes Desirable Skills Understanding of Secure by Design principles aligned to UK MOD standards (e.g. DEFSTAN 05-139, DEFSTAN 05-138) Familiarity with ISA/IEC 62443 Experience or certifications relating to operational technology or industrial control systems This is an opportunity to join a well-established organisation delivering advanced solutions within the defence sector. The role offers strong potential for professional development and involvement in high-impact, technically challenging programmes.
Infrastructure Engineer Remote - occasional travel to Bradford, Leeds or Sheffield 45,000 + annual company bonus & benefits Our client is looking for an experienced Infrastructure Engineer to be a key technical authority responsible for the implementation, and ongoing management of the Group's IT infrastructure across both on premises and Azure cloud environment. The role requires a self-driven, proactive professional with the ability to take initiative, lead projects from concept to completion, and ensure the delivery of robust, secure, and scalable infrastructure solutions supporting business-critical systems The role is remote however occasional site visits to West Yorkshire and South Yorkshire will be required for maintenance or specific project work. Key responsibilities: Implement, and maintain hybrid infrastructure solutions (Azure + on-prem) that meet performance, security, and compliance requirements. Manage and optimise Windows Server, SQL Server, and Azure environments including Virtual Machines, Networking, Storage, Backup, and Monitoring. Maintain and secure Active Directory, Group Policy, DNS, DHCP, and Azure AD (Entra ID) synchronisation. Ensure high availability and resilience across all servers, networks, and databases supporting business-critical applications. Deliver advanced troubleshooting and root cause analysis for complex infrastructure issues. Take ownership of infrastructure projects from design through to successful delivery, ensuring clear documentation, stakeholder engagement, and post-implementation review. Maintain alignment with Cyber Essentials Plus & GDPR Implement and manage endpoint protection, patch management, and vulnerability remediation. The following skills and experience will be essential: Strong expertise in Microsoft Azure IaaS & PaaS, Active Directory, Group Policy, DNS, DHCP, Windows Server (Apply online only), and SQL Server administration Deep understanding of LAN/WAN design, VLANs, VPNs, routing, switching, and firewall management Experience with Microsoft 365, Intune, and Endpoint Manager Proven experience managing secure environments aligned with Cyber Essentials Plus or ISO 27001 Full UK drivers license
01/04/2026
Full time
Infrastructure Engineer Remote - occasional travel to Bradford, Leeds or Sheffield 45,000 + annual company bonus & benefits Our client is looking for an experienced Infrastructure Engineer to be a key technical authority responsible for the implementation, and ongoing management of the Group's IT infrastructure across both on premises and Azure cloud environment. The role requires a self-driven, proactive professional with the ability to take initiative, lead projects from concept to completion, and ensure the delivery of robust, secure, and scalable infrastructure solutions supporting business-critical systems The role is remote however occasional site visits to West Yorkshire and South Yorkshire will be required for maintenance or specific project work. Key responsibilities: Implement, and maintain hybrid infrastructure solutions (Azure + on-prem) that meet performance, security, and compliance requirements. Manage and optimise Windows Server, SQL Server, and Azure environments including Virtual Machines, Networking, Storage, Backup, and Monitoring. Maintain and secure Active Directory, Group Policy, DNS, DHCP, and Azure AD (Entra ID) synchronisation. Ensure high availability and resilience across all servers, networks, and databases supporting business-critical applications. Deliver advanced troubleshooting and root cause analysis for complex infrastructure issues. Take ownership of infrastructure projects from design through to successful delivery, ensuring clear documentation, stakeholder engagement, and post-implementation review. Maintain alignment with Cyber Essentials Plus & GDPR Implement and manage endpoint protection, patch management, and vulnerability remediation. The following skills and experience will be essential: Strong expertise in Microsoft Azure IaaS & PaaS, Active Directory, Group Policy, DNS, DHCP, Windows Server (Apply online only), and SQL Server administration Deep understanding of LAN/WAN design, VLANs, VPNs, routing, switching, and firewall management Experience with Microsoft 365, Intune, and Endpoint Manager Proven experience managing secure environments aligned with Cyber Essentials Plus or ISO 27001 Full UK drivers license
Lead the cloud risk agenda for the world's most complex and prestigious organisations Our client is a leading global Advisory firm and we are seeking a Senior Manager to join their Technology Risk & Internal Audit practice, specialising in cloud and emerging technology risk . This role sits at the intersection of cloud security, regulation, and executive advisory , supporting global clients as they navigate large-scale cloud adoption, digital transformation, and increasing regulatory scrutiny. This is a leadership role for a credible cloud authority and trusted advisor and will suit someone equally comfortable designing cloud security architectures as advising Boards and Audit Committees. In this role, you will: Lead and deliver technology risk, internal audit, and cloud security engagements across global enterprises Design, assess, and optimise cloud security architectures and control frameworks across hyperscalers Advise senior stakeholders on cloud risk, regulatory compliance, and operating model transformation Support clients across a variety of sectors, including highly regulated environments , Drive practice growth , proposition development, and client relationships Build, mentor, and lead high-performing, multi-disciplinary teams What are we looking for: Cloud & Security Deep experience across AWS, Azure, Google Cloud (plus SAP, Oracle, Alibaba, IBM Bluemix) Expertise in cloud-native security , CNAPP, data protection, network security, and vulnerability management Strong hands-on exposure to Kubernetes, Terraform, Jenkins, Prisma Cloud , and DevSecOps Technology Risk & Regulation Proven background in Technology Risk / IT Internal Audit Strong knowledge of global regulatory and compliance frameworks , including: GDPR, SOx, ISO 27001 PRA, FCA, EBA, BaFin, OCC, FFIEC, Basel, MiFID II, NIS 2, TISAX, HIPAA Ability to translate complex technical risk into clear, board-level insight Leadership & Advisory Senior Manager-level consulting experience Track record of leading teams, mentoring talent, and managing senior stakeholders Experience delivering cloud-enabled transformation, system integration, and process optimisation Familiarity with Agile, COBIT, ITIL, Lean, Six Sigma Emerging Technology Exposure to AI, automation, LLMs, and data-driven security Interest in shaping the future of cloud risk and intelligent assurance What's on offer: High-impact role with real influence over strategy and growth Work on complex, high-profile cloud and regulatory challenges Clear progression toward Director and Partner Collaborative, international environment with access to cutting-edge technology If you are a senior cloud and technology risk professional and are ready to shape the agenda, lead at scale, and build a long-term advisory caree r, then make your application now! Parker Wright Consulting is acting as an Executive Recruitment Agency with respect to this role.
01/04/2026
Full time
Lead the cloud risk agenda for the world's most complex and prestigious organisations Our client is a leading global Advisory firm and we are seeking a Senior Manager to join their Technology Risk & Internal Audit practice, specialising in cloud and emerging technology risk . This role sits at the intersection of cloud security, regulation, and executive advisory , supporting global clients as they navigate large-scale cloud adoption, digital transformation, and increasing regulatory scrutiny. This is a leadership role for a credible cloud authority and trusted advisor and will suit someone equally comfortable designing cloud security architectures as advising Boards and Audit Committees. In this role, you will: Lead and deliver technology risk, internal audit, and cloud security engagements across global enterprises Design, assess, and optimise cloud security architectures and control frameworks across hyperscalers Advise senior stakeholders on cloud risk, regulatory compliance, and operating model transformation Support clients across a variety of sectors, including highly regulated environments , Drive practice growth , proposition development, and client relationships Build, mentor, and lead high-performing, multi-disciplinary teams What are we looking for: Cloud & Security Deep experience across AWS, Azure, Google Cloud (plus SAP, Oracle, Alibaba, IBM Bluemix) Expertise in cloud-native security , CNAPP, data protection, network security, and vulnerability management Strong hands-on exposure to Kubernetes, Terraform, Jenkins, Prisma Cloud , and DevSecOps Technology Risk & Regulation Proven background in Technology Risk / IT Internal Audit Strong knowledge of global regulatory and compliance frameworks , including: GDPR, SOx, ISO 27001 PRA, FCA, EBA, BaFin, OCC, FFIEC, Basel, MiFID II, NIS 2, TISAX, HIPAA Ability to translate complex technical risk into clear, board-level insight Leadership & Advisory Senior Manager-level consulting experience Track record of leading teams, mentoring talent, and managing senior stakeholders Experience delivering cloud-enabled transformation, system integration, and process optimisation Familiarity with Agile, COBIT, ITIL, Lean, Six Sigma Emerging Technology Exposure to AI, automation, LLMs, and data-driven security Interest in shaping the future of cloud risk and intelligent assurance What's on offer: High-impact role with real influence over strategy and growth Work on complex, high-profile cloud and regulatory challenges Clear progression toward Director and Partner Collaborative, international environment with access to cutting-edge technology If you are a senior cloud and technology risk professional and are ready to shape the agenda, lead at scale, and build a long-term advisory caree r, then make your application now! Parker Wright Consulting is acting as an Executive Recruitment Agency with respect to this role.
Applications Operations Analyst - LondonPermanent Hybrid Working Competitive Salary An international law firm is seeking an experienced Applications Operations Analyst to join its London office. This is a fantastic opportunity to play a key role in maintaining and improving the performance, security, and reliability of enterprise applications across a dynamic and fast-paced professional services environment. Reporting to the Manager of Applications Operations, the successful candidate will be responsible for day-to-day system support, patching, monitoring, and troubleshooting, while also contributing to process improvement, documentation, and integration stability. The role involves close collaboration with infrastructure, security, and business teams to ensure seamless application performance and user experience. Key Responsibilities: Perform system maintenance, patching, and upgrades in line with change management procedures Monitor application health and performance, proactively resolving issues Manage user access controls and support security audits Respond to incidents and service requests within SLA targets Support application deployments, integrations, and configuration changes Maintain documentation, runbooks, and support knowledge base articles Identify opportunities for automation and process optimisation Track and report on KPIs, system uptime, and user engagement metrics Collaborate with cross-functional teams to support scalability and performance tuning Ideal Candidate Profile: 3+ years of experience in enterprise application support or IT operations Strong troubleshooting and analytical skills Familiarity with ITSM platforms (e.g., ServiceNow) and monitoring tools Understanding of access management, patching, and vulnerability remediation Exposure to ITIL practices and professional services environments Experience with documentation tools and scripting (e.g., PowerShell, Python) Relevant certifications (e.g., ITIL Foundation) preferred It offers the chance to work within a collaborative team and contribute to the ongoing improvement of critical business systems. To express interest or learn more, please get in touch directly. Due to the high volume of applications, we are not able to respond to all enquiries. If you have not received a response within 72 hours, please assume you have not been shortlisted at this stage, however thank you for taking the time to apply. Ryder Reid Legal is a recruitment specialist. For over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies.
01/04/2026
Full time
Applications Operations Analyst - LondonPermanent Hybrid Working Competitive Salary An international law firm is seeking an experienced Applications Operations Analyst to join its London office. This is a fantastic opportunity to play a key role in maintaining and improving the performance, security, and reliability of enterprise applications across a dynamic and fast-paced professional services environment. Reporting to the Manager of Applications Operations, the successful candidate will be responsible for day-to-day system support, patching, monitoring, and troubleshooting, while also contributing to process improvement, documentation, and integration stability. The role involves close collaboration with infrastructure, security, and business teams to ensure seamless application performance and user experience. Key Responsibilities: Perform system maintenance, patching, and upgrades in line with change management procedures Monitor application health and performance, proactively resolving issues Manage user access controls and support security audits Respond to incidents and service requests within SLA targets Support application deployments, integrations, and configuration changes Maintain documentation, runbooks, and support knowledge base articles Identify opportunities for automation and process optimisation Track and report on KPIs, system uptime, and user engagement metrics Collaborate with cross-functional teams to support scalability and performance tuning Ideal Candidate Profile: 3+ years of experience in enterprise application support or IT operations Strong troubleshooting and analytical skills Familiarity with ITSM platforms (e.g., ServiceNow) and monitoring tools Understanding of access management, patching, and vulnerability remediation Exposure to ITIL practices and professional services environments Experience with documentation tools and scripting (e.g., PowerShell, Python) Relevant certifications (e.g., ITIL Foundation) preferred It offers the chance to work within a collaborative team and contribute to the ongoing improvement of critical business systems. To express interest or learn more, please get in touch directly. Due to the high volume of applications, we are not able to respond to all enquiries. If you have not received a response within 72 hours, please assume you have not been shortlisted at this stage, however thank you for taking the time to apply. Ryder Reid Legal is a recruitment specialist. For over thirty years we've been connecting legal talent with many of the leading law firms in London and internationally. Follow our LinkedIn page for the latest vacancies.
Lead Application Security Engineer Bristol or London - 3 days a week on site £100,000 + great benefits An impressive financial services business is looking to hire a Lead Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Lead Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Lead Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. This is very much a play-manager role with the Lead Application Security Engineer being hands on day to day but also providing support and guidance to the rest of AppSec team Lead Application Security Engineer- Duties and Responsibilities The successful Lead Cloud Security Engineer will have responsibilities covering: Team Leadership Support the existing team, providing mentoring and fostering a collaborative team environment Take pragmatic risk-based approach to supporting the wider technology teams with the SDLC Foster strong relationships with engineering, architecture, platform and platform management to provide practical risk appropriate guidance Set the priorities for the AppSec team to make sure that the delivery of the AppSec services is impactful Application Security Technical Authority Act as the SME and for application security in the business and ensure that security controls are adopted early into the CI/CD pipelines Own and run the DAST, SAST and other AppSec tooling to ensure effective coverage across all in scope applications Create, roll out and maintain secure development practices and standards including threat modelling, secure coding practices for all applications and APIs Collaborate with the Vulnerability Engineering Lead to support the identifications, triages, and remediation programs in alignment with risk appetite, appropriate prioritisation and agreed SLAs Lead Application Security Engineer - Your Background The ideal Lead Application Security Engineer will have: Experience in a similar role, in both responsibility and scale Proven experience in Software Security Development or Application Security Proven experience in leading/coaching a team Hands on experience with implementing and operating AppSec tooling eg SAT and DAST, secret managements, and SCA Extensive experiences of integrating security into the CI/CD pipeline eg using AWS DevOps or GitHub Strong history of secure coding practices, threat modelling and vulnerability management in production Strong understanding of modern software development practices If this sounds like the role for you, hit the apply button NOW! We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs. Please click the apply button now or contact Abigail Moss for more information
01/04/2026
Full time
Lead Application Security Engineer Bristol or London - 3 days a week on site £100,000 + great benefits An impressive financial services business is looking to hire a Lead Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Lead Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Lead Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. This is very much a play-manager role with the Lead Application Security Engineer being hands on day to day but also providing support and guidance to the rest of AppSec team Lead Application Security Engineer- Duties and Responsibilities The successful Lead Cloud Security Engineer will have responsibilities covering: Team Leadership Support the existing team, providing mentoring and fostering a collaborative team environment Take pragmatic risk-based approach to supporting the wider technology teams with the SDLC Foster strong relationships with engineering, architecture, platform and platform management to provide practical risk appropriate guidance Set the priorities for the AppSec team to make sure that the delivery of the AppSec services is impactful Application Security Technical Authority Act as the SME and for application security in the business and ensure that security controls are adopted early into the CI/CD pipelines Own and run the DAST, SAST and other AppSec tooling to ensure effective coverage across all in scope applications Create, roll out and maintain secure development practices and standards including threat modelling, secure coding practices for all applications and APIs Collaborate with the Vulnerability Engineering Lead to support the identifications, triages, and remediation programs in alignment with risk appetite, appropriate prioritisation and agreed SLAs Lead Application Security Engineer - Your Background The ideal Lead Application Security Engineer will have: Experience in a similar role, in both responsibility and scale Proven experience in Software Security Development or Application Security Proven experience in leading/coaching a team Hands on experience with implementing and operating AppSec tooling eg SAT and DAST, secret managements, and SCA Extensive experiences of integrating security into the CI/CD pipeline eg using AWS DevOps or GitHub Strong history of secure coding practices, threat modelling and vulnerability management in production Strong understanding of modern software development practices If this sounds like the role for you, hit the apply button NOW! We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs. Please click the apply button now or contact Abigail Moss for more information
Lead Application Security Engineer Bristol or London - 3 days a week on site £100,000 + great benefits An impressive financial services business is looking to hire a Lead Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Lead Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Lead Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. This is very much a play-manager role with the Lead Application Security Engineer being hands on day to day but also providing support and guidance to the rest of AppSec team Lead Application Security Engineer- Duties and Responsibilities The successful Lead Cloud Security Engineer will have responsibilities covering: Team Leadership Support the existing team, providing mentoring and fostering a collaborative team environment Take pragmatic risk-based approach to supporting the wider technology teams with the SDLC Foster strong relationships with engineering, architecture, platform and platform management to provide practical risk appropriate guidance Set the priorities for the AppSec team to make sure that the delivery of the AppSec services is impactful Application Security Technical Authority Act as the SME and for application security in the business and ensure that security controls are adopted early into the CI/CD pipelines Own and run the DAST, SAST and other AppSec tooling to ensure effective coverage across all in scope applications Create, roll out and maintain secure development practices and standards including threat modelling, secure coding practices for all applications and APIs Collaborate with the Vulnerability Engineering Lead to support the identifications, triages, and remediation programs in alignment with risk appetite, appropriate prioritisation and agreed SLAs Lead Application Security Engineer - Your Background The ideal Lead Application Security Engineer will have: Experience in a similar role, in both responsibility and scale Proven experience in Software Security Development or Application Security Proven experience in leading/coaching a team Hands on experience with implementing and operating AppSec tooling eg SAT and DAST, secret managements, and SCA Extensive experiences of integrating security into the CI/CD pipeline eg using AWS DevOps or GitHub Strong history of secure coding practices, threat modelling and vulnerability management in production Strong understanding of modern software development practices If this sounds like the role for you, hit the apply button NOW! We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs. Please click the apply button now or contact Abigail Moss for more information
01/04/2026
Full time
Lead Application Security Engineer Bristol or London - 3 days a week on site £100,000 + great benefits An impressive financial services business is looking to hire a Lead Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Lead Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Lead Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. This is very much a play-manager role with the Lead Application Security Engineer being hands on day to day but also providing support and guidance to the rest of AppSec team Lead Application Security Engineer- Duties and Responsibilities The successful Lead Cloud Security Engineer will have responsibilities covering: Team Leadership Support the existing team, providing mentoring and fostering a collaborative team environment Take pragmatic risk-based approach to supporting the wider technology teams with the SDLC Foster strong relationships with engineering, architecture, platform and platform management to provide practical risk appropriate guidance Set the priorities for the AppSec team to make sure that the delivery of the AppSec services is impactful Application Security Technical Authority Act as the SME and for application security in the business and ensure that security controls are adopted early into the CI/CD pipelines Own and run the DAST, SAST and other AppSec tooling to ensure effective coverage across all in scope applications Create, roll out and maintain secure development practices and standards including threat modelling, secure coding practices for all applications and APIs Collaborate with the Vulnerability Engineering Lead to support the identifications, triages, and remediation programs in alignment with risk appetite, appropriate prioritisation and agreed SLAs Lead Application Security Engineer - Your Background The ideal Lead Application Security Engineer will have: Experience in a similar role, in both responsibility and scale Proven experience in Software Security Development or Application Security Proven experience in leading/coaching a team Hands on experience with implementing and operating AppSec tooling eg SAT and DAST, secret managements, and SCA Extensive experiences of integrating security into the CI/CD pipeline eg using AWS DevOps or GitHub Strong history of secure coding practices, threat modelling and vulnerability management in production Strong understanding of modern software development practices If this sounds like the role for you, hit the apply button NOW! We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs. Please click the apply button now or contact Abigail Moss for more information
Active Directory SME Our client, a leading global supplier for IT services, requires Active Directory SME to be based at their client's office in Wokingham, UK. This is a fully onsite role. This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Our client is seeking a skilled Windows, Active Directory, and Virtualization Engineer with strong experience across Microsoft, Azure, and VMware/Hyper-V platforms. The ideal candidate will be responsible for administering Windows Servers, managing identity services, maintaining virtualization infrastructure, and ensuring the stability, security, and performance of enterprise systems. This role requires strong troubleshooting capabilities, hands-on operational expertise, and effective collaboration with vendors and cross-functional teams. Key Responsibilities Windows Server Administration Troubleshoot operating system-related issues such as unexpected restarts, server slowness, and performance bottlenecks. Perform user and access management tasks. Handle server commissioning and decommissioning processes. Perform Windows Vulnerability Mitigation and Patch Management. Conduct backup and restoration operations using approved tools and protocols. Ensure high availability and operational stability of Windows Server environments. Active Directory & Azure Entra Management Manage Active Directory including user, group, and OU administration. Maintain and configure Group Policies (GPOs) to ensure compliance and system consistency. Perform DNS record creation , troubleshooting, and maintenance. Manage DHCP scopes, reservations, and configurations . Administer FTP services on Windows platforms. Handle SSL certificate issuance, renewal, and life cycle management . Manage Azure services, including deploying resources such as Logic Apps and related components. Virtualization (VMware/Hyper-V) Administration Maintain and monitor overall VMware infrastructure health . Perform VM creation, configuration enhancements, and resource optimization . Manage snapshots, load distribution, and day-to-day VM troubleshooting. Conduct environment health checks and performance assessments. Set up and manage HA-DRS clusters , ensuring system resilience and failover readiness. Manage vNetworking , data stores , and storage allocation. Install, configure, and onboard new ESXi/ESX hosts into the environment. Coordinate with VMware or Hyper-V vendors to resolve issues and plan upgrades. Vendor Coordination Act as the primary liaison for Microsoft, VMware, and other infrastructure vendors. Coordinate troubleshooting, escalations, and support requests. Ensure timely resolution of issues and communication with internal stakeholders. Key Requirements Essential Skills: 8+ years of experience in IT infrastructure/support environments Strong expertise in: Windows Server Administration Active Directory & Azure Entra ID DNS & DHCP VMware/Hyper-V virtualization Experience in: Patch management & vulnerability remediation Backup and restore processes SSL certificate management Strong troubleshooting and problem-solving skills Experience handling major incidents (P1/P2) in enterprise environments Ability to: Restore critical services quickly and safely Work with cross-functional technical teams Perform root cause analysis (RCA) and incident reviews Strong communication and stakeholder management skills Desirable Skills: Experience in enterprise/utility/regulated environments Strong understanding of infrastructure, networking, and security best practices Vendor management and coordination experience Proactive mindset with focus on continuous improvement Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
01/04/2026
Contractor
Active Directory SME Our client, a leading global supplier for IT services, requires Active Directory SME to be based at their client's office in Wokingham, UK. This is a fully onsite role. This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Our client is seeking a skilled Windows, Active Directory, and Virtualization Engineer with strong experience across Microsoft, Azure, and VMware/Hyper-V platforms. The ideal candidate will be responsible for administering Windows Servers, managing identity services, maintaining virtualization infrastructure, and ensuring the stability, security, and performance of enterprise systems. This role requires strong troubleshooting capabilities, hands-on operational expertise, and effective collaboration with vendors and cross-functional teams. Key Responsibilities Windows Server Administration Troubleshoot operating system-related issues such as unexpected restarts, server slowness, and performance bottlenecks. Perform user and access management tasks. Handle server commissioning and decommissioning processes. Perform Windows Vulnerability Mitigation and Patch Management. Conduct backup and restoration operations using approved tools and protocols. Ensure high availability and operational stability of Windows Server environments. Active Directory & Azure Entra Management Manage Active Directory including user, group, and OU administration. Maintain and configure Group Policies (GPOs) to ensure compliance and system consistency. Perform DNS record creation , troubleshooting, and maintenance. Manage DHCP scopes, reservations, and configurations . Administer FTP services on Windows platforms. Handle SSL certificate issuance, renewal, and life cycle management . Manage Azure services, including deploying resources such as Logic Apps and related components. Virtualization (VMware/Hyper-V) Administration Maintain and monitor overall VMware infrastructure health . Perform VM creation, configuration enhancements, and resource optimization . Manage snapshots, load distribution, and day-to-day VM troubleshooting. Conduct environment health checks and performance assessments. Set up and manage HA-DRS clusters , ensuring system resilience and failover readiness. Manage vNetworking , data stores , and storage allocation. Install, configure, and onboard new ESXi/ESX hosts into the environment. Coordinate with VMware or Hyper-V vendors to resolve issues and plan upgrades. Vendor Coordination Act as the primary liaison for Microsoft, VMware, and other infrastructure vendors. Coordinate troubleshooting, escalations, and support requests. Ensure timely resolution of issues and communication with internal stakeholders. Key Requirements Essential Skills: 8+ years of experience in IT infrastructure/support environments Strong expertise in: Windows Server Administration Active Directory & Azure Entra ID DNS & DHCP VMware/Hyper-V virtualization Experience in: Patch management & vulnerability remediation Backup and restore processes SSL certificate management Strong troubleshooting and problem-solving skills Experience handling major incidents (P1/P2) in enterprise environments Ability to: Restore critical services quickly and safely Work with cross-functional technical teams Perform root cause analysis (RCA) and incident reviews Strong communication and stakeholder management skills Desirable Skills: Experience in enterprise/utility/regulated environments Strong understanding of infrastructure, networking, and security best practices Vendor management and coordination experience Proactive mindset with focus on continuous improvement Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
About the role This is a fantastic opportunity to join Southern Water's Cyber Risk & Assurance team, the organisation's second line of defence within the wider Cyber Security function. As a Cyber Risk & Assurance Analyst, you'll play a central role in helping the business understand, manage and reduce cyber risk across critical operations. You'll be responsible for developing and improving cyber risk insights in your area of specialism, driving process and tooling enhancements, and supporting stakeholders across Technology, Legal and the wider business. This is a role for someone who enjoys tackling complex problems, breaking them down into actionable solutions, and collaborating with a wide range of experts. You'll also act as a trusted advisor helping colleagues understand cyber threats, risks and controls, and supporting the wider team in embedding strong cyber risk management practices across Southern Water. What you will be responsible for: You will conduct complex cyber risk assessments, strengthen key controls, deliver clear risk insights, and drive improvements across cyber domains - all while building collaborative relationships across Technology, Security, Legal and the business. Key Responsibilities Maintain an up-to-date understanding of the cyber threat landscape, relevant regulations (including NIS1/NIS2 and GDPR), and emerging risks. Lead, plan and perform complex cyber risk assessments aligned to industry-recognised frameworks, testing the design and effectiveness of cyber controls. Produce high-quality risk assessment reports with clear, actionable conclusions that support timely risk-based decision-making. Identify and deliver improvements across domains such as identity & access management, application security, endpoint security, and network security. Work closely with stakeholders across Security, Technology, Legal, Internal Audit and the wider business to assess control gaps, prioritise remediation actions and track progress to completion. Build strong working relationships across teams to influence, support and strengthen cyber risk management practices. Drive process improvements and enhancements across the Cyber Risk & Assurance function. Additional requirements specific to the role Will work closely with both technical teams and non-technical stakeholders, requiring an ability to communicate complex concepts clearly. Must be comfortable operating in an environment with regulatory, operational and cyber security obligations. Occasional engagement with internal or external audit teams may be required. What you'll bring to the role: Essential Degree-level education or equivalent experience. Strong knowledge of cyber security and information security control best practice. Proven experience in cyber security, risk management or security assessment (10+ years, or advanced degree with 8+ years). In-depth understanding of key frameworks such as NIST (800-37, 800-30, 800-53), ISO 27001/27005, SOC 2, PCI or MITRE ATT&CK. Solid understanding of cloud models, application security, vulnerability and patch management. Experience in regulated and/or unionised environments. Excellent communication skills with the ability to simplify complex findings for senior management. Strong attention to detail and a proactive, positive, innovative mindset. Desirable GRC or security certifications (e.g., CISSP, CISM, CRISC, CISA, GCFE, GSEC, CCSP). Experience with cyber risk modelling (e.g., CyberCube, RMS, Cyence). Hands-on experience with frameworks such as ISO 27001, NIST CSF, NCSC CAF or CIS Controls. Understanding of ICS/OT environments. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation . At Southern Water, we believe diverse perspectives drive innovation. If you're passionate about making a positive impact and think you can bring value to our team, we'd love to hear from you-even if you don't tick every box. Your unique skills and experiences could be exactly what we need. Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all preemployment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
01/04/2026
Full time
About the role This is a fantastic opportunity to join Southern Water's Cyber Risk & Assurance team, the organisation's second line of defence within the wider Cyber Security function. As a Cyber Risk & Assurance Analyst, you'll play a central role in helping the business understand, manage and reduce cyber risk across critical operations. You'll be responsible for developing and improving cyber risk insights in your area of specialism, driving process and tooling enhancements, and supporting stakeholders across Technology, Legal and the wider business. This is a role for someone who enjoys tackling complex problems, breaking them down into actionable solutions, and collaborating with a wide range of experts. You'll also act as a trusted advisor helping colleagues understand cyber threats, risks and controls, and supporting the wider team in embedding strong cyber risk management practices across Southern Water. What you will be responsible for: You will conduct complex cyber risk assessments, strengthen key controls, deliver clear risk insights, and drive improvements across cyber domains - all while building collaborative relationships across Technology, Security, Legal and the business. Key Responsibilities Maintain an up-to-date understanding of the cyber threat landscape, relevant regulations (including NIS1/NIS2 and GDPR), and emerging risks. Lead, plan and perform complex cyber risk assessments aligned to industry-recognised frameworks, testing the design and effectiveness of cyber controls. Produce high-quality risk assessment reports with clear, actionable conclusions that support timely risk-based decision-making. Identify and deliver improvements across domains such as identity & access management, application security, endpoint security, and network security. Work closely with stakeholders across Security, Technology, Legal, Internal Audit and the wider business to assess control gaps, prioritise remediation actions and track progress to completion. Build strong working relationships across teams to influence, support and strengthen cyber risk management practices. Drive process improvements and enhancements across the Cyber Risk & Assurance function. Additional requirements specific to the role Will work closely with both technical teams and non-technical stakeholders, requiring an ability to communicate complex concepts clearly. Must be comfortable operating in an environment with regulatory, operational and cyber security obligations. Occasional engagement with internal or external audit teams may be required. What you'll bring to the role: Essential Degree-level education or equivalent experience. Strong knowledge of cyber security and information security control best practice. Proven experience in cyber security, risk management or security assessment (10+ years, or advanced degree with 8+ years). In-depth understanding of key frameworks such as NIST (800-37, 800-30, 800-53), ISO 27001/27005, SOC 2, PCI or MITRE ATT&CK. Solid understanding of cloud models, application security, vulnerability and patch management. Experience in regulated and/or unionised environments. Excellent communication skills with the ability to simplify complex findings for senior management. Strong attention to detail and a proactive, positive, innovative mindset. Desirable GRC or security certifications (e.g., CISSP, CISM, CRISC, CISA, GCFE, GSEC, CCSP). Experience with cyber risk modelling (e.g., CyberCube, RMS, Cyence). Hands-on experience with frameworks such as ISO 27001, NIST CSF, NCSC CAF or CIS Controls. Understanding of ICS/OT environments. Southern Water is at the forefront of transforming Britain's water industry, investing significantly to enhance resilience, sustainability, and service excellence. With £7.8bn planned investment for 2025-30, this is an unparalleled opportunity to join a business committed to delivering a generational shift in the way water services are managed. You will be joining at a time of significant change, working alongside a highly skilled leadership team with a clear vision for the future. We offer an environment where senior professionals can make a meaningful impact, influence major strategic decisions, and drive long-term value creation . At Southern Water, we believe diverse perspectives drive innovation. If you're passionate about making a positive impact and think you can bring value to our team, we'd love to hear from you-even if you don't tick every box. Your unique skills and experiences could be exactly what we need. Our Commitment to Diversity We welcome applicants from all backgrounds, identities, and experiences. We do not discriminate based on race, ethnicity, gender, sexual orientation, age, disability, religion, or any other protected characteristic. If you need reasonable adjustments during the recruitment process, please let us know. Additional information: In line with Southern Water's security requirements, successful candidates will be required to provide evidence of their identity, eligibility to work in the UK, criminal record check (DBS) and verification of their employment and/or education history for the past three years. Appointment to this role is subject to the successful completion of all preemployment checks, including security vetting. Please note that if a candidate does not meet the required security standards or fails to pass the vetting process, Southern Water reserves the right to withdraw the offer of employment. Some positions may also require higher levels of security vetting, which may involve providing additional documentation.
Senior IT Infrastructure Engineer Annual Salary: £45,000 Location: Abingdon We are seeking a Senior IT Infrastructure Engineer to work for our client based in Abingdon - This role involves the implementation and ongoing management of their IT infrastructure across both on-premises and Azure cloud environments. The ideal candidate will be a proactive professional capable of leading projects from concept to completion and ensuring the delivery of robust, secure, and scalable infrastructure solutions. Day-to-day of the role: Implement and maintain hybrid infrastructure solutions (Azure + on-prem) that meet performance, security, and compliance requirements. Manage and optimise Windows Server, SQL Server, and Azure environments including Virtual Machines, Networking, Storage, Backup, and Monitoring. Maintain and secure Active Directory, Group Policy, DNS, DHCP, and Azure AD (Entra ID) synchronisation. Ensure high availability and resilience across all servers, networks, and databases supporting business-critical applications. Deliver advanced troubleshooting and root cause analysis for complex infrastructure issues. Proactively identify opportunities for improvement, automation, and optimisation across all infrastructure areas. Maintain alignment with Cyber Essentials Plus & GDPR, implement and manage endpoint protection, patch management, and vulnerability remediation. Ensure data protection and system continuity through effective backup, disaster recovery, and business continuity planning. Automate deployment and maintenance tasks using PowerShell, Azure Automation, or equivalent tools. Maintain infrastructure observability through tools and optimise cost, performance, and utilisation of Azure and on-prem resources. Required Skills & Qualifications: 10+ years hands-on experience in IT infrastructure roles, with at least 5 years in a senior or lead capacity. Strong expertise in Microsoft Azure IaaS & PaaS, Active Directory, Group Policy, DNS, DHCP, Windows Server , and SQL Server administration. Deep understanding of LAN/WAN design, VLANs, VPNs, routing, switching, and firewall management. Experience with Microsoft 365, Intune, and Endpoint Manager. Advanced PowerShell scripting and automation skills. Proven experience managing secure environments aligned with Cyber Essentials Plus or ISO 27001. Ability to work independently, prioritise effectively, and deliver projects to completion with minimal supervision. Degree in Computer Science, Information Technology, or equivalent experience. Desirable certifications include Microsoft Certified: Azure Administrator Associate (AZ-104) or Azure Solutions Architect Expert (AZ-305), MCSE, CompTIA Network+, ITIL Foundation. If you are interested in this position please apply online or for more information please contact me on
01/04/2026
Full time
Senior IT Infrastructure Engineer Annual Salary: £45,000 Location: Abingdon We are seeking a Senior IT Infrastructure Engineer to work for our client based in Abingdon - This role involves the implementation and ongoing management of their IT infrastructure across both on-premises and Azure cloud environments. The ideal candidate will be a proactive professional capable of leading projects from concept to completion and ensuring the delivery of robust, secure, and scalable infrastructure solutions. Day-to-day of the role: Implement and maintain hybrid infrastructure solutions (Azure + on-prem) that meet performance, security, and compliance requirements. Manage and optimise Windows Server, SQL Server, and Azure environments including Virtual Machines, Networking, Storage, Backup, and Monitoring. Maintain and secure Active Directory, Group Policy, DNS, DHCP, and Azure AD (Entra ID) synchronisation. Ensure high availability and resilience across all servers, networks, and databases supporting business-critical applications. Deliver advanced troubleshooting and root cause analysis for complex infrastructure issues. Proactively identify opportunities for improvement, automation, and optimisation across all infrastructure areas. Maintain alignment with Cyber Essentials Plus & GDPR, implement and manage endpoint protection, patch management, and vulnerability remediation. Ensure data protection and system continuity through effective backup, disaster recovery, and business continuity planning. Automate deployment and maintenance tasks using PowerShell, Azure Automation, or equivalent tools. Maintain infrastructure observability through tools and optimise cost, performance, and utilisation of Azure and on-prem resources. Required Skills & Qualifications: 10+ years hands-on experience in IT infrastructure roles, with at least 5 years in a senior or lead capacity. Strong expertise in Microsoft Azure IaaS & PaaS, Active Directory, Group Policy, DNS, DHCP, Windows Server , and SQL Server administration. Deep understanding of LAN/WAN design, VLANs, VPNs, routing, switching, and firewall management. Experience with Microsoft 365, Intune, and Endpoint Manager. Advanced PowerShell scripting and automation skills. Proven experience managing secure environments aligned with Cyber Essentials Plus or ISO 27001. Ability to work independently, prioritise effectively, and deliver projects to completion with minimal supervision. Degree in Computer Science, Information Technology, or equivalent experience. Desirable certifications include Microsoft Certified: Azure Administrator Associate (AZ-104) or Azure Solutions Architect Expert (AZ-305), MCSE, CompTIA Network+, ITIL Foundation. If you are interested in this position please apply online or for more information please contact me on
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
01/04/2026
Full time
The Information Security Analyst will play a critical role in safeguarding the organisation's systems and data, ensuring compliance with security policies and regulations. Based in Hatfield, this role is ideal for individuals passionate about the life science industry and technology. Client Details The hiring company is a medium-sized organisation operating within the life science industry, with a focus on innovation and excellence in its field. The company is known for its commitment to leveraging technology to drive forward its mission. Description Implement and maintain ISMS aligning with ISO27001 Ensure security controls are in-place based on ISO27001 and NIST As the regional security representative in the global Security / Technology project Lead / execute phishing campaign Conduct vulnerability assessments and implement measures to mitigate potential risks. Involve in global security operations process, analysis and escalate security alerts / tickets from global SOC team Maintain and update security policies, standards, and procedures in alignment with industry regulations. Collaborate with cross-functional teams to ensure secure system designs and implementations. Provide training and support to staff to enhance security awareness across the organisation. Profile Practical experience and understanding of ISO27001 Familiar with NIST and GDPR is preferred Solid experience in threat, risk and vulnerabilities management process Experience with security tools such as SIEM, intrusion detection systems, and endpoint protection. Strong analytical and problem-solving skills. Hold at least one security related professional certification is desirable Job Offer 24 days of holiday leave Performance-based bonus of up to 10%. Pension scheme with contributions up to 10%. Private medical insurance, life assurance, dental cover Finance support on professional certifications / memberships
Endpoint Engineer - ready for your next challenge? Do you enjoy solving complex technical problems, engineering secure and modern endpoint solutions, and working with a team who share your passion for doing things the right way? If you're excited by the idea of shaping best-in-class endpoint platforms in a highly secure Defence environment, then this could be the perfect opportunity for you. Our Endpoint Engineering team is growing within our Aerospace, Defence and Security business. You'll be joining a collaborative group of engineers who focus on high-quality design, automated testing, secure-by-design principles and modern engineering practices. We look after the delivery, configuration and management of operating systems and endpoint technologies across user devices, as well as print and scan platforms. With a strong emphasis on automation and efficiency, we use the latest technologies to develop a highly integrated, on-premises endpoint platform. Office Based in Gloucester. You will need to already hold, or be eligible to obtain, DV clearance. What you'll be doing: Delivering endpoint engineering activities including hardware and software evaluation, integration, deployment, testing and platform administration. Producing clear technical documentation to support proposals, implementation and ongoing operations. Providing third-line support and resolving incidents and requests in line with SLAs using agile toolsets like Jira. Developing and implementing automation solutions using tools such as PowerShell, Python and Ansible. Designing and maintaining automated build, test and deployment pipelines aligned with CI/CD practices. Implementing monitoring, alerting and automated remediation to enhance platform reliability and efficiency. What you'll bring: Strong experience with Microsoft Configuration Management technologies such as SCCM, SCOM and SCORCH. Knowledge of anti-malware technologies. Experience with thin client and VDI solutions. Understanding of user profile and access management, vulnerability management and print/scan services. Advanced enterprise infrastructure skills including Windows 11 and Windows Server 2025. Experience working within Agile delivery environments. It would be great if you had: Experience with automation pipelines and virtualisation. Exposure to Git version control and automated testing frameworks. Relevant technical accreditations. Understanding of Linux infrastructure management. Experience in risk analysis, risk management or risk reporting. If you're interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full time, Permanent. Location: Gloucester. Employment Type: Full time, Permanent. Location: Office based in Gloucester. Security Clearance Level: Eligible for DV Clearance. Internal Recruiter: Jane. Salary: Up to £65K. Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
01/04/2026
Full time
Endpoint Engineer - ready for your next challenge? Do you enjoy solving complex technical problems, engineering secure and modern endpoint solutions, and working with a team who share your passion for doing things the right way? If you're excited by the idea of shaping best-in-class endpoint platforms in a highly secure Defence environment, then this could be the perfect opportunity for you. Our Endpoint Engineering team is growing within our Aerospace, Defence and Security business. You'll be joining a collaborative group of engineers who focus on high-quality design, automated testing, secure-by-design principles and modern engineering practices. We look after the delivery, configuration and management of operating systems and endpoint technologies across user devices, as well as print and scan platforms. With a strong emphasis on automation and efficiency, we use the latest technologies to develop a highly integrated, on-premises endpoint platform. Office Based in Gloucester. You will need to already hold, or be eligible to obtain, DV clearance. What you'll be doing: Delivering endpoint engineering activities including hardware and software evaluation, integration, deployment, testing and platform administration. Producing clear technical documentation to support proposals, implementation and ongoing operations. Providing third-line support and resolving incidents and requests in line with SLAs using agile toolsets like Jira. Developing and implementing automation solutions using tools such as PowerShell, Python and Ansible. Designing and maintaining automated build, test and deployment pipelines aligned with CI/CD practices. Implementing monitoring, alerting and automated remediation to enhance platform reliability and efficiency. What you'll bring: Strong experience with Microsoft Configuration Management technologies such as SCCM, SCOM and SCORCH. Knowledge of anti-malware technologies. Experience with thin client and VDI solutions. Understanding of user profile and access management, vulnerability management and print/scan services. Advanced enterprise infrastructure skills including Windows 11 and Windows Server 2025. Experience working within Agile delivery environments. It would be great if you had: Experience with automation pipelines and virtualisation. Exposure to Git version control and automated testing frameworks. Relevant technical accreditations. Understanding of Linux infrastructure management. Experience in risk analysis, risk management or risk reporting. If you're interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full time, Permanent. Location: Gloucester. Employment Type: Full time, Permanent. Location: Office based in Gloucester. Security Clearance Level: Eligible for DV Clearance. Internal Recruiter: Jane. Salary: Up to £65K. Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund. Loved reading about this job and want to know more about us? Sopra Steria's Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the client's goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UK's most complex safety- and security-critical markets.
Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-TimeSummary: We are looking for a strategic and influential cyber security leader for a Group Information & Cyber Security Manager position in Leeds city centre. The main purpose of this role is to lead, develop, and continuously enhance the client's information and cyber security posture, ensuring the security, integrity and availability of all systems and data.This is a fantastic role for a highly experienced Information & Cyber leader to step into a high-visibility role that combines strategic influence, leadership, and the chance to take ownership of a company's security protocol. This role operates on a hybrid basis (2 days per week) in the Leeds city centre office with on-site parking. Key Responsibilities: Provide overall leadership for the organisation's information and cyber security function, continually strengthening the protection of systems and data to maintain confidentiality, integrity, and availability. Set the strategic vision and governance framework for all areas of cyber and information security across the Group. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security-first culture across the organisation through awareness initiatives, training programmes, and targeted education efforts. Requirements: Strong technical understanding across various security toolings, IAM, DLP, SIEM, EDR, and vulnerability management. Deep understanding of compliance frameworks including, ISO27001, NIST, GDPR, and industry best practice Collaborative leadership style with ability to influence and challenge at exec level Risk-based mindset with ability to balance security with operational and commercial needs Benefits: Salary: £85,000 - £90,000 Hybrid Working Company Pension Scheme Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
01/04/2026
Full time
Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-TimeSummary: We are looking for a strategic and influential cyber security leader for a Group Information & Cyber Security Manager position in Leeds city centre. The main purpose of this role is to lead, develop, and continuously enhance the client's information and cyber security posture, ensuring the security, integrity and availability of all systems and data.This is a fantastic role for a highly experienced Information & Cyber leader to step into a high-visibility role that combines strategic influence, leadership, and the chance to take ownership of a company's security protocol. This role operates on a hybrid basis (2 days per week) in the Leeds city centre office with on-site parking. Key Responsibilities: Provide overall leadership for the organisation's information and cyber security function, continually strengthening the protection of systems and data to maintain confidentiality, integrity, and availability. Set the strategic vision and governance framework for all areas of cyber and information security across the Group. Manage third-party providers responsible for cyber monitoring, detection, and incident response, ensuring strong performance, resilience, and effective risk control. Maintain and take ownership of the Group-wide cyber security risk register, including conducting risk assessments, threat modelling, and defining mitigation strategies. Take the lead on security incident management, ensuring timely response, clear stakeholder communication, and ongoing improvement of processes. Ensure adherence to relevant regulations and industry standards, including ISO 27001, NIST, GDPR, and the UK Data Protection Act. Promote a strong security-first culture across the organisation through awareness initiatives, training programmes, and targeted education efforts. Requirements: Strong technical understanding across various security toolings, IAM, DLP, SIEM, EDR, and vulnerability management. Deep understanding of compliance frameworks including, ISO27001, NIST, GDPR, and industry best practice Collaborative leadership style with ability to influence and challenge at exec level Risk-based mindset with ability to balance security with operational and commercial needs Benefits: Salary: £85,000 - £90,000 Hybrid Working Company Pension Scheme Role: Group Information & Cyber Security ManagerLocation: Leeds (Hybrid)Salary: £85,000 - £90,000Type: Permanent, Ful-Time Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.
Senior Security EngineerLondon (2x a week)Permanent About the Role We are exclusively partnered with a leading UK retail organisation that is currently undergoing a significant digital transformation. We are seeking a technical and hands-on Senior Security Engineer to design, implement, and operate robust security controls across a complex hybrid environment.In this role, you will bridge the gap between strategy and execution, serving as a technical authority for cloud platforms, identity systems, and endpoint security. You will collaborate closely with Network, Infrastructure, and Application teams to ensure that "secure-by-design" solutions are woven into the fabric of the entire ecosystem. Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows Servers, and Azure IaaS workloads. Data Protection: Manage the certificate lifecycle (PKI/AD CS) and implement data classification and DLP strategies using Microsoft Purview. Cloud Security Posture: Manage Azure Landing Zone security and connectivity, collaborating with Network Engineering to validate secure firewall and VPN configurations. Compliance & Risk: Support audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus, ensuring all remediation progress is tracked and documented. Essential Skills & Experience: Experience: 5-10 years in cloud or infrastructure security roles. Azure Expertise: Deep experience with Defender for Cloud, Sentinel, and Azure security configurations. Identity Mastery: Strong knowledge of Microsoft Entra ID, AD DS, RBAC, and hybrid identity security. Technical Proficiency: Hands-on experience with EDR (MDE), CSPM tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security (Terraform, Bicep) and DevSecOps practices. Scripting for automation using PowerShell or Python. Qualifications & Soft Skills Education: Bachelor's degree in Computer Science, Information Security, or equivalent experience. Certifications: Preferred certifications include AZ-500, SC-300, SC-100, or CISSP/CCSP. Attributes: An analytical mindset with the ability to remain composed under pressure during security incidents. Collaboration: Excellent communication skills to engage with diverse stakeholders across the technology organization. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
01/04/2026
Full time
Senior Security EngineerLondon (2x a week)Permanent About the Role We are exclusively partnered with a leading UK retail organisation that is currently undergoing a significant digital transformation. We are seeking a technical and hands-on Senior Security Engineer to design, implement, and operate robust security controls across a complex hybrid environment.In this role, you will bridge the gap between strategy and execution, serving as a technical authority for cloud platforms, identity systems, and endpoint security. You will collaborate closely with Network, Infrastructure, and Application teams to ensure that "secure-by-design" solutions are woven into the fabric of the entire ecosystem. Key Responsibilities Hybrid Architecture & Governance: Design and implement security controls across Azure, on-prem servers, and SaaS applications while maintaining hardening standards based on CIS and NIST benchmarks. Identity & Access Security: Define standards for Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/Hyper-V), Windows Servers, and Azure IaaS workloads. Data Protection: Manage the certificate lifecycle (PKI/AD CS) and implement data classification and DLP strategies using Microsoft Purview. Cloud Security Posture: Manage Azure Landing Zone security and connectivity, collaborating with Network Engineering to validate secure firewall and VPN configurations. Compliance & Risk: Support audit readiness for ISO 27001, PCI DSS, and Cyber Essentials Plus, ensuring all remediation progress is tracked and documented. Essential Skills & Experience: Experience: 5-10 years in cloud or infrastructure security roles. Azure Expertise: Deep experience with Defender for Cloud, Sentinel, and Azure security configurations. Identity Mastery: Strong knowledge of Microsoft Entra ID, AD DS, RBAC, and hybrid identity security. Technical Proficiency: Hands-on experience with EDR (MDE), CSPM tools, and vulnerability management platforms. Security Principles: Practical understanding of Zero Trust architecture and secure-by-design methodologies. Compliance Knowledge: Familiarity with PCI DSS, NIST, and ISO 27001 frameworks. Desirable Skills: Awareness of AWS security fundamentals (Guard Duty, KMS, IAM Identity Center). Experience with Infrastructure as Code (IaC) security (Terraform, Bicep) and DevSecOps practices. Scripting for automation using PowerShell or Python. Qualifications & Soft Skills Education: Bachelor's degree in Computer Science, Information Security, or equivalent experience. Certifications: Preferred certifications include AZ-500, SC-300, SC-100, or CISSP/CCSP. Attributes: An analytical mindset with the ability to remain composed under pressure during security incidents. Collaboration: Excellent communication skills to engage with diverse stakeholders across the technology organization. Eligo Recruitment is acting as an Employment Business in relation to this vacancy. Eligo is proud to be an equal opportunity employer dedicated to fostering diversity and creating an inclusive and equitable environment for employees and applicants. We actively celebrate and embrace differences, including but not limited to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran status, and disability. We encourage applications from individuals of all backgrounds and experiences and all will be considered for employment without discrimination. At Eligo Recruitment diversity, equity and inclusion is integral to achieving our mission to ensure every workplace reflects the richness of human diversity.
SOC Analyst (Level 2) Location: Aylesbury (Hybrid) Salary: Up to £45,000 (depending on experience) CTA are working with a Cyber Security company who are for a SOC Analyst (L2) to join their growing Security Operations Centre. This role is ideal for a junior analyst looking to build hands-on experience in monitoring, triaging, and responding to security incidents in a fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules and use cases to improve threat visibility. Threat Hunting: Proactively hunt for advanced threats and indicators of compromise across the environment. Vulnerability Management: Identify, assess, and prioritise vulnerabilities and recommend remediation actions. Security Reporting: Produce detailed reports on incidents, trends, and overall security posture. Process Improvement & Automation: Enhance SOC processes, playbooks, and automation capabilities. Skills & Experience Strong experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud) Ability to independently investigate and resolve security incidents Scripting or automation experience (e.g., Python, PowerShell) is a plus Strong communication and stakeholder management skills What You'll Be Doing Acting as an escalation point for Level 1 analysts Working closely with customers and internal teams on incident investigations Tuning detection rules and improving alert quality Staying up to date with emerging threats, vulnerabilities, and attack techniques Supporting and mentoring junior analysts Requirements UK Citizenship (required due to the nature of the role) If you are looking for a progressive move with an established Cyber company, please do send your application through for consideration.
01/04/2026
Full time
SOC Analyst (Level 2) Location: Aylesbury (Hybrid) Salary: Up to £45,000 (depending on experience) CTA are working with a Cyber Security company who are for a SOC Analyst (L2) to join their growing Security Operations Centre. This role is ideal for a junior analyst looking to build hands-on experience in monitoring, triaging, and responding to security incidents in a fast-paced, shift-based environment. Key Responsibilities Advanced Security Monitoring: Analyse SIEM alerts, logs, and security events to identify and respond to complex threats. Incident Response: Lead investigations, perform deep analysis, determine impact, and coordinate response activities. Threat Detection & Analysis: Develop and refine detection rules and use cases to improve threat visibility. Threat Hunting: Proactively hunt for advanced threats and indicators of compromise across the environment. Vulnerability Management: Identify, assess, and prioritise vulnerabilities and recommend remediation actions. Security Reporting: Produce detailed reports on incidents, trends, and overall security posture. Process Improvement & Automation: Enhance SOC processes, playbooks, and automation capabilities. Skills & Experience Strong experience with SIEM platforms (e.g., Microsoft Sentinel, Sumo Logic) Hands-on experience with EDR/XDR tools (e.g., CrowdStrike, Microsoft Defender) Solid understanding of: Incident response lifecycle Threat detection methodologies Networking protocols (TCP/IP, DNS, HTTP/S) Experience analysing logs from multiple sources (endpoints, network, cloud) Ability to independently investigate and resolve security incidents Scripting or automation experience (e.g., Python, PowerShell) is a plus Strong communication and stakeholder management skills What You'll Be Doing Acting as an escalation point for Level 1 analysts Working closely with customers and internal teams on incident investigations Tuning detection rules and improving alert quality Staying up to date with emerging threats, vulnerabilities, and attack techniques Supporting and mentoring junior analysts Requirements UK Citizenship (required due to the nature of the role) If you are looking for a progressive move with an established Cyber company, please do send your application through for consideration.
