Contract Security Engineer Jobs

Make yourself visible and let companies apply to you.

Roles

Contract Security Engineer Jobs

Overview

Find top CONTRACT Security Engineer jobs on Haystack – your go-to IT job board for flexible, high-paying contract roles. Explore the latest opportunities to secure your next contract position in cybersecurity, network security, and information security engineering. Start your search today and connect with leading employers seeking skilled Security Engineers for short-term and project-based contracts.

Filters applied

Security Engineer

Contract

Salary

Location

Remote preference

Role type

Seniority

Tech stack

Sectors

Contract type

Company size

Visa sponsorship

IT Operations and Security Analyst (6 month FTC)

IT Security and Operations Analyst35,0006-month fixed term contract - likely to go permanentSwadlincote, South Derbyshire - 4 days a week in the office, 1 day at homeOverview:Akkodis are partnering with a highly reputable business based in Swadlincote, South Derbyshire who are looking to hire a driven IT Security & Operations Analyst for an initial period of 6 months. There is a strong likelihood this would extend or become permanent.This would suit someone with experience in both IT operational support and IT or Information Security who is looking to grow into a broad role and continue to develop their skills in a fast paced but rewarding environment.This is a hybrid role requiring 4 days a week in the office, 1 day at home.Key Responsibilities:

Ensure IT infrastructure monitored and maintain the operational tasks required.

Keep documentation up to date for relevant systems as required.

Monitor Information Security Systems and services to identify security issues, configuration issues and report deviation from policies and standards.

Troubleshoot problems with services as required.

Assist in service desk tickets and operations issues.

Participate in, contribute to and support Information Security related projects and initiatives as required.

Monitor all in-place security solutions for efficient and appropriate operations.

Contribute to the collection and reporting of Information Security metrics as required.

Participate in investigations into problematic activity.

Participate in the execution of vulnerability assessments, penetration tests, and security audits.

Maintaining IT Infrastructure project tasks and supporting other IT departments with project tasks.

Experience required:

Proven experience (ideally 2+ years) working in a similar IT Operations or IT Security Analyst position.

Must be happy working in a broad role working across both IT operational support as well as IT and Information Security.

Appetite to learn and continually improve skills within a supportive team environment.

Must be local to Swadlincote and be happy in a hybrid role requiring 4 days a week in the office, 1 day at home.

Please apply ASAP to be considered.Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Senior Data Protection Officer/Data, Privacy & Technology Lead

Law Absolute Recruitment Ltd

A global, multinational organisation is seeking a Senior Data Protection Officer to join its UK-based global team (London).This is a senior, strategic role for an experienced privacy leader with a strong technology and data background, operating across complex, international environments. The role sits at the intersection of data protection, technology, cybersecurity and emerging technologies, partnering closely with senior leadership to embed compliant, responsible data use into platforms and business change.London, flexible hybrid working arrangements.The Role:

Lead the global data protection, privacy, and data governance framework

Embed Privacy by Design and Security by Design across technology platforms, systems, and data use

Provide senior oversight on DPIAs, TIAs, DSARs, incident response and regulatory engagement

Advise on AI, automation and emerging technologies, ensuring compliant and ethical use of data

Partner with technology, data, security and procurement teams on complex data flows and vendor risk

Act as a trusted advisor to executive and senior stakeholders

Ideal Candidate:

10+ years’ experience in data protection, privacy, technology, or regulatory advisory roles

Senior DPO / Head of Privacy / Data & Technology Risk background

Strong knowledge of global data protection and privacy regulations

Experience in technology-led, data-intensive environments

Commercial, pragmatic, and credible at C-suite level

Please note our advertisements use PQE/salary levels purely as a guide. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.At LAW Absolute we endeavour to respond to all applications within 48 hours. However due to the volume of applications we receive we may not be able to respond to every candidate individually.If you have not heard from us within a 48 hour timeframe your application has not been successful and your details have not been retained. LAW Absolute acts as an employment business for temporary recruitment and as an employment agency for fixed term contract and permanent recruitment.

Job Description

We are seeking a highly skilled Network Architect/Engineer to design, implement, and

maintain our complex network infrastructure. The ideal candidate will have a deep

understanding of network technologies and be able to translate business requirements into

technical solutions.

Hands on experience on Cloud technologies specially AWS Networking.

we need someone who understands need to drive independently on requirement gathering and solutioning, mostly should have exp on implementations migrations on applications.

Responsibilities:

Design, implement, and manage network infrastructure, including Extreme Switches,

F5 Load Balancers, Wireless LAN Controllers and Access Points, and Palo

Alto/Checkpoint firewalls.

Develop and maintain network architecture diagrams, documentation, and standards.

Troubleshoot network issues and implement solutions to ensure optimal network

performance and availability.

Collaborate with other IT teams to integrate network infrastructure with enterprise

applications and systems.

Stay up-to-date with emerging network technologies and industry best practices.

Provide technical guidance and mentorship to junior network engineers.

Qualifications:

Bachelors degree in Computer Science, Information Technology, or a related field.

Extensive experience with network design, implementation, and troubleshooting.

In-depth knowledge of Extreme Switches, F5 Load Balancers, Wireless LAN Controllers, and Access Points.

Strong understanding of network security concepts and experience with Palo Alto/Checkpoint firewalls.

Certifications in relevant network technologies (e.g., CCNP, CCIE, JNCIP) preferred.

Preferred Skills:

Experience with network automation and scripting (Python, Ansible, etc.).

Knowledge of cloud networking platforms (AWS, Azure, GCP).

Understanding of network virtualization technologies (SD-WAN, SDN).

Experience with network monitoring and analysis tools.

M365 Purview Compliance Design Architect

CBSbutler Holdings Limited

Job Title: M365 Purview Compliance Design ArchitectLocation: Sheffield/hybrid (3 days per week on site)Contract: 12 monthsRate: £558 per day inside ir35Role summary:We are seeking a Senior Microsoft Purview Compliance Architect to design and deliver enterprise-scale retention, records management, and eDiscovery solutions in highly regulated environments. This role will lead the definition of target-state information governance architecture, translating complex regulatory obligations into enforceable Microsoft Purview policies across Exchange, SharePoint, OneDrive, and Teams.Responsibilities:

Define target-state architecture for Purview retention, records management, and eDiscovery at enterprise scale.

Map regulatory obligations (e.g., MiFID II record-keeping, SEC/FINRA retention, GDPR lawful basis & deletion windows, UK DPA) to enforceable Purview policies.

Design event-based retention (e.g., contract execution, trade events) and immutable record scenarios; integrate with data lifecycle and disposition workflows.

Mailbox/Teams retention, SharePoint/OneDrive retention strategies, and litigation hold patterns with minimal blast radius.

Build and roll out retention labels/policies, auto-classification, trainable classifiers, adaptive scopes, and disposition reviews.

Integrate with Microsoft eDiscovery (Premium), Audit, and DLP; align with Legal Hold and case management processes.

Required Skills:

8-10+ years in Microsoft 365/Purview compliance, with proven delivery of retention and records management at enterprise scale.

Deep hands-on expertise in: Purview Information Governance, Records Management, Retention Labels/Policies, Event-based retention, Disposition reviews, eDiscovery (Premium), Litigation Hold, Audit.

Strong knowledge of Exchange/SharePoint/OneDrive/Teams data architecture and workloads

If you are interested in this role or wish to apply, please feel free to submit your CV.

ForgeRock and Ping AIC Engineer

Stackstudio Digital Ltd.

Role DetailsRole / Job Title:ForgeRock and Ping AIC EngineerWork Location:Leamington / Gaydon (2 to 3days)Role Type Permanent / Fixed Term / Contracting:ContractMode of Working Hybrid / Office Based:HybridIf Hybrid, how many days are required in office?As per business needAny Other Working Conditions travel / on call / shifts:Occasional client site travelThe RoleThis role involves the design, implementation, and management of Identity and Access Management (IAM) solutions utilizing both Ping’s Advanced Identity Software (formally known as ForgeRock) and Ping Identity’s Advanced Identity Cloud (AIC) platforms. The engineer will be responsible for ensuring the security, scalability, and reliability of these identity systems, integrating them with various applications and infrastructure, and providing technical expertise to the team and stakeholders.Your ResponsibilitiesDesign, Implementation and Deployment

Install, configure, and deploy ForgeRock and PingOne AIC components in various environments (on-premise, cloud, hybrid).

Develop custom workflows, authentication/authorization policies, and integrations using platform-specific tools and scripting languages (e.g., Java, JavaScript, Groovy).

Implement Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Federation using protocols like SAML, OAuth 2.0, and OpenID Connect.

Configure and manage directories (LDAP, Active Directory) in conjunction with the IAM platforms.

Automate deployment and configuration tasks using tools like Ansible, Terraform, or similar.

Ensure solutions are scalable, highly available, and meet security and compliance requirements.

Management and Administration

Administer and maintain the health and performance of ForgeRock and PingOne AIC environments.

Monitor system logs and performance metrics to identify and resolve issues proactively.

Perform upgrades, patching, and migrations of IAM components.

Develop and maintain runbooks and operational procedures.

Integration

Integrate ForgeRock and PingOne AIC with a wide range of applications, including web applications, mobile apps, APIs, and SaaS services.

Develop and consume RESTful APIs for IAM functionalities.

Troubleshoot integration issues and work with application teams to ensure seamless identity management.

Your ProfileEssential Skills / Knowledge / ExperienceThe candidate should have at least 3 5 years’ experience of implementing ForgeRock solutions including AM, IDM and DS as a minimum. This should include experience of implementing automated deployment and configuration for these tools. Experience of IG and PingOne AIC is desirable.Desirable Skills / Knowledge / Experience

Experience of Agile ways of working.

Windows Endpoint Infrastructure/Security Engineer PowerShell, Windows, Automation, Glasgow

Windows Endpoint Infrastructure/Security Engineer: PowerShell, Windows, Automation, GlasgowHybrid working - Glasgow offices 3 days per weekRate - NegotiableDuration - 12 month initial (very likely to extend)Client: Tier 1 Investment BankDivision: Technology - Cyber Data Risk & Resilience ContingentTeam: The Endpoint Security Team design, engineer and operate solutions that protect Desktops, Laptops, Servers and Cloud resources from malicious internal and external threats by providing additional preventative, detective and hardening controls and by enabling Real Time endpoint detection and response capabilities. Further expanding our controls to Cloud platforms (Azure/AWS) has presented an opportunity to join a growing team implementing key security controls for the firmRole Profile & ExpectationsYou will be part of a Global cross-disciplined Agile Team working towards DevOps practices within the firms Endpoint Security TeamYou will have strong Windows Infrastructure/Security knowledge and experience working in enterprise on-prem and cloud environmentsYou will have strong analytical and problem-solving abilities, coupled with excellent development, communication, and organizational skills.You will be responsible for continuously improving the quality of our technology solutions, through a range of methods including peer review, retrospectives and refactoring as requireSkillsStrong knowledge of Windows Endpoint Internals and Automation in environments of 50,000+ EndpointsExperience in Design/Engineering/Architecting new solutions from Proof of Concept to ProductionAbility to troubleshoot complex Windows environmentsCompetency with any Scripting language such as PowerShell, Python etc.By applying to this job you are sending us your CV, which may contain personal information. Please refer to our Privacy Notice to understand how we process this information. In short, in order to supply you with work finding services, we will hold and process your personal data, and only with your express permission we will share this personal data with a client (or a third party working on behalf of the client) by email or by upload to the Client/third parties vendor management system. By giving us permission to send your CV to a client, this constitutes permission to share the personal data that would be necessary to consider your application, interview you (Phone/video/face to face) and if successful hire you.Scope AT acts as an employment agency for Permanent Recruitment and an employment business for the supply of temporary workers. By applying for this job you accept the Terms and Conditions, Data Protection Policy, Privacy Notice and Disclaimers which can be found at our website.

ESN Cyber Security Governance, Assurance SME (SC Cleared)

£600,000/day - £700,600/day

RECENTLY POSTED

TECH-AGNOSTIC ROLE

Your new company Working for a renowned telecoms organisation.Your new role Working for a renowned telecoms organisation within The Emergency Services Network (ESN) team in a critical national infrastructure program and a strategic priority for the company, ensuring secure and reliable communications for Emergency Services where availability can be a matter of life or death. Security is fundamental to the ESN, requiring robust governance and assurance to maintain the confidentiality, integrity, and resilience of the network against a wide range of cyber and physical threats. As an ESN Cyber Security Governance & Assurance SME, you will help lead the delivery of security governance, compliance, and risk management across the ESN programme. This includes implementing ISO27001 - compliant security strategies, managing contractual security obligations, and ensuring adherence to frameworks such as the HMG Security Policy Framework. You will work closely with internal teams, suppliers, and customer security stakeholders to provide assurance, drive continuous improvement, and maintain confidence in the ESN’s security posture.What you’ll need to succeed

Strong experience in security governance and assurance, with a proven track record in delivering security accreditations and managing security processes.

Ability to develop and write security procedures, controls documentation, and assurance artefacts (e.g., RMADS, Security Operating Procedures).

Demonstrated expertise in security auditing and compliance activities, including producing reports and actionable recommendations.

Hands-on experience administering security processes and performing assurance activities, ideally within Central Government departments or agencies.

In-depth knowledge and practical experience with ISO27001 controls, audits, and implementation.

Experience working in public sector environments or telecommunications projects is highly desirable.

Experience working with HMG security controls.

A proactive, delivery-focused approach-this role requires someone who can “roll up their sleeves” and produce high-quality documentation, not just manage teams.

Must hold SC Clearance/ BPSS as a minimum requirement.

What you’ll get in return Flexible working options available.What you need to do now If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

Security Governance & Assurance Specialist

Cyber Security Governance & Assurance SpecialistDuration: 6 months +Location: London, on-site requirements once every 2 weeks / when required by customerSecurity Clearance requiredThe Emergency Services Network (ESN) is a major strategic priority for our client and our commitment to connect for good for our customers and our country.The Security of the ESN is key to our customer and to our Emergency Services users. Availability of the network is a matter of life or death to the Emergency Services and they have to have confidence in the confidentiality and integrity of their communications and operations.We have to build and maintain effective security controls to prevent and detect a wide range of cyber and physical threats.This job matters because it:

Contributes to the ESN Security Management Plan, ISMS and Security Processes - ensuring effective management of security within the Programme and that Contract obligations are met.

Identifies security threats to ESN and ensures the adequacy of processes and controls in place to mitigate them.

Works with other Security professionals and other teams to meet ESN security objectives.

Engages with Customer security teams, providing assurance that Security requirements are met and identifying opportunities for improvement.

In support of the above the ESN Cyber Security Governance & Assurance Specialist executes a range of workstreams in delivering contributions, ESN Programme’s and the Customer’s overall cyber security risk management program, which is designed to ensure that the technology systems and data associated with the ESN are adequately protected.The ESN Cyber Security Governance & Assurance Specialist shall:

Identify and understand all elements of contractual security obligations for the ESN Contract.

Deliver and verify the implementation of end to end security services as defined within specified the ESN contracts.

Deliver and implement ISO27001 compliant security strategies, policies, procedures, processes, threat identification & responses that provide wrap-around security services and solutions for the ESN service.

Deliver the required Security accreditation for the ESN contract.

Manage operational risks related to people, information, assets, revenues and reputation and ensure compliance with relevant security requirements, typically: the HMG Security Policy Framework, Contractual Obligations, company security and business continuity policies.

Monitor and manage third party supplier compliance to the flow-down of contractual obligations from the client.

Monitor and manage security awareness within the ESN Programme.

Skills required:Customer-Facing:

Ability to establish trusted relationships and successful partnerships with internal and external customers.

Be experienced in communicating and influencing across all levels.

Be commercially aware.

Assurance:

Ability to plan and execute assurance activities on time, budget and quality:

Plan and organise your own work effectively and meet agreed delivery targets.

Identify and assess security risks and evaluate mitigations.

Understand contractual obligations, their flow down to 3rd parties and the ability to plan and execute assurance reviews to ensure these requirements are being met.

Write assurance artefacts, reports and other documents to a high standard, supported by reliable and relevant evidence.

Operate:

Have a proven track record in security and information risk management.

Have knowledge and experience of the following: ISO27001, NIST Cyber Security Framework (CSF), National Cyber Security Centre (NCSC) and National Protective Security Authority (NPSA) Standards and Guidance.

MANDATORY experience required:

Security clearance to BPSS level as a minimum.

Be experienced in working in an information assurance role on large-scale contracts ideally for Central Government departments or agencies.

Have proven experience in the writing of assurance artefacts such as security accreditation evidence (RMADS) and Security Operating Procedures (SyOPs).

Experience of administering security processes

Experience of carrying out assurance activities and writing reports and recommendations.

Experience working with ISO27001 controls and audit

PREFERRED

Prior experience working on complex HMG contracts

Experience in auditing and security accrediations

Experience of working with Telecoms Security Act (TSA) requirements

IT security/network experience

Have a proven track record in security management (2-3 years)

Greetings We are HiringSECURITY ARCHITECT L1(Akamai WAF)Location: Leeds/Halifax/ManchesterJD covers network security skills, it’s not completely AkamaiA prior background within cyber security and a passion to continuously understand and learn the latest in cyber defences. We would like to hear how we could use this knowledge to protect our customers & colleagues.Good knowledge of DDoS, Bot and DNS protection.Solid understanding of how cyber defence is applied through the networking layers (routing/switching, IP, network protocols, firewalls, WAF)The ability to take ownership and deal with issues directly, identifying solutions to minimize blocking issues.Experience engaging and support key internal relationshipsYou will be part of the cross discipline Digital Edge & Cyber Security Team and work with other cyber professionals across Digital Cyber Security and the wider organisation, contributing to the success of the team across multiple aspects.The Digital Edge & Cyber Security team within Digital Frameworks deliver and maintain security solutions for our Enterprise and Digital Channels. Examples of what we focus on include, but not limited to; DDoS, Vulnerability management and threat intelligence, certification, ensuring layer 6 & 7 defences are one step ahead of cyber criminals.Were involved in all the incidents and threats to Lloyds cyber security to understand how we can mitigate future attacks. Looking to the future there will be a focus on Automation & Terraform! Youll also help develop and deliver cyber security solutions for the Group including critical Work with our target cloud platforms to deliver our future security software and configurations using Akamai, GCP and Azure cloud native products.What do we need to see from you?We like people who come from diverse backgrounds and bring new ways of thinking to the team. To be seriously considered and shortlisted we do need to see the follow as a minimum:A prior background within cyber security and a passion to continuously understand and learn the latest in cyber defences. We would like to hear how we could use this knowledge to protect our customers & colleagues.Good knowledge of DDoS, Bot and DNS protection. Solid understanding of how cyber defence is applied through the networking layers (routing/switching, IP, network protocols, firewalls, WAF) The ability to take ownership and deal with issues directly, identifying solutions to minimize blocking issues. Experience engaging and support key internal relationshipsThere are also some qualities we desire on top of the minimum criteria above, so if you have any of these things please let us know in your CV: Automation experience & associated coding skills in Python or similar, any knowledge of Cloud technologies, encryption & virtualisation/containerisation

Technical Project Manager

A leading telecommunications organisation is currently seeking an experienced Technical Project Manager to join their Network Services Delivery Unit. This role will lead complex technology projects and programmes, focusing on security transformation and integration across large-scale network estates. Job Details:

Start date: ASAP

Duration: Initial 6 months

Rate: 450- 510pd Inside IR35 via Umbrella

Location: London or Birmingham

Hybrid: 3 days in the office

Key Requirements:

Minimum 10+ years’ experience delivering large-scale technology projects and programmes in complex/global environments.

Strong background in network infrastructure, security products, and IT systems, ideally with exposure to identity and access management.

Experience managing end-to-end integration pipelines across network estates, including Kafka-based collection platforms and Elastic technologies.

Ability to oversee integration of multiple applications, coordinating several teams and hand-off points.

Skilled in project planning and governance, with experience delivering incrementally in hybrid environments (Agile knowledge desirable).

Proven ability to manage rigid governance frameworks, RAID logs, and financial oversight for budgets up to 5-10m.

Security (infosec and cyber) knowledge is desirable.

What you need to do now If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV. If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

Cyber Security Engineer

Senior Cyber Security Engineer (Assurance) Contract (12 months)We have an exciting opportunity for a Senior Cyber Security Engineer (Assurance) to join our Rail Infrastructure Communication and Information Systems (CIS) business.Location is flexible but face to face time on a weekly basis in Chippenham or Ashby de la Zouch, England, United Kingdom is required.Our Team and what we do:As market leaders across rail, and logistics, we are pursuing the goal of networking various transportation systems with one another to move people and goods efficiently.What will be my role?This role is for a Senior Cyber Security Engineer (Assurance) with both product & whole solution security expertise within an Operation Technology environment. The candidate shall be capable of technically specifying, leading, and consulting on Cyber Security related activities including architecture development, risk assessment, security testing and compiling assurance evidence against evolving industry standards.The Cyber Security Engineer will play a lead role across the whole delivery lifecycle from bidding to commissioning and support, including:

Security requirements management

Security risk assessment

System security zoning and protection

Development of security test strategies

The Cyber Security Engineer shall be expected to engage across the whole engineering lifecycle, working alongside product and solution development and project delivery teams. This role will help play a major part in delivering the safe and secured rail signalling and control systems, electrification, SCADA and station information & security systems that the business demands.What Qualifications, Skills and Experience do I need?

Educated to degree level (or equivalent) in an engineering, scientific or numerate discipline.

Experience in providing security engineering leadership in a demanding Operational Technology environments

Proven practical experience of applying IEC 62443 standard series.

Understanding and practical experience of applying CENELEC standards.

Preferably have at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP), or CESG Certified Professional (CCP)

Experience in mentoring and developing other engineers

Excellent communication skills and the ability to influence both internal and external stakeholders.

What will be your Responsibilities?

Engaging with our clients security teams to understand their wider security strategy, including process and assurance evidence and risk appetite.

Specification and maintenance of security requirements for projects. Support for meeting international and regional security standards and regulations (NIS, NIS2, EU CRA, IEC62443, TS 50701) in the project.

Creating efficient and clear Cyber Security Management Plans and monitoring progress against that plan (include delivery to time, budget and quality).

Developing architectures that compartmentalise systems into zones and conduits and identifying security controls required to provide adequate protection.

Planning and performing threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of organisation.

Evaluation of third-party components against product & solution security requirements

Planning and preforming threat and risk analysis and definition of countermeasures in line with risk acceptance criteria of the organisation.

Compilation and review of artefacts produced during the development and engineering process regarding product & solution security.

Verification of implementation regarding security requirements (e.g., as part of system test, factory, or site acceptance test).

Validation (e.g., penetration testing) to ensure that implementation fulfils security expectations of customers (e.g., to identify security vulnerabilities, and to evaluate the effectiveness of remediation measures).

Support to build up required competencies for product & solution security within the project team

Representing security engineering within project milestone and stage gate reviews.

Collection of security related lessons learned to feed into in continuous improvement activities

Involvement in the analysis and response to security vulnerabilities & incidents.

AML Tech Lead** (Contract)Duration: 6 Months Possibility for extension)Location: London/Hybrid (3 days per week on site)Rate: A highly competitive Umbrella Day Rate is available for suitable candidatesRole ProfileAs part of the business’s ongoing commitment to innovation and excellence in the financial sector, the Vice President - Technical Analyst (Financial Crime) plays a critical role within our specialized IT FinCrime team.This position is central to maintaining the highest standards of regulatory compliance across our global operations. The successful candidate will collaborate with a seasoned team of experts in FinCrime applications and infrastructure, ensuring that compliance requirements are seamlessly embedded into our IT systems and processes.This role offers a unique opportunity to drive meaningful impact by enhancing IT infrastructure, reducing risk, and promoting a culture of continuous improvement.Key Responsibilities:Define and drive the technical roadmap for FinCrime systems in line with regulatory and business goals. Represent IT FinCrime in governance forums and regulatory discussions. Identify and address emerging risks and opportunities in FinCrime technology. Oversee complex FinCrime technology projects, ensuring timely and compliant delivery. Provide senior-level reporting on project status, risks, and mitigation plans. Embed risk management practices across all technical initiatives. Provide 3LoD BAU support for key Transaction Monitoring applications. Lead root cause analysis and implement sustainable solutions. Support system upgrades, regression testing, and vendor evaluations (RFPs/PoCs). Collaborate with Compliance, Operations, and global stakeholders to translate regulatory needs into technical solutions. Act as a liaison between IT and Compliance / Operations teams to ensure seamless delivery. Mentor junior team members and promote a culture of continuous learning. Share knowledge and contribute to best practices within the IT FinCrime function.Skills & Experience:Must demonstrate solid experience in understanding ETL, data extraction and analysis using SQL Must demonstrate solid experience in scripting and running of Linux operating system (OS) Extensive experience in IT roles within financial services, with at least 3-5 years in Financial Crime or compliance-related functions. Proven track record in delivering complex technical projects in regulated environments. Experience supporting BAU operations for critical compliance applications. Must demonstrate solid experience in supporting / hands-on technical experience a reputable Transaction Monitoring screeningCandidates will need to show evidence of the above in their CV in order to be considered.If you feel you have the skills and experience and want to hear more about this role ‘apply now’ to declare your interest in this opportunity with our client. Your application will be observed by our dedicated team.We will respond to all successful applicants ASAP however, please be advised that we will always look to contact you further from this time should we need further applicants or if other opportunities arise relevant to your skillset.Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention

M365 Purview Compliance Design Architect

Define target-state architecture for Purview retention, records management, and eDiscovery at enterprise scale.

Map regulatory obligations (eg, MiFID II record-keeping, SEC/FINRA retention, GDPR lawful basis & deletion windows, UK DPA) to enforceable Purview policies.

Design event-based retention (eg, contract execution, trade events) and immutable record scenarios; integrate with data life cycle and disposition workflows.

Mailbox/Teams retention, SharePoint/OneDrive retention strategies, and litigation hold patterns with minimal blast radius.

Build and roll out retention labels/policies, auto-classification, trainable classifiers, adaptive scopes, and disposition reviews.

Integrate with Microsoft eDiscovery (Premium), Audit, and DLP; align with Legal Hold and case management processes.

Required Skills:

8-10+ years in Microsoft 365/Purview compliance, with proven delivery of retention and records management at enterprise scale.

Deep hands-on expertise in: Purview Information Governance, Records Management, Retention Labels/Policies, Event-based retention, Disposition reviews, eDiscovery (Premium), Litigation Hold, Audit.

Strong knowledge of Exchange/SharePoint/OneDrive/Teams data architecture and workloads

If you are interested in this role or wish to apply, please feel free to submit your CV.

Cyber Security Manager

??Cyber Security Manager | Contract | 6 months | Hybrid (2 days remote) ??Harvey Nash have partnered with a confidential private sector organisation that requires an experienced Cyber Security Manager or Lead to step in and provide immediate, hands-on leadership across cyber operations.This role is firmly delivery-led. You’ll take ownership of day-to-day cyber security activities, stabilise the current security posture, and drive a backlog of critical actions across incident response, vulnerability management, and network security. It’s a small team environment, so pace, urgency, and the ability to be effective quickly are essential.You’ll work closely with IT Operations and infrastructure teams, balancing strategic oversight with hands-on execution to ensure progress is made.What you’ll be doing:?? Owning and progressing cyber incident response planning and readiness activities?? Reviewing vulnerability scan outputs, prioritising risk, and driving remediation actions?? Leading remediation activities from penetration testing and security assessments?? Reviewing and improving firewall rules, network segmentation, and data centre security?? Assessing security across remote sites and WAN connectivity?? Reviewing existing data discovery and access request tooling, producing recommendations for replacement and next steps?? Acting as the senior cyber point of contact for stakeholders, providing clear updates on risk, progress, and prioritiesExperience of interest:?? Proven experience operating as a Contract Cyber Security Manager or Lead?? Strong background in incident response, vulnerability management, and security posture improvement?? Hands-on experience across network and perimeter security in enterprise environments?? Comfortable operating in lean teams and becoming self-sufficient quickly?? Able to balance leadership with hands-on delivery in complex environmentsTechnology environment includes:?? Sophos (Managed Detection and Response, logging), Nessus (Vulnerability Management)?? Cisco Firepower, Cisco Umbrella, Cisco Nexus switching and Cisco WAN?? Load balancers?? Windows client environments?? Data discovery toolingThis is a strong opportunity for a cyber professional who is able to do both the hands-on and strategy that can bring immediate structure, momentum, and calm to a busy environment.Apply now or get in touch for a confidential discussion.

Devops Engineer- Contract inside ir35- HybridCore Responsibilities:

Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).

Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container).

Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).

Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).

Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).

Document ci-config.yaml standards and usage patterns.

Mentor engineers on secure pipeline developme

Essential Skills: -

7+ years engineering; 3+ in CI/CD platform or DevSecOps.

Strong Jenkins + Groovy shared library expertise.

Advanced Python automation (JSON/YAML processing, tooling scripts).

Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.

Supply-chain security (SLSA, CycloneDX SBOM, digests).

Experience with SonarQube, Sonatype IQ, container and SAST scanning.

Proven performance tuning (caching, parallelization, dependency pruning).

Compliance Awareness.

Network Security Engineer - F5/DNS/iRules

World Wide Technology

Role: F5 SME IR35: Inside - £550.00 - £575.00 per day Duration: 12 monthsWorld Wide Technology (WWT) is a global technology integrator and supply chain solutions provider. Through our culture of innovation, we inspire, build, and deliver business results, from idea to outcome.World Wide Technology EMEA. has an opportunity available for an F5 SME to support our client, a leading Global Financial Services provider with a security infrastructure uplift program.The successful candidate will have deep knowledge in F5 internals, traffic management, iRule and DNS architecture, please see requirements below:Key Responsibilities:Design, implement, and maintain complex F5 BIG-IP solutions across LTM and F5 DNS/GTMDevelop and manage advanced iRules for traffic steering, security, and application logicOwn and configure DNS and global traffic management, including Wide IPs, health monitors, and failover strategiesProvide deep-level troubleshooting across network, DNS, TLS, and application layersAct as an F5 subject matter expert for architecture decisions, incidents, and optimisationRequired Skills & Experience:Strong hands-on experience with F5 BIG-IP (TMOS, LTM, DNS/GTM)Advanced iRules development and traffic management expertiseSolid understanding of DNS infrastructure (authoritative vs recursive DNS, Anycast, TTLs, split DNS)Experience designing highly available, resilient application delivery architecturesAbility to troubleshoot complex issues across TCP/IP, HTTP/S, TLS, and DNSCandidates will be required to go through background checks before commencing contract.Must be an EU Citizen. Some occasional travel maybe required. Only successful candidates will be contacted.EQUAL OPPORTUNITIES World Wide Technology is committed to equal opportunities and actively seeks applications from all sectors of the community irrespective of sex, race, colour, nationality, ethnic or national origin, disability, marital status, sexual orientation, having responsibility for dependents, age, religion/beliefs, or any other reason which cannot be shown to be justified.

Senior C#. NET DeveloperLocation: London (Hybrid) Contract: 6 months IR35: Inside IR35Our client, a leading global investment bank, is looking for an experienced C#. NET Developer to join their team on a 6-month contract. This role is pivotal in modernising and supporting business-critical applications while contributing to greenfield development initiatives.Key Responsibilities

Design, build, and maintain server-side and client-side applications using .NET Framework/Core, React/TypeScript, and relational databases (SQL Server, Oracle).

Refactor legacy systems to reduce technical debt and improve performance.

Implement modern security patterns (OAuth2/OpenID Connect, OWASP principles).

Optimise database queries and schemas; ensure safe migrations.

Participate in CI/CD processes, code reviews, and adhere to Change Management procedures.

Collaborate with cross-functional teams and provide occasional out-of-hours support.

Essential Skills

Strong proficiency in .NET Framework/Core.

Experience with SQL Server and Oracle performance tuning.

Knowledge of secure SDLC practices and OWASP principles.

Hands-on experience with CI/CD pipelines and troubleshooting across Windows Servers and databases.

Excellent communication and problem-solving skills.

Desirable

React/TypeScript

Certifications in Azure/AWS, CISSP, or DevOps.

Familiarity with Docker/Kubernetes, observability practices, and API gateways.

Exposure to greenfield projects and Python scripting.

Apply now to join a dynamic team and work on cutting-edge projects within a global investment banking environment.

Security Design Engineer (AppSec)

The CompanySuperb opportunity to join a leading financial services client with offices in Edinburgh.This is an initial 6-month contract inside IR35. There will be a requirement to be in the office up to 3-days per week.The RoleWe are seeking an experienced Security Design Engineer (AppSec) to lead end-to-end security solution design across complex technology environments. You will produce high-quality architecture and design artefacts aligned to business and security standards, influence strategic direction, and provide hands-on application security expertise across large-scale transformation programmes.What you’ll do

Own and deliver secure solution designs, architecture patterns, design decisions, and risk assessments

Partner with enterprise and solution architects to ensure alignment with strategic architecture

Provide technical leadership and act as an AppSec subject matter expert for delivery teams

Design and embed security into modern application stacks and CI/CD pipelines

Present designs and recommendations to design authorities and senior stakeholders

Identify control gaps, define remediation plans, and manage residual risk

Support governance, peer review, and architectural assurance processes

What you’ll bring

Deep application security experience across cloud-native, microservices, containerised and Kubernetes environments

Strong expertise in SAST, DAST, IAST, MAST, SCA, SBOMs, and supply-chain security

Proven experience integrating security testing into CI/CD (eg GitHub Actions, GitLab, Jenkins, Azure DevOps)

Threat modelling, secure SDLC design, and risk-based security policy development

Experience in vulnerability and exposure management and network security concepts (segmentation, logging, scanning)

Familiarity with industry frameworks (OWASP SAMM/ASVS, NIST SSDF, SLSA, CSA)

Ability to communicate complex security concepts to both technical and non-technical stakeholders

Experience working in large, complex IT transformation programmes

Tools & technologies

AppSec tools such as Checkmarx, Invicti, Snyk, Black Duck, Tenable (or similar)

Architecture modelling (eg BizzDesign, Archi, UML)

Jira and Confluence

Qualifications (preferred)

Degree in cybersecurity, computer science, software engineering, or related field

CISSP, CISM, or equivalent cybersecurity certification

SABSA or TOGAF certification

This is an opportunity to shape secure architecture at scale, influence senior stakeholders, and drive developer-centric security practices in a complex enterprise environment.More details available on successful application.

Senior Messaging Engineer - 3rd line - Exchange/Email Security

Job Title: Senior Messaging Engineer - 3rd line - Exchange / Email Security Location: Hybrid - 2 days per week onsite in London or Leeds Salary/Rate: Up to 250/day INSIDE IR35 Start Date: ASAP Job Type: 9 month contract - very likely to extend Company: Financial Services/Banking clientWe are hiring for an SC Cleared Senior Messaging Engineer with strong third-line support experience, deep expertise in Exchange / email security, and the ability to design, improve, and stabilize complex messaging environments.Key Responsibilities

Implement, support, and enhance enterprise messaging and email security solutions

Provide third-line support for messaging-related incidents and escalations

Manage and improve Exchange Online and Exchange Hybrid environments

Support and administer secure email gateways and encryption technologies

Troubleshoot complex messaging issues and drive root-cause resolution

Lead and contribute to initiatives aimed at simplifying and modernising email estates

Mentor junior engineers and support first- and second-line teams

Produce clear technical and user documentation

Work across multiple workstreams, balancing competing priorities and deadlines

Essential Skills & Experience

Strong experience with Exchange Online and Exchange Hybrid

Proven background supporting secure enterprise messaging in complex environments

Hands-on experience with email security gateways and encryption technologies

Strong PowerShell scripting and automation skills

Excellent troubleshooting and problem-solving abilities

Strong written and verbal communication skills

Experience mentoring and knowledge-sharing with wider support teams

Desirable Experience

Experience with Mimecast and/or Clearswift

Knowledge of email DNS and authentication (SPF, DKIM, DMARC, MX records)

Experience with email encryption (PGP, TLS, PME)

Exposure to email journaling and archiving solutions (e.g. Enterprise Vault)

Experience migrating complex messaging environments to Exchange Online

Familiarity with Agile delivery and sprint-based working

Knowledge of ITIL processes (Incident, Problem, Change)

Apply now for immediate consideration

DV-cleared Penetration Tester

Synergize Consulting Ltd

We are seeking an experienced DV-cleared Penetration Tester to support security assurance and offensive testing activities within a high-assurance defence and aerospace environment. This role involves conducting controlled penetration testing against sensitive systems, directly supporting security posture, accreditation, and assurance objectives.Role Overview

Define and manage penetration testing scopes and boundaries

Map system and network architectures to identify attack surfaces

Identify exposed services, endpoints, and potential weaknesses

Gather and analyse OSINT to inform realistic attack scenarios

Perform manual and automated penetration testing, including vulnerability scanning

Validate misconfigurations and security weaknesses through controlled exploitation

Document attack paths, exploit chains, and real-world impact

Assess overall risk exposure and contribute to assurance decisions

Reporting & Assurance

Produce clear, high-quality penetration testing reports with risk ratings and remediation guidance

Support remediation validation and re-testing activities

Maintain and update security accreditation evidence

Package testing artefacts and deliverables for governance and assurance review

Contribute to security reviews, working groups, and assurance discussions

Essential Skills & Experience

Proven experience as a Penetration Tester in secure or regulated environments

Strong knowledge of network, infrastructure, and system testing

Experience with OSINT, vulnerability scanning tools, and manual exploitation techniques

Ability to communicate technical risk clearly to both technical and non-technical stakeholders

Experience working within defence, aerospace, or high-assurance environments

DV clearance - current and transferable prior to a start, due to the nature of the project

Information Security Consultant (DV)

Synergize Consulting Ltd

Information Security Consultant (DV) - Contract - Lancashire - £competitiveSynergize Consulting are now hiring for an Information Security Consultant to work at a leading defence client on a contract basis.The successful candidate will be required to embed security-by-design across digital engineering projects and cross-domain solutions within a highly secure defence environment aligned to the client’s architecture processes.Responsibilities include:

Engage with Digital Engineering teams to understand programme objectives and security requirements.

Map existing infrastructure and conduct threat modelling and security risk analysis.

Develop and maintain reusable security patterns to support consistent, secure delivery.

Maintain and manage project security risk registers in line with programme requirements.

Validate compliance with security policies, standards, and control baselines.

Conduct cross-domain threat modelling and risk assessments.

Experience Required:

A strong background, and proven experience as an Information Security Consultant within complex or regulated environments.

Strong experience within security architecture, threat modelling, and risk management.

Experience embedding security into digital engineering or systems engineering projects.

Strong abilities in managing security risks, and mapping existing threat risks and classifications

Demonstrable experience designing and assuring cross-domain or multi-classification solutions.

Previous experience in the defence sector would be desirable but not essential

Excellent communication skills, both written and verbal

Due to the nature of the client, it would be an advantage for candidates to hold, or be eligible and willing to undergo a certain level of security clearance (DV).

If you are looking to take the next exciting step in your IT career, please send in your CV for immediate consideration.

Page 1 of 5

Frequently asked questions

What types of contract Security Engineer jobs are available on Haystack?

Haystack offers a wide range of contract Security Engineer positions, including roles in network security, application security, cloud security, and compliance across various industries.

How do contract Security Engineer roles differ from permanent positions?

Contract roles are typically short to medium-term engagements with a fixed duration, offering flexibility and often higher hourly rates, while permanent positions provide long-term employment with benefits.

Can I apply for remote contract Security Engineer jobs on Haystack?

Yes, Haystack features both on-site and remote contract Security Engineer opportunities to suit different preferences and circumstances.

What qualifications and certifications are commonly required for contract Security Engineer jobs?

Employers often look for experience with security tools and protocols, and certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly valued for contract Security Engineer roles.

How does the application process work for contract Security Engineer positions on Haystack?

You can search and filter contract Security Engineer jobs on Haystack, submit your application directly through the platform, and communicate with recruiters or hiring managers to move forward in the hiring process.

Terms

Feedback

Contact

Careers