Role DetailsJob Title: Crypto Analyst
Work Mode: Hybrid (2 to 3days)
Location (if Hybrid/Office based): London
Role DescriptionResponsible for managing enterprise wide cryptographic inventory by discovering, cataloguing, and mapping certificates, keys, and secrets to business applications and infrastructure within the CMDB. Supports PQC readiness by identifying crypto risks and translating findings into actionable insights for stakeholders.Key Responsibilities

1. Cryptographic Inventory Management: Discover, catalogue, and map all digital certificates, SSH keys, secrets, and tokens across the enterprise infrastructure.
2. Analysis using existing MUFG tool for Cryptographic Inventory preparation.
3. Service & Dependency Mapping: Create maps in the CMDB that link specific certificates and keys to the business applications and infrastructure components they protect.
4. PQC Readiness Assessment: Identify “at-risk” classical cryptographic algorithms (e.g., RSA, ECC) within the CMDB and map them to high-priority business services for Post-Quantum Cryptography (PQC) migration.
5. Stakeholder Liaison: Translate complex cryptographic and quantum-risk concepts into business requirements for senior leadership and technical implementation teams.
6. PKI Knowledge: Strong understanding of Public Key Infrastructure (PKI), including certificate authorities (CAs), SSL/TLS protocols, and encryption key management.
7. Project Management experience with strong reporting and RAID management experience.

Key Skills / Knowledge / Experience

• 8+ Years of experience with minimum 2 years of relent experience and PM/Led background.
• Cryptographic Inventory Management: Discover, catalogue, and map all digital certificates, SSH keys, secrets, and tokens across the enterprise infrastructure.

• Location: Milton Keynes
• 5 days on-site
• Rate: £550 - £641
  • Inside
• Clearance: SC
• Length Initial 6 months

Role:

• To advise and contribute to the ongoing low-level design and build process of the IT platforms, and the deployment of customer workloads
• To lead on the IT Security aspects when engaging with external stakeholders on cross domain connectivity and data sharing.
• To create/own Tier2 policies & procedures and drive forward implementation & culture change across multiple teams.
• To engage with other secure platforms and environments to align security policies and procedures.
• To assist with customer engagements including technical discovery, design and delivery.
• To act as a key technical interface with the Security Operations Centre and assist with the investigation and resolution of security incidents.

Skills and Experience:

• Strong working knowledge of IT risks, cyber security, and computer operating software
• Advanced understanding of security protocols, cryptography, and security
• Experience implementing multi-factor authentication
• Great communication and interpersonal skills
• Experience implementing security solutions
• Comfortable working on a team
• Understanding of ISO 27001

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Contract Threat Detection Engineer (Delivery Focused)

Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations, and integrations are delivered effectively and aligned to operational priorities.

Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning, and optimising detection capabilities across modern security platforms.

Key Responsibilities

• Develop and deliver detection content in line with sprint priorities and operational requirements
• Create and refine SIEM correlation rules, dashboards, and reports to enhance proactive threat detection and monitoring
• Build, deploy, and maintain automated playbooks across SOAR and related security platforms
• Integrate threat intelligence sources, security tools, and custom logic into automated workflows
• Continuously tune and optimise SIEM rules and SOAR playbooks to improve detection accuracy and reduce false positives
• Integrate internal and third-party systems with SIEM and SOAR platforms using APIs and custom connectors
• Support ongoing sprint activities, daily progress updates, and ad-hoc engineering tasks to improve SOC service delivery
• Contribute to post-incident reviews by developing new detections and response automations
• Develop and maintain log parsers for a variety of data sources
• Produce clear documentation for processes, workflows, and integrations to support knowledge sharing and customer onboarding

About You

• Strong background in security operations, detection engineering, or security content development
• Hands-on experience working with enterprise SIEM platforms and detection rule tuning
• Proven experience delivering work within agile or sprint-based environments
• Practical experience building and maintaining SOAR playbooks and automations
• Good understanding of common attack techniques, TTPs, and frameworks such as MITRE ATT&CK
• Scripting or automation capability (e.g., Python, PowerShell, JSON, REST APIs)
• Strong analytical and problem-solving skills with a methodical approach to engineering delivery
• Experience working in a SOC or MSSP environment
• Familiarity with EDR/XDR platforms and threat hunting methodologies
• Exposure to CI/CD pipelines for deploying detection content is advantageous

This contract role is ideal for a hands-on detection engineer who enjoys delivering high-quality security content, improving automation, and enhancing SOC detection capabilities in a fast-paced operational environment.

Role Title: API Security Architect

Location: Knutsford/ Hybrid

Duration: 30/11/202

Role Description:

"We are looking for an API Security Architect to define, design, and oversee the implementation of enterprise-grade API security architecture. The role ensures APIs are built securely, follow best-practice standards, and align with organisational security and compliance requirements.

Key Responsibilities

• Design end-to-end API security architecture across cloud and on-premise environments.
• Define API security standards covering authentication, authorization, encryption, and threat protection.
• Lead architectural reviews, threat modelling, and risk assessments for API integrations.
• Select, architect, and optimize API gateways, WAFs, and security controls.
• Develop reference architectures and reusable security patterns for engineering teams.
• Provide security governance for API development, lifecycle management, and CI/CD practices.
• Partner with engineering, product, and security operations to embed secure-by-design principles.
• Oversee remediation strategies for API vulnerabilities and guide architecture improvements.

Required Skills & Experience

• Proven experience in API security architecture within large-scale environments.
• Expertise in API gateways (Apigee, Azure API Management, Kong, Mulesoft).
• Strong knowledge of OAuth2.0, OIDC, JWT, mTLS, TLS, and Zero Trust principles.
• Deep understanding of OWASP API Security Top 10 and secure design patterns.
• Experience designing security controls in cloud (Azure, AWS, or GCP).
• Ability to create architectural artefacts (HLDs, LLDs, security patterns).

Nice to Have

• Certifications: CISSP, CCSP, GIAC, SABSA.
• Experience with DevSecOps, container security, and microservices architecture.
• Knowledge of SIEM, API analytics, and threat intelligence.

Knutsford - Hybrid, 3 days on site

Contract - £480 - £510 per day (inside)

Our client is seeking an Application Security Specialist who will join the security team of a major organisation. You will assess and strengthen the security of applications across development, deployment, and operations.

Responsibilities:

• Conduct security reviews, threat modelling, and vulnerability assessments.
• Support secure coding practices and provide guidance to development teams.
• Operate security scanning tools (SAST/DAST/IAST).
• Validate remediation of vulnerabilities and track risk reductions.
• Contribute to secure design standards and best practices.
• Work with DevOps to embed security into CI/CD pipelines.

Technical Skills & Competencies:

• Knowledge of OWASP Top 10 and secure development principles.
• Experience with scanning tools (e.g., SonarQube, Veracode, Fortify).
• Understanding of cloud security and API/application architecture
• Strong communication and stakeholder management skills
• Comfortable working directly with senior leadership
• Problem-solver with a hands-on mindset

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Role:Cryptography EngineersDuration: Permanent roleMode: Hybrid
Key ResponsibilitiesDesign and implement cryptographic modules for embedded and automotive platformsDevelop and integrate cryptographic algorithms:oSymmetric cryptographic algorithms such as AES (ECB/CBC/GCM/CCM modes)oAsymmetric cryptographic algorithms such as RSA, ECC (ECDSA, ECDH)oHashing and message authentication algorithms (SHA-2/3, HMAC, CMAC)Implement secure boot, chain-of-trust, and secure firmware update mechanismsDesign and integrate key exchange protocols and secure session establishmentDesign and manage key management systems (KMS) and certificate handling (X.509)Integrate cryptographic libraries (OpenSSL, MbedTLS, WolfSSL, etc.)Integrate Hardware Security Modules (HSM) or TPM-based security solutionsSupport secure communication protocols (TLS, DTLS, IPsec, MACsec)Conduct cryptographic reviews, vulnerability analysis, and performance optimizationSupport compliance documentation and security validation activitiesCollaborate with cross-functional teams for system-level security architecture
Must RequirementsMinimum of a degree in Electronics, Computer Science, Cybersecurity, or related fieldMinimum of 5 years of experience in in cryptography or embedded securityStrong C/C++ programming skillsDeep understanding of:oSymmetric encryption (AES, block cipher modes, authenticated encryption)oAsymmetric encryption & digital signatures (RSA, ECC, ECDSA, ECDH)oHashing and message authentication (SHA-2/3, HMAC, CMAC)oKey exchange protocols and secure session establishmentoPKI and certificate managementExperience in automotive embedded platformsExperience with cryptographic libraries and secure communication protocols (TLS/DTLS/IPsec)Knowledge of secure coding practices and side-channel attack mitigation
Preferred:Experience in Secure ECU Development (keywords AutoSAR, Crypto Stack, SecOC, CAN and CAN-FD, Automotive Ethernet, and so on).C/C++ language experience.Experience with debuggers.Automotive ECU security experienceAUTOSAR Crypto Stack knowledgeSecure boot and OTA/FOTA implementation experienceFamiliarity with post-quantum cryptography conceptsAbility to communicate with Chinese OEMs and development teams

Position: AI Security & Governance Workstream Lead
Location: Reading 2 days p/week; 3 days remote

Type: Contract, Inside IR35, 6 Months

Rate: £705 p/day (umbrella rate)

We are seeking an AI Security & Governance Workstream Lead to join a major cyber security transformation programme. This person will shape and deliver the organisation’s AI security and governance agenda, enabling responsible and compliant AI adoption across a complex, distributed environment.

Key Responsibilities:

Lead the workstream from initiation to business-as-usual, defining scope, plans, and milestones
Establish AI governance frameworks, policies, and an enterprise AI inventory covering models, tools, and data flows
Implement AI security controls, monitor risks, and ensure compliance with emerging regulations such as the EU AI Act
Coordinate cross-functional teams, stakeholders, and third-party vendors to deliver outcomes and embed sustainable practices

Skills & Experience:

Proven experience leading complex cyber, technology, or AI-related projects in large, distributed organisations
Strong understanding of AI/ML, agentic systems, AI security risks, and data governance principles
Experience designing governance frameworks, policies, and regulatory compliance measures
Excellent stakeholder management, communication, and programme delivery skills with ability to influence senior leaders

This is a strategic, high-impact role for someone who can combine AI technical expertise with structured programme leadership to enable trusted, responsible AI adoption across the organisation

Cyber Transformation Architect

Cyber Security / Azure Cloud

450 per day, Outside IR35

2 Days per week in Edinburgh

Initial 3 month Contract (likely extensions for 12 months)

We are urgently looking to secure the services of an experienced Cyber Transformation Architect, on an Outside IR35 basis, to support the delivery of a high-profile programme in the Financial Services industry.

Core tasks:

• Ensure there is a coherent security architecture across the projects within the programme
• Maintain a set of phased security architectures for the programme
• Develop and instill into the projects a set of common architecture principles and components
• Provide knowledge sharing on the programme architecture
• Provide Architecture Governance for the projects and set out the expected architecture deliverables

Additional tasks:

• Provide guidance and support to the project architects in developing the project artefacts
• Provide guidance and support to the Project Managers to develop the project Plans and resolve solution issues
• Support the development of a Cybersecurity Resilience Blueprint for Change framework

Skills required:

• Knowledge of Security technologies for Security Operations and IAM.
• Security Architecture frameworks and standards (e.g. NIST, Azure Architecture, Zero Trust, etc)
• Architecture methodologies and alignment with Project lifecycles.
• Good understanding of Microsoft Azure Cloud and Integration
• Good presentation and documentation skills
• Commercial awareness of Statement of Works and MSSP models.

Please apply by submitting your latest CV for immediate review by our Talent team.

Thanks

Milton Keynes (Hybrid 3 days PW)

500 - 550pd DOE (Inside IR35)

6 month initial contract

Ideally SC/DV Cleared (Need to be eligible if not)

My central Government client is looking for an experienced Network Engineer to be responsible for designing, implementing, securing, and maintaining enterprise network infrastructure with a focus on high availability, performance, and resilience.

You will provide advanced technical leadership across routing, switching, firewall administration, and network security operations.

On a day to day basis you will be the escalation point for complex issues involving Cisco switching platforms, Cisco Firepower Threat Defense (FTD), and Palo Alto Networks Next-Generation Firewalls, ensuring the network reliably supports business operations.

Responsibilities: Enterprise LAN/WAN design, optimization, and lifecycle management
Firewall, IPS/IDS, and network security policy management
Advanced troubleshooting of network performance, connectivity, and security issues
Leading network modernization, migration, and automation initiatives
Ensuring compliance with security frameworks and organizational standards
Collaboration with cross-functional IT teams to deliver secure, scalable solutions

Experience Required:

Experience in support and design in highly secure environments.
Cisco Switching, Routing, Security and wireless technologies
Network Protocols TCP/IP, BGP, ICMP, OSPF, IPSEC
Cisco ASA Firewall Administration and design
Cisco Firepower ( NGFW)
Palo Alto Firewall administration.
Knowledge of Virtual Environments and virtual network solutions,(ie VMWare )
Experience in Cisco ISE and PRIME
BIG IP F5 Administration Configuration - LTM, ASM
Network Monitoring PRTG
Cisco ACI
Azure AWS experience

Rise Technical Recruitment Ltd acts an employment agency for permanent roles and an employment business for temporary roles.

The salary advertised is the bracket available for this position. The actual salary paid will be dependent on your level of experience, qualifications and skill set and will be decided by our client, the employer. Rise are not responsible or liable for any hiring decisions made by the end client.

We are an equal opportunities company and welcome applications from all suitable candidates.

DGH Recruitment are currently recruiting on behalf of a leading client in the Utilities industry who require a Cyber Security Architect to join the firm in London on an initial 6 month contract basis. You will be responsible for ensuring the firms systems are secure, resilient, and aligned with national standards and best practice.

Please note this role falls Inside IR35, will require active SC clearance and will require 1 day in the London office per week.

Key Responsibilities:

Define and lead the organisation’s security architecture vision, principles, and long-term strategy.
Design and review secure system architectures across complex projects.
Identify security weaknesses and recommend proportionate mitigations.
Advise on the security implications of emerging technologies (e.g., cloud, microservices, identity solutions).
Maintain the security, privacy, and resilience risk register.
Lead security architecture assurance aligned with CAF and NCSC guidance.
Oversee penetration testing, vulnerability management, and remediation activities.
Ensure value for money from cyber security tools and third-party services.
Manage third-party contracts to ensure security requirements are embedded.
Act as the main point of contact for security briefings across the organisation.

Required Experience:

Chartered status via UK Cyber Security Council, CISSP, or equivalent.
Deep technical expertise in IT infrastructure and/or software development including Saleforce.
Extensive experience designing and reviewing secure architectures for complex systems.
Strong experience in risk assessment, risk management, and intelligence-informed decision-making.
Proven ability to influence senior leaders and communicate complex security risks clearly.
Experience developing and implementing pragmatic security, privacy, and resilience approaches.
Experience managing strategic plans, tracking risk reduction, and adjusting delivery based on emerging risks.
Experience managing and negotiating third-party contracts with embedded security requirements.

Please note this role falls Inside IR35, will require active SC clearance and will require 1 day in the London office per week.

Cyber Security Architect (Salesforce)

In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited having first sought approval of its client to find candidates for this position.

DGH Recruitment Limited acts as both an Employment Agency and Employment Business

Job Title: Cyber Security Assurance Specialist (Application Security)
Client: Urenco
Rate: £700 per day
Location: Hybrid Minimum 2 days per week in Paddington, London
Clearance: Active SC Clearance required

About the Client

Urenco is a world leader in the enrichment of uranium for use in the civil nuclear industry. Operating across the United Kingdom, United States, Netherlands, and Germany, Urenco plays a critical role in enabling the safe, sustainable use of nuclear technology worldwide.

The Group CISO function is responsible for continuously developing and enhancing Urenco s cyber security portfolio to protect the organisation, its customers, and the public. The CISO team is structured across three core areas:

• Governance, Risk & Compliance (GRC)
• Operational Technology (OT) Cyber & Cyber Assurance
• Threat Defence

This opportunity sits within the Cyber Assurance Team, reporting directly to the Head of Cyber Security Assurance.

Role Overview

We are seeking an experienced Cyber Security Assurance Specialist with a strong focus on application security across both on-premises and cloud environments.

You will play a key role in improving cyber security maturity across the organisation by providing assurance over security designs, assessing risk, and developing application security standards and policies. The role requires close collaboration with IT, Information Security, and business stakeholders, translating business requirements into secure, practical solutions.

This is a highly visible position requiring strong communication skills, sound business judgement, and the ability to operate effectively in agile delivery environments.

Key Responsibilities

1. Security Design & Solution Assurance

• Review and assure technical designs against security policies and standards
• Identify security design gaps and recommend appropriate control improvements
• Author and review high-quality security documentation
• Provide security oversight for both on-premises and cloud-based solutions
• Act as a trusted advisor and security advocate across the business
• Communicate effectively with stakeholders to embed secure-by-design principles

2. Security Risk Assessment & Control Assurance

• Produce formal security risk assessments in collaboration with GRC, architects, and IT teams
• Define and agree risk mitigations and compensating controls
• Assure implementation and effectiveness of technical controls
• Translate business strategy into secure architecture guidance
• Conduct supplier assurance across on-premises, cloud, and hybrid services

3. Security Standards, Policies & Governance

• Develop and maintain application security policies, standards, and guidelines
• Align security frameworks with broader business strategy
• Track emerging security practices and ensure standards remain current
• Support the continuous improvement of cyber security maturity

Essential Experience

• Minimum 5 years experience in Information Security Assurance with a focus on application security
• Experience working in a global organisation
• Strong knowledge of regulatory compliance and security frameworks such as:

• ISO 27000 series
• NIST SP 800 series
• NIST Cyber Security Framework

• Experience in:

• Secure application design and review
• Cloud security assurance
• Penetration testing and vulnerability management
• Supplier security assurance

Desirable Experience

• Knowledge of nuclear industry regulations across the UK, US, Netherlands, and Germany
• Understanding of government information classifications
• Experience in OT security environments

Technical Knowledge

Strong understanding of security controls across multiple asset types including data, networks, devices, and users, covering:

• Software Asset Inventory & Control
• Data Protection
• Secure Configuration Management
• Continuous Vulnerability Management
• Audit Log Management
• Malware Defences
• Disaster Recovery
• Service Provider Security Management
• Application Security & Penetration Testing

Qualifications & Certifications

• Degree (BS/MS) in Computer Science, Information Security, or equivalent experience
• Relevant certifications such as:

• CISSP
• CISA
• CSSLP
• OWASP ASVS / OWASP Top 10
• GIAC (GWAPT, GCSA)
• CASE
• Certified DevSecOps Professional

Key Competencies

• Strong business acumen with ability to align security to organisational objectives
• Adaptable and responsive to changing risk landscapes
• Excellent written and verbal communication skills
• Strong analytical and decision-making capability
• Team-oriented with experience working across diverse stakeholders
• Self-motivated with a sense of urgency and delivery focus
• Organised and able to manage multiple priorities

Additional Information

• Hybrid working model minimum 2 days per week onsite in Paddington
• Occasional travel may be required
• Active SC clearance is mandatory

Location: Hybrid 3 days on site in Knutsford
Duration: 31/03/2027
Rate 497
MUST BE PAYE THROUGH UMBRELLA

Role Description:
As part of the Cyber Enhancement Programme (CEP), the Tanium Technical SME will address critical capability and coverage gaps in the organisation’s current Tanium EDR and telemetry estate. These roles are required to ensure the organisation can prevent, detect, respond to, and contain cyber threats at speed and scale. Internal SME capacity is fully consumed, and no Tanium resources are currently available to deliver the 2026 CEP Book of Work, necessitating external specialist support.
Key Responsibilities

• Lead remediation of an agreed list of known Tanium EDR gaps across the estate.
• Activate, configure, and deploy Tanium Reactions aligned to containment and detection requirements.
• Support Tanium device discovery, improving asset visibility across hardware, software and telemetry.
• Integrate device data, software data, and extended telemetry into SIEM and wider detection tooling.
• Develop and implement CI/CD pipelines for Detection Engineering content deployed through Tanium.
• Conduct Tanium testing and validation cycles, including rollback procedures to support CI/CD and containment operations.
• Collaborate with Detection Engineering, Endpoint, and C2E workstreams to ensure readiness for platform go-live.
• Provide expert input into Tanium architecture, enhancements, integrations, and operational uplift.
• Produce documentation, operational runbooks, and configuration standards for long-term sustainability.

Skills & Experience Required

• Proven expertise configuring, deploying, and operating the Tanium platform at enterprise scale.

• Strong experience in Tanium modules including:

• Tanium Threat Response

• Tanium Discover / Asset

• Tanium Deploy

• Tanium Signals & Reactions

• Deep knowledge of endpoint telemetry, EDR technologies, and cyber threat detection.

• Hands?on CI/CD experience, including automated content build, testing, and rollback.

• Experience integrating Tanium data into SIEM platforms and detection pipelines.

• Ability to troubleshoot complex endpoint, sensor, and configuration issues.

• Strong communication and documentation skills, with ability to influence multiple workstreams.

Location: Hybrid - 3 days on site Knutsford
Duration: 31/03/2027
Rate 426
MUST BE PAYE THROUGH UMBRELLA
Role Description:
The CyOps Analyst will support the Cyber Enhancement Programme by operationalising new detection capabilities, improving cyber readiness, and supporting endpoint and containment tooling as Tanium capabilities expand. These roles ensure T1 milestones can be met and that Detection Engineering and C2E workstreams are ready for platform go?live.
Key Responsibilities

• Operate, monitor, and triage enhanced detection outputs generated through Tanium and SIEM integration.
• Support operational readiness for new containment capabilities deployed as part of C2E workstream.
• Validate and operationalise detection content delivered via CI/CD and Tanium telemetry ingestion.
• Aid in correlating endpoint, device discovery, and telemetry insights to support investigations and incident response.
• Work with SMEs to assess gaps, document findings, and ensure operational closure of identified EDR issues.
• Support cyber incident response activities, providing endpoint expertise and rapid analysis.
• Maintain operational dashboards, reporting, and KPI tracking for CEP governance.
• Enhance playbooks and operational procedures to reflect new Tanium-driven capabilities.

Skills & Experience Required

• Experience in Cyber Operations, SOC Level 2/3, or Incident Response.
• Strong understanding of endpoint telemetry, EDR, and detection technologies (Tanium experience desirable).
• Experience triaging and analysing alerts from SIEM, EDR, and endpoint tooling.
• Ability to work across Detection Engineering and IR teams to enhance detection logic and response actions.
• Excellent analytical skills with strong attention to detail.
• Clear communication, documentation, and stakeholder engagement skills."

Your new companyA large UK public sector organisation responsible for delivering essential national services and supporting critical government operations. The organisation oversees a wide range of public-facing and internal functions, working across multiple departments to ensure effective service delivery, policy implementation, and operational support.Your new role

• Design, develop, and maintain SailPoint connectors, workflows, rules, and APIs for automated provisioning and de-provisioning.
• Lead configuration, integration, and deployment of SailPoint IdentityIQ or Identity Security Cloud solutions.
• Integrate SailPoint with systems such as Active Directory, Entra ID, HR systems, AWS, ServiceNow, LDAP directories, and cloud applications.
• Implement IAM governance functions including RBAC, access reviews, certification campaigns, and lifecycle policy enforcement.
• Develop custom rules, scripts, and extensions using Java, BeanShell, XML, and REST/SOAP APIs.
• Troubleshoot issues related to provisioning, connectors, access control, and integration failures.
• Build automation to support onboarding/offboarding, role assignment, and identity lifecycle events.
• Collaborate with InfoSec, DevOps, and Compliance teams to strengthen governance, audit readiness, and least-privilege access standards.
• Ensure solutions adhere to enterprise security, scalability, availability, and performance requirements.
• Support production operations, including incident response, triage, and continuous improvement.

What you’ll need to succeed

• Hands-on engineering experience with SailPoint
• Deep understanding of IAM principles: RBAC, least privilege, access certification, governance workflows.
• Integration experience with identity data sources: Active Directory, LDAP, HRIS, AWS, ServiceNow, databases.
• Strong troubleshooting skills across provisioning, connector issues, and identity lifecycle processes.

What you’ll get in returnYou will be offered a long-term (6 months) contract working in the city centre for a public sector organisation, offering hybrid working and a competitive day rate. What you need to do nowIf you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Senior Fraud Investigator

Start ASAP - pending security clearance Pay: £23.68 per hour Hours: Monday-Friday, 36 hours per week Duration: 6 months, possible extension Location: Charing Cross Security Clearance: SC

Role Overview

We are seeking an experienced Senior Investigator to join a leading law enforcement organisation that investigates and prosecutes serious and complex fraud, bribery, and corruption, including high-profile matters and potential Deferred Prosecution Agreements.

You will lead complex investigations, manage investigative staff, and work closely with a Principal Investigator and multidisciplinary teams to progress cases from inception to prosecution.

Key Responsibilities

• Conduct investigations in line with legislation, policy, and organisational procedures.
• Lead key lines of enquiry and investigative activity in complex, multi-strand cases.
• Line manage investigators, allocating work, supervising activity, and ensuring delivery against objectives.
• Maintain oversight of investigations, keeping matters under constant review and providing updates to senior colleagues.
• Ensure suspect and witness accounts are obtained and used strategically.
• Produce investigation and financial witness statements and give evidence in court when required.
• Manage the disclosure process in accordance with the Criminal Procedure and Investigations Act 1996.
• Manage staff performance and development, including setting objectives, providing feedback, and addressing performance issues.
• Take responsibility for the quality, timeliness, and evidential robustness of investigative work.
• Provide cover for the Principal Investigator when required.

Essential Criteria

• Experience delivering successful outcomes in complex, multi-strand investigations.
• Experience working on complex economic crime investigations.
• Experience supervising or line managing investigators.
• Strong financial literacy and ability to analyse financial records.
• Experience drafting clear and accurate witness statements or reports.
• Comprehensive knowledge of investigatory practice, including disclosure and interviewing.
• Good understanding of risk management, information security, and operational security.
• Working knowledge of the criminal justice system.

Desirable Criteria

• Experience interrogating large data sets.
• Experience using or managing eDiscovery platforms.

Qualifications

• Recognised investigative qualification or accreditation and/or
• Recognised accountancy qualification and/or
• Demonstrable experience leading serious and complex crime investigations.

Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.

System Engineer

Location: East London (Hybrid office/home)
Rate: £450 £500 per day (Inside IR35)
Duration: Initial 3 4 month contract (backlog clearance) with strong potential for extension or permanent conversion
Client Environment: Major London Rail customers (TfL, Network Rail station systems)

Overview

We are seeking a mid-to-senior Cybersecurity & Network Assurance Engineer to join a high-performing networks team supporting critical rail infrastructure in London.

This role will focus on cybersecurity governance, assurance, and technical documentation, ensuring networked systems meet customer, regulatory, and industry standards. You will play a key role in clearing an immediate backlog of assurance deliverables while providing technical oversight to junior engineers and supporting SIEM integration activities.

This is a hybrid East London role with no trackside/site access required.

Key Responsibilities

Cybersecurity Governance & Assurance

• Produce and maintain:

• Cyber Security Management Plans (CSMP)
• Risk assessments and threat models
• Assurance and compliance documentation
• Control framework mappings

• Align artefacts to client standards (TfL / Network Rail) and industry frameworks
• Support continual improvement of cyber assurance processes

Standards & Compliance

• Map controls and documentation to:

• ISO/IEC 27001
• IEC 62443 (OT security)
• Customer-specific rail standards

• Ensure deliverables meet governance and audit requirements

Network Security & Architecture Assurance

• Provide design assurance for:

• Secure communications
• Firewalls (e.g., Cisco, Juniper)
• Switching and routed network environments

• Assess effectiveness of implemented security controls in networked systems

SIEM Integration Support

• Produce documentation for SIEM onboarding:

• Data source identification
• Logging requirements
• Use-case and control alignment

• Support assurance activities for SIEM integration (e.g., Microsoft Sentinel environments)

Stakeholder & Team Engagement

• Act as a technical interface to client stakeholders
• Translate technical risk and assurance findings for non-technical audiences
• Provide guidance and quality oversight to junior engineers/graduate staff

Essential Experience

• Cybersecurity governance & assurance in enterprise or critical infrastructure environments
• Proven delivery of:

• Risk assessments
• Threat modelling
• Cyber security management documentation
• Control framework mapping

• Strong knowledge of ISO/IEC 27001 and IEC 62443
• Solid understanding of network architecture and secure communications
• Experience assessing firewalls, switching, and routed networks from a security perspective
• Familiarity with SIEM concepts and onboarding processes (e.g., Microsoft Sentinel)
• Ability to produce clear, client-aligned technical documentation
• Experience working with stakeholders and presenting assurance outcomes

Desirable Experience

• Experience in rail, transport, or OT environments
• Hands-on network configuration (Cisco, Juniper)
• Experience with network management and policy enforcement tools
• Knowledge of Windows Server architectures
• Prior contract/consulting experience
• Experience aligning to customer templates or London-specific standards

Qualifications & Certifications

• HND, degree, or equivalent experience in IT, networking, or cybersecurity
• Cisco CCNA/CCNP (or equivalent experience)
• Security certifications such as CISSP, CompTIA CySA+, or similar (desirable)
• ITIL Foundation (desirable)

Clearance

• Must be eligible for BPSS clearance

Key Behaviours

• Strong written and verbal communication skills
• Ability to operate at mid-to-senior level with minimal supervision
• Comfortable guiding junior team members
• Able to work in a governance, assurance, and documentation-heavy role
• Collaborative approach in a multi-stakeholder environment

Role Title: Cyber SME

Location: Remote (very occasional travel to London)

Duration: 6 months contract

Rate: 600 per day inside ir35

eSC (enhanced SC) security clearance is required for this role.

Role Description:

I am looking for an experienced Cyber Subject Matter Expert (SME) to support the delivery and operational maturity of security capabilities across cloud and enterprise environments. The successful candidate will provide technical leadership and hands-on expertise across core cyber technologies, cloud security tooling, and vulnerability management processes.

Expereince required:

• SIEM and logging platforms such as Splunk and Elastic
• Microsoft security tooling including Defender suite and O365 security services
• Security controls across both AWS and Azure environments
• Proven experience in Vulnerability Management, including:
• Deployment and configuration of vulnerability management tooling
• Identification, prioritisation, and remediation of vulnerabilities
• Operating vulnerability management processes across both AWS and Azure
• Solid understanding of cloud security architecture and controls in hybrid or multi-cloud environments.
• Ideally, experience in:
• Identity and Access Management (IAM)
• Public Key Infrastructure (PKI) and certificate management
• Strong stakeholder engagement skills with the ability to explain technical cyber risks clearly to both technical and non-technical audiences.

If you are interested in this role or wish to apply, please feel free to submit your CV.

Network Manager - Cyber Security

Up to 600 per day
6 months London/Hybrid

I’m supporting a global consultancy that is looking for an Network Manager (Cyber) to lead network service delivery across a large enterprise environment. This is a senior role focused on operational ownership, vendor management, and driving performance across a managed service model.

Key Responsibilities

Required Experience
Strong enterprise LAN/WAN and data centre networking background

GCS is acting as an Employment Business in relation to this vacancy.

Contract Length:9 months
Location: Hybrid (60% onsite / 40% remote)
Office Location:Knutsford
Rate: £600-£625pd (Inside IR35)

Role Overview

We are seeking a Network Technical Integration Lead to provide engineering leadership across Network Security platforms. This role is accountable for engineering excellence, secure change delivery, and operational resilience, working in close partnership with Product Owners and global delivery teams.

The role focuses on delivering secure, scalable, and automated Network Security solutions, aligned to Zero Trust principles, governance frameworks, and enterprise non-functional requirements, while embedding DevSecOps and SRE practices as standard.

Key Accountabilities1. Product-Aligned Engineering Leadership

• Act as the engineering counterpart to the Network Security Product Owner
• Jointly own technical roadmap, delivery sequencing, and trade-offs between risk, resilience, and delivery velocity
• Collaborate with Component Product Owners and peer Technical Leads to ensure seamless integration with identity, cloud, endpoint, and observability platforms
• Translate product vision and backlog priorities into implementable architectures, designs, and runbooks

2. Secure-by-Design Architecture & Delivery

• Own end-to-end technical design for Network Security services, including:

  • Zero Trust Network Access (ZTNA)
  • NGFW, NAC, IDS/IPS
  • Proxy services
  • SIEM / SOAR integrations

• Define and assure non-functional requirements (availability, scalability, performance, security, operability)

• Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST, ISO 27001)

3. Engineering Quality, Automation & DevSecOps

• Make automation the default through security-as-code, GitOps, and CI/CD practices
• Lead code reviews for Infrastructure-as-Code, configuration management, and automated runbooks
• Ensure testability via change rehearsal, smoke/soak testing, rollback automation, and failure validation
• Continuously improve automated and standard change models to reduce manual intervention and risk

4. Operational Resilience & SRE Practices

• Own engineering input into SRE metrics (MTTR, MTTD, deployment frequency, error budgets)
• Drive defect and incident analytics and remediation sprints
• Support major incident management and post-incident reviews, embedding learning into platform design

5. Governance, Risk & Compliance

• Ensure solutions meet regulatory, risk, and audit requirements with automated evidence where possible
• Balance security posture, compliance obligations, and business enablement
• Embed ITIL-aligned practices without compromising engineering agility

Collaboration & Ways of Working

• Operate within a product triad alongside Product Owners
• Act as a technical mentor and coach for engineers
• Collaborate with peer Technical Leads across infrastructure, cloud, and identity domains to deliver end-to-end Zero Trust outcomes

Required Skills & Experience

• 810+ years experience designing, building, and operating enterprise network security platforms

• Deep hands-on expertise in one or more of:

  • ZTNA, NGFW, NAC, IDS/IPS
  • Proxy services
  • SIEM / SOAR integrations

• Strong understanding of Zero Trust Architecture and policy-based access control

• Proven DevSecOps, IaC, and CI/CD experience

• Solid grounding in ITIL, major incident management, and post-incident review practices

Preferred Certifications

• CCNP / CCIE (Security or Enterprise)
• Vendor certifications (Zscaler, Fortinet, Palo Alto)
• Splunk Admin / Enterprise Security
• ITIL 4 (Managing Professional or equivalent)

Success Measures

• Reduction in change failure rates and repeat incidents
• Improved MTTR and service resilience
• Increased automation and standardised change adoption
• Strong alignment between product strategy, engineering execution, and security outcomes

Location: West Midlands

Network Engineer required for a long-term defence project with experience of Comms Systems and Secure Networks. Active DV Clearance is essential due to the time constraints of the project.

This role will involve hands on network engineering across secure communications systems, supporting critical Defence capability resilience, assurance and compliance.

Responsibilities

• Deliver network engineering across secure MOD communications and network systems.

• Configure, integrate and support routing, switching and firewall technologies within classified environments.

• Support secure WAN and LAN architectures including segmentation and boundary controls.

• Integrate network components into wider communications system architectures.

• Troubleshoot complex network and communications incidents.

• Maintain technical documentation, configuration baselines and network diagrams.

• Ensure compliance with relevant MOD security policies and JSP frameworks.

• Experience supporting Defence Communications Systems (CIS).

• CCIE/CCNP

• Current/Active DV Clearance

Due to the nature of the work, please familiarise yourself with the security vetting process before applying.

Role Title: CISO Security Consultant

Location: Knutsford, Cheshire/ Hybrid - 2/3 days per week onsite

Duration: 8 months

Rate: 465 per day inside ir35

We’re looking for a proactive Security Consultant to assess, design, and strengthen secure systems across infrastructure and applications. You’ll bring hands-on expertise in areas such as networking, application security, pentesting, databases, or operating systems (Linux/Windows), along with a strong grasp of risk management and secure design principles.

CISSP is highly desirable (additional certifications a bonus). Strong analytical skills, clear communication, and the ability to work both independently and collaboratively are essential. Familiarity with MS Office, Confluence, and Jira is advantageous.

Role Description

As a Security Consultant, you will work closely with clients and internal teams to assess, design, and enhance secure systems. You will provide expert guidance across infrastructure, applications, and enterprise environments, ensuring best practices and industry standards are consistently applied.

Required Skills & Experience

• Strong experience in at least one of the following areas:

• Computer networking
• Application security
• Cryptography (desirable but not essential)
• Penetration testing
• Databases
• Operating systems (Linux and/or Windows)

• Solid understanding of security principles, risk management, and secure design
• Ability to assess vulnerabilities and recommend practical remediation strategies
• Excellent analytical and problem-solving skills
• Strong written and verbal communication skills

Certifications

• CISSP certification is highly desirable
• Additional security certifications (e.g., CEH, CISM, OSCP, Security+) would be advantageous

Desirable IT Skills

• Proficiency in MS Office
• Experience using Confluence
• Familiarity with Jira

What We’re Looking For

• A proactive and detail-oriented professional
• Comfortable working independently and as part of a team
• Strong stakeholder engagement skills
• A commitment to continuous learning and professional development