Adword

Job title: Cyber Asset Management Engineer

Start date: Asap!

Duration: 12 months - likely to want to take on perm for the right candidate

IR35: Inside

Location: Remote - candidate needs to be within a reasonable commuting distance from Edinburgh to be able to attend meetings and work on site if / when required. The manager is very flexible but doesn’t want someone that is unable to get to Edinburgh.

Job description:

• Competent, technical cybersecurity engineer focused on asset visibility, integrations, automation, and turning data into measurable risk reduction
• Someone who can help us get complete visibility into all of our devices, users, cloud resources, and SaaS applications. Know what we have, know the security gaps, and automate the fixes wherever possible.
• Hands-on with asset intelligence tools - ideally Axonius or something similar. Comfortable integrating data from multiple systems, making sure the data is accurate, and building queries, dashboards, and automation to highlight risks and drive remediation.

Not just an analyst but an engineer who can:

• connect systems via APIs, build automations, identify missing security controls and help us turn asset data into real risk-reduction actions.
• Experience with cybersecurity tooling - things like SIEM, EDR, vulnerability management, CSPM, IAM etc.
• Comfortable working with Python or PowerShell because we want to automate. Someone who drives to closure and who can partner with system owners Why this role matters
• This role is critical because asset visibility is the foundation of cyber risk management. If we don’t know what assets we have, what controls are missing, or what’s out of compliance, then we can’t secure the environment. This engineer will help us reduce real risk - not just collect data.

The outcomes we expect

• We are not hiring for activity - we are hiring for visible and quantifiable outcomes. I need someone who can deliver measurable improvements like:
• higher asset coverage
• fewer unknown devices
• automated detection of security gaps
• automated or semi-automated remediation
• dashboards that senior leadership can use

The kind of person and soft skills

• Hands-on, curious, and proactive. They like integrating systems, solving messy data problems, and building automations.
• I don’t want someone who waits for instructions. I want someone who sees a gap and moves to close it. Organised, self-directed, and good at follow-through.
• They need to be able to document what they build. They should be comfortable presenting to leadership when needed.

The technical depth required

• Should be comfortable with REST APIs, Python or PowerShell, data normalization, system integrations, and building queries and dashboards.
• Experience with Axonius or other asset intelligence platforms is ideal. Must understand how EDR, SIEM, IAM, VM, and cloud security tools fit together.
• We are a global environment - manufacturing, R&D, cloud, and corporate. Lots of data sources. Lots of complexity.
• We need someone who likes variety and isn’t intimidated by ambiguity.

The ideal candidate background

• Someone who has done asset management engineering before - either with an Axonius-type platform or in vulnerability management, EDR engineering, or cloud security engineering with heavy API integration work. Don’t need to know everything on day one, but they must be strong technically, fast learners, and able to own a function end-to-end.

What’s the most important thing

• Hands-on engineering and the ability to deliver outcomes with autonomy - not just dashboards, but real risk reduction.

If you’re excited about application security, identity management, and creating robust, secure solutions for modern architectures, we want to hear from you!

Please apply with a copy of your CV or send it to Prasanna . merugu @ randstaddigital . com and let’s start the conversation!

Randstad Technologies is acting as an Employment Business in relation to this vacancy.

Job Specification

Delivery Team Support Lead in the Security as a Service Team

HMS Excellent is home to the Naval Headquarters and front-line training units. Based on Whale Island in Portsmouth Harbour, it successfully blends heritage and history with a modern and progressive outlook. HMS Excellent is a unique shore establishment with its roots in more than 100 years of naval history.

Navy Digital is required to deliver and sustain digital and information security services that enable the secure operation of Information Communication Technology (ICT) equipment, services, and applications. In order for Navy Digital to achieve this goal in an agile and effective manner, a central security service must be established. This service will establish a single coherent approach to Navy Digital’s requirements to prevent duplication and improve efficiency.

This Outcome is for the provision of Security as a Service across a full spectrum of programmes and projects delivering digital outcomes that enable current and future information-based capabilities supporting Navy Command Information, MoD and HMG defence and national security outputs.

Tasking

• Provide a central focal point and function for managing all existing and new and emerging security elements across both fixed and deployed RN capability, including:
  • The prioritisation of existing and new security requirements against RN top-level objectives and outputs.
  • The allocation of SQEP from a central security as a service function to Navy Digital projects and programmes of work to draw upon.
  • The management of resource against demand for the service within the RN.
• Provide central oversight and co-ordinate planning for all through-life security activity across Navy Digital delivery and programmes of work.
• The development of accreditation and assurance strategies against complex security requirements within the maritime environment and across the Defence Lines of Development (DLODs).
• The production of key Information Assurancedeliverables to meet the needs of Navy Digital customers, as well as keyMoD and RN stakeholders, including:
  • High and low-level security requirements.
  • Risk Management & Accreditation Document Set (RMADS).
  • Legal and regulatory artefacts applicable to the MoD e.g., Data Privacy Impact Assessments (DPIA).
  • Risk Balance and Security Cases.
• The provision of security support enables the rapid development and delivery of Navy Digital software and hardware in an agile manner, whilst satisfying mandatory security requirements.
• Provide a consistent and coherent means of identifying, reporting, and escalating cyber risk across Navy Digital and the RN.
• Provide an interface between Navy Digital projects and MoD Information Assurance stakeholders e.g., Cyber Defence and Risk Accreditor.
• The ability to adapt and respond to future changes in security requirements and approaches towards Information Assurance.
• Providing knowledge and experience to assist Navy Digital to implement working-level technical, physical, and procedural security controls in accordance with MOD policy and local operating environments i.e., UK fixed locations responsible for hosting Navy Digital capability.

Person Specification

To be considered for this role you will have the following:

Desirable Skills

• MOD security clearance or be content to undergo Security Clearance to SC level.
• Experience within security assurance and/or cyber risk
• Knowledge of industry standards and cyber security/risk
• Background knowledge of either naval or maritime would be advantageous
• Excellent communication skills
• Able to follow laid down process
• Computer literate and good knowledge of Microsoft applications.

Role specifics

• Start date - ASAP
• End date - 31st July 2028
• Rate - dependent on experience and interview
• Base Location - Portsmouth

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.

About the team

Our team isaccountable for security within the mobile channel. Weprovide a suite of mobile security components,that provides an all-round security posture in mobile appsincluding associated services (penetration testing, obfuscation, consultancy etc.).

Were passionate about our shared passion for delivering new features for customers across our brands in the mobile space.

What We Need from You Essential Skills & Experience

• Strong programming expertise in Swift, with hands-on experience using modern iOS development toolsets including Xcode, Git, GitHub, XCTest, and XCUITest.
• Deep understanding of modular app architecture, including frameworks-based modularisation and architectural patterns such as MVVM.
• Proficiency in building, maintaining, and integrating SDKs, ensuring they are scalable, well documented, and easy to consume across teams.
• Solid grasp of concurrency in Swift (e.g., async/await, GCD, Operations) and the ability to design performant, thread safe solutions.
• Broad technical experience with a track record of delivering high quality, production scale iOS applications.
• Strong communication and collaboration skills, with the ability to work effectively across engineering teams to drive reusability, inner sourcing, and reduction of technical waste.
• A strong advocate for engineering quality, leveraging practices such as Pair Programming, Test Driven Development (TDD), Code Reviews, Continuous Integration, and Automated Testing.

Desirable Skills & Experience

• Knowledge of mobile security principles and best practices, such as secure storage, authentication flows, and safe handling of sensitive data.
• Experience with CI/CD pipelines for mobile, ideally with tools such as GitHub Actions, Fastlane, and automated build/test deployment processes.

Secure Engineer

Must have an Active DV Clearance

An opportunity has arisen for a Secure Engineer to join a growing Secure Engineering Project Team supporting Defence and highly secure government environments. This role suits a hands on engineer who enjoys on site delivery, takes ownership, and leads by example in complex and sensitive locations across the UK and occasionally overseas.

About the Role - Secure Engineer

• As a Secure Engineer, you will deliver on site installations, upgrades, and infrastructure deployments within highly secure environments.
• You will interpret technical drawings and design documentation to implement solutions to specification.
• You will work closely with project managers, customers, and security teams to ensure smooth execution of project plans.
• The role includes break fix and project engineering activities, post installation testing, and structured handover to operations teams.
• You will maintain accurate records including sign off, asset registers, configuration details, and site documentation.

Key Skills - Secure Engineer

• Minimum three years experience working within MOD or highly secure environments.
• Strong background in infrastructure installation and field engineering within data centres or secure sites.
• Good understanding of servers, network switches, structured cabling, racks, and network layouts.
• Ability to work independently, follow processes, and complete work to strict security and quality standards.
• Strong communication, organisation, and time management skills.
• Willingness to travel extensively and work outside core hours when required.

Additional Requirements - Secure Engineer

• Full UK driving licence.
• Experience leading or coordinating on site engineering teams.

Build secure national capability and lead on site delivery as a Secure Engineer.

To apply, please send your CV by pressing the apply button.

IDAM Engineer

Must have an Active DV Clearance

An excellent opportunity has arisen for an IDAM Engineer to join a secure and fast paced Defence and National Security programme. You will design and deliver enterprise grade identity and access management solutions while working in a multi skilled agile team focused on high assurance environments.

About the Role - IDAM Engineer

• As an IDAM Engineer, you will design and implement secure identity and access management solutions across on premises environments.
• You will create high level and low level designs and maintain all supporting documentation to meet governance and review requirements.
• The role involves integrating IDAM capabilities across security, infrastructure, and DevOps teams to ensure alignment with existing platforms and future user needs.
• You will own delivery of work packages from design through to implementation and ongoing change, ensuring functional and non functional requirements are met.

What We’re Looking For - IDAM Engineer

• Strong experience with on premise identity products such as NetIQ, One Identity Manager, Forefront Identity Manager, or SailPoint.
• Extensive knowledge of Identity and Access Management technologies and standards.
• Proven ability to create and maintain HLDs and LLDs for identity solutions.
• Experience with role based access control, access request processes, and identity governance.
• Strong understanding of Windows Enterprise technologies, PowerShell scripting, and automation.
• Awareness of automated testing approaches within secure environments.
• Experience working within Agile delivery frameworks.
• Ability to provide SME level guidance to teams and stakeholders.

Lead secure identity services and shape the future of access management as an IDAM Engineer.

To apply, please send your CV by pressing the apply button.

Technical Security Architect

Must have an Active DV Clearance

About the Technical Security Architect role
We’re seeking a highly skilled Technical Security Architect to take the lead on embedding security across the design, development, and integration of complex network infrastructures. Working within an Agile Scrum environment, the Technical Security Architect will play a vital part in shaping secure platforms by applying Secure by Design and NIST principles throughout the delivery lifecycle.

What you’ll do as a Technical Security Architect

• Lead the design and delivery of secure infrastructure solutions across large-scale programmes.
• Integrate security controls and considerations into network architecture, ensuring alignment with Secure by Design methodologies.
• Act as the security subject matter expert within Agile Scrum teams, collaborating closely with architects, integrators, and testers.
• Contribute to the development of security-enforcing capabilities across platforms and services.
• Present and defend security design decisions to peers and senior stakeholders.

What you’ll bring to the Technical Security Architect role

• Strong background in network infrastructure design and review, with a focus on security.
• Proven experience designing and documenting security architectures and solutions.
• Expertise in vulnerability scanning design and implementation.
• Ability to evaluate and integrate new technologies and innovations under tight delivery schedules.
• Excellent communication and presentation skills when engaging at all levels.

To apply for the Technical Security Architect position, please send your CV by pressing the apply button.

JD: The role requires an experienced systems engineer with strong technical leadership and collaboration skills. The ideal candidate will have significant experience in cloud platform management, infrastructure delivery pipelines (e.g. Azure, AWS, GCP, scripting in Bash, PowerShell, Python, Terraform, etc.).

In this role you will: Act as a Technical SME, designing and developing innovative automated solutions to complex problems utilising the cloud environments. Design and support custom-built applications Azure environment, ensuring secure, reliable and high-performing deployments. Build and manage Azure Infrastructure, including Virtual Machines, VM images, Virtual Networks (VNets), subnets, private endpoints and Azure Storage. Develop and deploy Python functions within an Azure Functions App. Develop Infrastructure-as-Code (IaC) such as ARM templates, Bicep, or Terraform. Support CI/CD practices through deployment automation and version-controlled infrastructure in Azure DevOps. Integrate monitoring, logging and diagnostics for custom applications using Azure Monitor, Application Insights and Log Analytics. Integrate with AI-related Azure services such as OpenAI and contribute to integrations strategies involving LLMs. Ensure that custom-built applications are built and maintained inline with client standards, governance and controls, ensuring compliance with SLDC & DEPL controls, AI Governance and legal & regulatory requirements. Support and extend an existing architecture in close partnership with the principal architect and core development team. Produce well-documented, maintainable infrastructure configurations and effectively communicating implementation details with engineers and stakeholders. Work within evolving technical landscape and contribute to the refinement and evolution of architecture and infrastructure decisions. Utilise strong problem-solving skills, with the ability to investigate issues, troubleshoot deployment challenges, and propose scalable and secure solutions. Promote a self-critical and continuous assessment and improvement culture whereby identification of weaknesses in the banks control plane (people, process and technology) are brought to light and addressed in an effective and timely manner. Support engagement of Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise Cybersecurity efforts and success.

To be successful in this role you should meet the following requirements: Experience within an enterprise scale organisation including hands-on experience of complex data centre environments, working within a similar role ie DevOps Engineer, Cloud Engineer, Security Engineer is mandatory. Expert level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud. Expert level knowledge and proven experience managing Azure App Services, Azure Virtual Machines, and Azure Storage solutions. Hands on experience in one or more programming or scripting language (e.g Python, PowerShell, Bash, Terraform). Experience and demonstrated experience of building and maintaining CI/CD Pipelines to support efficient software delivery.

TPBN1_UKTJ

Cybersecurity Specialist - AI & Data Security

Client & Project

We are seeking a talented Cybersecurity Specialist to join the AI & Data Security team, where you will contribute to the delivery and ongoing evolution of the organisation’s AI Security programme.

Role Overview

As a Cybersecurity Specialist, you will bring hands-on experience with leading AI technologies and platforms-primarily AWS Bedrock, Azure OpenAI, Microsoft 365, and other foundation model providers-to support teams in adopting these capabilities securely and effectively.

You will provide guidance on model security, deployment patterns, guardrails, integration architectures, observability, evaluation techniques, and safe operationalisation across a wide range of business use cases. You will translate platform-specific risks, limitations, and best practices into actionable engineering patterns and governance controls.

In this role, you will act as a subject matter expert, collaborating with and supporting the wider team to ensure high-quality outcomes. You will influence key decisions, engage with multiple teams, and provide practical solutions to technical and security challenges across the organisation.

Required & Recommended Proficiencies

• Master proficiency (required): Network Encryption
• Expert proficiency (recommended): Secure AI
• Master proficiency (suggested): Microsoft Azure Active Directory Security
• Intermediate proficiency (suggested): AI Agents, Amazon Bedrock, Microsoft Azure AI Foundry

Key Responsibilities

• Develop innovative security strategies to enhance application and AI security.
• Conduct regular security assessments and audits to identify vulnerabilities and recommend remediation.
• Collaborate with cross-functional teams to ensure secure design and implementation of AI and digital solutions.
• Stay up to date with emerging security trends, technologies, and threat landscapes to inform architecture and governance decisions.
• Mentor and support team members on secure application design, AI security principles, and best practices.

Skills

Master proficiency in Network Encryption is required; expert proficiency in Secure AI is recommended.Master proficiency in Microsoft Azure Active Directory Security, with intermediate proficiency in AI Agents, Amazon Bedrock, and Microsoft Azure AI Foundry, is preferred.

Job Specification

Delivery Team Support Lead in the Security as a Service Team

HMS Excellent is home to the Naval Headquarters and front-line training units. Based on Whale Island in Portsmouth Harbour, it successfully blends heritage and history with a modern and progressive outlook. HMS Excellent is a unique shore establishment with its roots in more than 100 years of naval history.

Navy Digital is required to deliver and sustain digital and information security services that enable the secure operation of Information Communication Technology (ICT) equipment, services, and applications. In order for Navy Digital to achieve this goal in an agile and effective manner, a central security service must be established. This service will establish a single coherent approach to Navy Digital’s requirements to prevent duplication and improve efficiency.

This Outcome is for the provision of Security as a Service across a full spectrum of programmes and projects delivering digital outcomes that enable current and future information-based capabilities supporting Navy Command Information, MoD and HMG defence and national security outputs.

Tasking

• Provide a central focal point and function for managing all existing and new and emerging security elements across both fixed and deployed RN capability, including:
  • The prioritisation of existing and new security requirements against RN top-level objectives and outputs.
  • The allocation of SQEP from a central security as a service function to Navy Digital projects and programmes of work to draw upon.
  • The management of resource against demand for the service within the RN.
• Provide central oversight and co-ordinate planning for all through-life security activity across Navy Digital delivery and programmes of work.
• The development of accreditation and assurance strategies against complex security requirements within the maritime environment and across the Defence Lines of Development (DLODs).
• The production of key Information Assurancedeliverables to meet the needs of Navy Digital customers, as well as keyMoD and RN stakeholders, including:
  • High and low-level security requirements.
  • Risk Management & Accreditation Document Set (RMADS).
  • Legal and regulatory artefacts applicable to the MoD e.g., Data Privacy Impact Assessments (DPIA).
  • Risk Balance and Security Cases.
• The provision of security support enables the rapid development and delivery of Navy Digital software and hardware in an agile manner, whilst satisfying mandatory security requirements.
• Provide a consistent and coherent means of identifying, reporting, and escalating cyber risk across Navy Digital and the RN.
• Provide an interface between Navy Digital projects and MoD Information Assurance stakeholders e.g., Cyber Defence and Risk Accreditor.
• The ability to adapt and respond to future changes in security requirements and approaches towards Information Assurance.
• Providing knowledge and experience to assist Navy Digital to implement working-level technical, physical, and procedural security controls in accordance with MOD policy and local operating environments i.e., UK fixed locations responsible for hosting Navy Digital capability.

Person Specification

To be considered for this role you will have the following:

Desirable Skills

• MOD security clearance or be content to undergo Security Clearance to SC level.
• Experience within security assurance and/or cyber risk
• Knowledge of industry standards and cyber security/risk
• Background knowledge of either naval or maritime would be advantageous
• Excellent communication skills
• Able to follow laid down process
• Computer literate and good knowledge of Microsoft applications.

Role specifics

• Start date - ASAP
• End date - 31st July 2028
• Rate - dependent on experience and interview
• Base Location - Portsmouth

Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.

Security Administrator

6 months

London - hybrid

Inside IR35 - Umbrella only

Role overview:

• Palo Alto Networks expertise to support and enhance our security operations.
• Palo Alto Networks provides a comprehensive, AI-powered SASE (Secure Access Service Edge) solution known as Prisma SASE. It is designed to converge networking and security into a single cloud-delivered platform to support hybrid workforces and modern, distributed enterprises
• You will be responsible for the administration, configuration, policy management, monitoring, and optimisation of Palo Alto security controls, ensuring secure and resilient network operations across enterprise environments.
• This role is hands-on, need to be comfortable working in complex, regulated, or high-availability environments, partnering with infrastructure, networking, and SOC teams to deliver robust security outcomes.

Key Responsibilities:

Palo Alto Administer, configure, and support Palo Alto NGFWs (PA-Series / VM-Series) including:

• Security policy rules, NAT, zones, routing, interfaces, HA, and objects

• App-ID / User-ID / Content-ID, URL filtering, Anti-Spyware, Vulnerability profiles

• SSL decryption policy management (where applicable) and related operational impacts

• Work closely with Network Engineers, Cloud/Platform teams, and Service Owners

• Support projects such as:

  • Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives
  • Zero Trust or least privilege initiatives
  • Integration with SIEM/SOAR tooling

Required Skills:

• Strong hands-on experience administering Palo Alto NGFWs in enterprise environments
• Proven experience with Panorama for centralised policy and device management
• Understanding of:
  • Network security principles (segmentation, least privilege, L3/L4/L7 filtering)
  • TCP/IP, routing (BGP/OSPF helpful), NAT, VPN concepts
• Skilled troubleshooting ability using logs, packet capture, and CLI diagnostics
• Experience operating within ITIL-style change management and incident processes
• Strong documentation skills and ability to communicate clearly to technical/non-technical stakeholders

Desirable Skills (Nice to Have):

• Palo Alto feature experience:
  • GlobalProtect, site-to-site IPsec VPNs, SSL decryption operations
  • Advanced Threat Prevention tuning, WildFire analysis, DNS Security
• Cloud security/networking exposure:
  • Azure/AWS/GCP, cloud-native firewalls, transit networking
  • VM-Series deployments, Terraform/automation exposure
• SIEM integration experience:
  • Splunk / Sentinel / QRadar log forwarding and use-case support
• Scripting/automation:
  • Python, PowerShell, Ansible, PAN-OS API, IaC patterns
• Experience in regulated environments (finance, healthcare, government, critical infrastructure)

Certifications:

• Palo Alto PCCSA / PCNSA / PCNSE (highly desirable)
• ITIL Foundation (helpful)
• Security certs: CompTIA Security+, CISSP, CCNP Security (nice to have)

OCI Cloud Administrator l Security Lead l Oracle Cloud Infrastructure l PaaS / IaaS l DV Cleared l Hybrid | Competitive PD l Outside IR35 l London

Method Resourcing is working with a partnering consultancy that is looking for an OCI Cloud Administrator / Security Lead to take ownership of the secure operation of Oracle Cloud Infrastructure (OCI) within a highly regulated, security-critical environment.

This role requires hands-on OCI experience and active DV clearance, with privileged administrator access across cloud and security tooling.

Key Requirements:

• Hands-on administration of OCI environments including tenancies, networking, compute, storage and IAM policies
• Strong experience across OCI PaaS / IaaS services
• Operation of security-critical tooling hosted in IaaS (logging, monitoring, vulnerability scanning)
• Implementation and maintenance of preventative and detective security controls
• Experience managing environment cloning and data masking activities
• Support of secure test, backup and disaster recovery environments
• Strong Linux background with experience using Terraform and infrastructure automation
• Comfortable operating with privileged access in secure, regulated environments
• DV clearance is mandatory

Contract Details:

• Location: On-site / Hybrid (London as required)
• Security Clearance: DV (must be active)
• IR35: Outside
• Duration: Initial contract with extension potential
• Rate: Competitive day rate

For more information or to apply, please send your CV to .

OCI Cloud Administrator l Security Lead l Oracle Cloud Infrastructure l DV Cleared l PaaS / IaaS l Hybrid | Outside IR35 l London

RSG Plc is acting as an Employment Business in relation to this vacancy.

Job Title: Resilience Vulnerability Management Lead
Contract Length: 10 months (initial)
Location: Sheffield Hybrid
Sector: Financial Services
IR35 Status: Inside IR35

Overview

We are working with a leading financial services organisation to recruit an experienced Resilience Vulnerability Management Lead for an initial 10-month contract. This role is critical to supporting the organisations Operational Resilience and Vulnerability Management objectives, ensuring Important Business Services (IBS) are resilient, well-governed, and compliant with internal standards and regulatory expectations.

You will work in a hybrid model from Sheffield, collaborating closely with IT Service Owners, Service Sustainability Leads, and senior stakeholders across technology and the business.

Key ResponsibilitiesResilience Assessment (TRVA)

• Lead resilience assessments (TRVA) for multiple IBS applications across front-office and back-office environments
• Ensure alignment with internal operational resilience standards
• Review architecture documents and application artefacts, leveraging data from enterprise platforms
• Pre-fill vulnerability questionnaires, identify gaps or issues, and facilitate workshops with IT Service Owners to resolve findings
• Analyse metrics and operational data (e.g. incident logs) to identify resilience weaknesses and improvement opportunities
• Drive timely sign-off of assessments by all required stakeholders
• Consolidate findings into clear, comprehensive reports with actionable remediation recommendations
• Raise identified vulnerabilities in line with governance requirements
• Contribute to executive-level summaries and participate in stakeholder presentations

Vulnerability Management

• Manage the end-to-end vulnerability lifecycle, including:

  • Creation and approval
  • Tolerance assessments
  • Progress tracking and reporting
  • Remediation and closure governance
  • Closure pack preparation, QA, approval, and final closure

• Conduct control reviews outside standard assessments and raise vulnerabilities where required

• Work closely with IT Service Owners to capture risk, impact, severity, mitigation, and remediation plans

• Partner with Service Sustainability Leads and IT Service Owners to collect Evergreening details

• Ensure Impact Assessments are completed for all vulnerabilities and severity records are kept up to date

• Support other Lines of Business with tolerance assessments for MSS-owned applications

• Analyse weekly vulnerability reports to identify new risks impacting Important Business Services and drive them through assessment processes

• Ensure remediation actions are accurately reflected in golden source systems

• Prepare high-quality closure packs with supporting evidence

• Produce Risk & Control Management Meeting packs and stakeholder reports

• Represent the team in governance forums when required

• Contribute inputs to consolidated CIB-level reporting

• Participate in vulnerability portal feature testing, providing feedback and backlog requirements

• Actively contribute to daily and weekly Operational Resilience and Vulnerability Management forums

Qualifications & Experience

• Bachelors degree in IT, Computer Science, or a related discipline (or equivalent professional experience)

• Proven experience in operational resilience, risk management, or vulnerability management within a large financial institution

• Strong understanding of:

  • Operational resilience frameworks
  • Vulnerability lifecycle management
  • Regulatory and governance requirements

• Demonstrated ability to manage complex assessments across multiple applications and stakeholders

Key Capabilities

• Strong analytical and problem-solving skills
• Excellent communication skills, with the ability to present complex findings to both technical and non-technical audiences
• High attention to detail and strong commitment to quality
• Proactive, self-motivated, and able to manage multiple priorities in a fast-paced, regulated environment
• Confident stakeholder manager with experience driving cross-functional outcomes

Whats on Offer

• Competitive inside IR35 day rate
• Long initial contract (10 months) with potential extension
• Hybrid working model in Sheffield
• Opportunity to play a key role in strengthening operational resilience within a major financial services organisation

If you are an experienced Resilience or Vulnerability Management Lead looking for your next contract role, wed be keen to hear from you.

Day Rate: £650 (Inside IR35)
Contract Length: 12 months
Clearance Required: UK SC and willing to undergo DV

Location - 4 days on site - Gloucester / Hereford

An opportunity is available for an experienced Integration Engineer to join a high-profile defence programme, working on the integration of mobile and server-based systems within a secure environment.

The Role

You will operate as a senior technical contributor, acting as a bridge between customers, software development teams, and third-party suppliers. The focus is on integrating, configuring, and supporting Linux-based systems and containerised applications, alongside mobile and Android platforms.

You should be comfortable working across the full system landscape, understanding software at a broad level, and contributing to solution design, configuration, and troubleshooting.

Key Responsibilities

• System administration of multiple Linux machines running critical services
• Managing and supporting container-based applications (Docker)
• Certificate management
• Setup and configuration of applications and services on Linux systems
• Setup and configuration of applications on Android devices
• Integrating mobile and server-based systems
• Debugging configuration and networking issues across systems
• Administering mobile device management (MDM) platforms
• Eliciting user requirements to define device configurations and setup processes
• Producing clear documentation for configurations and processes

Required Skills & Experience

• Proficiency in Linux system administration
• Experience with containerisation technologies (Docker / Podman)
• Comfortable working with Android devices
• Basic understanding of networking and secure systems
• Ability to write software (experience with Java and/or Kotlin desirable)
• Excellent problem-solving, communication, and documentation skills

Ideal Profile

• Keen to work hands-on with Linux-based systems and containerised environments
• Broad understanding of software development and system design
• Comfortable operating as a senior engineer on projects and engaging directly with customers

Interview Process

• Single-stage interview via Microsoft Teams

If you are an experienced Integration Engineer seeking a long-term, high-impact contract within a secure environment, please apply with your latest CV.

?? Cyber Asset Management Engineer

?? Remote (must be able to travel to Edinburgh when required)
?? 12-month contract | Strong chance to go permanent
?? IR35: Inside
?? Rate: Open - focused on the right person

??? The Role

This is a hands-on cyber engineering role focused on asset visibility, integrations, automation, and real risk reduction - not just reporting.

You’ll help the business:
? Know exactly what assets exist
? Identify security gaps
? Automate fixes wherever possible

?? What You’ll Do

?? Build full visibility across:

• Devices
• Users
• Cloud & SaaS

?? Engineer solutions by:

• Integrating systems via APIs
• Connecting security tooling data
• Creating dashboards & automations
• Driving remediation of security gaps

?? Work with tools like SIEM, EDR, Vulnerability Mgmt, CSPM, IAM
?? Automate using Python or PowerShell

?? Success Looks Like

? Higher asset coverage
? Fewer unknown devices
? Automated detection of gaps
? Automated / semi-automated fixes
? Clear dashboards for leadership

?? Who They Want

? Hands-on, proactive engineer
? Comfortable with complex environments
? Spots problems and solves them
? Self-directed and organised
? Able to document and explain work clearly

?? Interviews

Stage 1 - Technical with engineers
Stage 2 - Culture fit with the Senior Director

Randstad Technologies is acting as an Employment Business in relation to this vacancy.

World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract.

This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line.

This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background.

Hourly Rate: £45ph - £85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter.

Contract Duration: 6 Months initially and long-term thereafter.

Shift pattern:

28 day Cycle
Sat to Tue - Earlies (Apply online only)
Wed to Sun - Off
Mon to Fri - Lates (Apply online only)
Sat to Tue Off
Wed to Sun - Nights (Apply online only)

(The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates)

28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week

Initially may not be expected to do nights until team grows.

SOC Threat Detection Analyst Job Description:

An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC.

Responsibilities:

To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems).
It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies.

The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff.

The SOC Analyst key responsibilities are:
Effective Tier 1 to 2 alert triage of security events
Monitoring of Cyber Security tools
Monitoring the SOC email notification mailboxes
Assists with the maintenance of Security technologies
Assisting the SOC Solutions Lead with project activity
Assist proactive threat hunting in collaboration with the CTI function
Assist IR in HR and InfoSec related investigations
Ensure the timely triage and remediation of any incident or request tickets raised to the SOC
Participate in the activity of adding/removing URLs from the AcceptList and BlockList
Attend routine security meetings
Conduct activities in line with SOC Maturity and continuous improvement
Skillset/experience required (Baseline):

A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications.
Knowledge of IT Security standard methodologies.
Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S.
Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools.
Hands on experience with IDS/IPS technologies and threat hunting activities.
Strong analytical experience and mind-set.
Experience within Defensive Cyber-attack methodologies and frameworks.
Understanding of Malware capabilities, attack vectors, propagation and impact.
Good communication skills liaising with the business and suppliers.
Desirable Skillset/experience (Senior grade):

Root cause analysis and leading T2 incident investigations
Process / Playbook / Runbook development
Working knowledge of detection engineering, false positive improvements
Capability to tune SIEM rules or create custom detections
Scripted automation experience e.g. Python, SOAR, PowerShell
Threat modelling and Hunting methodologies

Job Title: DV Cleared Senior Network Engineer
Location: Cambridgeshire with Travel to other sites when required
Duration: 6 months with possible extension
Rate: Up to 700 per day via an approved umbrella company
Must be willing and eligible to go through the DV Clearance process

Our client, a reputable organisation supporting UK defence, is hiring for a Senior Network Engineer to join their team primarily based in Cambridgeshire. This is a fantastic opportunity for a skilled network professional to contribute to critical infrastructure projects and ensure the resilience of vital networks.

What you’ll be doing:

• Acting as a Subject Matter Expert (SME) and design engineer for network upgrades and future developments
• Developing comprehensive design documentation, including SDRs, HLDs, LLDs, and test plans
• Building and configuring network hardware to meet design specifications
• Providing expertise on network obsolescence, proposing hardware replacements, and assessing risks associated with network shutdowns and new setups
• Troubleshooting complex network issues to maintain optimal performance
• Managing the current network infrastructure, primarily based on CISCO and Dell hardware
• Supporting network security and operational stability

What you’ll bring:

• Proven experience in designing and configuring enterprise network solutions
• Strong knowledge of CISCO and Dell networking equipment
• Familiarity with network documentation standards (SDRs, HLDs, LLDs)
• Experience in hardware replacement planning and risk assessment
• Ability to troubleshoot and resolve network issues efficiently
• Knowledge of CISCO Smart Account Management (desirable)
• Excellent communication skills and a proactive approach to problem-solving

This role offers the chance to work on high-profile projects within a dynamic environment. If you’re a motivated network professional ready to make an impact, we’d love to hear from you. Apply now to join a team committed to excellence and innovation.

GRC Analyst 3-month contract Fully Remote

My Customer is looking for an experienced GRC Analyst to join the organisation to strengthen governance, risk, and compliance practices and will lead the delivery of ISO 27001 certification within the next 12 months.

The GRC Analyst will focus on maintaining current ISO and SOC 2 standards within the business. Technical understanding would be beneficial but not essential. Knowledge of the requirements of the above standards in relation to contracts and vendor relationships is essential.

Key Skills & Experience from the GRC Analyst:

• Proven experience in a GRC, security risk, or compliance role
• Certifications for ISO 27001 (Lead Implementer/Auditor), would be required
• Strong knowledge of frameworks such as ISO 27001, NIST, SOC 2, CIS, and data protection standards
• Onboarding/vendor risk management experience
• Hands-on experience supporting or leading ISO 27001 certification activities
• Solid understanding of risk assessment, control design, and audit processes
• Experience working with GRC tooling, evidence management, and reporting
• Experience/Knowledge around high volume data process would be beneficial
• Strong documentation, communication, and organisational skills
• Experience operating in regulated or security-conscious environments
• Experience in the Finance Sector would be beneficial

Key Responsibilities of the GRC Analyst:

• Develop and maintain security policies, standards, and procedures aligned to recognised frameworks
• Lead ISO 27001 readiness and certification activities, including ISMS support and audit coordination
• Conduct risk assessments across systems, processes, and third parties, tracking remediation actions
• PoC for legal department - onboarding/vendor/contract risk management
• Act as the primary liaison for internal stakeholders and external auditors
• Design, test, and monitor security and compliance controls, ensuring evidence is audit-ready
• Manage GRC tools and reporting to provide clear insight into risk and compliance posture
• Embed security and risk considerations into projects, suppliers, and business initiatives
• Monitor regulatory and standards changes and advise on required organisational updates

The GRC Analyst can work fully remote for the duration of the contract.

Apply now to speak with VIQU IT in confidence. Or reach out to Connor Smal via the VIQU IT website.

Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply).

For more exciting roles and opportunities like this, please follow us on IT Recruitment.