A leading professional services organisation is looking for an Information Security Officer with strong governance, risk, and compliance experience. This is a standalone role with real ownership — ideal for someone ready to step up and shape a growing security function.
The Role
* Build and mature security frameworks (ISO 27001, CE+, NIST, SOC 2)
* Lead gap analysis and audit readiness
* Own the security risk register and drive mitigation
* Develop policies, standards, and procedures
* Support ISO 22301/business continuity
* Coordinate internal/external audits and evidence gathering
* Manage vendor risk and customer due‑diligence requests
* Provide independent governance oversight (separate from IT Ops)
About You
* Strong experience with ISO 27001 (Annex 8), CE+, and risk management
* Background in audits, incident response, and governance documentation
* Confident working with Compliance, IT, and external partners
* Able to own initiatives and work independently
* Pragmatic, collaborative, and business‑minded
Why Apply?
* High visibility and autonomy
* Opportunity to shape security governance during transformation
* Supportive, flexible culture
* Clear progression for someone wanting more ownership
If this sounds like the right next step for you, please send your CV to Andy Dale at Arcas

Your new company
Join an established and high-performing Security Operations Centre, working alongside a team of experienced Cyber Engineers and Cyber Analysts. This is an exciting opportunity to contribute to the ongoing protection, optimisation and development of an organisation’s cyber defence capabilities.
Existing DV Clearance Required
Hybrid working - on site near Milton Keynes

Your new role
As a SOC Engineer within the SOC, you will play a key role in supporting, enhancing and maintaining the organisation’s protective monitoring tools and cyber security controls. Your responsibilities will include:

• Monitoring and reporting on the performance of SOC protective controls and tooling, investigating issues and escalating to internal teams or technology vendors where required.
• Supporting Security Analysts with security incident investigations as needed.
• Interpreting system logs and reports to improve logging quality, alerting, and utilisation of cyber tools.
• Creating and maintaining installation guides, administration processes, change documentation, and cyber detection rules in collaboration with Cyber Engineers and Analysts.
• Providing engineering support to new business areas to ensure successful integration of new systems into the SOC tooling, including configuration of monitoring, alerting and prevention rules.
• Ensuring the integrity, accuracy and security of all data used and stored within the toolset.

What you’ll need to succeed
We are looking for individuals with strong analytical and technical capability, alongside a passion for cyber security. You will ideally bring:

• Strong analytical skills with the ability to manipulate, interrogate and interpret large datasets.
• Experience working with SIEM and IPS tools (preferred).
• Good understanding of Cyber Security Operations and cyber threat landscapes.
• Advanced IT skills and experience working within an IT support or engineering environment.
• Ability to produce clear and concise technical documentation.
• Strong communication and interpersonal skills, with a collaborative approach to team working.

What you’ll get in return
As a contractor, you’ll have the opportunity to play a key role in a mature and evolving Security Operations Centre, contributing directly to the strengthening of core cyber defence capabilities. You will benefit from:

• The chance to work on high-impact security engineering initiatives across a complex organisation
• Exposure to modern SOC tooling and enterprise-level cyber environments
• A supportive and collaborative team culture where your expertise will be valued
• A competitive day rate, via Umbrella
• The ability to add a significant SOC engineering project to your contracting portfolio

What you need to do now
If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.
If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

About the Role
We are looking for an experienced Security Systems Installation Engineer or Service &

Maintenance Engineer to join our clients growing team based in Ilford.
This role is primarily focused on commercial projects, as the majority of the work is within

commercial environments (with very limited residential work).

We understand that most engineers specialise in either installation or service and maintenance and we are happy to accommodate this. You will not be expected to carry out both disciplines.

Working Hours

• ? Monday to Friday: 8:00am 5:00pm

• ? On-Call Rota: 1 full week in every 4 (including weekday evenings and the weekend) Please note: this is expected to reduce to 1 week in 5 later in the year.Key Responsibilities For Installation Engineers:

• ? Installation and commissioning of CCTV, intruder alarms, access control, and door entry systems

• ? Working on predominantly commercial sites

• ? Ensuring installations are completed to industry standards and company specifications

• ? Completing job documentation accuratelyFor Service & Maintenance Engineers:

• ? Servicing, fault-finding, and maintenance of CCTV, intruder alarms, and access control systems

• ? Diagnosing and repairing faults efficiently

• ? Completing planned preventative maintenance visits

• ? Providing clear service reports and recommendationsRequirements

• ? Proven experience in either installation or service & maintenance of security systems

• ? Strong technical knowledge of CCTV, access control, and intruder alarm systems

• ? Experience working in commercial environments preferred

• ? Ability to work independently and manage workload effectively

• ? Full UK driving licence

• ? Good communication and customer service skills

• ? Own tools required

• What We Offer

• ? £40,000 annual salary

• ? Company van/car provided

• ? Fuel card provided

• ? PPE provided

• ? Drill repair provided

• ? Stable, full-time employment

• ? Supportive and professional team environment

Desirable (Not Essential)

• ? ECS/CSCS card
• ? IPAF or PASMA
• ? Manufacturer training certifications

IT Manager (Hybrid) Salford

MFK Recruitment are working with a mission-driven organisation in the healthcare and laboratory services space. They operate in a regulated, quality-focused environment and rely on robust, secure, well-governed IT to deliver critical services internationally.

MFK Recruitment has recruited 5 candidates into this company over the past 3 years, and all 5 are thriving in their roles!

Location: Salford

Working pattern: Hybrid, 2 days per week in the office

Hours: 37.5 hours per week

Salary: £51k

Benefits: Exceptional benefits package, similar to the NHS, with a very generous pension

The role:

This is a broad, hands-on IT Management position with full ownership of IT systems, infrastructure, security, and strategy. You will be comfortable working autonomously, balancing longer-term improvements with day-to-day delivery and support.

You will work closely with senior stakeholders and suppliers, and you may also be required to line manage IT support staff (depending on structure and future growth).

IT Manager - Key responsibilities:

IT systems and infrastructure:

• Manage, administer and support the organisation s IT systems and user environment
• Review IT strategy and advise on future direction, improvements and digital transformation
• Research, recommend, implement and document infrastructure changes to improve reliability, performance and security
• Support implementation of new systems, including LIMS and appropriate AI-enabled tools where relevant
• Develop and maintain disaster recovery and business continuity plans
• Own and improve the employee IT lifecycle process, including onboarding and offboarding

IT Manager - Information security and compliance:

• Own and maintain IT security policies, procedures and controls
• Lead Cyber Essentials compliance and support related audits
• Implement and maintain an Information Security Management System appropriate to a regulated environment
• Ensure compliance with GDPR and other relevant requirements, and lead IT risk management

IT Manager - Supplier and service management:

• Source, evaluate and manage IT suppliers and service providers
• Negotiate contracts, monitor performance, and ensure value for money
• Manage third-party support arrangements and escalations

IT Manager - Governance, reporting, support and training:

• Maintain IT assets, documentation, policies, procedures and guidance, aligned to the company s quality approach
• Report to senior management on IT performance, risks, audits and strategy
• Provide day-to-day IT support and coordinate training for staff
• Support internal and external meetings, events and conferences where required

About you:

You will be an experienced IT professional who enjoys ownership and can operate confidently with both technical and non-technical stakeholders.

What we re looking for:

• Proven experience managing organisational IT systems and infrastructure
• Strong knowledge of IT security, risk management and compliance, including GDPR
• Experience managing suppliers, contracts, and service delivery
• Ability to advise senior leadership and contribute to strategy
• Organised, calm under pressure, able to prioritise in a dynamic environment

Nice to have (not essential):

Experience in healthcare, laboratory services, regulated environments, or an SME setting

What s on offer:

• A key role in a purpose-led organisation, with genuine ownership and influence
• Hybrid working, 2 days per week in the Salford office
• Exceptional benefits package, similar to the NHS, with a very generous pension
• Supportive, collaborative culture

We are accepting CVs for this position so its easier than ever to apply!

Exciting things are happening within the Digital Services Team at Derbyshire County Council and were looking fora Principal Security Architect to join our Strategy and Architecture team.

A major review of our organisation and strategies has been completed and we have invested in new tools to support acomprehensive and innovative Digital Services transformation programme, to support the delivery of key services to the citizens and communities of Derbyshire.

This role will be pivotal in helping usdeliver our transformation programme, as a key post within theDigital Services, Strategy and Architecture function.

This is an excellent opportunity for someone who has significant experience of operating at a medium level in a large Digital Services environment, managing and delivering change and who really wants to make a difference.

Key Responsibilities of this role are:

• Manage the IT Security Service area and ensure the availability and protection of IT systems
• Own, maintain and develop the Councils Cyber Security Strategy
• Recommend security design across business projects or technologies, up to an organisational or inter-organisational level
• Be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems
• Communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles and strategy for security architects
• Research, identify, validate and adopt new technologies and methodologies in Security Architecture
• Provide professional expertise and knowledge within the Enterprise Architecture Service Area enabling the IT Service to provide pro-active and agile services

What skills and experience do you need to have?

• Substantial experience of managing an IT Security function in a large complex organisation
• Proven experience of managing, motivating and continually developing staff to deliver strong performance
• Ensuring effective IT Security systems and procedures are in place for the Council
• Operating at a senior level in a large IT Service environment, managing and delivering change
• Advising non IT colleagues and presenting clear accessible reports/business cases for senior managers and elected members
• Ensuring effective IT Security practices are appropriately architected, designed and approved for adoption

What we offer you:

• 27 days of annual leave plus another 5 once you reach 5 years of continuous service
• Flexi time, allowing up to an additional 2 days of leave per month
• Generous local government pension scheme
• Guaranteed incremental annual pay increases
• Cycle to work & hybrid/electric car salary sacrifice schemes
• A supportive working environment
• Commitment and investment in your continuing professional development.
• Discounts at selected county leisure centres
• and muchmore!

Our Digital Services Team is contractually based in Matlock, Derbyshire, but we work on a hybrid basis.

Derbyshire County Council is going through a period of positive development and transformation so its a great time to join and drive change.

Were recruiting to a number of roles within our Digital Services Team, for information about the other opportunities that we have available simple

If you’re passionate about Security and are ready to revolutionise the way Derbyshire County Council operates in the digital era then we would love to hear from you.

If you would like to discuss the role further, please see our website for contact details

Don’t miss out on this exciting opportunity to contribute to the digital revolution at Derbyshire County Council. Apply now and be at the forefront of shaping the future!

Derbyshire County Council is an equal opportunities employer, and we welcome applications from individuals of all backgrounds, experiences, and abilities.

Provisional Interview Date: Week commencing 23 March 2026

This role currently offers hybrid working options which will be to subject service needs, there’ll be an opportunity to discuss working arrangements for this position at interview.

We welcome applications from individuals who share our values being Collaborative, Innovative, Empowered and Accountable. These values describe who we are and what we stand for as a council. They help shape our culture, encourage consistent behaviour and guide how we work together to make a positive difference for both our employees and the residents we serve.

Up to £42,000 DOE + vehicle We are looking for an experienced Security or Telecoms Engineer for a fast-growing and ambitious company in a role that entails the installation, servicing and maintenance of their Telecoms and Security CCTV & Alarm solutions. Electricians who are looking to pivot into something different could also be considered, but applicants will ideally already have some experience in Telecoms or Security areas and the company will train you in the other discipline for you to become more multi-disciplined. Working out of their HO base in Lanarkshire so applicants should ideally reside within a reasonable distance, this role will cover primarily Central Scotland but also further afield as well when required. Applicant will ideally have product related experience in installing, programming and training customers on how to operate their Security systems (CCTV and Alarms) or Telecoms systems (telephone systems, lines, connectivity, photocopiers). Applicants will ideally have a minimum of 4 years suitable experience and also be interested in a role where they would get the opportunity to learn about the installation and maintenance of other technology products that they might not already have experience in. A competitive salary depending on experience is available to the right candidate, and a company vehicle, laptop, mobile, etc is also supplied as standard. Applicants must of course have a full driving licence to be considered for this position.

Experience & Skills:Must have:
10+ years in cyber resilience / cyber programme delivery / operating model change in large, regulated enterprises (CNI preferred: water, energy, utilities, transport, healthcare).Exceptional communication: storytelling, exec decks, clear visuals, concise decision papers.Highly organised, proactive, outcome driven; adept at prioritisation and evidence-based reporting.Proven bridge role experience between suppliers/consultancies and internal Product Owner/Execs.Hands on with operating model design/embedding, governance set up, and stakeholder management at CIO/CISO/SLT level.
Strong knowledge of NIS Regulations, NCSC CAF, ISO/IEC 27001, and BCM/IR practices; familiarity with SEMD and sector guidance.
Demonstrable experience delivering table top exercises, scenario design, and recovery validation.Familiarity with IT/OT environments and systems (e.g., SCADA, SAP ECC, core ERP/CRM).Comfort with CMDB/ServiceNow, dependency mapping, and recovery sequencing concepts.Mandatory Skills: OT / IOT Security Operations (SecOps) .Role purpose:
To act as the senior bridge between the Product Owner and Thames Cyber Resilience 3rd party delivery partner to drive the formalisation, socialisation, and embedding of Thames Waters Digital Resilience Strategy and Digital Resilience Target Operating Model (DRTOM). The Cyber resilience engagement lead will shape and deliver the stakeholder engagement strategy, translate supplier outputs into clear, executive ready insights, and orchestrate the governance integration and operating rhythm that enables measurable improvements to Thames Waters digital resilience posture.
Key Responsibilities:

• Strategy & TOM Enablement
• Governance Integration & Operating Rhythm
• Digital Resilience Op-Model Factory (DROF)
• Stakeholder Engagement & Comms
• Regulatory Alignment & Reporting
• MVB ? Bizzdesign Integration Support

Location: Hemel Hempstead

Hours: 37.5 - Flexible working

Salary: £60,000 - £70,000

An international leader in the aerospace, defence and energy markets, employing more than 60,000 people at over 40 manufacturing facilities and regional offices worldwide.

Operating at the intersection of engineering excellence and real-world impact. Our technologies are embedded in applications that move, power, and protect the world, from industrial automation and aerospace to energy and clean technology.

The Role

We are seeking a Identity & Access Management Engineer to support and evolve our enterprise directory services across a global environment. This role is ideal for someone who enjoys ownership, project-driven work, and being a trusted technical authority in identity services.

This is a senior technical role with a strong emphasis on project delivery, lifecycle management, and continuous improvement. You will act as a Subject Matter Expert for enterprise directory services while supporting global business functions across multiple regions

You’ll work within a collaborative, global team spanning the US regions and the UK, partnering closely with internal teams and outsourced support functions.

Key Responsibilities

• Own, support, and improve global Active Directory and Microsoft Entra ID platforms
• Design and implement Identity & Access Management (IAM/IDAM) solutions
• Act as an escalation point for support teams on complex identity incidents
• Lead project-based initiatives, including platform enhancements, migrations, and new capabilities
• Perform lifecycle management of directory services, tools, and supporting technologies
• Enable new identity capabilities while ensuring security, resilience, and compliance
• Collaborate with technical teams, business stakeholders, and external partners

What We’re Looking For

• Significant experience in enterprise IT, with deep expertise in directory services and identity platforms
• Knowledge of Active Directory, Entra ID, and IAM best practices
• Experience operating as a senior technical SME in complex, global environments
• Proven ability to work self-directed, take ownership, and drive outcomes
• Excellent communication, collaboration, and stakeholder engagement skills
• A security-first mindset with experience in compliance and identity security controls

Role Details

• Job Title: Vulnerability Analyst SC Cleared
• Location: Gloucester, UK ( onsite)
• Special Working Conditions
• Mandatory training and pre joining checks must be completed. The contract will be awarded upon successful completion of all required checks.
• Candidate must hold an active, transferable SC clearance with a minimum of 3 months validity remaining.
• Valid Active SC is mandatory.

Job Purpose and Primary Objectives

• The Vulnerability Analyst will be responsible for identifying, analyzing, and managing security vulnerabilities within the organization’s IT infrastructure using the Tenable One platform.
• The role is essential in mitigating security risks, ensuring compliance, and protecting the organization’s assets by working closely with internal teams, vendors, and partners.
• The analyst will provide clear, actionable reports and recommendations to support the timely remediation of vulnerabilities.

Key Responsibilities

• Analyze and manage vulnerabilities using Tenable One platform, working closely with internal teams, partners, and vendors.
• Generate and deliver vulnerability reports, ensuring they are clear and actionable, based on data from Tenable One.
• CVE & CVSS Tracking: Monitor vulnerabilities using CVE (Common Vulnerabilities and Exposures) and assess risk levels using the CVSS (Common Vulnerability Scoring System).
• Collaboration: Work cross-functionally with partners and vendors to manage and remediate vulnerabilities, ensuring timely resolution.
• Tracking & Documentation: Maintain a complete tracking system for all vulnerabilities and remediation activities, providing regular updates and reports to stakeholders.
• Compliance: Ensure all vulnerability management practices meet regulatory and security compliance requirements.

Key Skills / Knowledge / Experience

• SC Clearance (Active).
• Proficiency in using Tenable One for vulnerability scanning, tracking, and reporting.
• Strong knowledge of CVE and CVSS frameworks.
• Experience with vulnerability lifecycle management from identification to remediation.
• Excellent report-writing skills with the ability to translate technical findings into business impact.
• Strong collaboration skills for working with vendors, partners, and internal teams.
• Understanding of compliance standards and best practices in Vulnerability Management.

Additional Remarks

• Good to be:
  • Reporting experience in Service Now Tool.
  • Certifications such as CISSP, CISM, or equivalent are a plus.
  • Knowledge of security frameworks.

Person SpecificationInforming

• Provides the information people need to know to do their jobs and to feel good about being part of the team, unit, and/or the organization.
• Is able to provide informative and quantifiable information so that accurate decision making can be taken in a timely manner.

Problem Solving

• Uses rigorous logic and methods to solve difficult problems with effective solutions and probes all fruitful sources for answers.
• Can see hidden problems and is excellent at detailed analysis by looking beyond the obvious and doesn’t stop at the first answer.

Technical Learning

• Able to learn new skills quickly and is adept at learning new industry skills and competencies via various methods, including research and attendance at technical courses and seminars etc.

Key Relationships & ContactsWith Client

• Establish and maintain excellent relationship with customer stakeholders and develop processes to improve efficiency and effectiveness for the client as an on-going basis.

With Line Manager / Senior Stakeholders

• Maintain regular contact with Line Manager / Senior Stakeholders to update and appraise them on critical business issues and data points.

With Offshore Teams

• Maintain regular contact with required Offshore teams as and when required to update them on current issues and decisions, seeking support for issues that affect the success of the contracts on-going deliverables as and when required.

With Peers

• Develop and maintain positive relationships with other business partners, both internal and external, ensuring best practice advice is shared and maximum efficiency achieved.

With Others

• Effectively and professionally, communicate regularly with all functional teams and other parts of the company as required in the proper performance of such duties by regularly sharing information and building positive relationships to help achieve business goals and objectives within the account.
• Building positive relationships with external contacts to maximize efficiency and to always represent the business in a professional manner.

Keystone Recruitment Partners are looking for a highly skilled Cloud Engineer to lead our client's migration from AWS WAF to Cloudflare and to design, deploy, and manage our edge security and Zero Trust environment. This role will take ownership of Cloudflare architecture, security posture, and integration with our AWS infrastructure. This is a fully remote and outside IR35 contract with an initial 3 month engagement. Key Responsibilities \* Drive the full migration from AWS WAF to Cloudflare WAF, including rule translation, optimisation, testing, and rollout. \* Configure and maintain Cloudflare WAF policies, covering managed rules, custom rules, bot mitigation, and rate‑limiting. \* Deploy and manage Cloudflare Zero Trust and Warp, enabling secure, identity‑based remote access for users and services. \* Set up and optimise Cloudflare DNS, load balancing, and traffic steering to ensure resilient, high‑performance routing. \* Integrate Cloudflare services with AWS environments, including ALB, CloudFront, Route 53, and cloud‑native workloads. \* Implement and enforce edge security controls, including DDoS protection, TLS configuration, and continuous monitoring. \* Diagnose and resolve traffic, performance, and edge‑security issues across Cloudflare and AWS. \* Support Infrastructure‑as‑Code automation, ideally using Terraform, for consistent and scalable deployments. Required Experience \* Extensive hands‑on experience with Cloudflare WAF, Zero Trust, and Warp, ideally in enterprise or high‑traffic environments. \* Demonstrated experience migrating from AWS WAF to Cloudflare, with strong understanding of rule behaviour and tuning. \* Deep technical knowledge of DNS, TLS, routing, reverse proxies, and CDN architectures. \* Strong AWS background, especially with ALB, CloudFront, Route 53, and security‑related services. \* Experience with Terraform or similar IaC tools is preferred. \* Excellent troubleshooting skills across networking, performance, and security layers. Contact us as interviews are happening immediately

Role Title: Application Security Specialist

Duration: contract to run until 30/11/2026

Location: Knutsford, Hybrid 3 days per week onsite

Rate: up to 517.78 p/d Umbrella inside IR35

Role purpose / summary

We are looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations.

Key Responsibilities

• Conduct security reviews, threat modelling, and vulnerability assessments.
• Support secure coding practices and provide guidance to development teams.
• Operate security scanning tools (SAST/DAST/IAST).
• Validate remediation of vulnerabilities and track risk reductions.
• Contribute to secure design standards and best practices.
• Work with DevOps to embed security into CI/CD pipelines.

Required Skills

• Knowledge of OWASP Top 10 and secure development principles.
• Experience with scanning tools (e.g., SonarQube, Veracode, Fortify).
• Understanding of cloud security and API/application architecture.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Cyber Security Engineer Cyber Support Engineer Remote Hybrid Manchester 50-60k We are looking for a strong Cyber Security Engineer Cyber Support Engineer with Vulnerability remediation and Security Investigations & Monitoring & Reporting experience. We are looking for a dedicated and enthusiastic Cyber Security Engineer to join our Cyber Security team, the Cyber Security Engineer will be responsible for ensuring the seamless operation of security technologies that protect the organisation from an ever evolving threat landscape. The Cyber Security Engineer Cyber Support Engineer will be supporting the development and implementation of security systems and controls, you will be responsible for monitoring, managing and maintaining the security infrastructure, thereby playing a key role in safeguarding the organisations data, assets and overall cyber security posture. Key Accountabilities: Deliver a range of key cyber security activities including: Vulnerability remediation Security Investigations & Monitoring & Reporting Risk Assessment Application Security audits Identity Access Management

Cyber Security Architect

Location: Remote

Duration: 6 Months

Department: Cyber Security

Reporting To: Head of Security Architecture

Role Summary

We are seeking an experienced Cyber Security Solutions Architect with strong AI skills and knowledge, to provide architectural solution design and assurance across technology, cloud, data, and AI-enabled initiatives. The role focuses on designing secure, scalable, and compliant solutions, enabling innovation while ensuring alignment with enterprise architecture, regulatory requirements, and organisational risk appetite.

Key Responsibilities

• Lead solution design and assure end-to-end solution architectures, including cloud platforms, enterprise systems, data pipelines, and AI/ML solutions.
• Embed secure-by-design and responsible AI principles, covering data protection, model governance, and risk management.
• Identify and mitigate architectural, security, and AI-related risks using a risk-based, pragmatic approach.
• Collaborate with architects, engineers, data teams, and stakeholders to deliver secure and resilient solutions.
• Contribute to architecture governance, design authorities, and continuous improvement of security and AI assurance practices.

Skills & Experience

• Proven experience as a Solutions Architect or Security Architect in complex or regulated environments.
• Strong knowledge of security and enterprise architecture principles (e.g. zero trust, defence in depth).
• Experience with AI-enabled solutions, data platforms, and cloud technologies (AWS, Azure, GCP, Kubernetes).
• Familiarity with TOGAF, NIST, ISO 27001, OWASP Top 10 and emerging AI governance frameworks.
• Ability to clearly communicate technical, security, and AI risks to both technical and non-technical audiences.

Key Competencies

• Analytical thinking and attention to detail
• Excellent communication and collaboration skills
• Risk-based decision-making
• Stakeholder engagement
• Adaptability and pragmatism
• Highly driven, energetic and self-motivated
• Team player with the ability to proactively work to group-aligned targets and objectives.

If you believe you have the experience required, please apply with your CV now for instant consideration!

TO APPLY - PLEASE APPLY WITH AN UP-TO-DATE CV

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.

Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

Trainee Engineer

Looking to start a career in the security systems industry? Want to get stuck in, learn on the job, and grow with a company that invests in your future?

We re working with a growing security contractor looking for a Trainee Security Engineer to join their site team. Whether you ve got hands-on experience in construction or are just technically minded and eager to learn this could be your route into a rewarding, skilled trade.

What You ll Be Doing

• Supporting with the installation of CCTV, access control and door entry systems
• Learning how to read site drawings and follow wiring diagrams
• Assisting with system maintenance and servicing
• Travelling to commercial and residential sites across the Southeast
• Working closely with experienced engineers, picking up new skills every day

What You ll Need

• A genuine interest in engineering, electronics or security systems
• A positive attitude and a willingness to learn
• Basic tool knowledge
• Full UK driving licence and your own transport
• Punctual, polite and ready to work
• Due to insurance restrictions, you will need to be over 18

If you re enthusiastic about starting your career in this industry and want to be part of a friendly, professional team that makes a real difference we d love to hear from you!

Despite our best efforts it is not always possible to respond to every application individually due to the high volume of responses we receive on each vacancy.

Only candidates who are shortlisted will be contacted for this particular role and if you have not heard from us within 7 days, please assume that you have not be successful. However, we will keep your details on our database, and will contact you when other suitable positions come in.

Portsmouth, UK (flexible working - 2 days a week on-site!)

I’m working with a fast-growing UK cyber security provider delivering SOC and managed security services to enterprise and critical infrastructure customers. As they scale, they’re investing in assurance and governance to strengthen customer trust and credibility.

They’re hiring a Cyber Security Assurance Manager to own certifications, audits, and customer assurance across their SOC environment. This is a high-impact, visible role working closely with SOC, GRC, and commercial leadership.

Key focus areas
Leading ISO 27001, SOC 2 Type II, Cyber Essentials Plus, CREST and similar certifications
Ensuring the SOC remains audit-ready with strong governance and evidence
Acting as the main contact for customers, auditors, and certification bodies
Supporting RFPs, RFIs, and security due diligence
Tracking regulatory and framework developments such as NIS2, NIST, and NCSC

What they’re looking for
Experience delivering and maintaining cyber certifications such as ISO 27001, SOC 2, CREST, or similar
Strong understanding of SOC environments and operational security
Customer-facing assurance experience, including audits and security due diligence
Knowledge of frameworks like NIST CSF, GDPR, and UK cyber regulatory expectations
Comfortable working with auditors, regulators, and senior technical teams
Strong stakeholder management and communication skills
Detail-driven, organised, and commercially aware

Strong package, flexible working, and the opportunity to shape assurance in a scaling business.

+6 months +

+Hybrid in London

+eDV clearance

+Inside IR35

• 650 - 700 a day

We are seeking an experienced eDV Cleared Technical Architect to design and assure secure, mission-critical infrastructure within a high-security government environment.

The Role

You will lead the production of High-Level and Low-Level Designs (HLDs/LLDs) for secure, multi-tenant platforms, ensuring alignment to Secure by Design principles and frameworks including the National Cyber Security Centre (NCSC) CAF and National Institute of Standards and Technology (NIST 800-53). You’ll present at TDA, act as the infrastructure SME, and ensure all solutions are hardened to CIS/STIG standards.

Key Experience

• Modern data centre networking (Clos-fabric, BGP, ECMP, DCI, EVPN/VXLAN)
• Palo Alto firewalls and secure cross-domain architectures
• VMware private cloud, including VMware Cloud Foundation (VCF), VxRail/vSAN and NSX-T
• Secure multi-tier environments (DMZs, segmentation, high-grade crypto)
• Linux & Windows Server administration (AD, PKI, SQL)
• Docker, CI/CD, Infrastructure as Code (Terraform/Ansible)

Desirable

Kubernetes, Vault, Splunk, Panorama, Avi, SRM, Dell Powerscale, NVIDIA GPU, VDI (Omnissa Horizon).

This is a high-impact role shaping secure cloud and infrastructure architecture at scale.

If you hold active eDV clearance and thrive in complex, secure environments, we’d like to hear from you.

Up to 42,000 DOE + vehicle We are looking for an experienced Security or Telecoms Engineerfor a fast-growing and ambitious company in a role that entails the installation, servicing and maintenance of their Telecoms and Security CCTV & Alarm solutions. Electricians who are looking to pivot into something different could also be considered, but applicants will ideally already have some experience in Telecoms or Security areas and the company will train you in the other discipline for you to become more multi-disciplined. Working out of their HO base in Lanarkshire so applicants should ideally reside within a reasonable distance, this role will cover primarily Central Scotland but also further afield as well when required. Applicant will ideally have product related experience in installing, programming and training customers on how to operate their Security systems (CCTV and Alarms) or Telecoms systems (telephone systems, lines, connectivity, photocopiers). Applicants will ideally have a minimum of 4 years suitable experience and also be interested in a role where they would get the opportunity to learn about the installation and maintenance of other technology products that they might not already have experience in. A competitive salary depending on experience is available to the right candidate, and a company vehicle, laptop, mobile, etc is also supplied as standard. Applicants must of course have a full driving licence to be considered for this position. If you feel that you meet the requirements for this role and would like to apply, then please do so with your CV in Word formatvia the link provided.

Compliance & DPO (Data Protection Office) Officer - SC Clearance

Up to 400 per day - Inside IR35

Primarily Remote

6 months

My client is an instantly recognisable consultancy who require a Compliance & DPO (Data Protection Office) Officer with active SC Clearance to provide clear regulatory compliance support, data protection regulations and data privacy laws for an end client within Financial Services.

Key Requirements:

• Proven commercial experience working as a Compliance & DPO (Data Protection Office) Officer within Financial Services.

• Active SC Clearance.

• The ability to provide expert knowledge of Data Protection regulations and Data Privacy Laws including GDPR.

• Demonstrable experience developing and managing information and data security assurance programmes.

• Previous experience conducting data privacy compliance assurance reviews and managing Information Data Security within a large, complex environment.

• The ability to provide SME guidance and advice in relation to GDPR.

• DP Practitioner Certificate, ISEB or equivalent Data Protection qualification.

• Excellent communication and stakeholder management skills.

Nice to have:

• Immediate availability

If interested, with relevant experience, please apply with your latest CV ASAP.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

EMM Security Administrator

Contract: February - August

• Clearance: BPSS to start (SC preferred but not required if eligible)

Role Overview

We’re looking for an experienced EMM Security Administrator to support the management and security of enterprise mobile devices and platforms. You’ll play a key role in ensuring mobile environments remain secure, compliant, and well-governed, working closely with IT and security stakeholders across the organisation.

This is a contract role offering flexible, predominantly remote working, with the opportunity to contribute to a high-profile, security-focused environment.

Key Responsibilities

• Administer and support Enterprise Mobility Management (EMM) platforms and mobile device environments
• Configure, update, patch, test, back up, and restore EMM platforms and applications
• Enrol, provision, monitor, and revoke access for mobile devices and end users
• Enforce EMM security policies and ensure compliance by users and IT teams
• Monitor device activity, security logs, and data usage to identify risks or issues
• Support encryption, authentication, and secure access controls across mobile environments
• Maintain accurate documentation, procedures, and audit records
• Ensure compliance with regulatory, governance, and security standards

Must-Have Skills & Experience

• 5 years’ unbroken UK residency (mandatory)

• Eligibility for Security Clearance (SC)

• Strong experience as an EMM / MDM / Mobility Security Administrator

• Intermediate technical knowledge of:

  • EMM platforms
  • Mobile operating systems (iOS, Android, etc.)
  • Encryption, authentication, and mobile security controls
  • Network security principles

• Experience with device monitoring, data logs, governance, and compliance

• Strong organisational, documentation, and customer-facing skills

• Ability to work independently in a security-sensitive environment

Nice-to-Have

• Active Security Clearance (SC)
• Relevant certifications in information security, mobility, or cloud platforms
• Experience working in regulated or public-sector environments
• Exposure to large-scale enterprise or shared service environments

Qualifications

• Degree or associate qualification in Information Security, Computer Science, Information Systems, or a related field
• Equivalent professional experience will also be considered

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Role Title: Network Product Owner

Start Date: ASAP

End Date: 18th December 2026

Rate: 630

Location: Manchester 3 days on site

JD -

Network Security Technical Product Owner - the clients Global Network Services, you should possess

the following skillsets:

• Network Security Product Strategy and Vision: Ability to define, document, and communicate a clear network security product vision aligned with Zero Trust principles, organizational governance frameworks, and regulatory compliance requirements. Deep understanding of security policy lifecycle management, identity and access management integration, micro-segmentation strategies, and continuous verification principles. Skilled in managing network security product backlog prioritized based on risk assessment, business value, and threat landscape, with deep collaboration with security operations, infrastructure, and compliance teams. Strong understanding of API-level integration between security platforms and orchestration systems.
• Previous Hands-on expertise in one or more of the following areas: design and build of secure, fault-tolerant enterprise-class distributed network security systems with business-facing APIs/Web UIs, ensuring successful adoption and rotation at scale across domains including Zero Trust Network Access (ZTNA) for Remote Access and Proxy services, Network Access Control (NAC), Next 1 Generation Firewalls (NGFW), Intrusion Detection/Prevention Systems (IDS/IPS), and Security Information & Event Management (SIEM) integration, spanning physical, virtual, and cloud environments.
• Strong understanding of network security technology fundamentals including Zero Trust Architecture (ZTA) principles, Software 1 Defined Perimeter (SDP), identity-aware proxy architectures, 802.1X authentication, certificate-based authentication, policy-based access control, stateful/stateless firewall technologies, threat intelligence integration, and network segmentation strategies.

Expertise in security policy modelling, documentation of end-to-end security workflow specifications (e.g., threat models, security control frameworks, policy decision flows), security architecture diagrams, and governance framework documentation aligned with industry standards (NIST, ISO 27001, CIS Controls).

Desired Knowledge -

• Knowledge of DevSecOps tooling, GitOps for security-as-code, CI/CD pipelines for security policy deployment, Infrastructure-as 1 Code (IaC) security scanning, security automation frameworks, and version control for security configurations. Working knowledge of cloud-native security services: Cloud Access Security Brokers (CASB), cloud firewall services, identity federation, secure access service edge (SASE), zero trust network access platforms, security posture management, and cloud IAM integration.
• Compliance and Regulatory Controls - Strong knowledge of security frameworks and standards (NIST Cybersecurity Framework, ISO 27001/27002, PCI-DSS, SOC 2) and experience designing and implementing solutions using commercial and open-source security tools for lifecycle management of enterprise security infrastructure. Understanding of ITIL for security incident and problem management, risk management frameworks, and security governance processes.
• Proficiency in Agile Methodologies - Jira/Confluence, Scrum/Kanban, security backlog and workflow management, and security 1 specific SRE reporting metrics (Mean Time to Detect - MTTD, Mean Time to Respond - MTTR, Mean Time to Remediate, deployment frequency, security control effectiveness, Security Level Objectives - SLO).

IT Compliance Support Engineer - Hybrid / Canary Wharf - 6 month Contract - Banking

Tier 1 Bank - Regulatory Reporting Team

Role - IT Compliance Support Engineer

Duration - 6 months with very likely extension

Location - Hybrid / Canary Wharf - 3 days per week in a Canary Wharf office

Rate - 415 per day (Inside IR35)

Role

• IT Compliance Support Engineer to join a development team and act as the primary liaison with internal/external audit, compliance, and IT security counterparts. This role combines governance with technical capability-supporting audits, demonstrating IT controls, and troubleshooting or coordinating resolution of issues across Azure DevOps pipelines, ServiceNow change management, and Jira requirement workflows. You will help us evidence good practice, reduce audit friction, and improve developer productivity by ensuring our controls are both effective and practical.

Tasks

Audit & Compliance Liaison

• Act as the single point of contact for internal/external audit, compliance, and IT security.
• Handle audit requests, walkthroughs, and create timely evidence (C# source code, SQL scripts, server config, Azure DevOps logs, ServiceNow change records, Jira artefacts).
• Maintain an audit-ready repository of artefacts and narratives (control matrices, process maps, and access log review).

Interpret Technical Details for Auditors

• Ability to understand C# code and SQL scripts to verify logic and queries.
• Interpret permissions (Windows, Azure AD, Azure DevOps) and explain them clearly to auditors.
• Translate technical details into auditor-friendly narratives.

IT Controls & Governance

• Operate and improve general IT controls (GITC) across change management, access control, backups/recovery, incident/problem management.
• Ensure segregation of duties, peer reviews, approvals, and traceability for production changes.
• Embed controls within Azure DevOps pipelines (e.g., gated approvals, policy enforcement).

Evidence & Documentation

• Create and maintain clear documentation: SOPs, control narratives, diagrams, audit evidence packs.

Support Risk Assessments

• Assist or act on behalf of the Application Service Owner in completing required risk and compliance assessments (e.g., security, operational resilience, regulatory checks) as per internal governance standards and workflows.
• Ensure timely submission of assessment artefacts and coordinate with relevant stakeholders for approvals and remediation actions.

Coordinate Audit/Assessment/Security Defect Remediation

• Track and manage remediation of audit findings, control gaps, and assessment defects.
• Work with developers, platform teams, and risk owners to ensure timely closure and evidence of remediation.
• Provide regular status updates to stakeholders and maintain defect logs for audit readiness.

GCS is acting as an Employment Business in relation to this vacancy.