Lynx Recruitment are partnered with a leading global consultancy to source an experienced Cloud Security Engineer to join a high-performing cloud and cybersecurity team.

This is an exciting opportunity to work on enterprise-scale cloud environments, driving security best practices and implementing cutting-edge cloud-native application protection solutions.

The Role

You will play a key role in designing, implementing, and managing cloud security controls across large-scale AWS environments, with a strong focus on policy-as-code and automation.

Key Responsibilities

• Implement and manage CNAPP policies using Wiz for continuous cloud posture assessment and remediation
• Develop and maintain policy-as-code frameworks using OPA/Rego
• Integrate security controls into Infrastructure-as-Code (IaC) workflows using Terraform
• Collaborate closely with DevOps and Cyber Security teams to remediate non-compliant resources
• Monitor and enhance cloud governance and policy effectiveness
• Embed security into the SDLC through CI/CD pipelines (eg GitLab Runners), including vulnerability scanning and compliance checks

Key Requirements

• Strong experience with AWS (essential)
• Hands-on experience with Wiz (including custom rule development, graph rules, or configuration policies)
• Expertise in OPA/Rego for policy-as-code
• Proven experience with Terraform for infrastructure and security automation
• Scripting experience (Python, Bash, or PowerShell)
• Experience working within DevSecOps environments and implementing shift-left security
• Degree in an IT or technology-related subject with a minimum of a 2:1 (or equivalent)

Cyber Software Engineer - National Security

The successful applicant will join teams working at the forefront of AI/DS, Cyber, Cloud, DevOps/SRE and Platform Engineering. With long-term programmes secured across the latest frameworks, this position offers the chance to be part of an exciting growth journey with significant technical depth and variety.

As a Cyber Software Engineer, the successful applicant will contribute to the research, design and development of critical systems in support of National Security missions. They will apply secure coding practices, maintain high standards of software quality and work closely with operating systems at a low level.

Key Requirements

* Strong experience with C or C++
* Familiarity with Python
* Comfortable working with Linux or Windows operating systems
* Knowledge of version control tools and experience in agile delivery environments
* An interest in the Cyber domain
* Understanding of common software design and testing patterns
* Ability to build systems and support continuous integration pipelines

Clearance

Due to the nature of the work, applicants must be eligible to obtain DV clearance. This requires being a British Citizen and having lived in the UK for the past 10 years.

Next Steps

To apply, please submit an up-to-date CV. The team looks forward to hearing from you.

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Role:SR AppSec EngineerLocation: Manchester, UKDuration: 6+ Months

Role description:

Responsible for embedding security into SDLC and CI/CD pipelines, supporting application security testing, and guiding developers to implement secure-by-design principles. Drives DevSecOps practices across development teams to ensure robust, secure software delivery.

Key responsibilities:

Integrate security into SDLC and CI/CD pipelines.

Support SAST, SCA, IaC, and dependency scanning for applications and infrastructure.

Provide developer guidance and remediation support for identified vulnerabilities.

Promote secure-by-design and DevSecOps practices across development teams.

Collaborate with engineering and security teams to improve application security posture

Key skills/knowledge/experience:

DevSecOps implementation and secure SDLC practices

Static Application Security Testing (SAST) and Software Composition Analysis (SCA)

Infrastructure-as-Code (IaC) security and dependency scanning

Developer guidance and vulnerability remediation

Secure-by-design principles and application security best practices

Cyber Security Assurance Manager

About the Role

Our client is looking for a Cyber Security Assurance Manager to take ownership of security certifications and assurance activities within a global Security Operations environment.

This is a key role within the Governance, Risk & Compliance (GRC) function, responsible for maintaining internationally recognised security standards and ensuring continuous audit readiness. You’ll act as a trusted expert, supporting customer assurance, audits, and regulatory alignment while helping to strengthen overall security posture.

Key Responsibilities

Certification & Compliance

• Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST
• Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/CHECK)
• Ensure certifications are maintained, renewed, and continuously improved

Security Assurance

• Embed security and certification requirements into operational processes
• Maintain audit readiness through ongoing monitoring and evidence collection
• Translate compliance requirements into practical procedures for operational team

Customer Assurance

• Act as the main point of contact for security assurance queries
• Support RFPs, RFIs, and audit requests with clear and accurate documentation
• Develop assurance packs demonstrating strong security practices

Regulatory & Industry Alignment

• Stay up to date with frameworks such as NIST CSF, GDPR, NIS2, and UK NCSC guidance
• Advise stakeholders on regulatory changes and their impact
• Ensure alignment with evolving cybersecurity standards

Continuous Improvement

• Improve assurance processes and audit efficiency
• Provide reporting on certification status, audit outcomes, and performance metrics

Collaboration

• Work closely with technical, security, and commercial teams
• Deliver training and promote best practices across the organisation

What We’re Looking For

Experience

• Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST)
• Strong understanding of Security Operations (SOC) environments
• Experience supporting audits, RFPs, and customer assurance activities
• Knowledge of industry frameworks and regulations (NIST, GDPR, NCSC, etc.)
• Experience working with auditors, regulators, and certification bodies

Skills

• Strong documentation and audit evidence management
• Excellent communication skills with both technical and non-technical stakeholders
• Analytical mindset with attention to detail
• Ability to manage multiple priorities and projects
• Strong stakeholder engagement and influencing skills

Personal Attributes

• Proactive and solutions-focused
• Collaborative and team-oriented
• High level of integrity and professionalism
• Adaptable in a fast-paced environment

Software Engineer (Rust) Cheltenham / Hybrid / Remote My client is looking for an experienced Software Engineer with strong Rust expertise to join a growing UK technology business delivering secure software and communications solutions into the national defence sector. This is an opportunity to work across live programmes, next-generation product development, and cutting-edge proof-of-concept work, using modern engineering to solve complex real-world challenges. It would suit someone who wants to build secure, high-performance, memory-safe software in an environment where technical quality, innovation, and real-world impact genuinely matter. Benefits £70,000 - £85,000 basic salary Bonus Hybrid working and flexibility Pension Private healthcare Electric car scheme Training and development opportunities Friendly, knowledgeable, peer-sharing culture Career progression The role and responsibilities You will join a team building secure, high-performance software for complex and mission-critical environments. The successful candidate will design, develop, and maintain software components written primarily in Rust, while also contributing to wider engineering decisions, technical direction, and best practice. Responsibilities will include: Designing, developing, testing, and maintaining production-quality software in Rust Building secure, scalable, and memory-safe software components for operationally critical systems Contributing to system architecture and selecting appropriate Rust-based frameworks and design patterns Acting as a technical point of contact for Rust-related engineering decisions within the team Working with asynchronous Rust and networked services in high-performance environments Producing clean, maintainable, well-tested code with a strong focus on reliability and security Participating in code reviews and helping drive engineering quality across the wider software team Mentoring junior and mid-level engineers, promoting knowledge sharing and continuous improvement Working closely with architects, product owners, DevSecOps, cloud, and security engineering teams Producing technical documentation including design specifications, API documentation, and operational runbooks Participating in Agile ceremonies including sprint planning, stand-ups, retrospectives, and backlog refinement Communicating technical concepts clearly to both technical and non-technical stakeholders where required Key skills Strong commercial experience as a Software Engineer, Rust Engineer, or Backend / Systems Software Engineer Strong commercial experience developing production software in Rust Strong understanding of Rust ownership, borrowing, lifetimes, and concurrency primitives Experience with asynchronous Rust such as Tokio or async-std Proficiency with Rust tooling including Cargo, Clippy, Rustfmt, and the wider crate ecosystem Solid understanding of software engineering fundamentals including data structures, algorithms, and systems design Experience with version control, Git, CI/CD pipelines, and automated testing Strong communication and collaboration skills British citizenship and ability to obtain MOD SC clearance Desired skills Existing SC clearance Experience working in defence, secure technology, or other highly regulated environments Knowledge of cloud platforms such as AWS or Azure Experience with Infrastructure as Code, for example Terraform Familiarity with containerisation such as Docker and orchestration platforms such as Kubernetes Understanding of zero-trust architectures, mTLS, and PKI Experience with cross-language FFI such as Rust / C / C++ Exposure to embedded, low-level, or systems-level Rust development Experience building secure networked services or communications-focused platforms Please note: existing SC clearance is advantageous but not essential. Candidates must be British citizens and eligible to undergo MOD SC clearance If you would like more information then please apply via the link. All the best, Charlie Syrett Richmond Square Consulting Ltd TPBN1\_UKTJ

DevSecOps EngineerHereford / Hybrid
My client is looking for an experienced DevSecOps Engineer leading to Cloud Architect to join a growing UK technology business delivering secure cloud and software solutions into the national defence sector.
This is an opportunity to work on high-impact programmes supporting some of the UKs most complex and interesting security challenges. It would suit someone with deep cloud architecture and DevSecOps experience who enjoys working closely with customers, shaping secure cloud environments, and solving real-world problems in high-assurance settings.
Benefits

• £80,000 - £100,000 basic starting salary
• Bonus
• Hybrid working
• Pension
• Private healthcare
• Electric car scheme
• Training and development opportunities
• Friendly, knowledgeable, peer-sharing culture
• Career progression
• Opportunity to work on meaningful programmes in a highly secure environment

The role and responsibilities
You will join a team designing and delivering secure cloud environments for customers operating in complex, high-security environments. The successful candidate will combine strong cloud architecture, customer-facing consulting, and DevSecOps capability, helping shape secure platforms, influence design decisions, and support delivery across a range of programmes.
Responsibilities will include:

• Designing and delivering secure cloud environments to meet customer challenges
• Working across a mix of greenfield and brownfield projects
• Leading architecture discussions and design exercises
• Applying DevSecOps and cloud security best practice in high-assurance environments
• Building deep customer relationships and working closely with technical and operational teams
• Helping customers understand, shape, and solve cloud and security challenges
• Making pragmatic engineering trade-offs while maintaining strong technical quality
• Collaborating with customers and partner suppliers to gather and shape requirements
• Supporting secure delivery practices across cloud infrastructure, platforms, and engineering teams
• Promoting knowledge sharing, technical leadership, and engineering excellence

Key skills

• Strong commercial experience as a DevSecOps Engineer, Cloud Architect, Cloud Security Architect, or similar
• Proven experience leading large AWS implementations or migrations in secure or high-assurance environments
• Hands-on expertise in designing and building cloud environments running critical workloads
• Strong understanding of cloud security, DevSecOps, and secure architecture principles
• Ability to lead architectural discussions and influence technical direction
• Strong customer-facing consulting skills, including the ability to gather requirements and manage ambiguity
• Ability to build strong relationships with customers and challenge established thinking where needed
• Strong presentation, communication, and knowledge-sharing skills
• Team leadership experience
• Active MOD SC clearance
• Willingness to undergo DV clearance

Desired skills

• AWS certifications at Associate level or above
• Experience in the national defence sector or other highly secure / regulated environments
• Broader cloud knowledge across Azure and/or GCP
• Strong understanding of Infrastructure as Code
• Experience with secure cloud migrations and modern platform design
• Familiarity with containerisation, platform engineering, and secure CI/CD environments
• Strong understanding of cloud governance, observability, and operational security practice

Please note: candidates must hold active MOD SC clearance and be willing to undergo DV clearance. This role also requires regular on-site presence in Hereford
If you would like more details then please apply via the link.

All the best,
Charlie SyrettRichmond Square Consulting Ltd

• Sheffield (3 days per week onsite)
• Inside IR35

We’re partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms.

This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth.

Key Responsibilities:

• Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments)
• Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines
• Develop and embed DevSecOps best practices, including secure pipeline design and automated controls
• Establish and enforce security baselines using policy-as-code
• Build and deliver security roadmaps, prioritising risk and regulatory requirements
• Partner with engineering and platform teams to remediate vulnerabilities and improve security posture
• Act as a trusted advisor to senior stakeholders, translating technical risks into business impact

Key Requirements:

• Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role
• Strong experience across both AWS and GCP (essential)
• Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms
• Expertise in secure software delivery, vulnerability management, and platform security
• Experience with threat modelling, security frameworks, and maturity assessments
• Strong knowledge of application security, network security, and cloud security principles
• Excellent stakeholder management and communication skills

Desirable:

• Experience in financial services or regulated environments
• Knowledge of Kubernetes and container security
• Familiarity with supply chain security, SBOM, and secure development practices
• Relevant certifications (eg CISSP, CISM, CCSP)

This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions.

More details available on successful application.

• Sheffield (3 days per week onsite)
• Inside IR35

We’re partnering with a leading financial services client to appoint a DevSecOps Consultant to drive secure engineering practices across large-scale, cloud-based platforms.

This role is ideal for someone who has come from a hands-on DevSecOps Engineering background and has since transitioned into architecture/design and advisory, while still retaining strong technical depth.

Key Responsibilities:

• Define and implement secure architecture patterns across engineering platforms (CI/CD, build systems, runtime environments)
• Conduct security assessments, threat modelling, and gap analysis across platforms and pipelines
• Develop and embed DevSecOps best practices, including secure pipeline design and automated controls
• Establish and enforce security baselines using policy-as-code
• Build and deliver security roadmaps, prioritising risk and regulatory requirements
• Partner with engineering and platform teams to remediate vulnerabilities and improve security posture
• Act as a trusted advisor to senior stakeholders, translating technical risks into business impact

Key Requirements:

• Proven background in hands-on DevSecOps Engineering, now operating in a design/architecture-focused role
• Strong experience across both AWS and GCP (essential)
• Deep understanding of CI/CD pipelines, build tools, artifact repositories, and developer platforms
• Expertise in secure software delivery, vulnerability management, and platform security
• Experience with threat modelling, security frameworks, and maturity assessments
• Strong knowledge of application security, network security, and cloud security principles
• Excellent stakeholder management and communication skills

Desirable:

• Experience in financial services or regulated environments
• Knowledge of Kubernetes and container security
• Familiarity with supply chain security, SBOM, and secure development practices
• Relevant certifications (eg CISSP, CISM, CCSP)

This is a key role focused on shaping and embedding secure-by-design engineering practices across a complex, enterprise environment, with strong influence across both technology and security functions.

More details available on successful application.

We’re working with a leading London-based Managed Service Provider (MSP) and Cyber Security specialist, recognised as one of the UK’s top SME employers in both technology and overall workplace excellence.

With strong partnerships across Microsoft technologies and a growing cyber security function, this organisation delivers tailored solutions to help clients improve performance, reduce risk and strengthen their security posture.

This is a fantastic opportunity to join a high-performing and collaborative cyber team, with clear progression and funded certifications to support your career growth.

The Role

We’re looking for a Project Delivery Engineer (Cyber Security) to join an expanding Cyber Security Projects team.

In this role, you’ll focus on the deployment and delivery of security solutions for a wide range of clients, while also supporting cyber assessments and audit activities.

You’ll collaborate closely with the wider security team (SOC, Analysts, Assessors) and play a key role in delivering high-quality, client-facing security projects.

Key Responsibilities

* Deploy and configure Microsoft security solutions (XDR, SIEM, EDR)

* Deliver cyber security project work packages for clients

* Support vulnerability remediation and security improvements

* Act as an escalation point for security incidents and alerts

* Assist with Microsoft 365 and cloud security assessments

* Contribute to security reporting, analytics, and documentation

* Support Cyber Essentials / Cyber Essentials Plus assessments

* Assist with client onboarding onto security platforms

* Work closely with the CISO on technical and pre-sales activities

* Provide a professional, client-focused service at all times

Technical Requirements

* Experience deploying Microsoft Security solutions

* Strong knowledge of:

* Microsoft Defender XDR

* Microsoft Defender for Endpoint / Office 365

* Exposure to Microsoft 365 security from a threat perspective

* Experience with tools such as:

* SentinelOne (EDR)

* Tenable (vulnerability management)

* Mimecast / Egress (email security)

Experience Required

* Minimum 2+ years in a similar cyber/security engineering role

* MSP experience highly desirable

Certifications (One Required)

* SC-200 (Security Operations Analyst)

* SC-300 (Identity & Access Administrator)

Personal Skills

* Strong communication and client-facing ability

* Highly motivated with a proactive attitude

* Strong attention to detail

* Ability to work under pressure and manage multiple tasks

* Flexible and team-oriented mindset

What’s on Offer

Hybrid working (3 days in the office), fully funded training and certifications, clear progression within a growing cyber security team, gym membership and wellbeing benefits, cycle to work scheme, regular team and social events, supportive, high-performing team culture

Southend, South Essex (Onsite)
Up to 65,000 + excellent benefits
Full-Time Permanent

Looking to take ownership of security in a business where your impact is visible?

We’re working with a well-established, technology-led organisation who are investing in their cyber capability and looking for an IT Security Engineer to play a key role in protecting their systems, infrastructure, and data.

This is a hands-on position where you’ll lead on threat detection, incident response, and continuous security improvement across the business.

What You’ll Be Doing

• Monitoring and analysing security events (SIEM, endpoints, networks)
• Investigating incidents, performing root cause analysis and remediation
• Identifying vulnerabilities and driving proactive security improvements
• Acting as the go-to escalation point for security issues
• Supporting compliance with security standards and best practice
• Working closely with IT and wider teams to embed security across systems

What We’re Looking For

• Experience in a cybersecurity / IT security role
• Strong knowledge of security tools (SIEM (Sentinel), EDR/XDR, firewalls, IDS)
• Experience working in a SOC/NOC or similar environment
• Good understanding of security frameworks (ISO 27001, NIST, GDPR etc.)
• Ability to investigate threats and respond to incidents effectively

Bonus points for:

• Security certifications (Security+, CEH, CISM, CISA)
• Scripting/automation experience (e.g. PowerShell)

What’s On Offer

• Up to 65,000 salary
• Flexitime + early Friday finish
• 24 days holiday + bank holidays
• Pension (6-7%), life assurance & sick pay
• Health cash plan & EAP
• Free parking, onsite caf & gym access

If you’re looking for a role where you can own security, influence strategy, and make a real impact, this is well worth a conversation.

Hit apply to upload your CV or contact (url removed)

Spectrum IT Recruitment (South) Limited is acting as an Employment Agency in relation to this vacancy.

Salary: 85,000 + Benefits
Location: Bristol (Hybrid)

This is a high-impact Security Architect role within a global defence technology organisation, offering the opportunity to shape secure architectures for mission-critical systems used in high-assurance environments. You will sit at the heart of product and platform design, embedding security by design across the full software lifecycle and influencing engineering decisions at architectural level.

The role combines deep technical security expertise with strategic influence, governance, and stakeholder engagement. It is ideal for an experienced Security Architect who wants to work on complex, meaningful systems with real-world national security impact, while enjoying hybrid working and strong professional development opportunities.

Skills
Secure architecture design and secure-by-design principles
Risk assessment, threat modelling, and vulnerability management
Security frameworks: ISO 27001, NIST 800-30/53, OWASP
Cloud security architecture (AWS, Azure, GCP)
Incident response, penetration testing, and remediation concepts
Persuasive communication skills across technical and non-technical stakeholders
Excellent analytical, documentation, and problem-solving capability

Knowledge
MOD and UK Government security standards (JSP, Def Stan 05-138/139)
Regulatory and compliance requirements in high-security environments
Secure software development lifecycle (SSDLC)
Defence and government security operating environments
Modern security architecture patterns and governance models

Experience
Proven experience designing secure architectures for complex systems
Operating in regulated, high-assurance, or defence-related environments
Working across engineering teams to embed security early in design
Producing security architecture artefacts, risk assessments, and design assurance
Engaging with stakeholders to translate security risk into business impact
Eligibility for SC clearance (or ability to obtain)

Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

Are you an innovative Endpoint Security Engineer looking for an exciting opportunity to enhance global security operations? Join our client’s dynamic team, where your expertise will help shape the future of endpoint security!

Role: Endpoint Security Engineer

Duration: 12 Months (extension Options)

Location: Chester (Hybrid 3 days in Office)

Rate: 550 per day (umbrella)

Why Join Us? At our organization, we believe in fostering a collaborative environment where creativity and security go hand in hand. You’ll work alongside dedicated professionals who are passionate about protecting digital assets while supporting cloud migration initiatives.

Key Responsibilities:

• Drive Cloud Migration: Contribute to a major cloud migration program, ensuring seamless transitions and robust security measures.
• Engineer Security Solutions: Design, implement, and support cutting-edge endpoint security solutions using Trellix, BeyondTrust, and CrowdStrike.
• Deploy Solutions: Utilize ITSM systems like Remedy and ServiceNow for effective enterprise security deployments.
• Documentation & Workflows: Produce high-quality technical documentation, workflows, and support materials to guide best practices.
• Collaborate & Optimize: Partner with security vendor consultants and Technical Account Managers to maximize product performance.
• Align Compliance Standards: Work closely with compliance, audit, and information security teams to maintain organizational standards.
• Research & Consultancy: Conduct thorough research and provide informed consultancy on the latest security solutions and trends.
• Manage Configurations: Define and maintain security baseline configurations, ensuring the highest standards are met.
• Rapid Response: Address operational issues promptly and efficiently, adapting to a fast-paced global environment.

Required Technical Skills & Certifications:

• Proven experience in endpoint security, with a strong background in both engineering and support roles.
• Expertise in Application Control, particularly with BeyondTrust solutions.
• Proficient in scripting with PowerShell and Python-essential skills for this role!
• Familiarity with Trellix ePO, BeyondTrust EPM Cloud, and policy management in Azure and AWS.
• Advanced knowledge of Microsoft Windows operating systems.
• Strong analytical and problem-solving skills to tackle complex security challenges.
• Exposure to data analytics tools like Splunk and Power BI.

Essential Skills:

• Excellent workflow management, communication, and interpersonal abilities.
• Experience with EPM Cloud Migration (this role focuses on EPM, not IAM).
• Ability to create clear and effective documentation, including diagrams and technical architecture.
• Knowledge of governance, risk management, and administrative oversight of workstreams.
• Quick learner with a knack for sharing knowledge and applying research-driven solutions.
• Proven ability to thrive under pressure and respond swiftly to emerging challenges.
• Experience collaborating with architecture and engineering teams on Windows platform design.

Desired Skills:

• Understanding of cloud technologies, especially Azure and AWS.
• Security certifications, preferably CISSP.
• Experience supporting macOS/iOS environments would be a plus!

What’s Next?
If you’re ready to take your career to the next level and make a significant impact in the world of endpoint security, we want to hear from you! Apply today to join our dedicated team and help shape the future of security!

Apply Now! Let’s secure the digital future together!

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.

Location: Alcester, UK (2x days onsite per week)
Salary: 60k

Role Profile

We are seeking an experienced Information Security Manager to lead the assurance, performance management, and continuous improvement of our cybersecurity capabilities. The successful candidate will play a critical role in governing service providers, uplifting control maturity, and ensuring our security posture aligns with business objectives, regulatory expectations, and recognised industry frameworks.

Skills and Experience

• Experience in IT security management, with a proven track record in cybersecurity leadership.
• Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent are highly desirable.
• In-depth knowledge of security frameworks (e.g., NIST, ISO 27001), network security protocols, firewalls, encryption, and intrusion detection systems (IDS).
• Strong understanding of threat landscape and risk management strategies.
• Proficiency in security tools and technologies such as SIEM (Security Information and Event Management) systems, anti-malware, DLP (Data Loss Prevention), and endpoint protection.
• Excellent problem-solving and analytical skills.
• Strong communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.

ECS Recruitment Group Ltd is acting as an Employment Agency in relation to this vacancy.

Job Details

• Job Title: SR AppSec Engineer
• Work Model: Hybrid (2 to 3 days)
• Duration: 6 Month

Role Description Responsible for embedding security into SDLC and CI/CD pipelines, supporting application security testing, and guiding developers to implement secure-by-design principles. Drives DevSecOps practices across development teams to ensure robust, secure software delivery. Key Responsibilities

• Integrate security into SDLC and CI/CD pipelines.
• Support SAST, SCA, IaC, and dependency scanning for applications and infrastructure.
• Provide developer guidance and remediation support for identified vulnerabilities.
• Promote secure-by-design and DevSecOps practices across development teams.
• Collaborate with engineering and security teams to improve application security posture.

Key Skills / Knowledge / Experience

• DevSecOps implementation and secure SDLC practices
• Static Application Security Testing (SAST) and Software Composition Analysis (SCA)
• Infrastructure-as-Code (IaC) security and dependency scanning
• Developer guidance and vulnerability remediation
• Secure-by-design principles and application security best practices

Rate - £550 - £600 Inside IR35 total to umbrella

Duration - 6 months initial

Location - Bournemouth / London (three days a week on site)

Overview:

We are seeking a Senior IAM Engineer / Technical Specialist to support a series of high profile identity transformation projects.

This is a hands-on engineering role with a strong design focus, you will play a key part in shaping and delivering modern Identity & Access Management (IAM) solutions across a complex enterprise environment.

You will bring deep technical expertise across the identity lifecycle, helping to deliver secure, scalable and automated access solutions for internal users, applications and third parties.

Key Responsibilities:

• Design and engineer modern IAM solutions across cloud and on-prem environments
• Lead technical delivery across key programmes, including MIM replacement and IAM transformation initiatives
• Build and optimise identity lifecycle processes (Joiners, Movers, Leavers) with a strong focus on automation
• Develop and implement least privilege access models and role-based access controls (RBAC)
• Configure and support Microsoft Identity Manager (MIM) and Entra ID (Azure AD) solutions
• Contribute to the design of a target-state IAM architecture, including vendor/tooling selection
• Support evaluation and integration of IAM platforms such as SailPoint, Saviynt (or similar IGA tools)
• Enable secure access for third parties and external users, removing reliance on legacy constraints (e.g. email domain restrictions)
• Collaborate with Architecture, Security and Engineering teams to ensure IAM is embedded across all programmes

Required Skills & Experience:

• Strong background in IAM engineering within enterprise-scale environments
• Proven experience with Microsoft Identity Manager (MIM 2016) - including design, build and lifecycle automation
• Deep understanding of identity lifecycle management (Joiners, Movers, Leavers)
• Hands-on expertise with Entra ID (Azure AD) and broader Azure IAM capabilities
• Experience with IAM/IGA platforms such as SailPoint, Saviynt, or similar
• Solid understanding of authentication and authorisation protocols: SAML, OAuth, OpenID Connect, SCIM
• Strong knowledge of directory services (Active Directory, LDAP)
• Scripting and development capability (PowerShell, C#, Java) for automation and integration
• Experience implementing RBAC and least privilege access models
• Understanding of cloud IAM across cloud infrastructures

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Endpoint Engineer ready for your next challenge?

Do you enjoy solving complex technical problems, engineering secure and modern endpoint solutions, and working with a team who share your passion for doing things the right way? If youre excited by the idea of shaping best-in-class endpoint platforms in a highly secure Defence environment, then this could be the perfect opportunity for you.

Our Endpoint Engineering team is growing within our Aerospace, Defence and Security business. Youll be joining a collaborative group of engineers who focus on high-quality design, automated testing, secure-by-design principles and modern engineering practices. We look after the delivery, configuration and management of operating systems and endpoint technologies across user devices, as well as print and scan platforms. With a strong emphasis on automation and efficiency, we use the latest technologies to develop a highly integrated, on-premises endpoint platform.

Office Based inGloucester.

You will need to already hold, or be eligible to obtain, DV clearance.

What you’ll be doing:

Delivering endpoint engineering activities including hardware and software evaluation, integration, deployment, testing and platform administration.

Producing clear technical documentation to support proposals, implementation and ongoing operations.

Providing third-line support and resolving incidents and requests in line with SLAs using agile toolsets like Jira.

Developing and implementing automation solutions using tools such as PowerShell, Python and Ansible.

Designing and maintaining automated build, test and deployment pipelines aligned with CI/CD practices.

Implementing monitoring, alerting and automated remediation to enhance platform reliability and efficiency.

What youll bring:

Strong experience with Microsoft Configuration Management technologies such as SCCM, and SCORCH.

Knowledge of anti-malware technologies.

Experience with thin client and VDI solutions.

Understanding of user profile and access management, vulnerability management and print/scan services.

Advanced enterprise infrastructure skills including Windows 11 and Windows Server 2025.

Experience working within Agile delivery environments.

It would be great if you had:

Experience with automation pipelines and virtualisation.

Exposure to Git version control and automated testing frameworks.

Relevant technical accreditations.

Understanding of Linux infrastructure management.

Experience in risk analysis, risk management or risk reporting.

If youre interested in this role but not sure if your skills and experience are exactly what were looking for, please do apply, wed love to hear from you!

Employment Type: Full time, Permanent.

Location: Gloucester.

Employment Type: Full time, Permanent.

Location: Office based in Gloucester.

Security Clearance Level: Eligible for DV Clearance.

Internal Recruiter: Jane.

Salary: Up to £65K.

Benefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund.

Loved reading about this job and want to know more about us?

Sopra Sterias Aerospace, Defence and Security business designs, develops and deploys digital solutions to Central Government clients. The work we do makes a real difference to the clients goal of National Security, and we operate in a unique and privileged environment. We are given time for professional development activities, and we coach and mentor our colleagues, sharing knowledge and learning from each other. We foster a culture in which employees feel valued and supported and have pride in their work for the customer, delivering outstanding rates of customer satisfaction in the UKs most complex safety- and security-critical markets.

TPBN1_UKTJ

Android Software Engineer (Kotlin) Cheltenham / Hybrid / Remote My client is looking for an experienced Android Software Engineer with strong Kotlin expertise to join a growing UK technology business delivering secure mobile solutions into the national defence sector. This is an opportunity to work across live programmes, next-generation product development, and cutting-edge proof-of-concept work, using modern Android engineering to solve complex real-world challenges. It would suit someone who wants to build secure, high-performance mobile applications in an environment where technical quality, innovation, and real-world impact genuinely matter. Benefits £70,000 - £85,000 basic salary Bonus Hybrid working and flexibility Pension Private healthcare Electric car scheme Training and development opportunities Friendly, knowledgeable, peer-sharing culture Career progression The role and responsibilities Designing, developing, testing, and maintaining high-quality Android applications Building secure, robust mobile applications in Kotlin Applying modern Android architecture patterns such as MVVM, MVI, and Clean Architecture Writing clean, maintainable code using modern Android practices including coroutines, Flow, and structured concurrency Integrating Android applications with REST APIs, backend services, and secure communications layers Supporting performance optimisation, battery efficiency, and memory usage improvements Participating in code reviews and helping drive engineering quality across the mobile estate Working closely with architects, backend engineers, cloud engineers, DevSecOps, and security specialists Contributing to secure mobile design decisions in line with modern security principles Supporting Agile delivery, technical discussions, and ongoing product improvement Key skills Strong commercial experience as an Android Software Engineer, Android Developer, or Mobile Developer Strong commercia l experience developing Android applications in Kotlin Good understanding of Android architecture patterns including MVVM, MVI, and/or Clean Architecture Experience integrating RESTful APIs Strong knowledge of Android build tooling including Gradle Experience with modern Android tooling and libraries Experience with automated testing such as JUnit, Mockito, and UI testing Familiarity with Git, CI/CD pipelines, and Agile software delivery Strong communication and collaboration skills British citizenship and ability to obtain MOD SC clearance Desired skills Existing SC clearance Experience working in defence, secure technology, or other highly regulated environments Knowledge of Mobile Device Management (MDM) platforms such as Microsoft Intune or VMware Workspace ONE Familiarity with Android Enterprise enrolment modes Exposure to secure mobile applications or operationally focused mobile technology Understanding of secure mobile / zero-trust principles Experience with gRPC and Protocol Buffers Knowledge of secure mobile standards or guidance Exposure to Kotlin Multiplatform Mobile (KMM) Please note: existing SC clearance is advantageous but not essential. Candidates must be British citizens and eligible to undergo MOD SC clearance If you would like more details about this position then please apply for the link. All the best, Charlie Syrett Richmond Square Consulting Ltd TPBN1\_UKTJ

Cloud Security Engineer (Azure/M365) | SC Clearance needed | Remote + Client Visits

We’re working with a growing, security-focused organisation that is investing heavily into its cloud security capability and looking to bring in a Cloud Security Engineer to support both internal platforms and client environments.

This role will sit within a cloud SecOps function, focused on strengthening security posture, responding to threats, and implementing best-practice controls across modern Microsoft environments.

Salary: £55,000-60,000

Package: Competitive with up to 31 days annual leave + expenses paid (overnight allowance also)

Working structure: Mostly remote with client visits, option to work in Cheltenham office if preferred.

The Role:

You’ll play a key role in designing, improving and maintaining cloud security across Azure and Microsoft 365, working closely with technical teams and stakeholders to ensure environments are secure, compliant and continuously improving.

This is a hands-on position with a strong mix of security operations, engineering, and continuous improvement.

Key Responsibilities:

• Operate within a cloud SecOps environment, triaging and prioritising security findings
• Investigate and remediate Microsoft Sentinel incidents, including root cause analysis and corrective actions
• Remediate Microsoft Defender for Cloud and Defender findings in live environments, ensuring no impact to services
• Translate security alerts into clear remediation actions across Azure and M365 environments
• Manage and improve cloud security posture and compliance
• Design, implement and maintain Azure Policy and policy initiatives, including exemptions and tuning
• Configure and refine Conditional Access policies to strengthen identity security
• Manage Azure RBAC and Entra ID roles, enforcing least-privilege access
• Support Entra ID governance, including access reviews and entitlement management
• Configure and maintain Intune compliance policies and endpoint security controls aligned to Zero Trust principles
• Produce documentation, runbooks and security standards to support consistent operations
• Stay up to date with security best practices and apply them within the environment

Key Skills & Experience:

• Proven experience in cloud security operations or SecOps environments
• Hands-on experience with Azure, Microsoft 365, Entra ID, Sentinel and Intune
• Experience remediating Defender for Cloud and Microsoft Defender findings in live environments
• Strong understanding of cloud security posture management and threat detection
• Experience securing Azure environments in regulated or multi-tenant settings
• Ability to communicate security risks to both technical and non-technical stakeholders

Desirable:

• Microsoft certifications such as SC-200, SC-300 or AZ-500
• Experience across multi-cloud environments (AWS or GCP)
• Formal background in cyber security, cloud engineering or similar

If this sounds like you, apply now for immediate consideration.

Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

We’re looking for an experienced Azure Controls & Audit Specialist to join the Public Cloud Engineering team on an initial 6-month contract. This role is critical in supporting an Azure-based environment through a period of increased audit activity, including upcoming EDA Gold DEV.

You’ll be looking at regulatory compliance, strengthening the control environment, and managing audit and risk-related activities across the cloud platform.

Location: Bournemouth (4 days on-site, 1 day remote)
Contract: 6 months initially
Rate: £650-£700 p/day (Inside IR35)
Start: January
Relocation: Open to relocation

Key Responsibilities:

• Drive the execution of cloud platform control assessments, ensuring alignment with regulatory and organisational requirements
• Act as a subject matter expert on control frameworks and audit expectations within Azure environments
• Lead governance of issues raised from assessments, ensuring findings are tracked, managed, and closed effectively
• Proactively assess control effectiveness, identify gaps, and recommend enhancements to strengthen the risk and compliance posture
• Produce clear and comprehensive documentation for control processes, assessments, and compliance reporting

What we’re looking for:

• Previous experience in a similar Azure-focused controls, audit, or cloud risk role
• Knowledge of engineering standards and best practices
• Experience supporting strategic initiatives in complex environments

If this sounds like a good fit, apply now as they’re looking to complete first stages!

Azure Controls & Audit Specialist | £650-£700 p/day (Inside IR35) | Bournemouth (4 days on site) | 6 months (initially)

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Enterprise Mobile Product Manager | Sheffield | Hybrid (2-3 days onsite) | £550 p/d (Inside IR35) | 6 month rolling contract

We are looking for a forward-thinking and technically skilled Product Manager to take ownership of our Enterprise Mobile Platforms. This role focuses on shaping and delivering the product strategy and roadmap, covering areas such as mobile device management, device ecosystems, and platform capabilities including capture, recording, security, and compliance.

Working in close partnership with engineering, security, operations, and business teams, you will ensure the delivery of secure, scalable, and user-friendly mobile solutions across the organisation.

With a strong mobile-first mindset, you will empower application teams to efficiently build and integrate services on the platform. You will also leverage usage data and insights to influence strategic decisions and future investment priorities.

Key Responsibilities

• Define and drive the overall mobile platform strategy, aligning it with organisational and technology goals.
• Take ownership of the product roadmap for core mobile platforms and supporting services, ensuring delivery of key capabilities.
• Evaluate and recommend build vs. buy approaches for platform components.
• Use data and analytics to guide product decisions, enhancements, and long-term direction.
• Act as the central point of contact between technical teams and business stakeholders, ensuring alignment and clear communication.
• Partner with architecture, engineering, and security teams to capture requirements and integrate feedback into product planning.
• Translate complex technical needs into well-defined product requirements and user stories.
• Manage the full lifecycle of shared mobile services, including connectivity, carrier integrations, and single sign-on (SSO).
• Ensure platforms are robust, scalable, compliant, and capable of supporting multiple business areas.
• Identify opportunities to improve performance, streamline processes, and reduce technical debt.
• Stay informed on industry trends, emerging technologies, and best practices in enterprise mobility and security.
• Promote adoption of innovative tools and technologies that enhance mobile capability and efficiency.

Experience Required

• At least 5 years’ experience in product management, ideally within enterprise or platform-focused roles.
• Strong knowledge of enterprise mobile ecosystems, including architecture, frameworks, and supporting tools.
• Experience working with enterprise security standards and MDM/EMM solutions.
• Excellent communication skills, with the ability to engage both technical and non-technical audiences.
• Strong analytical mindset with experience using data to inform decision-making.

Preferred Experience

• Background in financial services or other highly regulated industries.
• Familiarity with mobile analytics and data modelling techniques.
• Experience using tools such as Jira, Confluence, GitHub, Ansible, or similar platforms.

If this sounds like a fit, APPLY NOW!

Enterprise Mobile Product Manager | Sheffield | Hybrid (2-3 days onsite) | £550 p/d (Inside IR35) | 6 month rolling contract

Oscar Associates (UK) Limited is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Would you like to work for a company who is accredited as an outstanding company to work for in Best Companies 2023?

• Role: Senior Cyber Security Engineer
• Location: Ashton-under-Lyne
• Salary: £42,085 - £46,541 per annum
• Benefits: Flexible working arrangements, Pension, Occupational Sick Pay, BHSF Health Membership

About the role:

We are looking for a Senior Cyber Security Engineer to join our growing cyber security team.

The Senior Cyber Security Engineer will be responsible for protecting Jigsaw Homes Groups digital assets and infrastructure by responding to cyber threats, implementing effective security controls, and strengthening the organisations overall security posture

Working closely with Cyber Security Analysts, infrastructure teams and an external Security Operations Centre (SOC), the role holder will investigate, contain and remediate security incidents, lead on technical remediation activities, and embed security into the design and delivery of IT services.

For more information regarding the role, please refer to the job pack below.

About the department:

All of Jigsaw’s essential services rely on quality information, systems and technology supported by the 60 members of the IT department.Working to a brand-new IT Strategy, the team has exciting challenges like enabling colleagues to work effectively from anywhere, automating processes and improving digital services for our customers, whilst always improving security.

The team is also innovating in its ways of working, ensuring transparency, a keen focus on outcomes and faster delivery of benefits to the business.

Who we are:

Jigsaw Homes Group is one of the largest housing groups in England with more than 37,500 homes across the North West and East Midlands.

We provide quality, low-cost housing and play a wider role in making sure our residents thrive in their homes and benefit from living in healthy, sustainable communities.

Why join us?

Jigsaw Homes Group offers employees a very competitive 24 days holiday per annum, plus 3 days for Christmas closure (5 day working week) plus bank holidays, plus additional days after 2 years continuous service (to a maximum of 5 days).

We offer our employees the option to buy/sell up to 5 days extra leave per year and we offer compressed hours of work with the option to work a 4-day working week in a number of our roles, with 50% of your time working from home upon completion of a satisfactory probation period. This allows for a great work/life balance for many employees.

As a Jigsaw employee you will also receive incremental salaried pay, occupational sick pay, access to access to the Social Housing Pension Scheme, enhanced maternity/paternity leave, BHSF membership, access to on-site gyms and training/development opportunities.

If this sounds like the perfect job for you then dont hesitate to apply now!

We reserve the right to close this vacancy early should we receive a sufficient number of applications.