Security Systems Engineer \* Ideal opportunity for an experienced Security Systems Engineer with strong enterprise security systems expertise, looking to deliver complex, high-level projects across major client environments. \* Full-time, permanent position with a salary of up to £55,000 (DOE), based across Central London and Gillingham. \* Monday to Friday, 08:30 - 17:00, with a mix of site-based and client-facing work. \* To apply, please email Who are the client? Our client is a well-established organisation specialising in intelligent security and safety solutions, delivering high-performance systems across a wide range of sectors. They are known for their technical expertise, strong client relationships, and commitment to continuous improvement within a collaborative environment. What will you be doing? Joining as a Security Systems Engineer, you'll take ownership of delivering and supporting complex security system projects across enterprise environments. You'll act as a senior technical point of contact, ensuring successful commissioning, upgrades, and ongoing performance of integrated systems. Key responsibilities include: \* Leading complex fault resolution across access control, CCTV, intercom, and integrated security systems. \* Supporting full project lifecycle delivery, including commissioning, upgrades, and migrations. \* Providing senior-level technical support both remotely and on-site. \* Collaborating with Project Managers and Engineers on system design and technical planning. \* Conducting system audits, health checks, and performance reviews. \* Acting as a trusted technical advisor to key clients. \* Mentoring engineers and sharing technical best practice across the team. What will you need? \* Proven experience supporting and commissioning enterprise-level security systems. \* Strong knowledge of platforms such as Genetec, Gallagher, Lenel, CCURE, Milestone, Avigilon, FLIR, or Hanwha. \* Solid understanding of Windows Server, SQL databases, IP networking, and virtualisation (VMware/Hyper-V). \* Ability to diagnose and resolve complex, integrated system issues. \* Strong communication skills with a client-facing approach. \* Experience producing clear and professional technical documentation. \* Full UK driving licence. What would be desirable? \* Experience working in large-scale, multi-site environments. \* Previous involvement in system design or technical planning. \* Relevant certifications or vendor accreditations within security systems. To Apply… Please apply through this advert or email your CV directly to . By applying, you consent to your application being processed and submitted to the client for this vacancy only. KEY SKILLS - Project Engineering, Security Systems, CCTV, Access Control, Genetec, Gallagher, Lenel, CCURE, Milestone, Avigilon, FLIR, Hanwha, Windows Server, SQL, Networking, VMware, Hyper-V, Commissioning, Project Delivery.

Software Engineer (PHP, Playwright, k6) - Mobile RASP & API Security GatewayPay Rate: £500-£550 (Outside IR35)Duration: 6 months’ Working arrangement: Once a month - Bristol

We are currently working with an established financial services organisation operating in the investment and wealth management sector. The organisation is strengthening its mobile and API security capabilities and is seeking an experienced Contract Engineer to help deliver and operationalise a Mobile RASP and API Security Gateway solution.

This role is delivery-focused and hands-on, working across backend engineering, testing, security, and operational readiness in a regulated environment.

Responsibilities

• Design, develop, and maintain secure PHP-based backend services and APIs
• Build and maintain automated end-to-end and functional test suites using Playwright or similar tools
• Execute and analyse performance and load tests using k6) to identify reliability, performance, and scalability risks
• Contribute to security-focused initiatives, particularly in Mobile RASP, API security, and runtime protection
• Support the platform through rollout, steady-state operation, and handover
• Collaborate closely with security, mobile, SRE, and platform engineering teams
• Produce clear, audit-ready technical and operational documentation

Required Skills

• Strong PHP engineering experience
• Experience with Playwright
• Hands-on experience with k6
• Experienceinsecurity-focused engineering, Ideally including:
  • Mobile RASP, application security, API security, or runtime protection technologies (or ability to ramp up quickly)
  • Secrets, certificate pins, and lifecycle management
  • Certificate pin rotation
  • API key and secret lifecycle ownership
  • Break-glass access procedures
  • Cross-team coordination aligned with mobile release cadence
• Experience supporting systems in steady-state production

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason, please let us know when you apply or talk to the recruiters directly so we can support you.

Senior Software Engineer - Golang Information Security

£650 per day - Inside IR35
3 days per week on-site, 2 days WFH
3 Month rolling contract up to 2 years

Job Summary

The Information Security team is responsible for developing services to find and mitigate security risks faced. We are seeking an extraordinary Software Engineer who is passionate about security and can thrive in a fast-paced environment where both individual drive and team collaboration are the keys to success. As part of the Information Security team, you’ll be at the forefront of developing cutting-edge services to identify and mitigate security risks.
This is a technical hands-on role that is focused on security across all of the organisation. You’ll be working to identify problems, establish a vision for how to address those problems, and unite the relevant owners within the business on achieving that vision.

Description

In this role you will architect and develop distributed and scalable services focused on ensuring high standards of security and ultimately drive continuous improvements for these solutions. Together, our work will be instrumental in maintaining the security of the software development lifecycle.
As a member of the team, you will:

• Drive security requirements and architecture into distributed services that play a pivotal role in the development of software.
• Lead project initiatives throughout the product development cycle to ensure the highest level of security, while ensuring privacy and ease of use.
• Use a wide range of interpersonal and technical skills to champion adoption of our security technologies across the company.

We’re seeking candidates who have:

• A passion for information security.
• Proven experience collaborating with engineering teams to integrate security throughout the software development lifecycle.
• Proven experience designing, developing and deploying robust, scalable services and platforms that enable secure operations across an organization.
• Proven experience in programming and scripting languages (e.g., Go, Python, Bash, Java, JavaScript).

Minimum Qualifications

• Bachelor’s degree in computer science (or similar) with 5+ years of relevant industry experience
• Significant experience with Golang and Git/GitHub SCM
• Strong experience with coding techniques and standard methodologies for security, performance optimization, and ease-of-use
• Experience in utilisation and deployment of cloud technologies in AWS or GCP, experience in container technologies such as Docker and Kubernetes, and microservice architecture
• Experience with CI/CD, IaaS and DevOps best practices
• Strong test-driven approach to writing code
• Excellent problem-solving skills
• Excellent written and verbal communication skills across multiple levels

Preferred Qualifications

• Bachelor’s degree in computer science (or similar) 7+ years of relevant industry experience
• Experience with AI/ML and LLM’s
• Experience with application tracing, monitoring, analysis and visualizations through analytics dashboards
• Passion for high-quality code, tests, CI/CD, documentation, and production services
• Track record of driving improvements in code quality, performance, etc.
• Experience leveraging ORMs to interact with databases efficiently
• Familiarity with Python, Java, Swift, C, C++ and/or Objective-C; and JavaScript and/or Typescript/React is a plus

Endpoint Security Engineer - Endpoint Privilege Management (EPM) - Windows O/S

Chester, 12 months+ contract *** Hybrid working, 3 days onsite

Leading financial services client is seeking an accomplished Endpoint Security Engineer to join them on a contract basis. You will contribute to a cloud migration project (AWS and Azure), designing and implementing advanced endpoint security solutions. This is an excellent opportunity to join the platform engineering team within a global banking environment.

Skills and experience required:

• Demonstrated experience in endpoint security, across both engineering and support capacities.
• Strong expertise in Application Control, ideally with BeyondTrust solutions (similar tools will suffice ie CyberArk, etc)
• Advanced understanding of Windows Operating Systems
• Proficiency in scripting PowerShell and Python - desirable
• Experience with Trellix ePO, BeyondTrust EPM Cloud, and policy management in Azure and AWS environments desirable

If this is of interest and you have the required skills, please submit your CV over for immediate consideration.

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

The Role:

We are looking for a Cloud Security Engineer with experience on AWS, to join our growing team.

The successful candidate will have an essential role in ensuring the information security of our business. You will be working in a team that is designing and building resilient and secure Cloud environments that proactively prevent security threats. You will typically have, although not essential, industry accreditations like AWS Certified Security - Specialty

The main responsibilities of the position include:

• Design and build resilient Cloud infrastructures that are protected against security threats
• Develop and assess Cloud security solutions to secure systems, databases and networks
• Conduct assessment and make recommendations to ensure that appropriate controls are in place
• Gain insight into security incidents and threats by monitoring/analyzing logs and performing vulnerability assessments
• Participate in efforts that shape the company’s security policies, procedures and standards for use in Cloud environments
• Create technical and managerial level security reports for Cloud-based applications and infrastructure Implement and tests network and security
• Disaster Recovery procedures to ensure business continuity
• Monitor use of sensitive data and regulates access to safeguard information
• Ensure the confidentiality and integrity of data during transmission, storage and processing
• Review violations of security procedures and discusses procedures with violators to ensure they are not repeated
• Provide support to end users regarding network and security related issues

Main requirements:

• BSc/MSc in Information Security or any other related field
• Minimum 1 year working experience in Information Security, with proven focus in Cloud Security
• Deep technical knowledge of Amazon Web Services (AWS).
• Expertise in Microsoft Azure and Oracle Cloud will be considered an advantage
• Hands-on experience on AWS services such as IAM, Organizations, SSO, VPC, Transit Gateway, S3, EC2, RDS, ELB, CloudTrail, Config, Inspector, GuardDuty, WAF, etc
• Clear understanding of current threats to Cloud infrastructure and advanced knowledge of securing such environments
• Experience in DevSecOps methodologies is considered a plus
• Experience building and deploying applications to the cloud (AWS, Azure, etc.) using Infrastructure as Code tools such as Terraform is considered a plus
• Expertise in container security is considered a plus
• Ability to work autonomously with minimum supervision and to integrate well within a team
• Excellent problem solving and analytical skills
• Ability to quickly learn new technologies in depth

Benefit from:

• Attractive remuneration
• Food allowance
• Intellectually stimulating work environment
• Continuous personal development and international training opportunities

Keywords: Cloud Security, Cyber Security, AWS Security

Senior M365 Collaboration & Copilot Consultant ​​​​​​ Location: London (Fully Onsite) Contract Type: Inside IR35 Contract Sector: Banking Are you an expert at balancing cutting-edge productivity with the stringent requirements of a highly regulated environment? We are partnering with an global banking client seeking a Messaging and Collaboration SME to provide more than just technical support. This is a strategic role where you will own the architectural integrity, governance, and continuous evolution of the Microsoft 365 estate, with a primary mission to drive the secure and scalable adoption of Microsoft Copilot. You will act as the primary technical authority, bridging the gap between business risk and technical innovation. If you are a consultant-minded engineer who views governance as a business enabler and thrives on shaping long-term platform strategy rather than just closing tickets, this is an opportunity to make a genuine impact. Key Responsibilities Architectural Strategy & Governance: Define and maintain technical standards for the Microsoft 365 ecosystem, ensuring that platforms like Exchange, Teams, SharePoint, OneDrive, and Intune are engineered for security and compliance.
Copilot Enablement: Lead the strategic deployment of Copilot, overseeing data access models, readiness assessments, and risk mitigation strategies to ensure responsible AI usage.
Stakeholder Influence: Partner with security, compliance, and data teams to negotiate and implement governance policies that satisfy regulatory standards without stifling productivity.
Technical Authority: Provide high-level guidance on service roadmaps and platform architecture, acting as the final escalation point for complex, business-critical incidents.
Knowledge Leadership: Champion technical excellence by authoring high-quality documentation, operational runbooks, and mentoring teams to elevate the wider department capability.Key Skills & Requirements Consultative Expertise: A proven track record in enterprise infrastructure, specifically leading complex Microsoft 365 and Exchange migration and modernisation programmes within highly regulated sectors.
Governance-First Mindset: Deep understanding of how to implement robust security, compliance, and data protection policies, such as Purview and Conditional Access, within a Zero Trust framework.
AI & Copilot Proficiency: Significant experience in the architecture, data readiness, and risk management required for successful Copilot implementation.
Influence & Communication: Demonstrated ability to communicate complex technical risks to senior stakeholders and influence architectural decisions.
Technical Rigour: Expert-level knowledge of the M365 stack, including Identity Federation and Azure Active Directory, complemented by strong PowerShell scripting skills for automation and reporting.If you are a strategic thinker who wants to shape the future of collaboration in a complex environment, please apply today. If you’ve held any of these roles or used these technologies, this role could be a great fit: M365 Modern Workplace Architect, Lead M365 Collaboration Engineer, Microsoft Copilot Engineer, M365 Solution Architect, Collaboration Solutions Architect, Digital Workplace Architect, Principal M365 Consultant, Senior M365 Engineer, Lead Collaboration Engineer, Modern Workplace Engineer, M365 Platform Lead, Copilot Architect, Copilot AI Solutions Architect, AI Strategy Lead, Copilot Engineer, Copilot Specialist, or Copilot Consultant. Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate £1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn’t right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd acts as an Employment Business in relation to this vacancy

Secure by Design (SbD) Specialist - MOD Project (Inside IR35) Role: Secure by Design (SbD) Specialist Location: UK (Hybrid / On-site as required) Contract: Inside IR35 Duration: 6 months initial (likely extension) Clearance: Active SC required - DV highly desirable Client: UK MOD Programme Rate: £500 to £550 per day Role Overview We are seeking an experienced Secure by Design (SbD) Specialist to support delivery within a UK MOD environment. The role will focus on embedding security principles into system and solution design, ensuring compliance with MOD and UK Government security standards. You will work closely with architects, engineers, and security teams to ensure security is integrated across the full development lifecycle and aligned to programme risk and assurance requirements. Key Responsibilities Embed Secure by Design principles across system and solution delivery
Conduct security design reviews and provide risk-based recommendations
Support development of:
Security architectures
Threat models and risk assessments
Security design documentation
Ensure alignment with MOD and UK Government security standards
Work with architects and delivery teams to integrate security into Agile and DevSecOps environments
Support security assurance and accreditation activities
Identify and manage design-level security risks Essential Experience Proven experience implementing Secure by Design within MOD, Defence, or Government environments
Strong background in security architecture and secure system design
Experience conducting threat modelling and security risk assessments
Knowledge of:
NCSC Secure by Design guidance
ISO 27001 or equivalent frameworks
Secure SDLC methodologies
Experience working within regulated, high-assurance environments
Strong stakeholder engagement and documentation skills
Active SC Clearance (minimum requirement) Desirable DV Clearance
Experience working on MOD programmes
Knowledge of:
JSP 440
HMG Security Policy Framework
Cloud security (Azure or AWS)
Relevant certifications (e.g., CISSP, CISM, SABSA)

‘Together we’re sharing new perspectives and transforming what it means to be a bank.’

AMS is a global workforce solutions partner committed to creating inclusive, dynamic, and future-ready workplaces. We help organisations adapt, grow, and thrive in an ever-evolving world by building, shaping, and optimising diverse talent strategies.

We partner with Deutsche Bank to support their contingent recruitment processes. Acting as an extension of their recruitment teams, we connect them with skilled interim and temporary professionals, fostering workplaces where everyone can contribute and succeed.

On behalf of Deutsche Bank, we are looking for a Technology Service Specialist (eDiscovery & Archive) for a 6 Month contract based in Birmingham (Hybrid).

Purpose of the role:

As Technology Service Specialist (eDiscovery & Archive) you will support the preservation and collection of data for legal, regulatory, and audit matters by acting as the central coordination point between Legal, IT, and business teams.
eDiscovery experience is essential and the role extends beyond traditional document review and focuses heavily on structured data, stakeholder coordination, and risk-based decision making.

What you’ll do:

• Act as the primary point of contact between Legal, IT, and business teams for data preservation and collection requests.
• Receive, assess, and manage legal discovery request forms, ensuring requests are understood, feasible, and appropriately scoped.
• Coordinate the collection of data by working with system owners and technical teams, where direct system access is not available.
• Ensure data preservation activities follow defined processes, with appropriate evidence, audit trails, and controls in place.
• Manage multiple concurrent requests, prioritising workload and escalating risks, issues, or dependencies where required.
• Advise Legal and stakeholders on data availability, limitations, technical feasibility, and associated legal or data risks.

The skills you’ll need:

• Experience working with eDiscovery processes, particularly data collection and preservation.
• Strong stakeholder management skills, with the ability to work effectively across Legal, IT, and wider business teams.
• Proven ability to identify, assess, and escalate legal, data, and operational risk.
• Ability to manage multiple requests simultaneously in a time‑pressured, regulated environment.
• Clear and confident communication skills, able to translate technical or data‑related concepts into practical guidance.
• General technical understanding of systems, data structures, and applications.
• SQL or database knowledge is advantageous.

Deutsche Bank’s Values

Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.

We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs, and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.

This client will only accept workers operating via a PAYE engagement model.

AMS’s payroll service is in partnership with Giant, we have worked with them for many years and have good processes in place to ensure you get the best service. If you are successful in your application for this role, your contract will be via Giant. For more information on Giant, please follow this link: https://ams-giant-paye-introduction.

AMS, a Recruitment Process Outsourcing Company, may in the delivery of some of its services be deemed to operate as an Employment Agency or an Employment Business.

Help us to make a world of difference Urenco is a global leader in the production of low carbon energy. We work at the cutting edge of the transition to a sustainable, net zero world. We are seeking an experienced Threat Intelligence Specialist to strengthen and evolve URENCO’s Threat Intelligence capability within the Threat Defence and Cyber Security Operations team. Based primarily at our Paddington site, this role will play a key part in delivering intelligence-led security outcomes across the organisation. You will report to the Threat Intelligence Manager and be based on a hybrid basis, with a minimum expectation of two days per week on site. On-site working patterns will be agreed with your Line Manager, in line with the direction of the Head of Threat Defence and Cyber Security Operations. When working on-site, you will collaborate closely with local Information Security Managers to ensure alignment with health and safety obligations, site-specific security requirements, and operational best practices. At Urenco we’re committed to giving you opportunities to be your best. If you feel you meet some, but not all of what we’re looking for, please still apply. We believe in embracing the passion and potential of our people, and to achieve this we offer market leading training and development experiences. Along with the opportunity to be mentored and coached by some of the smartest minds in the industry. What you’ll do: Threat Intelligence Delivery & Operations Deliver and mature Threat Intelligence (TI) services under the direction of the Threat Intelligence Manager, supporting the wider Threat Defence and Cyber Security Operations function.
Monitor, assess, and investigate the external threat landscape, identifying cyber threats, risks, and potential impacts to the organisation, escalating as appropriate.
Produce and deliver high‑quality, actionable Threat Intelligence through written reports and verbal briefings for technical and non‑technical audiences.
Manage Threat Intelligence sources and tooling, including dark web monitoring, credential exposure monitoring, alerting, and associated platforms.
Work closely with the Managed Security Service Provider (MSSP) to support TI services, tool integration, and continuous capability improvement.
Deputise for the Threat Intelligence Manager when required.
Threat Integration & Response Integrate Threat Intelligence into: Cyber Security incident response processes
Vulnerability management processes, including emergency response for zero‑day threats Support threat management and threat modelling activities by identifying threat vectors and developing security monitoring use cases in collaboration with the wider CISO function.
Provide Threat Intelligence services on demand to internal stakeholders in line with the agreed service catalogue.
Stakeholder Engagement & Information Sharing Lead Brand Protection and Information Sharing activities, ensuring timely and appropriate dissemination of intelligence to internal and external stakeholders.
Build and maintain strong relationships with internal stakeholders, embedding Threat Intelligence into risk modelling, assessment, and decision‑making.
Develop and maintain external partnerships across the civil nuclear sector to enable effective Threat Intelligence information sharing.
Continuous Improvement & Strategic Contribution Identify and implement improvements to enhance the quality, timeliness, and effectiveness of Threat Intelligence outputs and services.
Review and develop Threat Intelligence processes, tooling, documentation, and relevant policies, highlighting external risks to the organisation.
Contribute to the ongoing development of the Threat Defence and Cyber Security Operations Strategy through Threat Intelligence, using a combination of in‑house capability, outsourced services, and tooling.
Collaborate across Threat Defence and Cyber Security Operations on ad‑hoc and urgent business requirements to support the protection of the organisation.
What do you need to thrive in this role? Vocational Qualifications & Skills Essential: Proven experience working in a threat defence or threat intelligence capacity.
Excellent critical thinking and analytical skills, with the ability to produce accurate, insightful, and actionable intelligence assessments.
Strong written and verbal communication skills, including the ability to confidently deliver spoken intelligence briefings to both technical and non‑technical audiences.
Must hold a recognised Threat Intelligence or intelligence‑related certification, such as: CREST Practitioner Threat Intelligence Analyst (CPTIA)
SANS GCTI
Or an equivalent, industry‑recognised qualification. Foreign language capability is desirable but not essential.
Experience Required Demonstrable experience delivering or supporting a Threat Intelligence function, working closely with information security teams, including: Computer Incident Response Teams (CIRT)
Computer Emergency Response Teams (CERT / CSIRC)
Security Operations Centres (SOC) Proven experience contributing to the development and delivery of a cyber defence or cyber security strategy.
Demonstrable experience defining, producing, and maintaining Threat Intelligence deliverables, reporting, and performance metrics.
Strong understanding of the range of cyber threat intelligence sources and the methods used to collect, validate, and analyse intelligence.
Knowledge of current geopolitical themes and their relevance to URENCO’s cyber threat landscape.
Good understanding of the full spectrum of cyber threat actors, including insight into the capability and intent of specific Advanced Persistent Threat (APT) groups.
Knowledge of cybercrime groups, including their operations, tactics, techniques, procedures (TTPs), and supporting infrastructure.
Solid understanding of cyber incident management and incident response processes.
What can you expect from us? More than just a job, we offer a future. More than just a place to work, we provide an opportunity to prosper. As an employee of Urenco you will receive: Annual leave of 27 days per annum.
A generous bonus scheme based on achievement of personal and company objectives.
A diverse range of family friendly policies.
A defined contribution pension scheme: contributions start at 4% (employee) and 10% (employer).
Hybrid Working Pattern: up to two days working remotely on average per week. Flexible start and finish times, with a 1.30pm finish on Fridays.
Flexible benefits package; including life assurance and income protection. In addition, you’ll have an opportunity to purchase additional benefits that suit your lifestyle.
Paid time off for volunteering.
The opportunity to join our private medical and dental insurance schemes.
Education and training; we take pride in helping people learn and develop by supporting, accelerating and directing your learning. As well as the completion of mandatory health and safety courses, training packages will be offered to meet your specific needs.
Security vetting Due to the nature of the industry that Urenco operates in, all personnel regardless of employment status working for Urenco are required to obtain security clearance at the level required for their role. Security clearances are assessed in accordance with regulations and official guidance issued by the relevant competent authorities for national security vetting. In certain circumstances, additional enhanced security clearance considerations apply to roles within Urenco owing to the particular activities that the Urenco Group undertakes in relation to uranium enrichment. Successful candidates will need to satisfy security requirements, and all offers of appointment are made subject to the successful approval of all checks initiated. Creating a diverse and inclusive workforce As a truly global company with a presence in the UK, USA, Germany, and the Netherlands, we know that our individual differences make us stronger. Putting people at the heart of our business, we strive to create an open and inclusive workplace that allows every voice to be heard and diversity to thrive. If you require any reasonable adjustments to the recruitment process, please let our talent acquisition team know. Because together, we are one Urenco. We are enriching the world. And enriching your future

GCP Cloud Security Engineer / GCP Security Expert Contract, 6 months initially (very likely extensions)
Inside IR35
Remote (UK)
£(Apply online only) per dayWe’re working with a client on an exciting cloud-first transformation and are looking for a GCP Cloud Security Engineer to play a key role in securing the migration of workloads into Google Cloud. This is an excellent opportunity to join a forward-thinking environment where security is central to cloud adoption. The Role You will be responsible for designing, implementing, and maintaining security controls across a growing GCP estate, ensuring applications and infrastructure are migrated securely and aligned with best practices. Key Responsibilities Implement and manage security controls across Google Cloud Platform (GCP)
Support the secure migration of applications and infrastructure into GCP
Integrate cloud environments with tools such as Okta, Splunk, and Prisma Cloud (Palo Alto Networks)
Configure and manage IAM, network security, and access policies
Monitor cloud environments for vulnerabilities, risks, and misconfigurations
Troubleshoot and resolve security-related issues throughout the migration lifecycle Skills & Experience Hands-on experience with GCP security services (e.g. IAM, VPC, Security Command Centre)
Proven experience supporting cloud security migrations or similar projects
Strong understanding of cloud security principles and best practices
Experience integrating security tooling within cloud environments
Scripting or automation experience (e.g. Python, Terraform) is beneficial

Hybrid Working – 2–3 days per week onsite £40,000–£55,000 (DOE) + Excellent Benefits We’re pleased to be supporting a growing, international organisation as they introduce a brand new GRC Coordinator role. This is a fantastic opportunity to take ownership of governance, risk, and compliance activity within a modern, people?focused business that is scaling its global presence and digital services. If you’re someone who enjoys bringing clarity to complexity, keeping compliance frameworks organised, and acting as the central point of coordination, this role offers both challenge and long-term development. The organisation is expanding across new markets and strengthening its data protection, security, and regulatory posture. With multiple frameworks in motion — including ISO 27001, GDPR, HIPAA, and Cyber Essentials Plus — they now require a dedicated internal owner to: Maintain structure across all GRC activity
Coordinate between teams and external advisors
Keep audits, actions, and documentation progressing
Support compliance awareness across the businessYou’ll be the person who connects everything together: operational, organised, and clear in communicating what needs to happen and when. What You’ll Be Doing Governance, Risk & Compliance Coordination
Manage day to day administration of security, privacy and compliance frameworks
Maintain policies, procedures, registers and documentation
Track actions, evidence, tasks and reviews across multiple frameworks
Support development and maintenance of the ISMSAudit & Assurance
Assist with internal audits and external certification activity
Gather and organise audit evidence
Track findings and corrective actions, escalating where required
Support responses to customer and supplier assurance questionnairesPrivacy & Data Protection
Support with maintaining Records of Processing Activities, DPIAs and related documentation
Route queries to the organisation’s external DPO/privacy partner
Maintain strong information governance practicesStakeholder Engagement
Act as the internal go to for GRC questions and coordination
Work with IT, HR, Digital, Operations, Quality and Business Systems teams
Help gather information, evidence, and inputs required for audits or assessmentsTraining & Internal Awareness
Assist in delivering compliance and security training
Ensure clear communication to employees at all levels
Help build a culture of awareness and accountabilityIncident Coordination
Support incident response by gathering information and maintaining records
Escalate appropriately to leadership or external advisorsEssential Experience Experience in governance, compliance, risk, information security or information governance
Exposure to frameworks such as ISO 27001 and/or GDPR
Strong organisation and documentation skills
Excellent written and verbal communication
Ability to translate technical or regulatory topics into practical, easy to understand language
Comfortable working with stakeholders across the organisationDesirable Experience with audits, assurance processes or certifications
Knowledge of Cyber Essentials, HIPAA or other regulatory frameworks
Experience in a regulated environment (e.g. healthcare, life sciences, manufacturing, technology)
Familiarity with GRC or document management toolsIdeal Personal Qualities
Personable and approachable
Curious and proactive in learning
Calm and structured in managing multiple workstreams
Confident in owning processes and keeping momentum
Able to balance detail with practicalityQualifications (Nice to Have) Not required, but beneficial: ISO 27001 Lead Implementer / Lead Auditor
CIPP/E, CIPM, CIPT
Security+, HCISPP, GDPR practitioner certificationsExperience is more important than formal certifications. What’s on Offer Supportive onboarding and long tenured teams
Access to a salary sacrifice EV scheme after probation
Free onsite parking and free EV charging
Modern offices and collaborative working culture
Strong growth plans with career progression opportunities
A friendly, down to earth environment where people genuinely enjoy working togetherIf you’re ready to take ownership of key compliance frameworks, influence internal culture, and support a growing international business this role offers the variety, scope and development you’re looking for

Senior Software Engineer - Golang Information Security £650 per day - Inside IR35 3 days per week on-site, 2 days WFH 3 Month rolling contract up to 2 years Job Summary The Information Security team is responsible for developing services to find and mitigate security risks faced. We are seeking an extraordinary Software Engineer who is passionate about security and can thrive in a fast-paced environment where both individual drive and team collaboration are the keys to success. As part of the Information Security team, you’ll be at the forefront of developing cutting-edge services to identify and mitigate security risks. This is a technical hands-on role that is focused on security across all of the organisation. You’ll be working to identify problems, establish a vision for how to address those problems, and unite the relevant owners within the business on achieving that vision. Description In this role you will architect and develop distributed and scalable services focused on ensuring high standards of security and ultimately drive continuous improvements for these solutions. Together, our work will be instrumental in maintaining the security of the software development lifecycle. As a member of the team, you will: Drive security requirements and architecture into distributed services that play a pivotal role in the development of software.
Lead project initiatives throughout the product development cycle to ensure the highest level of security, while ensuring privacy and ease of use.
Use a wide range of interpersonal and technical skills to champion adoption of our security technologies across the company. We’re seeking candidates who have: A passion for information security.
Proven experience collaborating with engineering teams to integrate security throughout the software development lifecycle.
Proven experience designing, developing and deploying robust, scalable services and platforms that enable secure operations across an organization.
Proven experience in programming and scripting languages (e.g., Go, Python, Bash, Java, JavaScript). Minimum Qualifications Bachelor’s degree in computer science (or similar) with 5+ years of relevant industry experience
Significant experience with Golang and Git/GitHub SCM
Strong experience with coding techniques and standard methodologies for security, performance optimization, and ease-of-use
Experience in utilisation and deployment of cloud technologies in AWS or GCP, experience in container technologies such as Docker and Kubernetes, and microservice architecture
Experience with CI/CD, IaaS and DevOps best practices
Strong test-driven approach to writing code
Excellent problem-solving skills
Excellent written and verbal communication skills across multiple levels Preferred Qualifications Bachelor’s degree in computer science (or similar) 7+ years of relevant industry experience
Experience with AI/ML and LLM’s
Experience with application tracing, monitoring, analysis and visualizations through analytics dashboards
Passion for high-quality code, tests, CI/CD, documentation, and production services
Track record of driving improvements in code quality, performance, etc.
Experience leveraging ORMs to interact with databases efficiently
Familiarity with Python, Java, Swift, C, C++ and/or Objective-C; and JavaScript and/or Typescript/React is a plus

Cyber Security Assurance Specialist SC Cleared We’re supporting a leading UK research and technology organisation delivering nationally significant programmes, and they’re looking for an SC cleared Cyber Security Assurance Specialist to play a key role in securing a complex, hybrid technology estate. The chosen candidate must have capabilites in risk assessments across IT, Cloud and OT environments with exposure to secure cloud or infrastructure design (Azure/M365). This is 8 month rolling contract, paying £407 PD Inside IR 35 to be based in Culham two to three days per week. Key responsibilities include: Conducting risk assessments across IT, cloud and OT environments
Reviewing and advising on security architecture & design patterns
Owning and maintaining enterprise risk registers
Leading technical assurance reviews aligned to GovAssure / CAF / ISO27001
Supporting audit, compliance, and remediation activities
Embedding security controls across platforms (Azure, M365, infrastructure)
Working closely with engineering, architecture, and delivery teamsKey experience: Strong experience in cyber security assurance / risk / governance roles
Proven background in secure cloud or infrastructure design (Azure/M365)
Experience with risk frameworks (ISO 31000, NIST, OWASP etc.)
Knowledge of GovAssure, CAF, ISO27001, Cyber Essentials
Entra ID / Azure / M365
SIEM / EDR / vulnerability management tools
Access control models (RBAC/ABAC)
Experience supporting audits, assurance reviews, and remediation plans
Ability to translate technical risk into clear business languageSC cleared, one stage, must be commutable from Cluham

The purpose of this role is to support the Director of Business Information Security (BISO) in the oversight of Information Security across LCH.

The role contributes to ensuring that LCH’s critical business services, systems, and data assets are adequately protected, that information security and cyber controls are effective and operating within defined risk appetite, and that any identified gaps have appropriate and proportionate risk treatment plans in place.

The role will best suit an experienced Information Security Professional with experience gained from having previously operated within InfoSec/Cyber roles within the FS or FMI industries. The successful candidate must have subject matter expertise in Information Security, as the role demands a strong knowledge in all areas of information security and cyber security, as well as in-depth knowledge of legacy, existing, and emerging technologies including cloud and security technologies/controls. In addition, a prior background in information security engineering, security architecture, and security operations will be advantageous in this role given the various levels of stakeholders as well as the tech/cyber projects that the successful candidate will engage with daily.

Enter the key responsibilities of the role:

Information Security & Cyber Oversight

• Support the oversight of Information Security and Cyber Security controls that enable LCH to operate securely and resiliently.
• Review and assess the design and operational effectiveness of security controls, identifying gaps, weaknesses, and improvement opportunities.
• Support the tracking, reporting, and follow-up of InfoSec and Cyber risk remediation actions.
• Monitor cyber-related roadmaps, programmes, and initiatives impacting LCH, identifying risks, dependencies, and areas requiring escalation.

Cyber & Technology Domain Knowledge

• Apply strong cyber and technology domain knowledge to understand, assess, and articulate security risks and control effectiveness across:
  • Identity & Access Management (IAM) and Privileged Access Management (PAM)
  • Infrastructure and platform technologies, including virtualised environments
  • Vulnerability management tooling, prioritisation, and remediation approaches
  • Cloud and SaaS security concepts, including shared responsibility models
  • Secure Development Lifecycle (SDLC) principles and application security fundamentals
• Use this knowledge to engage credibly with technical specialists and translate technical issues into clear, risk-based insights for stakeholders.

Vulnerability & Risk Remediation

• Review vulnerability and security findings from enterprise tooling, dashboards, and assurance activities.
• Analyse trends and systemic risk themes across vulnerability and control findings.
• Coordinate with technology and engineering teams to support timely remediation of vulnerabilities, tracking progress and escalating delays or constraints as required.
• Support risk-based remediation and risk acceptance decisions in line with LCH and LSEG risk appetite.

Governance, Risk & Reporting

• Contribute to risk, security, and governance forums by providing accurate, evidence-based updates on cyber risk posture, remediation progress, and control effectiveness.
• Work with colleagues across the first, second, and third lines of defence to support a consistent and well-understood cyber risk posture for LCH.
• Support the development and maintenance of the LCH Cyber Risk Profile.
• Assist with Risk & Control Assessments (RCA) covering InfoSec and Cyber risks.
• Maintain key risk and performance indicators, ensuring management information accurately reflects the current control environment.

Engagement with the Business

• Develop and maintain a strong understanding of LCH business services, objectives, and operational risks, and how these influence cyber and information security risk.
• Identify key areas for improvement across cyber risk, control effectiveness, and governance.
• Support risk management decision-making, including contributions to relevant risk forums and governance committees.
• Assist with the identification of emerging cyber and information security threats, supporting analysis and mitigation planning.
• Build effective relationships across the business to gain a clear understanding of security-related risks and priorities.
• Work closely with stakeholders across the three lines of defence on information security, cyber risk, and data privacy matters, including regulatory and legislative considerations.

Stakeholder & Third-Party Engagement

• Work closely with LCH technology and cyber teams delivering infrastructure, platform, and application services.
• Engage with internal third-party oversight functions to support assurance over suppliers and service providers.
• Maintain effective working relationships with risk, compliance, legal, and audit functions.

Executive Communication

• Prepare and maintain clear, accurate executive-level materials that reflect the current security posture of LCH.
• Develop briefing papers, management updates, and presentations for senior stakeholders and governance committees.
• Confidently support senior leaders by stepping in to represent the function when required, delivering updates with minimal oversight.
• Communicate complex cyber risk matters in a clear, concise, and regulator-appropriate manner.

Knowledge of Technology, Security & Threat Landscapes

• Maintain awareness of emerging technologies and relevant security capabilities.
• Sustain a strong working understanding of the cyber threat landscape, particularly as it applies to Financial Market Infrastructure (FMI) organisations.
• Continuously develop knowledge of evolving cyber and information security risks.
• Contribute to the articulation of appropriate cyber risk mitigations, explaining effectiveness and limitations clearly.
• Maintain awareness of key global data protection and privacy regulations relevant to LCH.
• Operates with a high degree of autonomy, managing responsibilities with minimal day-to-day supervision.
• Brings a strong learning mindset and proactive attitude, actively seeking to broaden capability across cyber risk, controls, governance, and regulation.

Enter the essential experience and skills required:

• Experience in Information Security, Cyber Risk, Technology Risk, or Security Governance roles.
• Strong conceptual knowledge of:
  • IAM / PAM
  • Infrastructure and platform technologies
  • Vulnerability management
  • Cloud and SaaS security concepts
  • SDLC principles
• Experience working with risk, controls, and governance processes.
• Excellent written and verbal communication skills.
• Ability to operate independently and prioritise effectively.

Desirable & Advantageous Certifications

• CISSP
• CISM
• CCSP

Working Knowledge of Security Standards & Frameworks

• NIST Cyber Security Framework
• SOC 2
• CBEST / TIBER-EU

Career Stage:
Senior Associate

London Stock Exchange Group (LSEG) Information:

Join us and be part of a team that values innovation, quality, and continuous improvement. If you’re ready to take your career to the next level and make a significant impact, we’d love to hear from you.

LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth.

Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership, Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions.

Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce.

We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone’s race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs.

You will be part of a collaborative and creative culture where we encourage new ideas. We are committed to sustainability across our global business and we are proud to partner with our customers to help them meet their sustainability objectives. Our charity, the LSEG Foundation provides charitable grants to community groups that help people access economic opportunities and build a secure future with financial independence. Colleagues can get involved through fundraising and volunteering.

LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives.

Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it’s used for, and how it’s obtained, your rights and how to contact us as a data subject .

If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice.

IAM Engineer An excellent opportunity has arisen for an IAM Engineer to join a highly regulated technology environment where security, reliability and continuous improvement are taken seriously. Working as part of a dedicated identity operations function, you will play a key role in day‑to‑day identity and access management, supporting joiner, mover and leaver processes while helping strengthen access governance and Zero Trust controls across a Microsoft‑centric estate. What You’ll Be Doing Delivering BAU IAM administration across Active Directory and Azure AD / Entra ID
Managing JML processes, onboarding and offboarding users securely
Supporting access requests, account changes and troubleshooting identity issues
Assisting with access reviews, permissions rationalisation and audits
Working closely with security and support teams as a 2nd line escalation point
Contributing to automation and workflow improvements using PowerShell and ServiceNow What We’re Looking For OKta Identity
Experience in IAM / IDAM operations
Strong knowledge of Microsoft identity platforms
Understanding of RBAC, least privilege and Zero Trust
Familiarity with ServiceNow or similar ITSM tools
Comfortable working in regulated or compliance‑driven environments
Eligible for UK Security Clearance (SC) Nice to Have PowerShell automation
ISO 27001 / ITIL exposure

PAM Engineer Location: Wokingham Hybrid - 50/50 Duration: role starts with a 6 months contract Rate to SSC Rate - £625 SC CLEARED INSIDE IR35 Role Description: Qualifications Relevant certifications (e.g., CyberArk Defender, CISSP, CISM)
Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures
Knowledge of DevSecOps practices and CI/CD pipeline integration Key Responsibilities Design, deploy, and manage PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
Implement least privilege access models and enforce secure credential management
Monitor and audit privileged access activities across systems and applications
Integrate PAM tools with SIEM, IAM, and other security platforms
Develop and maintain policies, procedures, and documentation for PAM operations
Conduct regular access reviews, privilege audits, and risk assessments
Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration
Provide technical support and troubleshooting for PAMrelated issues
Stay current with industry trends, threats, and best practices in access management Required Skills & Qualifications Experience in PAM engineering or cybersecurity roles
Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea
Strong understanding of Active Directory, LDAP, and authentication protocols
Experience with scripting (PowerShell, Python) for automation and reporting
Familiarity with compliance frameworks (ISO 27001, NIST, GDPR)
Excellent problemsolving, communication, and documentation skills

Network Engineer – SC Cleared Are you someone who thrives in hands‑on, high‑security environments? We’re looking for a skilled Network Engineer who enjoys building, optimising, and maintaining complex network infrastructures across both local and global environments. In this role, you’ll: \* Design, deliver, and support robust LAN and large‑scale WAN environments \* Translate application‑specific needs into precise and secure firewall policies \* Experiment, test, and validate emerging technologies in a lab/POC setting \* Apply Secure‑by‑Design principles throughout network solutions Core Experience Required Solid background in implementing and supporting: \* Wide Area Network architectures \* Major routing protocols (e.g., OSPF, BGP) \* VPN technologies and security platforms (e.g., IKEv2, next‑generation firewalls) \* Technical documentation—turning high‑level design into detailed configuration and deployment steps Bonus Skills Experience with: \* Modern data centre networking (spine‑leaf topologies, EVPN, BGP, Geneve) \* High‑assurance encryption solutions \* Automation/orchestration tools (e.g., Ansible, Terraform) \* White‑box networking platforms (e.g., Mellanox, Cumulus, Nvidia) \* NSX troubleshooting and support \* Cisco CCNP‑level knowledge or similar practical expertise

Cadent Gas Ltd Secure our digital future through identity excellence As an IAM Technical Analyst, you will be reporting into the Identity & Access Management team and working closely with internal IT teams and external partners supporting delivery of Cadent’s IAM roadmap into an ITIL disciplined environment, delivering IT services in a multisource model to an enterprise of 7000+ employees and external workers in a regulated utility. The IAM team aim to enhance the user experience for colleagues by simplifying, improving, and automating access to systems & data for our digital identities including Privileged Access Management (PAM). We work with internal and external partners to improve provisioning and revocation of access to resources, ensuring access is authenticated and limited, based upon principle of least privilege. Accountable for the ongoing development and deployment of automated access management processes and integrations focussed on Cadent’s non-SAP platforms and systems (Microsoft Active Directory, Entra ID and MS 365). We aim to enhance governance to improve management of digital identities including privileged access, protecting Cadent’s network to meet regulatory obligations (NCSC CAF), aligned to strategy and best practice. Why you’ll love this role: This is a hands-on technical role, where you will be working with industry standard tools where your skills and expertise will involve: Technical delivery – Implement, support and optimization of IAM and PAM services across the enterprise including SSO enablement of new SaaS applications and technical input and support to other projects and programmes.
Technical assurance – ensuring Change Management process is adhered to and technically validated to protect live service.
Security & Compliance – Ensure alignment with NCSC CAF and regulatory obligations, development, management and adherence to IAM Standard Operating Procedures (SOPs), support for internal and external IAM security audits.
Automation & Integration – Drive improvements in provisioning, revocation, and access governance.
Collaborative culture – Collaborate across IT, business, and vendor teams to deliver secure solutions.
Continuous Improvement – Champion innovation and efficiency in identity management including maintenance plans and roadmaps to maintain the health of services. What you’ll bring: Education & Certifications – Degree in IT or Cybersecurity, ITIL Foundation, and ideally CIAM, CISSP or CISM. Extensive hands-on experience in IT; specifically, Microsoft Active Directory (AD), Entra ID and MS 365, with a good knowledge of system technologies, monitoring tools, processes, and incident handling in a 24x7x365 support environment. Experience of configuring, implementing, developing, and supporting complex solutions. Evidence of vendor/ stakeholder management qualities. Technical curiosity, ensuring continuous skills refresh, with cutting edge and new to market technologies explored, understood, and assessed. Experience and understanding with different delivery methods and tools including Waterfall, Agile, SCRUM, Prince2, KANBAN and JIRA. Experience of building relationships and working with a variety of stakeholders, supported by interpersonal and communication skills at all levels, with the ability to translate complex IT issues into business related vocabulary. Experience and understanding of ITIL framework and ITSM tools, specifically ServiceNow. Experience working in a regulated utility industry desired. Experience and understanding of UK Data Privacy legislation Technical knowledge or qualifications highly desirable in the following areas: Identity and Access Management, specifically Microsoft Active Directory (AD), Entra ID and MS 365 including Entra Connect, app registrations, certificate and password management for user and machine authentication. Deep knowledge of SAML, OAuth, OpenID Connect, SCIM, MFA and federation protocols. HR Provisioning, specifically SAP SuccessFactors to AD / Entra ID). Experience with Microsoft Entra ID Conditional Access, Defender for Identity, and Entra Permissions Management including PIM. Strong understanding of Cyber security principles including zero-trust, privileged access management (PAM), Just-In-Time (JIT) access, Role Based Access Control and adaptive authentication. Privileged Access Management, specifically CyberArk suite. Experience of integrating applications with IGA solutions using a variety of APIs and protocols such as Web service protocols REST/SOAP, LDAP, csv. Hands-on experience with identity automation; PowerShell scripting / MS Graph API, and other API-based integrations. Data Lifecycle management tools such as Microsoft Defender & Microsoft Purview. NCSC Cyber Assessment Framework (CAF). DevOps and cloud security best practices in AWS/Azure environments

Salary - Up to £52,000.00 Location - Scunthorpe, North Lincolnshire, DN16 1XA Pattern of Work – 36.5 hours, Monday - Friday What you need to know about the role You will provide expert technical security oversight across enterprise IT platforms, acting as a trusted authority that identifies security risks, control gaps, and design weaknesses that operational teams may overlook. This is an individual contributor role with technical authority but no line management responsibilities. Your value lies in independent judgement, validation, and challenge, with only limited day‑to‑day operational ownership. Remediation and platform management remain with specialist infrastructure, network, endpoint, or OT teams. You will work alongside experienced engineers to assess security implications of designs, changes, and incidents, providing clear, evidence‑based advice and escalating risks where controls fall short of agreed standards. The role focuses primarily on corporate IT environments, with limited OT involvement centred on collaboration and alignment to central security standards. Key Responsibilities Include, but are not limited to * Provide expert technical security assurance across enterprise IT platforms, identifying control gaps, design weaknesses, and hidden risks that may be missed during operational delivery. * Assess the security impact of technical designs, changes, and exceptions, providing independent challenge and clear, evidence‑based recommendations. * Support security incident response by validating technical impact, root cause, and remediation effectiveness, working alongside operational teams rather than always owning execution. * Conduct and review vulnerability and control assessments, validating remediation outcomes and escalating unresolved or systemic risks where appropriate. * Act as a trusted technical advisor to infrastructure, network, endpoint, and cloud teams, balancing security requirements with operational realities. * Review and advise on firewall rules, network segmentation, and access controls, ensuring alignment with security standards and risk tolerance. * Educate and influence IT colleagues by raising security awareness through practical, technically grounded guidance, not just policy enforcement. * Operate autonomously, using professional judgement and experience to assess risk, document findings, and escalate where controls fall short. What we need to know about you Skills & Experience Essential: * Proven experience in IT security engineering or technical security assurance, operating across enterprise infrastructure. * Strong knowledge of endpoint protection (SentinelOne preferred), with the ability to assess configuration quality and control effectiveness rather than just operate tooling. * Experience reviewing and assuring enterprise firewall configurations and network security controls (e.g. Palo Alto, Cisco). * A solid understanding of encryption, certificates, and trust models as used within enterprise IT systems. * Experience assessing security patching effectiveness and remediation outcomes across Windows and Linux platforms. * Significant experience working with Windows and Linux environments, including legacy platforms. * Experience conducting or reviewing vulnerability assessments using tools such as Nessus, with the ability to interpret results in context. * Ability to analyse logs and technical evidence to identify security issues and validate root cause. * Strong technical communication and documentation skills, able to explain risk and findings clearly to experienced engineers and non‑specialists. Desirable: * Certifications such as CompTIA Security+, CISSP, CEH, or GIAC are beneficial but not essential; demonstrable technical assurance experience is valued over certifications. * Understanding of OT / ICS security principles and legacy constraints, with the ability to align OT risks to enterprise security standards. * Experience with SIEM tools, network monitoring, or threat intelligence platforms, particularly in support of investigation and assurance activities. * Knowledge of NIST, Cyber Assessment Framework (CAF), Cyber Essentials(+) or ISO 27001, with the ability to apply standards pragmatically rather than mechanically. * Scripting or data analysis skills to support investigation, validation, or evidence gathering. What we can offer you
We know our employees are our greatest asset and alongside the great benefits packages we offer, we continue to invest in their careers by providing a huge range of training and development opportunities. Whatever your stage in life, you’ll find a range of benefits to complement your work-life balance. The benefits you’ll enjoy include: * Defined contribution company pension scheme * 27 personal annual leave days + statutory bank holidays * Life Assurance * A comprehensive Company sick pay scheme * Health Cash Plan via our partnership with Simply health * Employee Assistance Programme * Standby and call-out payments * Family friendly benefits including enhanced maternity, paternity, and adoption leave. What you need to know about us
British Steel is a leading European steel manufacturer, supplying premium long products around the world. We take great pride in our history and heritage. Not many companies can claim to have generations of families dedicating their working lives to one company, one industry. Steel gets into your blood, and this drives the passion of our people. And these 2 values deliver our third value of performance – making the products our customers want now and in the future. British Steel has a bright future and we want you to be part of it. British Steel is an armed forces friendly company, and we actively encourage applications from ex-Armed Forces Personnel, Reservists, Armed Forces Veterans and military spouses/partners. We may close this vacancy sooner than planned if we receive a high volume of suitable applications. To ensure your application is considered, we encourage you to submit it as soon as possible

An IT support company are looking for a motivated Cyber Security Apprentice to join their team, where you’ll develop essential skills and contribute to protecting their digital infrastructure. This role offers hands-on experience, structured learning, and guidance from industry professionals, ideal for someone passionate about cybersecurity. As a Cyber Security Apprentice, you’ll work closely with their cybersecurity team to safeguard their systems, monitor for vulnerabilities, and respond to security incidents. You will support the implementation and maintenance of cybersecurity measures and assist in creating a secure IT environment. This role is perfect for someone eager to learn about cybersecurity and work towards becoming a certified cybersecurity professional. KEY DUTIES \* Assist in monitoring network activity and detecting potential threats and vulnerabilities \* Help in identifying, reporting, and mitigating security risks \* Support the team in responding to security incidents and implementing response strategies \* Conduct regular system checks and audits to ensure security protocols are up to date \* Assist with managing access controls and permissions for users \* Participate in the creation and updating of security policies, procedures, and best practices \* Collaborate with the IT team to troubleshoot and resolve security-related issues \* Stay informed on the latest cybersecurity trends and technologies CANDIDATE REQUIREMENTS \* Have the right to live and work in the UK

Information Security Assurance EngineerBristol - Hybrid (3 days onsite)We're looking for an Information Security Assurance Engineer to embed secure-by-design principles into mission-critical products operating in complex environments.You'll review application and product code, identify vulnerabilities, and provide practical guidance to improve security and code quality. Working with teams across the UK and Europe, you'll support shift-left security, contribute to architecture and design discussions, and help integrate security into the SDLC.Key skills:Secure-by-design experience, code review (C/C++, Python or similar), OWASP Top 10, SDLC, Git, CI/CD, Linux/Windows.Experience with embedded or performance-sensitive systems is a plus. Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.