Contract Length:9 months
Location: Hybrid (60% onsite / 40% remote)
Office Location:Knutsford
Rate: £600-£625pd (Inside IR35)

Role Overview

We are seeking a Network Technical Integration Lead to provide engineering leadership across Network Security platforms. This role is accountable for engineering excellence, secure change delivery, and operational resilience, working in close partnership with Product Owners and global delivery teams.

The role focuses on delivering secure, scalable, and automated Network Security solutions, aligned to Zero Trust principles, governance frameworks, and enterprise non-functional requirements, while embedding DevSecOps and SRE practices as standard.

Key Accountabilities1. Product-Aligned Engineering Leadership

• Act as the engineering counterpart to the Network Security Product Owner
• Jointly own technical roadmap, delivery sequencing, and trade-offs between risk, resilience, and delivery velocity
• Collaborate with Component Product Owners and peer Technical Leads to ensure seamless integration with identity, cloud, endpoint, and observability platforms
• Translate product vision and backlog priorities into implementable architectures, designs, and runbooks

2. Secure-by-Design Architecture & Delivery

• Own end-to-end technical design for Network Security services, including:

  • Zero Trust Network Access (ZTNA)
  • NGFW, NAC, IDS/IPS
  • Proxy services
  • SIEM / SOAR integrations

• Define and assure non-functional requirements (availability, scalability, performance, security, operability)

• Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST, ISO 27001)

3. Engineering Quality, Automation & DevSecOps

• Make automation the default through security-as-code, GitOps, and CI/CD practices
• Lead code reviews for Infrastructure-as-Code, configuration management, and automated runbooks
• Ensure testability via change rehearsal, smoke/soak testing, rollback automation, and failure validation
• Continuously improve automated and standard change models to reduce manual intervention and risk

4. Operational Resilience & SRE Practices

• Own engineering input into SRE metrics (MTTR, MTTD, deployment frequency, error budgets)
• Drive defect and incident analytics and remediation sprints
• Support major incident management and post-incident reviews, embedding learning into platform design

5. Governance, Risk & Compliance

• Ensure solutions meet regulatory, risk, and audit requirements with automated evidence where possible
• Balance security posture, compliance obligations, and business enablement
• Embed ITIL-aligned practices without compromising engineering agility

Collaboration & Ways of Working

• Operate within a product triad alongside Product Owners
• Act as a technical mentor and coach for engineers
• Collaborate with peer Technical Leads across infrastructure, cloud, and identity domains to deliver end-to-end Zero Trust outcomes

Required Skills & Experience

• 810+ years experience designing, building, and operating enterprise network security platforms

• Deep hands-on expertise in one or more of:

  • ZTNA, NGFW, NAC, IDS/IPS
  • Proxy services
  • SIEM / SOAR integrations

• Strong understanding of Zero Trust Architecture and policy-based access control

• Proven DevSecOps, IaC, and CI/CD experience

• Solid grounding in ITIL, major incident management, and post-incident review practices

Preferred Certifications

• CCNP / CCIE (Security or Enterprise)
• Vendor certifications (Zscaler, Fortinet, Palo Alto)
• Splunk Admin / Enterprise Security
• ITIL 4 (Managing Professional or equivalent)

Success Measures

• Reduction in change failure rates and repeat incidents
• Improved MTTR and service resilience
• Increased automation and standardised change adoption
• Strong alignment between product strategy, engineering execution, and security outcomes

£Up to £110,000 GBP
Transport Allowance
Hybrid WORKING
Location: London; Manchester; Bristol, Central London, Greater London - United Kingdom Type: Permanent

The Role - Security Architect Consultant
Join a consultancy recognised as a UK Great Place to Work year after year - a distinction that highlights its people-first culture, technical excellence, and consistent delivery of secure, high-impact solutions across complex programmes.

Our client is a globally respected digital, data, and technology consultancy, helping organisations transform through innovation, strategy, and advanced engineering. With over 4,000 experts across sectors including defence, government, financial services, and healthcare, the client delivers large-scale digital transformations where security and resilience are critical.

As a Security Architect Consultant, you will define and deliver end-to-end security architecture solutions for complex client programmes. You will apply your expertise to design secure systems, manage business and security risks, and provide practical, scalable security architectures that protect critical infrastructure and data.

The Security Architect Consultant role is hybrid, with a minimum of two days per week in the office or on client site, aligned to programme requirements.

Key Responsibilities - Security Architect Consultant
As a Security Architect Consultant, you will:

• Define end-to-end security architecture across projects and programmes, producing Conceptual, Logical, and Implementation Architecture views
• Design secure system architectures using principles and patterns that manage business and security risks
• Review and enhance client security measures with innovative, practical solutions
• Operate in agile, cross-functional teams to problem-solve both client and internal challenges
• Lead live whiteboarding sessions and collaborative workshops to define secure architectures
• Provide technical guidance to project teams and mentor junior colleagues in security best practices
• Ensure security considerations are embedded in all design and delivery activities
• Maintain awareness of emerging security trends, standards, and technologies to inform client solutions

The Security Architect Consultant will operate at the intersection of technical authority and client delivery, ensuring solutions are secure, compliant, and operationally resilient.

Key Requirements

• Proven experience as a Security Architect Consultant delivering security solutions for large-scale infrastructure or integration projects
• Solid foundation in information security principles and best practices
• Relevant certifications such as CISSP, CISM, IISP/CCP, TOGAF, or SABSA
• Strong analytical thinking and problem-solving skills
• Experience collaborating with multiple stakeholders in fast-paced environments
• Eligibility for UK security clearance (British citizen or UK resident for the past 5 years)

Even if you don’t meet every requirement, applications are encouraged - the client hires across multiple levels within the Security Architect Consultant capability.

You Will Gain Exposure With

• Complex, high-stakes security architecture and transformation programmes
• Large-scale enterprise infrastructure and integration projects
• Cross-disciplinary collaboration with strategists, engineers, designers, and technologists
• Modern security frameworks, cloud platforms, and risk management methodologies
• A highly collaborative and inclusive technical community
• Structured learning budgets, certifications, and continuous professional development

Why Join?

• Join a consultancy consistently recognised as a top employer in the UK
• Work as a Security Architect Consultant on strategically important, high-impact programmes
• Hybrid working model with flexibility aligned to client needs
• Access to private healthcare, generous pension, and performance bonus
• Share ownership opportunities
• Strong commitment to inclusion, equality, and diverse career progression
• Operate at the intersection of technical authority, client impact, and strategic leadership

This Security Architect Consultant opportunity offers the chance to design and implement secure, resilient architectures while developing deep expertise within a consultancy that combines engineering rigour with purpose-led, high-impact transformation.

Interested? Apply Now!
Or reach out directly to Aaron O’Neill | LinkedIn

Reference: AON/AMC/PGSecurityArchitect

#aaon

Akamai Security Engineer & Senior Akamai Security Engineer (Contract)
Knutsford Hybrid - 3 days onsite 2 remote
Senior: £620 per day
Engineer: £490 per day
Until 30/11/2026
INSIDE IR35

Our client is looking for an Akamai Security Engineer and a Senior Akamai Security Engineer to lead the design, deployment, and optimisation of Akamai security solutions across large‑scale, high‑traffic digital platforms.

These are key engineering roles focused on strengthening web security, enhancing performance, and embedding best‑practice Akamai configurations into global environments.

Key Responsibilities

Engineer
Configure & maintain Akamai tools (KSD, WAF, Bot Manager, CDN)
Support implementation of rulesets, policies & routing configs
Monitor traffic, identify threats & assist in incident response
Tune WAF & bot rules to reduce false positives
Assist with CDN configuration, caching & performance tuning
Manage certificates, redirects, and Akamai property updates
Collaborate with application teams for secure deployments
Produce documentation & support continuous improvement

Senior Engineer
Architect, configure & optimise Akamai tools (KSD, WAF, Bot Manager, CDN)
Lead end‑to‑end policy and ruleset implementation
Conduct threat analysis, log review & incident response
Implement rate limiting, DDoS protection & bot mitigation
Manage Akamai properties, certificates, redirects & routing
Tune WAF rules to reduce false positives
Provide technical leadership & best‑practice guidance

Required Skills

Engineer
Hands-on experience with Akamai (KSD, WAF, CDN)
Understanding of OWASP Top 10, DDoS, bot behaviours
Strong grasp of HTTP/S, DNS, TLS, caching & CDNs
Basic scripting (Python, Shell, APIs)
Solid troubleshooting & analytical skills

Senior Engineer
Extensive hands‑on Akamai experience (KSD, WAF, Bot Manager, EdgeWorkers, CDN)
Strong knowledge of OWASP Top 10, DDoS, API protection & bot threats
Deep understanding of HTTP/S, DNS, TCP/IP, TLS & caching strategies
Experience with large‑scale, high‑traffic web environments
Scripting/automation: Python, Shell, Akamai APIs
Strong troubleshooting & performance tuning capability

What to do now
If you’re interested, click apply and upload an up-to-date copy of your CV.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

Were working with a large organisation going through major cyber transformation to hire a IT Security Architect. This role is responsible for leading the integration of cybersecurity by design across Digital, Enterprise, and Operational Technology systems, ensuring proactive risk mitigation and compliance from the outset.

What youll do

• Develop and implement security architectures aligned with enterprise strategy, regulations, and control standards, with a focus on Azure and hybrid cloud environments.
• Collaborate with Enterprise, Solution, and Cloud Architects to embed security in all designs, including application security and Azure-native services.
• Define and maintain security standards, guidelines, and reference architectures for Azure workloads, identity management (e.g., Entra ID), and secure application development.
• Deliver clear cybersecurity advice to technical and non-technical stakeholders on Azure security best practices, threat protection, and compliance.
• Champion ‘Secure by Design’ across IT infrastructure, emphasizing Azure Defender, Sentinel, and application security controls.

What were looking for

• Expertise in enterprise IT systems, networks, Azure platforms, secure design principles, and architecture frameworks like TOGAF or SABSA.
• Proven experience as an IT Security Architect or secure systems engineer in complex cloud environments, creating technical designs for Azure security architecture, application security (e.g., OWASP, DevSecOps), and network segmentation.
• Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC, and assurance processes.
• Experience delivering “secure by design” in regulated sectors (e.g., finance, healthcare, critical infrastructure), including Azure compliance certifications like ISO 27001, SOC 2, and GDPR.
• Proficiency in cloud security architecture, including zero-trust models, container security (e.g., AKS), and multi-cloud/hybrid strategies.

Whilst we are looking for IT Security Architects, we’re open to speaking to Infrastructure Architects, Cloud Architects, or Technical Design Authorities with Azure security experience who want to specialize in IT Security Architecture.

Whats on offer

• 30 days holiday plus bank holidays, flexible leave options, and family-friendly policies
• Generous employer pension contribution up to 13.5%, and employee health assistance program

This is a high-impact role where your expertise will influence strategy and strengthen cyber resilience. This is a permanent position based in the North West of England. Candidates must have the right to work in the UK without sponsorship. Candidates must have been living in the UK for the last 5 years without more than 6 months living in another country.

Knutsford - Hybrid, 3 days on site

Contract - £480 - £510 per day (inside)

Our client is seeking an Application Security Specialist who will join the security team of a major organisation. You will assess and strengthen the security of applications across development, deployment, and operations.

Responsibilities:

• Conduct security reviews, threat modelling, and vulnerability assessments.
• Support secure coding practices and provide guidance to development teams.
• Operate security scanning tools (SAST/DAST/IAST).
• Validate remediation of vulnerabilities and track risk reductions.
• Contribute to secure design standards and best practices.
• Work with DevOps to embed security into CI/CD pipelines.

Technical Skills & Competencies:

• Knowledge of OWASP Top 10 and secure development principles.
• Experience with scanning tools (e.g., SonarQube, Veracode, Fortify).
• Understanding of cloud security and API/application architecture
• Strong communication and stakeholder management skills
• Comfortable working directly with senior leadership
• Problem-solver with a hands-on mindset

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Location: Hybrid 3 days on site in Knutsford
Duration: 31/03/2027
Rate 497
MUST BE PAYE THROUGH UMBRELLA

Role Description:
As part of the Cyber Enhancement Programme (CEP), the Tanium Technical SME will address critical capability and coverage gaps in the organisation’s current Tanium EDR and telemetry estate. These roles are required to ensure the organisation can prevent, detect, respond to, and contain cyber threats at speed and scale. Internal SME capacity is fully consumed, and no Tanium resources are currently available to deliver the 2026 CEP Book of Work, necessitating external specialist support.
Key Responsibilities

• Lead remediation of an agreed list of known Tanium EDR gaps across the estate.
• Activate, configure, and deploy Tanium Reactions aligned to containment and detection requirements.
• Support Tanium device discovery, improving asset visibility across hardware, software and telemetry.
• Integrate device data, software data, and extended telemetry into SIEM and wider detection tooling.
• Develop and implement CI/CD pipelines for Detection Engineering content deployed through Tanium.
• Conduct Tanium testing and validation cycles, including rollback procedures to support CI/CD and containment operations.
• Collaborate with Detection Engineering, Endpoint, and C2E workstreams to ensure readiness for platform go-live.
• Provide expert input into Tanium architecture, enhancements, integrations, and operational uplift.
• Produce documentation, operational runbooks, and configuration standards for long-term sustainability.

Skills & Experience Required

• Proven expertise configuring, deploying, and operating the Tanium platform at enterprise scale.

• Strong experience in Tanium modules including:

• Tanium Threat Response

• Tanium Discover / Asset

• Tanium Deploy

• Tanium Signals & Reactions

• Deep knowledge of endpoint telemetry, EDR technologies, and cyber threat detection.

• Hands?on CI/CD experience, including automated content build, testing, and rollback.

• Experience integrating Tanium data into SIEM platforms and detection pipelines.

• Ability to troubleshoot complex endpoint, sensor, and configuration issues.

• Strong communication and documentation skills, with ability to influence multiple workstreams.

Location: Hybrid - 3 days on site Knutsford
Duration: 31/03/2027
Rate 426
MUST BE PAYE THROUGH UMBRELLA
Role Description:
The CyOps Analyst will support the Cyber Enhancement Programme by operationalising new detection capabilities, improving cyber readiness, and supporting endpoint and containment tooling as Tanium capabilities expand. These roles ensure T1 milestones can be met and that Detection Engineering and C2E workstreams are ready for platform go?live.
Key Responsibilities

• Operate, monitor, and triage enhanced detection outputs generated through Tanium and SIEM integration.
• Support operational readiness for new containment capabilities deployed as part of C2E workstream.
• Validate and operationalise detection content delivered via CI/CD and Tanium telemetry ingestion.
• Aid in correlating endpoint, device discovery, and telemetry insights to support investigations and incident response.
• Work with SMEs to assess gaps, document findings, and ensure operational closure of identified EDR issues.
• Support cyber incident response activities, providing endpoint expertise and rapid analysis.
• Maintain operational dashboards, reporting, and KPI tracking for CEP governance.
• Enhance playbooks and operational procedures to reflect new Tanium-driven capabilities.

Skills & Experience Required

• Experience in Cyber Operations, SOC Level 2/3, or Incident Response.
• Strong understanding of endpoint telemetry, EDR, and detection technologies (Tanium experience desirable).
• Experience triaging and analysing alerts from SIEM, EDR, and endpoint tooling.
• Ability to work across Detection Engineering and IR teams to enhance detection logic and response actions.
• Excellent analytical skills with strong attention to detail.
• Clear communication, documentation, and stakeholder engagement skills."

Your new companyA large UK public sector organisation responsible for delivering essential national services and supporting critical government operations. The organisation oversees a wide range of public-facing and internal functions, working across multiple departments to ensure effective service delivery, policy implementation, and operational support.Your new role

• Design, develop, and maintain SailPoint connectors, workflows, rules, and APIs for automated provisioning and de-provisioning.
• Lead configuration, integration, and deployment of SailPoint IdentityIQ or Identity Security Cloud solutions.
• Integrate SailPoint with systems such as Active Directory, Entra ID, HR systems, AWS, ServiceNow, LDAP directories, and cloud applications.
• Implement IAM governance functions including RBAC, access reviews, certification campaigns, and lifecycle policy enforcement.
• Develop custom rules, scripts, and extensions using Java, BeanShell, XML, and REST/SOAP APIs.
• Troubleshoot issues related to provisioning, connectors, access control, and integration failures.
• Build automation to support onboarding/offboarding, role assignment, and identity lifecycle events.
• Collaborate with InfoSec, DevOps, and Compliance teams to strengthen governance, audit readiness, and least-privilege access standards.
• Ensure solutions adhere to enterprise security, scalability, availability, and performance requirements.
• Support production operations, including incident response, triage, and continuous improvement.

What you’ll need to succeed

• Hands-on engineering experience with SailPoint
• Deep understanding of IAM principles: RBAC, least privilege, access certification, governance workflows.
• Integration experience with identity data sources: Active Directory, LDAP, HRIS, AWS, ServiceNow, databases.
• Strong troubleshooting skills across provisioning, connector issues, and identity lifecycle processes.

What you’ll get in returnYou will be offered a long-term (6 months) contract working in the city centre for a public sector organisation, offering hybrid working and a competitive day rate. What you need to do nowIf you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Security Engineer Infrastructure / Cryptography / Automation
£500£700 per day (Inside IR35)
Cheshire 2 days per week onsite (mandatory)
Initial 12-month contract

Atrium EMEA are supporting a world-leading IT services client on their search for multiple Security Engineers to join a long-term financial services programme.

We are hiring across several specialist areas within secure enterprise infrastructure. These roles sit within a highly regulated environment and require strong hands-on engineering capability.

We are particularly interested in professionals with experience in one or more of the following areas:

Cryptography engineering, including Hardware Security Modules (HSMs) such as Thales, Entrust or IBM platforms
Infrastructure and security engineering across Windows, Unix/Linux, networking and firewalls
Python-based automation, REST API integration and workflow improvement within secure environments

These are build-focused engineering roles not support or helpdesk positions. Candidates should have experience working within enterprise or financial services environments and be comfortable operating within structured, security-controlled infrastructure.

Key Requirements:

Strong hands-on engineering background within security or infrastructure
Experience working within regulated enterprise environments
Ability to work onsite in Cheshire 2 days per week
Willingness to support occasional data centre deployments where required

This is an excellent opportunity to join a long-term programme delivering critical secure infrastructure within a major financial services environment.

SOC Engineering Lead

£70,000 - £80,000 DOE

Hybrid Working

UKSV clearance required candidates must hold or be eligible to obtain clearance.

This role leads the Security Engineering function within a high-performing Security Operations Centre.

It is a pivotal leadership position responsible for onboarding delivery, platform engineering, detection optimisation and technical transition into live SOC services.

The team is technically strong. What it needs is structure, prioritisation and consistent leadership.

You will bring clarity, accountability and calm while remaining technically credible and hands-on.

This is not a pure management role. You must be able to lead from the front.

The Role

You will:

• Lead and schedule the SOC Engineering team across onboarding and live service activity
• Own technical delivery during customer onboarding and transition
• Oversee Sentinel connector deployment, Defender integration, rule tuning and SOAR playbooks
• Ensure structured service handover into SOC operations with clear documentation
• Act as escalation point for complex engineering issues in live environments
• Maintain SLA adherence and platform health
• Improve detection logic, automation and enrichment capability
• Drive engineering standards, reporting clarity and workload discipline
• Coach and develop junior engineers
• Maintain technical authority across Microsoft Sentinel, Defender suite, Entra ID and Azure security architecture

What Success Looks Like

• Onboarding delivered on time with validated integrations
• Clean handover into SOC with documented runbooks
• Improved automation and measurable SOC efficiency gains
• A structured, aligned engineering team with clear ownership

Essential Experience

• Experience leading a Security Engineering team within an MSP, MSSP or SOC environment
• Strong hands-on expertise with Microsoft Sentinel and Defender XDR
• Deep understanding of Azure security architecture and ingestion strategy
• Proven experience configuring connectors and tuning detection rules
• Experience with SOAR platforms
• Strong KQL capability
• Ability to manage competing priorities in fast-paced environments
• Experience managing ingestion costs or cloud service optimisation
• Confident customer communication

Desirable

• Integration experience (Mimecast, Darktrace, legacy EDR platforms)
• ITIL exposure (change and incident management)
• Google Cloud or AWS knowledge
• Microsoft security certifications
• GIAC, CISSP, CYSA+ or equivalent

Leadership Profile

You are:

• Structured and operationally disciplined
• Calm under pressure
• Comfortable holding accountability
• Technically credible with engineers
• Clear and direct with customers
• Focused on outcomes, not activity

This role will not suit someone who prefers individual contribution without people leadership responsibility.

Role Title: CISO Security Consultant

Location: Knutsford, Cheshire/ Hybrid - 2/3 days per week onsite

Duration: 8 months

Rate: 465 per day inside ir35

We’re looking for a proactive Security Consultant to assess, design, and strengthen secure systems across infrastructure and applications. You’ll bring hands-on expertise in areas such as networking, application security, pentesting, databases, or operating systems (Linux/Windows), along with a strong grasp of risk management and secure design principles.

CISSP is highly desirable (additional certifications a bonus). Strong analytical skills, clear communication, and the ability to work both independently and collaboratively are essential. Familiarity with MS Office, Confluence, and Jira is advantageous.

Role Description

As a Security Consultant, you will work closely with clients and internal teams to assess, design, and enhance secure systems. You will provide expert guidance across infrastructure, applications, and enterprise environments, ensuring best practices and industry standards are consistently applied.

Required Skills & Experience

• Strong experience in at least one of the following areas:

• Computer networking
• Application security
• Cryptography (desirable but not essential)
• Penetration testing
• Databases
• Operating systems (Linux and/or Windows)

• Solid understanding of security principles, risk management, and secure design
• Ability to assess vulnerabilities and recommend practical remediation strategies
• Excellent analytical and problem-solving skills
• Strong written and verbal communication skills

Certifications

• CISSP certification is highly desirable
• Additional security certifications (e.g., CEH, CISM, OSCP, Security+) would be advantageous

Desirable IT Skills

• Proficiency in MS Office
• Experience using Confluence
• Familiarity with Jira

What We’re Looking For

• A proactive and detail-oriented professional
• Comfortable working independently and as part of a team
• Strong stakeholder engagement skills
• A commitment to continuous learning and professional development

Job Title: Asset Manager
Function: Service Management
Location: Salford Quays, Manchester (Hybrid)
Start date: ASAP
Contract: 6 months (possibility of extension)

Role Purpose
Our client is establishing a new Asset Management practice within our Service Management function, and we’re looking for an experienced Asset Management SME to help us build it from the ground up.

This is a pivotal role within our Major Operating Securely Programme. Service Management has ownership of CIS Controls 1 & 2 (Inventory and Control of Enterprise and Software Assets), and you will lead the design, implementation, and governance of the processes and controls required to meet these standards.

Working closely with our in-flight CMDB programme, you’ll ensure strong alignment between Asset Management and Configuration Management, driving accurate asset visibility, lifecycle control, compliance, and data integrity across the technology estate.

What you’ll do:

• Define and establish the Asset Management strategy, policies, and operating model
• Embed governance supporting CIS Controls 1 & 2
• Design and implement end-to-end asset lifecycle processes
• Partner with Cyber Security, Technology, Procurement, and Finance
• Align Asset Management with CMDB data models and tooling
• Build reporting, controls, and audit readiness frameworks

What we’re looking for:

• Proven experience building or transforming an IT Asset Management (ITAM) capability
• Strong knowledge of ITIL and Service Management practices
• Experience working with CMDB platforms (e.g., Helix)
• Understanding of CIS Controls and security governance
• Ability to operate strategically while remaining hands-on in a build environment

This is a unique opportunity to shape and embed a critical capability that underpins security, compliance, and operational resilience at scale.

Up to 58,000 plus excellent pension and holiday entitlement
Hybrid - 2 days on site - Manchester
About the Role

I’m working with a Manchester-based public sector organisation who are seeking a cyber security engineer to work alongside security architects and project teams on exciting projects, implementations and designs.

This role comes with excellent training and progression opportunities, and is therefore a great opportunity for someone looking to take their security engineering skillset into the projects, design and architecture space.

The ideal candidate will have an understanding of architecture and secure by design principles, and will have experience implementing security controls and integrating security engineering best practices and into agile and DevOps processes.

Key Responsibilities

• Working alongside security architects and project teams to assess designs, uncover potential risks, and integrate security best practice
• Taking responsibility for deploying security controls across projects and operational environments
• Configuring assets across a multi-cloud environment
• Converting architectural designs into practical actions and processes
• Integrating security into agile and DevSecOps processes
• Ensuring projects and designs are secure by design, and being actively involved in creating and implementing the controls to ensure this is the case
• Monitor emerging trends and technologies, evaluating their potential for future adoption within the security strategy.
• Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives.

What We’re Looking For

• SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks.
• Security Stack: Hands-on with EDR, XDR, WAF, and email security solutions.
• Preferred Vendors: Experience with Crowdstrike, Palo Alto, and the Microsoft Defender suite is highly beneficial.
• Emerging Tech: Awareness of AI security risks and familiarity with DevSecOps practices.
• Infrastructure & System Security: Proficient in identifying and mitigating vulnerabilities within system hardware, software, and infrastructure components.
• Identity & Access Management (IAM): Practical expertise in PIM, PAM, RBAC, concepts and their real-world application.
• Network & Data Security: Proficiency in firewalls, encryption (data at rest and in transit), and how to defend against malware across enterprise services.
• Security Architecture & Design: Ability to translate high-level architectural designs into practical, low-level technical solutions while ensuring they are “secure by design”.
• Cloud & Endpoint Security: Developing expertise in cloud technologies and securing diverse platforms including Windows, Linux, and macOS.
• M365: Experience in improving Secure Score and recommending securing products like SharePoint Online.
• Assurance: Experience in assuring deployments met security design.

Package

• Up to 58,000 per annum
• 29 days annual leave excluding bank holidays
• 21% pension
• Career development opportunities and access to accredited qualifications
• Additional benefits available

What to do now
If you’re interested in this opportunity, click apply and send an up-to-date copy of your CV.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

Bolton

We have an opportunity working on behalf of UK Facilities Management, the Operational Technology (OT) Risk Manager will act as the deployed local security leader and expert in all elements of security for General Infrastructure Management Systems (GIMS) policy.

Salary: Circa£60,000 depending on experience

Dynamic (hybrid) working: 3-4 days per week on-site due to workload classification and frequent travel to all sites across the UK

Security Clearance: British Citizen or a Dual UK national with British citizenship/Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

What we can offer you:

• Company Bonus: Bonus of up to 21% of base salary
• Pension: maximum total (employer and employee) contribution of up to 14%
• Flexible working: We welcome applicants who are looking for flexible working arrangements
• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more
• Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more .

The opportunity:

The main focus is the creation, execution and maintenance of a framework to identify and address risks associated with the devices which support MBDA’s Building and Infrastructure across the UK. This will also include input into the wider group structures as and when required. The OT Risk Manager will act as the point of contact for all new, existing and legacy GIMS installations, providing advice, guidance and direction to address the multiple security risks associated with them. This includes liaising with cross business teams outside of FM, such as Cyber and InfoSec, IM and Product Cyber. The OT Risk Manager will oversee all change management activities related to the connectivity and digital interfaces of the relevant infrastructure, ensuring all change remains appropriate and complaint with policy; ensuring an evidenced position is constantly maintained by MBDA UK of continued compliance with all relevant standards which may be subject no-notice audits by MBDA Group, MOD and other customers. They will deliver technical security consultancy to the business including architecture and solution suitability to meet a complex suite of business requirements. They will create and update ISO 27001 compliant policies to specifically address the GIMS policy ensuring that all policies, processes, procedures and technical infrastructure remains compliant with MBDA UKs wider ISO 27001 ISMS as well as other certifications as appropriate.

The OT Risk Manager will be a critical leader in any new infrastructure projects within MBDA UK and for reducing cyber risk to the business as part of a wider team. The OT Risk Manager will also coordinate all technical security testing within their allocated area of operations, as well as maintaining upward reporting to MBDA UK FM Director, UK Security Director and UK CISO on results and remediation progressions. They will proactively coordinate with the Principle Cyber and Information Security Advisor for all required assurance activity and evidence based reporting. They will work with FM and wider business stakeholders to create a network of Asset Owners and formally document the asset registers for their areas of operation.

What we’re looking for from you:

• CISSP, InfoSec/Cyber Degree or equivalent (Essential)
• Experience or relevant certifications in network security or industrial control system hardening (Essential)
• Knowledge of security surrounding systems enabling critical services within business (ICS/SCADA/BMS/BEMS)
• Comfortable with establishing and maintaining relationships with national security authorities, internal stakeholders and industry partners.
• Expert in security concepts for IT network architectures, applications, cloud services and hardening of operating systems within ICS and SCADA context.
• Ability to present risk balanced security solutions to complex problems and provide clear advice directly to key stakeholders at all levels
• Experience of managing and developing inexperienced IT/FM Engineers to maintain security
• Experience of system accreditation processes and documentation.
• Experience of security risk management
• Knowledge of business IT processes and associated approval systems
• Expert knowledge of modern hacking Tactics, Techniques and Procedures including impacts affecting GIMS/ICS/SCADA.

Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given

MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.

Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.

Knutsford - Hybrid, 3 days on site

Contract - £700 - £750 per day (inside)

Our client is seeking an API Security Architect who will join the security team of a major organisation. You will have strong knowledge of enterprise-level API Security Architecture, as you will ensure that APIs are built securely, and align with organisational security and compliance requirements.

Technical Skills & Competencies:

• Proven experience in API security architecture within large-scale environments.
• Expertise in API gateways (Apigee, Azure API Management, Kong, Mulesoft).
• Strong knowledge of OAuth2.0, OIDC, JWT, mTLS, TLS, and Zero Trust principles.
• Deep understanding of OWASP API Security Top 10 and secure design patterns.
• Experience designing security controls in the cloud (Azure, AWS, or GCP).
• Ability to create architectural artefacts (HLDs, LLDs, security patterns).

Desirable:

• Strong communication and stakeholder management skills
• Comfortable working directly with senior leadership
• Problem-solver with a hands-on mindset
• Prior experience working with global banks or financial institutions
• Security certifications (CISSP, GIAC, SABSA, CCSP - preferred but not mandatory)

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Our client, a UK-based group is seeking a Director of Digital Services to lead end-to-end IT and digital transformation across the organisation and its subsidiaries.

This is a strategic and operational leadership role responsible for delivering secure, reliable IT services while driving digital modernisation across infrastructure, business applications and ways of working.

Key Responsibilities

• Own the group-wide Digital & IT strategy, governance and roadmap
• Lead service delivery across service desk, field support and infrastructure
• Drive implementation and optimisation of Microsoft Dynamics 365
• Own and improve the care management system
• Strengthen cyber security, data protection and risk management
• Embed AI (including AI agents) safely and pragmatically
• Manage budgets, suppliers and contracts to deliver value for money
• Lead and develop a multi-disciplinary digital team

What We re Looking For

• Senior leadership experience owning IT across multi-site organisations
• Strong service delivery and ITIL-aligned operational control
• Proven cyber security leadership in regulated or sensitive environments
• Successful delivery of major system or platform implementations
• Experience managing budgets, suppliers and technical teams
• Knowledge of Microsoft 365, Azure and modern workplace security

Experience within healthcare or another regulated environment is desirable.

This is an opportunity to shape and lead digital services at group level, balancing operational excellence with forward-thinking transformation.

Competitive salary and hybrid working offered.

Interested? Please Click Apply Now! Director of Digital Services

months+

+Inside IR35

• 425 - 466 a day

+Hybrid working in Knutsford

We are looking for an experienced Akamai Security Engineer to support the configuration, deployment, and ongoing optimisation of Akamai security solutions across enterprise web and API platforms. You will work closely with security, infrastructure, and application teams to ensure secure, resilient, and high-performing digital services.

Key Responsibilities

• Configure and maintain Akamai security tools including Kona Site Defender (KSD), WAF, and Bot Manager
• Implement and manage security policies, rulesets, and traffic routing configurations
• Monitor web traffic, identify threats, and support incident response activities
• Tune WAF and bot protection rules to minimise false positives and enhance effectiveness
• Support CDN configuration, caching strategies, and performance optimisation
• Manage certificates, edge redirects, property updates, and console changes
• Collaborate with application teams to ensure secure deployments and adherence to best practice
• Maintain documentation and contribute to continuous improvement of web security operations

Required Skills & Experience

• Hands-on experience with Akamai technologies (KSD, WAF, CDN)
• Strong understanding of web security fundamentals (OWASP Top 10, DDoS mitigation, bot management)
• Solid knowledge of HTTP/S, DNS, TLS, caching, and content delivery networks
• Basic scripting or automation experience (Python, Shell, or Akamai APIs)
• Strong troubleshooting, analytical, and problem-solving skills

Nice to Have

• Akamai certification (ACE)
• Experience with cloud platforms (Azure, AWS, or GCP)
• Exposure to DevSecOps tooling, CI/CD pipelines, or Infrastructure as Code
• Experience working with SIEM or monitoring tools

This is an excellent long-term contract opportunity within a large-scale financial technology environment, offering hybrid flexibility and the chance to work on critical digital security initiatives.

If you’d like to discuss this Akamai Security Engineer in more detail, please send your updated CV to (url removed) and I will get in touch.

Role: Network Security Technical Product Owner

Location: Hybrid (60% office / 40% remote) - South Manchester

Role Overview

We are seeking an experienced Network Security Technical Product Owner to define and drive the strategy, delivery, and lifecycle of enterprise network security products. This role requires a blend of technical expertise, product ownership, and stakeholder management to deliver secure, scalable, and compliant network security capabilities aligned with Zero Trust principles and regulatory requirements.

You will work closely with security operations, infrastructure, architecture, and compliance teams to prioritise delivery based on risk, business value, and evolving threat landscapes.

Key Responsibilities

Product Strategy & Vision

• Define and communicate a clear network security product vision aligned with Zero Trust architecture, governance frameworks, and regulatory requirements.
• Own and prioritise the security product backlog, balancing risk, business value, and operational needs.
• Collaborate with engineering, security operations, and compliance teams to ensure successful product delivery and adoption.
• Drive API and orchestration integrations between security platforms and enterprise tooling.

Technical Leadership & Delivery

• Provide hands-on expertise in designing and delivering enterprise-scale network security solutions, including:

  • Zero Trust Network Access (ZTNA)
  • Network Access Control (NAC)
  • Next-Generation Firewalls (NGFW)
  • IDS/IPS platforms
  • SIEM integrations

• Support deployments across physical, virtual, and cloud environments.

• Document security architectures, threat models, control frameworks, and policy workflows aligned to industry standards.

Required Technical Expertise

• Strong understanding of network security fundamentals and Zero Trust architectures.
• Experience with identity-aware proxies, Software-Defined Perimeter (SDP), 802.1X, certificate-based authentication, and policy-driven access control.
• Knowledge of segmentation strategies, firewall technologies, threat intelligence integration, and security policy modelling.
• Familiarity with governance frameworks and standards such as NIST, ISO 27001, and CIS Controls.

Desirable Skills & Experience

DevSecOps & Cloud Security

• Experience with security-as-code, GitOps, CI/CD security pipelines, and Infrastructure-as-Code security scanning.
• Working knowledge of cloud security platforms (CASB, SASE, ZTNA platforms, cloud firewalls, IAM integration, security posture management).

Compliance & Risk

• Knowledge of security and compliance frameworks such as NIST CSF, ISO 27001/27002, PCI-DSS, SOC 2.
• Understanding of ITIL, risk management frameworks, and enterprise security governance processes.

Agile Delivery

• Experience working in Agile environments (Scrum/Kanban) using Jira/Confluence.
• Familiarity with security SRE metrics such as MTTD, MTTR, deployment frequency, and Security Level Objectives (SLOs).

Candidate Profile

You are a technically strong product owner with hands-on network security experience, capable of translating complex security requirements into deliverable product roadmaps. You are comfortable working across engineering, architecture, and risk functions in large enterprise environments and can influence stakeholders at all levels.

Role: Senior Akamai Security Engineer
Location: Hybrid - 60% onsite / 40% remote - Knutsford, Cheshire
Contract Length: Until 30/11/2026
Rate: 550 to 600 per day Inside IR35

Role Overview

We’re looking for a Senior Akamai Security Engineer to lead the design, implementation, and optimisation of Akamai security solutions across large-scale digital platforms.

This role sits at the sharp end of web security - protecting high-traffic environments from modern threats while improving performance and resilience. Expect real engineering challenges, complex environments, and zero room for checkbox security.

Key Responsibilities

• Architect, configure, and optimise Akamai security solutions including Kona Site Defender, WAF, Bot Manager, and CDN
• Lead end-to-end implementation of Akamai security policies and custom rules
• Perform threat analysis, log monitoring, and security incident response for web traffic
• Implement and manage rate limiting, bot mitigation, DDoS protection, and zero-trust controls
• Partner with engineering and application teams to embed secure Akamai configurations into delivery pipelines
• Manage Akamai properties, edge redirects, certificates, and traffic routing rules
• Tune WAF policies to minimise false positives while maximising threat coverage
• Provide technical leadership, documentation, and best-practice guidance

Required Skills & Experience

• Extensive hands-on experience with the Akamai platform: Kona Site Defender, WAF, Bot Manager, EdgeWorkers, CDN
• Strong understanding of web security fundamentals: OWASP Top 10, DDoS, bot protection, API security
• Deep knowledge of HTTP/S, TCP/IP, DNS, TLS, caching strategies, and CDN optimisation
• Experience supporting large-scale, high-traffic production environments
• Scripting and automation skills (Python, Shell, Akamai APIs)
• Strong troubleshooting, analytical, and performance-tuning capability

Nice to Have

• Akamai certifications (ACE, Akamai Security Architect)
• Cloud platform experience (Azure, AWS, GCP)
• Familiarity with DevSecOps practices, CI/CD, and Infrastructure as Code
• Experience with SIEM platforms and security analytics

Role Title: Application Security Specialist

Duration: contract to run until 30/11/2026

Location: Knutsford, Hybrid 3 days per week onsite

Rate: up to 517.78 p/d Umbrella inside IR35

Role purpose / summary

We are looking for an Application Security Specialist to assess and strengthen the security of applications across development, deployment, and operations.

Key Responsibilities

• Conduct security reviews, threat modelling, and vulnerability assessments.
• Support secure coding practices and provide guidance to development teams.
• Operate security scanning tools (SAST/DAST/IAST).
• Validate remediation of vulnerabilities and track risk reductions.
• Contribute to secure design standards and best practices.
• Work with DevOps to embed security into CI/CD pipelines.

Required Skills

• Knowledge of OWASP Top 10 and secure development principles.
• Experience with scanning tools (e.g., SonarQube, Veracode, Fortify).
• Understanding of cloud security and API/application architecture.

All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Cyber Security Engineer Cyber Support Engineer Remote Hybrid Manchester 50-60k We are looking for a strong Cyber Security Engineer Cyber Support Engineer with Vulnerability remediation and Security Investigations & Monitoring & Reporting experience. We are looking for a dedicated and enthusiastic Cyber Security Engineer to join our Cyber Security team, the Cyber Security Engineer will be responsible for ensuring the seamless operation of security technologies that protect the organisation from an ever evolving threat landscape. The Cyber Security Engineer Cyber Support Engineer will be supporting the development and implementation of security systems and controls, you will be responsible for monitoring, managing and maintaining the security infrastructure, thereby playing a key role in safeguarding the organisations data, assets and overall cyber security posture. Key Accountabilities: Deliver a range of key cyber security activities including: Vulnerability remediation Security Investigations & Monitoring & Reporting Risk Assessment Application Security audits Identity Access Management