Remote Security Engineer Jobs

Make yourself visible and let companies apply to you.

Roles

Overview

Looking for remote Security Engineer jobs? Discover top cybersecurity roles you can do from anywhere on Haystack. Find the latest openings for expert Security Engineers focused on protecting systems, managing risks, and ensuring secure infrastructure—all with the flexibility of remote work. Start your next career move in cybersecurity today!

Remote Penetration Testing Team Leader - Growing Cybersecurity Consultancy

Recruitment Revolution

Ready to take the next step in your penetration testing career and lead a high-performing team at a respected, fast-growing cybersecurity consultancy?

This is your opportunity to join a CREST-certified organisation committed to excellence, innovation and integrity.

As our new Penetration Testing Team Leader, you’ll play a pivotal role in shaping cutting-edge testing services, developing talented testers, and helping protect clients across government, telecoms, finance, digital currencies and other critical sectors.

With structured development, meaningful progression opportunities, and the chance to make a visible impact from day one, this is a role designed for a driven, highly skilled Team Lead who thrives on technical depth, leadership and solving complex security challenges.

The Role at a Glance:

Penetration Testing Team Leader
Remote with travel to client sites and occasional meetings in London, UK or Channel Islands
Up to £95,000 DOE Plus Benefits
Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities.

Growth: A structured career development plan and training
Hours: 09:00 am to 17:30 pm Monday – Friday

Development Opportunity: Career progression opportunities to develop a growing team of penetration testers and break new ground in testing.

Company: Specialist information and cybersecurity consultancy and audit services

Company Values: We stand for honesty, integrity and fair practice and are committed to delivering value in every client engagement. Our people are creative, pragmatic and passionate about our purpose.

Your Skills / Background: Existing CHECK Team Lead qualification and Team Lead experience. You will also be a tenacious problem solver and communicator with strong client-facing and leadership experience to lead engagements, mentor testers at all levels, and scope complex projects.

The Penetration Testing Team Leader Opportunity:

As Penetration Testing Team Leader, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. You will deliver hands-on technical penetration testing on a variety of projects and guide and direct the team.

In return, you will benefit from an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects.

This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans.

Key Responsibilities:

• Improve and develop penetration testing methodologies, guide project scoping and execution, establish new testing services, and shape the future direction of the testing function with senior management.
• Deliver high-quality penetration tests across infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout scenarios, and cloud security assessments.
• Work with client teams to research vulnerabilities and emerging attack vectors, plan assessments accordingly, and support clients during ongoing incidents.
• Conduct vulnerability scans, unauthorised host discovery exercises, analyse findings, and translate results into actionable technical and business-risk recommendations.
• Produce high-quality technical reports and create internal documentation, tooling, threat libraries, methodologies, and policies to ensure consistent, informed, and meaningful testing outcomes.
• Provide technical presales support, contribute thought-leadership content (papers, articles, online posts, marketing material), and identify business development opportunities.
• Mentor, coach, and help build the technical team, supporting their growth in knowledge, skills, and career development.

About You:

• A driven, battle-tested Team Leader, holding a current CHECK Team Leader qualification and proven senior-level experience
• Extensive, hands-on penetration testing expertise backed by deep technical mastery
• Fluent in a wide arsenal of security testing tools, using the right tech for maximum impact
• Up-to-date, cutting-edge understanding of modern technologies, threats, and security trends
• Well-versed in key industry bodies, frameworks, and security standards
• Strong ability to translate vulnerabilities into real-world business risk, paired with standout reporting and client presentation skills
• Proven track record in growing and developing technical teams, including reviews, appraisals, training plans, and long-term career progression
• A credible, personable communicator who builds trust with clients, peers, and technical teams alike
• Self-starter with a proactive mindset, comfortable taking initiative and driving outcomes
• Genuinely passionate about penetration testing and nurturing teams across all skill levels
• Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum but we are unfortunately not able to offer sponsorship)

About Us:

We are a specialist information and cybersecurity consultancy and expert at understanding information security risks, creating appropriate security destinations and protecting clients from a range of security threats.

We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus.

Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure.

Services include:

• Security consulting across the area of security governance, risk, compliance and standards alignment
• Penetration testing
• Security architecture for cloud and infrastructure
• Detection and response
• Fractional heads and virtual support
• NCSC Assurance service provider for Cyber Essentials and a Certifying Body
• Security auditing across varying standards such as ISO27001, NIST, PCI DSS and Cyber Essentials
• Training and awareness

If you’re a proven Penetration Testing Team Leader with CHECK TL status, a passion for advancing security testing, and the drive to mentor and grow a talented team, we’d love to hear from you.

Step into a role where your expertise shapes real-world defence, your ideas influence future testing services, and your career continues to accelerate in a supportive, forward-thinking environment.

Interested? Apply here for a fast-track path to our Hiring Manager

Application notice… We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details.

If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

(Application) Security Engineer

The Mission

We provide Information Security and Compliance services, helping our clients build secure, audit-ready systems. We are looking for a Security Engineer who can ensure the security of our clients’ projects and who can support Software Engineers working on them.

We want to bridge the gap between high-level compliance frameworks (SOC 2, ISO 27001, GDPR) and actual technical solutions. You will be working directly on our clients’ infrastructure and pipelines, ensuring that security isn’t just a policy on paper, but a functional part of the codebase.

The Commitment & Scalability

Initial Engagement: Roughly 5-10 days per month.
Flexibility: The role is fully compatible with other engagements or a part-time schedule until we scale.
The Long Game: Ideally, this role is designed to evolve into a permanent, full-time position as our client base grows.
Flexibility: Remote-first with flexible hours. You own your schedule, provided you are available for occasional remote client meetings during standard weekday hours.

Your Core Responsibilities

You will be the primary technical contact for our clients’ security and engineering needs:

Scanning & Identification: Setting up and managing automated vulnerability scanning tools (SAST/DAST/SCA) within the development lifecycle.
Risk Assessment: Analysing scan results to distinguish between theoretical risks and exploitable vulnerabilities within the context of the client’s specific architecture.
Patching: Implementing the fixes for vulnerabilities and issues, and coordinating with development teams to prioritise and schedule patches without breaking production environments.
Attack Surface Reduction: Periodically reviewing exposed assets and configurations to proactively identify and close potential entry points.
Operational Security: Managing ongoing technical tasks such as log reviews, access audits, and incident response preparation.
Control Validation: Performing technical “proof-of-concept” validations to ensure clients remain audit-ready.
Security as Code: Writing and maintaining CI/CD pipelines and Infrastructure as Code (Terraform/CloudFormation) to ensure security controls are automated and “baked in” to the deployment process.
Cloud Security Engineering: Hardening client Cloud Environments (primarily AWS) through direct technical implementation (IAM least privilege, VPC configuration, Encryption, and Logging).
Compliance Translation: Taking “dry” requirements from SOC 2 or ISO 27001 and translating them into technical reality for modern development teams.

What We’re Looking For

We are looking for a builder who is passionate about security. You might already be a Security Engineer, or you might be a Senior Software Engineer who has spent years focusing on security.

The Engineering Background: You have a solid foundation in software engineering. You understand how developers work because you are one.
Programming Expereince: Preferably, you should have experience with one of the more common programming languages such as Python or TypeScript, but other are acceptable as well.
Security Practitioner: You are either currently working as a Security Engineer or can demonstrate significant “on-the-job” security experience within a dev role.
Infrastructure Familiarity (AWS): You are comfortable making direct changes to cloud environments. While deep AWS expertise is a “nice to have,” the ability to learn and apply security principles to cloud infrastructure is essential.
Pipeline Literacy: You understand CI/CD (GitHub Actions, AWS CodePipeline, etc.) and how to integrate security tooling into the developer workflow.
Compliance Savvy: You understand the “Why” behind frameworks like ISO 27001 or GDPR and enjoy the challenge of making them work in a high-velocity dev environment.
Ownership Mentality: We are a small, ambitious company. We need someone who takes initiative and wants to grow into a foundational leadership role.

Why Join Us?

You’ll get to work across various stacks and help different companies solve security problems. You’ll also have a direct hand in shaping our service offerings and technical roadmap. If you want a role where you aren’t just a “checker” but a “builder,” we want to talk.

Remote Penetration Testing Team Leader - Growing Cybersecurity Consult

RecruitmentRevolution.com

Ready to take the next step in your penetration testing career and lead a high-performing team at a respected, fast-growing cybersecurity consultancy?

This is your opportunity to join a CREST-certified organisation committed to excellence, innovation and integrity.

As our new Penetration Testing Team Leader, you ll play a pivotal role in shaping cutting-edge testing services, developing talented testers, and helping protect clients across government, telecoms, finance, digital currencies and other critical sectors.

The Role at a Glance:

Growth: A structured career development plan and training
Hours: 09:00 am to 17:30 pm Monday Friday

Development Opportunity: Career progression opportunities to develop a growing team of penetration testers and break new ground in testing.

Company: Specialist information and cybersecurity consultancy and audit services

The Penetration Testing Team Leader Opportunity:

In return, you will benefit from an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects.

This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans.

Key Responsibilities:

About You:

About Us:

We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus.

Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure.

Services include:

If you re a proven Penetration Testing Team Leader with CHECK TL status, a passion for advancing security testing, and the drive to mentor and grow a talented team, we d love to hear from you.

Step into a role where your expertise shapes real-world defence, your ideas influence future testing services, and your career continues to accelerate in a supportive, forward-thinking environment.

Interested? Apply here for a fast-track path to our Hiring Manager

Application notice We take your privacy seriously. When you apply, we shall process your details and pass your application to our client for review for this vacancy only. As you might expect you may be contacted by email, text or telephone. Your data is processed on the basis of our legitimate interests in fulfilling the recruitment process. Please refer to our Data Privacy Policy & Notice on our website for further details.

If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

Offensive Services Client Director

Salary: £100,000 - £130,000 bens etc. Location: Fully Remote (UK-based)

Penetration test - red team - exploitation - profession services

I’m looking to talk to an experienced senior technical person, with a deep technical background and strong commercial acumen around penetration testing and red team offerings. Do you understand how clients buy cyber services and how to translate advanced offensive services into business value propositions?

We are seeking a strategic and technically aware Offensive Security Professional Services Senior to drive commercial operations, External Attack Surface Services, engage with clients, and interface with a globally distributed team. This is a rare opportunity to combine technical expertise, leadership, and commercial ability in a high-impact role.

What You’ll Be Doing:

Driving client relationships, and technical conversations, understanding issues and challenging beliefs
Engaging with large FTSE100 clients, explaining and demonstrating issues at a very technical level
EWorking alongside internal development, engineering teams, and translating technical findings into business-focused solutions.
Be instrumental in positioning the service, the value and the differentiators at a boardroom level
Work closely with senior stakeholders, providing boardroom-level insights and credibility.
Operate with autonomy, thinking and acting strategically to drive improvements in product and delivery.

What We’re Looking For:

10years (+/-) in a Professionl Services offensive security role, with hands-on experience in penetration testing / red teaming,
Strong Commercial and presales experience, experience managing projects, and delivering complex security engagements.
Deep technical knowledge of offensive security tools, tactics, and methodologies.
Strong commercial understanding, including how clients purchase cyber security services.
Confident communicator, comfortable engaging with developers, researchers, customers, and executive stakeholders.
Ability to work across a globally distributed team, ensuring seamless collaboration.
Recognised certifications (e.g., OSCP, OSEP, OSWE, CREST CCT, CCRTS / CCRTM) are beneficial but not essential.

Why Join Us?

Highly competitive salary - £100,000 - £130,000.
Remote-first role - work from anywhere in the UK.
Cutting-edge engagements - work on challenging and high-impact offensive security projects.
Autonomy & Strategy - help drive the direction of our offensive security function.
Engage with top-tier clients and shape how they approach cyber security.

This is an exceptional opportunity for a senior offensive security professional ready to step into a strategic leadership role. If you’re ready to take the next step in your career, apply now.

Please email if you don’t wish to create a job searching profile. I’m happy to take direct applications and can be contacted on Linked in at Tariq Dirania. Please note that due to volumes I cannot connect to overseas candidates without the right to work in the UK. You must be UK based, and fully eligible to work without VISA support. Thanks for reading.

Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.

AWS Security Architect

Lynx Recruitment Limited

We partner with fast-moving engineering teams who build and run their businesses in the cloud. They need pragmatic, code-literate security specialists and thats where you come in.

The Role

Were looking for a hands-on AWS Security Architect who lives and breathes AWS. Youll dissect designs, model attack paths, and show engineering teams what good really looks like. Depending on the engagement, you might run a threat model, assess CI/CD pipelines, learn a vendor DSL for a PoC, or build internal tooling. We dont expect you to know everything just to be curious, practical, and willing to dive in.

What Youll Do

Threat Modelling & Architecture Reviews: Break down AWS services, map trust boundaries, build attack trees, and define security requirements before code ships.
Security Automation: Build IaC-driven checks, Lambda/Step Function tooling, CI/CD gates, and CSPM rules to enforce secure defaults at scale.
Hands-On Testing & Hardening: Perform cloud-native testing (IAM escalation, container escape attempts, infra abuse) and guide fixes directly via PRs.
DevSecOps Enablement: Pair with platform teams, review Terraform/CloudFormation/Kubernetes, and promote least privilege, logging, and runtime controls.
Knowledge Sharing: Contribute to documentation, demos, and continuous learning within the team.

What You Bring

Must-Haves

Deep AWS internals knowledge
Proven threat-modelling experience (STRIDE, attack trees, etc.)
Strong coding skills (Python, Go, Rust, etc.)
IaC expertise Terraform, CrossPlane, Pulumi, CloudFormation, AWS CDK
CI/CD security automation experience (GitHub Actions, GitLab CI, Jenkins, etc.)

Nice-to-Haves

AWS Security Specialty, SANS, OSCP (skills over certificates, though!)
Multi-cloud or hybrid security experience
Container security & supply-chain/SBOM tooling
Applied cryptography fundamentals (KMS, envelope encryption, etc.)
Incident response or red/blue/purple team exposure
OSS security contributions or AWS community involvement
Technical / IT degree (2:1 or above)

O365 Engineer - Purview

Role: O365 Engineer - Purview & Identity SpecialistLocation: [Insert Location / Hybrid / Remote]
Type: Contract
Salary: DOE

About the Role
We’re looking for an experienced O365 Engineer with deep expertise in Microsoft Purview, Identity & Access Management, and Microsoft 365 security and governance. This role is ideal for someone who thrives in complex, enterprise‑level environments, particularly where mergers & acquisitions (M&A) and O365 Multi‑Geo deployments are part of the everyday landscape.
You’ll be a key technical authority responsible for designing, implementing, and optimising governance, compliance, and identity architecture across a global Microsoft 365 estate.

Key Responsibilities

Lead the design, deployment, and optimisation of Microsoft Purview solutions (Data Loss Prevention, Information Protection, Insider Risk, Compliance Manager, eDiscovery, etc.)
Architect and maintain robust Identity & Access Management frameworks using Azure AD / Entra ID.
Support and execute integration activities related to mergers and acquisitions, including tenant‑to‑tenant migrations, domain consolidation, identity mapping, and data governance alignment.
Manage, configure, and support O365 Multi‑Geo capabilities, ensuring region‑specific compliance and data residency requirements are met.
Provide technical ownership for O365 security, governance, and compliance architecture.
Work cross‑functionally with Security, Infrastructure, Legal, and Compliance teams to ensure best practice across the Microsoft ecosystem.
Troubleshoot complex issues across Purview, identity services, and Microsoft 365 workloads.
Maintain documentation, technical standards, and governance policies.
Key Skills & Experience

Essential:

Proven experience as an O365 / M365 Engineer within large, enterprise-scale environments.
Strong expertise across Microsoft Purview (DLP, Sensitivity Labels, Insider Risk, eDiscovery, Data Lifecycle, etc.).
Advanced knowledge of Identity & Access Management using Entra ID (Azure AD), Conditional Access, PIM, MFA, Zero Trust principles.
Hands-on experience supporting or leading technology integration in mergers and acquisitions.
Experience configuring and maintaining O365 Multi‑Geo environments.
Strong understanding of O365 governance, compliance controls, and data protection requirements.
Excellent troubleshooting and problem-solving capabilities.
Desirable:

Relevant Microsoft certifications (SC‑400, SC‑300, MS‑500, AZ‑104 etc.).
Experience with Microsoft Graph, automation (PowerShell), or deployment pipelines.
Familiarity with tenant security hardening frameworks (CIS, NIST, Zero Trust).

What you need to do now

If you’re interested in this role, click ‘apply now’ to forward an up-to-date copy of your CV, or call us now.
If this job isn’t quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at (url removed)

Contract Threat Detection Engineer

Dynamic Search Solutions Ltd

Contract Threat Detection Engineer (Delivery Focused)

Our client is seeking a contract Threat Detection Engineer to support the ongoing delivery of detection engineering activities within a busy SOC environment. This role is centred on hands-on engineering and execution, ensuring detection content, automations, and integrations are delivered effectively and aligned to operational priorities.

Working closely with threat hunting and SOC teams, you will translate detection requirements into practical outcomes, contributing directly to sprint-based delivery and continuous service improvement. This is a highly technical role suited to someone who enjoys building, tuning, and optimising detection capabilities across modern security platforms.

Key Responsibilities

Develop and deliver detection content in line with sprint priorities and operational requirements
Create and refine SIEM correlation rules, dashboards, and reports to enhance proactive threat detection and monitoring
Build, deploy, and maintain automated playbooks across SOAR and related security platforms
Integrate threat intelligence sources, security tools, and custom logic into automated workflows
Continuously tune and optimise SIEM rules and SOAR playbooks to improve detection accuracy and reduce false positives
Integrate internal and third-party systems with SIEM and SOAR platforms using APIs and custom connectors
Support ongoing sprint activities, daily progress updates, and ad-hoc engineering tasks to improve SOC service delivery
Contribute to post-incident reviews by developing new detections and response automations
Develop and maintain log parsers for a variety of data sources
Produce clear documentation for processes, workflows, and integrations to support knowledge sharing and customer onboarding

About You

Strong background in security operations, detection engineering, or security content development
Hands-on experience working with enterprise SIEM platforms and detection rule tuning
Proven experience delivering work within agile or sprint-based environments
Practical experience building and maintaining SOAR playbooks and automations
Good understanding of common attack techniques, TTPs, and frameworks such as MITRE ATT&CK
Scripting or automation capability (e.g., Python, PowerShell, JSON, REST APIs)
Strong analytical and problem-solving skills with a methodical approach to engineering delivery
Experience working in a SOC or MSSP environment
Familiarity with EDR/XDR platforms and threat hunting methodologies
Exposure to CI/CD pipelines for deploying detection content is advantageous

This contract role is ideal for a hands-on detection engineer who enjoys delivering high-quality security content, improving automation, and enhancing SOC detection capabilities in a fast-paced operational environment.

Your new company
Network Engineer - Opportunity with a Leading MSP

Your Company

You will be joining a highly respected, fast‑growing Managed Service Provider recognised for delivering enterprise‑grade network, security, and cloud solutions across a varied customer base. Operating at the forefront of network security innovation, this organisation holds Gold Partner status with both F5 and Palo Alto, reflecting the calibre of their engineering environment and their commitment to technical excellence.
With continuous investment in technology, training, and career pathways, this is a business where engineers are encouraged to expand their expertise, gain industry‑leading certifications, and work on cutting‑edge projects within a collaborative, high‑performance team.
Your RoleAs a Network Engineer, you will play a key position in designing, implementing, and supporting secure and scalable network solutions for enterprise clients. This role will suit someone who is confident working across complex environments, with a strong focus on next‑generation firewalls and load‑balancing technologies.

Your responsibilities will include:

Configuring, maintaining, and troubleshooting next‑generation firewalls, particularly Fortinet and Palo Alto
Managing and optimising F5 load balancers
Supporting network routing, switching, security, and performance optimisation
Working closely with customers to resolve technical escalations
Contributing to project implementations, upgrades, and solution deployments
Ensuring network integrity, security, and high availability across customer environments

What You Need to SucceedTo be successful, you should have:

Strong experience working as a Network Engineer in a technical support or MSP environment ideally.
Solid hands‑on expertise with Fortinet firewalls
Experience with F5 load balancing
Ideally, exposure to or experience with Palo Alto technologies
Good understanding of routing and switching fundamentals
Strong troubleshooting skills and the ability to work under pressure
A proactive mindset with a desire to develop professionally
Relevant vendor certifications (Fortinet / Palo Alto / F5 / Cisco) are highly desirable but not essential

What You Will Get in ReturnIn return, you will join a modern and supportive MSP known for investing heavily in its people. You can expect:

Competitive salary and benefits package
Opportunities to gain industry‑leading certifications with full support
Access to cutting‑edge technologies and major enterprise projects
A collaborative team environment with mentorship from senior engineers
Clear long‑term career development pathways
The chance to work with a company recognised for excellence in networking and security

Remote Senior Penetration Tester - Growing Cyber-Sec Consultancy

RecruitmentRevolution.com

Excellent opportunity for a Senior Penetration Tester to join a highly-skilled and growing CREST-certified cybersecurity consultancy committed to excellence, innovation and integrity.

The company offers great career progression opportunities, a generous training and development budget, and time to support research projects that allow you to break new ground in testing. You will need to be enthusiastic about continuous development and either have or wish to gain a current CRT qualification.

The role is predominantly home based although will include some travel to customer sites and attendance at company meetings as needed.

The Role at a Glance:

Senior Penetration Tester
Home based with visits to client sites and company meetings as required
Up to £70,000 to £80,000 Per Annum depending on experience & qualifications
Benefits: 23 days holiday plus Bank Holidays and extra days based on service, 6% contributory pension and career progression opportunities.

Growth: A structured career development plan and training

Hours: 09:00 am to 17:30 pm Monday Friday

Development Opportunity: Career progression and training opportunities available
Company: Specialist information and cyber security consultancy and audit services

Your Skills / Background: 4+ years hands-on penetration testing experience and ideally an existing CRT qualification or the aspiration to gain the qualification. You will also be a tenacious problem solver and good communicator.

The Senior Penetration Tester Opportunity:

As Senior Penetration Tester, you will support our clients by delivering excellent penetration testing services and cloud security assessments that are ultimately articulated in high quality and valuable reports. In return, you will work in an inspiring environment with a team of highly experienced colleagues working across a diverse range of interesting security and assurance projects.

This role also includes excellent progression opportunities as we always match enthusiasm and skill with training, opportunity and structured development plans, and support/sponsorship to attain future qualifications.

Key Responsibilities:

• Delivering high quality infrastructure, applications (including APIs and mobile apps), wireless, segmentation and breakout penetration tests, along with cloud security assessments
• Working with client teams to research potential vulnerabilities and then plan accordingly
• Working with clients to research and identify new and emerging attack vectors
• Conducting vulnerability assessment scanning and unauthorised host discovery exercises
• Analysing findings and translating them into actionable recommendations
• Delivering high-quality technical reports, outlining technical and business risk
• Providing support to clients during on-going incidents
• Creating and developing tooling, knowledge/threat libraries, methodologies and policies that ensure high quality and informed testing assessments are undertaken
• Creating and developing internal documentation to ensure our reporting is meaningful
• Authoring appropriate thought leadership papers, articles, online posts, and marketing materials

About You:

• A tenacious tester with 4+ years’ demonstrable hands-on penetration testing experience
• Have mastered a variety of security testing tools
• Current and relevant technical understanding of technologies, security threats and trends
• Familiar with relevant bodies and security standards
• Strong demonstrated ability to take vulnerabilities and articulate the actual business risk along with good reporting writing and client presentation skills
• Current CRT, OSCP and/or CTM / CTL qualification would be advantageous, but we are also considering applications from candidates with relevant work experience who would be ready and keen to obtain these qualifications in the near future (with relevant company sponsorship)
• The desire to gain new skills, continuous learning and development, attend training courses and obtain future qualifications / accreditations
• Strong verbal and written communication skills including report writing
• Eligible to work in the UK and obtain Government clearance (ILR is required as a minimum, but we are unfortunately not able to offer sponsorship)

About Us:

We hold a CREST certification and offer certification services for PCI-DSS and Cyber Essentials /Essentials Plus.

Our clients span telecommunications, Government infrastructure, and digital currencies - covering essential services and critical payment infrastructure.

Services include:

Interested? Apply here for a fast-track path to our Hiring Manager

If you have any pre-application questions please contact us first quoting the job title & ref. Good luck, Team RR.

Technology Risk & Cloud Advisory - Senior Manager

Parker Wright Consulting

Lead the cloud risk agenda for the world’s most complex and prestigious organisations

Our client is a leading global Advisory firm and we are seeking a Senior Manager to join their Technology Risk & Internal Audit practice, specialising in cloud and emerging technology risk. This role sits at the intersection of cloud security, regulation, and executive advisory, supporting global clients as they navigate large-scale cloud adoption, digital transformation, and increasing regulatory scrutiny.

This is a leadership role for a credible cloud authority and trusted advisor and will suit someone equally comfortable designing cloud security architectures as advising Boards and Audit Committees.

In this role, you will:

Lead and deliver technology risk, internal audit, and cloud security engagements across global enterprises
Design, assess, and optimise cloud security architectures and control frameworks across hyperscalers
Advise senior stakeholders on cloud risk, regulatory compliance, and operating model transformation
Support clients across a variety of sectors, including highly regulated environments,
Drive practice growth, proposition development, and client relationships
Build, mentor, and lead high-performing, multi-disciplinary teams

What are we looking for:Cloud & Security

Deep experience across AWS, Azure, Google Cloud (plus SAP, Oracle, Alibaba, IBM Bluemix)
Expertise in cloud-native security, CNAPP, data protection, network security, and vulnerability management
Strong hands-on exposure to Kubernetes, Terraform, Jenkins, Prisma Cloud, and DevSecOps

Technology Risk & Regulation

Proven background in Technology Risk / IT Internal Audit
Strong knowledge of global regulatory and compliance frameworks, including:
GDPR, SOx, ISO 27001
PRA, FCA, EBA, BaFin, OCC, FFIEC, Basel, MiFID II, NIS 2, TISAX, HIPAA
Ability to translate complex technical risk into clear, board-level insight

Leadership & Advisory

Senior Manager-level consulting experience
Track record of leading teams, mentoring talent, and managing senior stakeholders
Experience delivering cloud-enabled transformation, system integration, and process optimisation
Familiarity with Agile, COBIT, ITIL, Lean, Six Sigma

Emerging Technology

Exposure to AI, automation, LLMs, and data-driven security
Interest in shaping the future of cloud risk and intelligent assurance

What’s on offer:

High-impact role with real influence over strategy and growth
Work on complex, high-profile cloud and regulatory challenges
Clear progression toward Director and Partner
Collaborative, international environment with access to cutting-edge technology

If you are a senior cloud and technology risk professional and are ready to shape the agenda, lead at scale, and build a long-term advisory career, then make your application now!

Parker Wright Consulting is acting as an Executive Recruitment Agency with respect to this role.

Cyber Threat Intelligence Analyst

Constant Recruitment Ltd

3-Month Fixed-Term Contract

£45,000 £55,000 pro rata (3-month fixed-term contract)

Fully remote Must be UK based
UK-Based

Immediate Start Preferred

Are you a Cyber Threat Intelligence Analyst who thrives on staying ahead of emerging threats?

Do you enjoy analysing complex threat data and turning it into clear, actionable insight for security teams?

Are you available for a 3-month contract where you can make an immediate impact within a threat-informed security function?

We are recruiting for a Cyber Threat Intelligence Analyst to join an established cyber security function on a 3-month fixed-term contract.

Reporting into the Cyber Threat Intelligence Manager, you will play a key role in delivering and enhancing the organisation s Cyber Threat Intelligence (CTI) capability, supporting the wider vision of a threat-informed cyber security operations model. With new vulnerabilities and adversarial activity emerging daily, this role is critical in ensuring intelligence is accurate, timely, and actionable.

This is not a developmental role, we are looking for someone who can step in quickly, operate with minimal supervision, and add value from day one.

The Role

You will be responsible for monitoring, analysing, and producing intelligence across tactical, operational, and strategic domains, ensuring the security function operates from an intelligence-led, proactive position rather than a reactive one.

Key responsibilities include:

Delivering Cyber Threat Intelligence services aligned to recognised best practice and industry standards
Monitoring changes in the global threat landscape that may impact the organisation and its customers
Analysing threat data from multiple sources to identify patterns, trends, gaps, and emerging risks
Producing clear, concise, and actionable intelligence products for technical and senior stakeholders
Tracking relevant threat actors and adversarial groups, including their tactics, techniques, and procedures (TTPs)
Maintaining and managing a cyber threat intelligence reference library
Promoting a culture of threat-informed security across the CISO function
Building strong relationships with internal and external stakeholders, championing the value of intelligence-led security
Working with third-party intelligence providers to ensure effective delivery of external threat services
Evaluating current security controls against known threat actors using frameworks such as MITRE ATT&CK and CIS Controls
Supporting threat intelligence-led security testing initiatives, including red and purple teaming exercises
Contributing to continuous improvement of the CTI capability

What We Are Looking For

Proven experience in Cyber Threat Intelligence analysis
Ability to work autonomously within a short-term contract environment and deliver measurable outcomes quickly
Strong understanding of threat actor behaviours, TTPs, and global threat trends
Experience working with frameworks such as MITRE ATT&CK and CIS
Ability to analyse large datasets and translate findings into meaningful intelligence outputs
Experience producing intelligence reports across tactical, operational, and strategic levels
Strong stakeholder communication skills
Exposure to red/purple teaming or intelligence-driven testing initiatives is desirable

Why This Role?

Opportunity to contribute to a mature and evolving CTI function
Immediate impact role within a forward-thinking cyber security team
High visibility across the security and wider business function
Fixed-term contract ideal for experienced analysts available at short notice

If you are immediately available (or coming to the end of a contract) and would like to discuss this opportunity in more detail, I would be very happy to have a confidential conversation.

Application Security Analyst

I am looking for a remote working Application Security Analyst for an exciting and growing technology focused business based in the UK.

Please also note, although the role is offered as remote, you MUST be based in the UK to be considered for the position.

Working as an Application Security Analyst you will help ensure the security and integrity of our client’s applications and software solutions across both cloud and on-premises environments.

This really is a fantastic opportunity to join a business that is operating at the forefront of innovation in the technology sector.

In this role, you will work closely with software engineering and product development teams to embed secure development practices to their processes, to assess vulnerabilities, and strengthen their application security posture.

The role will involve:

Managing and optimising SCA, SAST, and DAST tooling to ensure effective scanning and remediation.
Supporting engineering teams with triage, vulnerability management, and secure coding best practices.
Ensuring adherence to the Secure Software Development Lifecycle (SSDLC).
Supporting risk assessments and contributing to risk management processes.
Conducting regular security assessments and reporting findings.
Collaborating with cross-functional teams to meet security requirements.
Maintaining and developing security documentation and standards.
Staying current with emerging threats, technologies, and regulations.
Contributing to the Security Programmes through advice and training.
Developing reports to track security progress and highlight gaps.

About You

You will have strong technical skills, a passion for security, and the ability to communicate confidently with both technical and non-technical stakeholders.

We are looking for someone who has the following experience and knowledgebase: -

In-depth knowledge of web application security (OWASP Top 10) and experience with SCA, SAST, and DAST tools.
A degree in Computer Science, Information Security, or a related discipline (STEM preferred) or demonstrable experience.
Experience in software development, QA, or software testing.
Experience in Application Security and Vulnerability Management.
Understanding of risk-based vulnerability management and prioritisation.
Strong understanding of security protocols, cryptography, and authentication.
Proficiency in programming or scripting (any of the following, C#, Python, Java, JS frameworks or similar).
Experience with open-source and enterprise security tools.
Excellent problem-solving and analytical skills.
A broad interest across the security domain.

About Us

Our client is a nationally recognised business who deliver award-winning software solutions to a wide range of customers in diverse market sectors.

Our client is immensely proud to be an equal opportunities employer, and they celebrate diversity and are committed to creating an inclusive environment for all employees.

Collaboration is at the heart of what they do, and they take pride in coming together to achieve remarkable things.

The role comes with a wide-range of benefits to support your well-being and career growth, including:

Very Competitive Salary.
Generous Holiday Allowance: 25 days’ holiday plus bank holidays, with the option of adding up to 5 days additional unpaid leave days per year.
Annual Lifestyle Allowance.
Excellent Pension Scheme.
Private Health Insurance.
Group Income Protection Scheme.
Charitable Fundraising.
Cycle to Work and Gym Flex Schemes.
Internal Coaching and Mentoring.
Training and Career Progression.
Family-Friendly Policies.
Free Parking (if and when onsite).

Please note, to be considered for this role you MUST have the Right to Work in the UK long-term without Company Sponsorship.

Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position.

No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010.

Bowerford Associates Ltd is acting as an Employment Agency in relation to this vacancy.

Penetration Testing Consultant

Oscar Associates Limited

Role: Penetration Testing Consultant
Location: Remote (Occasional client site visits required)
Salary: £55,000 - £65,000
Active SC Clearance is a requirement

We are looking for an experienced Penetration Testing Consultant to join a growing UK-based cybersecurity consultancy, delivering high quality penetration testing services across a varied and interesting client base.

You’ll work independently across a range of testing disciplines, engaging directly with clients from scoping through to final reporting. This is a fantastic opportunity for a technically strong, client-facing penetration tester looking to work in a collaborative and forward-thinking environment. This is an urgent requirement, interviews will be undertaken ASAP.

Key Responsibilities:

Deliver CHECK and non-CHECK penetration testing engagements across infrastructure, web applications, mobile, cloud, and Active Directory environments
Support pre-sales activity through scoping and client engagement
Produce clear, high quality technical reports and present findings to clients
Maintain up to date knowledge of current threat trends, tools, and industry frameworks
Contribute to internal training materials and technical blog content
Provide guidance and support to junior team members when required

Requirements:

Active SC Clearance is an ABSOLUTE MUST
Active CSTM or CCT certification is an ABSOLUTE MUST
3+ years of hands-on penetration testing experience
Strong knowledge of testing frameworks including OWASP
Proficiency with industry standard tooling such as Burp Suite, Metasploit, and Nmap
Experience across Linux and Windows environments
Scripting ability in Python, Bash, or similar
Knowledge of cloud environments (Azure, AWS)
Strong written and verbal communication skills with experience presenting to clients

Role: Penetration Testing Consultant
Location: Remote (Occasional client site visits required)
Salary: £55,000 - £65,000
Active SC Clearance is a requirement

Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

SOFTWARE ENGINEER / OFFENSIVE SECURITY

Secure Recruitment Ltd

SOFTWARE ENGINEER / OFFENSIVE SECURITY / RED TEAM

Fully Remote

Up to £100,000 + Excellent Staff Bens + Share Scheme

SECURE has Strategically Partnered with a Multi-Award-Winning, Software-Based Organisation at the forefront of Pre-Emptive Exposure Management. As a market leader backed by significant Venture Funding, they expand Offensive Security capabilities, specifically around Threat Detection Engineering, in their mission of helping organisations understand how they could be compromised. Success in this position will enable the business to build Detection Strategies that Continuously Identify Real-World Exploitation, helping Fortune 500 Companies & Critical Infrastructure Providers outrun Real-World Threats in Real-Time.

Our Client is looking for an ambitious Engineer who sits at the Intersection of Software Engineering and Offensive Security . You will Not Just Write Code; you will Architect the Cloud-Native Engines & Big Data Pipelines that Power Automated Red Teaming. Your work will “Bridge the Gap” Between Manual Research & Scalable, Real-Time Threat Simulation.

Skills & Experience of Cyber Security Engineer:

Core Engineering: Minimum 2 Years Background within Software Engineering (Python or Go) with Focus on Maintainable, Production-Grade Code.

Cloud Architecture: Deep experience with Cloud-Native Services (AWS etc) & Serverless Architectures.

Big Data: Proven Ability to Handle High-Volume Data Processing & Ingestion Pipelines.

Offensive Exposure : Interest or Experience in Security (CTFs, Red Teaming) and understanding of TTPs.

Problem Solving: Proactive Approach to Navigating Technical Challenges.

Experience of working within Fast-Moving Growth Environments or B2B Scale-UpsFocusing on Enterprise Clients

Bonus: Contributions to Open-Source Projects or Public Security Tooling

Responsibilities of Application Security Engineer:

Cloud-Driven Engineering: Utilise Cloud-Native Services to Develop Resilient, Big Data Solutions that form their Offensive Security & Data Processing Capabilities.

Data Pipeline Development: Engineer & Maintain Robust Data Pipelines that Process Attack Surface & Offensive Security Data, Delivering Real-Time Insights to Enhance Red Team Capabilities.

Offensive Security Innovation: Lead R&D Projects that push the limits of Offensive Security, Replicating Adversarial Tactics at Scale to Uncover Vulnerabilities.

Architect Scalable Solutions: Design & Implement Scalable Infrastructures that Underpin Cutting-Edge Offensive Tools, Ensuring Efficiency.

Operationalize Research: Collaborate in Translating Manual Exploit Research into Automated, High-Fidelity Detection Engines.

Engineering Excellence: Champion Best Practices in Code Quality, CI/CD & Infrastructure-as-Code (IaC).

Searches: Offensive Security Engineer / Cyber Security Engineer / Software Security Engineer / Red Team / CI/CD / Software Engineer

TPBN1_UKTJ

Consultant

Stealth IT Consulting Limited

Are you passionate about shaping secure digital futures? My client is growing their Digital Trust (DT) practice and are looking for a Cybersecurity Consultant to help organisations embed security culture, modernise operating models, and reduce technology risk at scale.

This is an opportunity to work at the intersection of strategy, risk, architecture, and emerging technology (including GenAI) influencing boards, enabling transformation, and delivering measurable business outcomes.

What Youll Do
You will work with clients across Financial Services, Public Sector, Energy & Utilities, TMT, Consumer Products, and more to:
Lead and contribute to Cybersecurity transformation programmes
Redesign security operating models and governance frameworks
Conduct security maturity and risk assessments
Influence senior stakeholders (Board & CxO level)
Embed security culture and human risk management approaches
Support secure GenAI adoption aligned to regulatory requirements
Drive architecture improvements aligned to NIST, ISO 27001, CIS, COBIT
Contribute to proposals, RFPs, and proposition development

Required Domain Expertise
Security Assurance
ISO 27001, NIST CSF, CIS Controls, Cyber Essentials
Regulatory alignment (NIS2, DORA, FCA, Bank of England)
Generative AI Risk & Security
Secure GenAI design and governance
Understanding of EU AI Act, GDPR, DPA 2018
AI risk modelling and controls frameworks
Security Architecture
Enterprise and/or application security design
Secure architectural patterns and control frameworks
Security posture improvement initiatives

Your Background
~2+ years delivering Cybersecurity projects
Experience across domains such as Security Architecture, IAM, SOC, Risk Management, Security Testing, or Security Operations
Exposure to OT Security or Security Operating Model transformation (desirable)
Familiarity with NIST, ISO 27001, CIS Critical Controls
Understanding of emerging GenAI risks
Consulting experience (or strong stakeholder-facing industry experience)
SC Cleared (or eligible)
Certifications such as Security+, CISMP, AWS Cloud Practitioner, Azure Fundamentals are advantageous.

Enterprise Architect - Cyber Security

Position Overview

The Enterprise Architect acts as a key advisor to the Business Unit or Functional leadership team and as a major contributor to McCormick’s Enterprise Architecture (EA) strategy. This role engages collaboratively with business and technology leaders to understand strategic business needs and roadmaps, solve complex technology and architecture challenges, and shape the technology strategy that enables McCormick’s growth and transformation.

The position leads architecture strategy development defines technology roadmaps and guardrails and ensures alignment with enterprise standards and guiding principles. The Enterprise Architect represents the domain’s needs within the broader EA framework, tracks emerging technologies, and assesses their potential to create business value. This role influences EA and Global IT strategic goals by maintaining awareness of value streams, capability maps, and changes to architecture roadmaps.

Key Responsibilities

Lead complex projects requiring deep expertise in the assigned architecture domain, providing architectural designs, guidance, and oversight to ensure alignment with enterprise standards.
Act as a trusted advisor to Product Line leadership, partnering to solve business challenges through technology design, strategy, and solutions that drive business outcomes.
Lead solution architecture across projects and products to ensure alignment with enterprise strategy and standards while optimizing design across the enterprise.
Contribute to the development of architecture principles and standards; identify and resolve exceptions at the enterprise level and define architectural and security requirements.
Research emerging technologies and recommend innovations that enhance cost-effectiveness, flexibility, and long-term architectural value.
Develop and communicate strategic plans for systems architecture investments, including opportunities for cost optimization and technology modernization.
Collaborate with enterprise and functional stakeholders to ensure technology decisions support both business and IT strategies.
Maintain awareness of enterprise architecture roadmaps and ensure pragmatic alignment with global IT standards and guiding principles.
Support governance processes and contribute to decision-making frameworks that guide technology adoption and integration.
Actively promote innovation and continuous improvement in architecture practices across McCormick’s global technology landscape.

Candidates profile

Bachelor’s degree in information technology, Computer Science, or related discipline.
Deep expertise in key Cyber Security architecture domains.
Proven ability to define and communicate a clear technology vision that delivers business value.
Demonstrated success in leading and influencing cross-functional teams.
Strong understanding of modern technology ecosystems (SaaS, IaaS, PaaS, APIs, ERP, microservices, predictive analytics).
Skilled at building trusted advisor relationships with business and technical stakeholders.
Experienced in agile and DevOps environments with a focus on digital transformation.
Strong decision-making, problem-solving, and change management capabilities.
Committed to continuous learning, innovation, and driving technology excellence across the enterprise.

Agencies: McCormick as needed will work with external recruitment vendors through our Agency Portal. Unless previously contacted, McCormick does not accept unsolicited resumes from external recruiting agencies.

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, colour, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

As users of the disability confident scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancy/ies.

ICT Operations Manager

Stevenage Borough Council

Stevenage Borough Council is looking for a strategic leader to head our ICT Operations Service. You will lead the core IT teams for our Shared IT partnership. This role is for a leader who balances strategic vision with a high-performance culture of delivery.

Your primary goal is to ensure the stability, security, and performance of the council s technology. You will deliver critical services that directly impact residents. You will report directly to the CTO and act as a senior escalation point.

You will manage a team of specialist managers. Your direct reports include:
• Applications Manager.
• Cyber Security Manager.
• Networks and Telephony Manager.
• Infrastructure Services Manager.

Key Responsibilities
• Strategic Growth: Develop the ICT Operational Strategy, Architecture, and Roadmap.
• Financial Oversight: Create and manage capital and revenue budgets alongside leadership.
• Commercial Leadership: Lead procurement, supplier selection, and contract negotiations.
• Service Excellence: Establish KPIs to track efficiency and drive continuous improvement.
• Resilience: Oversee disaster recovery and business continuity planning.
• Governance: Work with Internal and External Auditors to provide security assurance.

You will be successful if you have:
• Strong leadership skills with experience managing high-performing teams.
• Proven ability to deliver strategic objectives within budget and on time.
• Excellent understanding of IT operations best practices and security principles.
• Experience in commercial relationship management and negotiation.
• Exceptional communication and interpersonal skills, able to interact with diverse stakeholders.
• A passion for technology and continuous improvement.

Our Benefits
• Pension Scheme: We offer a career average pension scheme, providing generous benefits upon retirement, as well as a lump sum and pension for dependants
• Flexible working: available upon request, subject to operational requirements.
• Part time and Job share opportunities - all our full-time vacancies are open to job share unless otherwise stated.
• A variety of different types of paid and unpaid leave covering emergency and planned leave, maternity, paternity, adoption and parental leave.
• 25 days holiday rising to 31 days (depending on Local Government service)
• An extensive range of learning and development opportunities
• Employee Assistance Programme 24/7 Confidential advice and support on personal, work, family and relationship issues
• Season ticket loans and discounts for public transport
• Cycle to Work scheme
• Stevenage Credit Union: secure savings, free life insurance and access to cheap loans.
• Employee Discounts: via monthly paid membership of the Civil Service Sports Council (CSSC)
• Discounted Health and Fitness membership
• Trade Unions: For a small fee, all employees have the opportunity to join a Trade Union.

How To Appy

All applications must be made on online - please visit Current vacancies

Closing date for receipt of applications: 23 March 2026
Interviews will be held week commencing: 30 March 2026

Trainee Cyber Security Analyst - Training Course

About the opportunity

Secure a guaranteed interview support and launch a career in cyber security. Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles.

Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Complete the course and gain a guaranteed interview with a leading employer, helping you start your career protecting businesses, data and digital systems.

Course Details

Start Date: 16.03
Duration: 10 weeks
Format: Online, pratical workshops
Schedule: Mon-Thur 6PM-9PM

What you ll learn

Principles: Understand cyber security principles and core frameworks
Threat Intelligence: Develop expertise to identify risks
Testing: Conduct cyber security testing, identify vulnerabilities and implement controls
Incident Response: Prepare for and respond to cyber security incidents
Ethics: Understand legislation and ethical conduct within cyber security
Professional Skills: Build professional skills and behaviours for the sector
Protection: Gain practical knowledge to protect and secure digital environments

Eligibility

To apply, you must:

Live in the Sheffield area
Be aged 19 or over
Earn below the gross annual wage cap of £23,400
Not currently be undertaking other government-funded training
Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent

Cost

This is a fully-funded course with no fees complete the training, gain essential cyber security skills and secure your guaranteed interview.

Cyber SME

CBSbutler Holdings Limited trading as CBSbutler

Role Title: Cyber SME

Location: Remote (very occasional travel to London)

Duration: 6 months contract

Rate: 600 per day inside ir35

eSC (enhanced SC) security clearance is required for this role.

Role Description:

I am looking for an experienced Cyber Subject Matter Expert (SME) to support the delivery and operational maturity of security capabilities across cloud and enterprise environments. The successful candidate will provide technical leadership and hands-on expertise across core cyber technologies, cloud security tooling, and vulnerability management processes.

Expereince required:

SIEM and logging platforms such as Splunk and Elastic
Microsoft security tooling including Defender suite and O365 security services
Security controls across both AWS and Azure environments
Proven experience in Vulnerability Management, including:
Deployment and configuration of vulnerability management tooling
Identification, prioritisation, and remediation of vulnerabilities
Operating vulnerability management processes across both AWS and Azure
Solid understanding of cloud security architecture and controls in hybrid or multi-cloud environments.
Ideally, experience in:
Identity and Access Management (IAM)
Public Key Infrastructure (PKI) and certificate management
Strong stakeholder engagement skills with the ability to explain technical cyber risks clearly to both technical and non-technical audiences.

If you are interested in this role or wish to apply, please feel free to submit your CV.

Penetration Tester (CHECK)

Location: Cheltenham/Remote

Job Type: Permanent

Clearance: SC/DV

Are you an offensive security specialist who is excited about delivering the best service possible? Keen to work in a business where you stand to work alongside some very talented testers?

CND are working with a boutique Cyber Security consultancy who are focused on the Penetration Testing market. What makes them stand out? They are not interested in flashy marketing and would never be caught trying to pass off a Nessus scan as a Penetration Test. The business has been built on delivering excellent testing and reports as well as ensuring that clients see the real benefits of their testing outputs. The company have an office in Cheltenham however you are welcome to work where is best for you.

Key Responsibilities

Work to deliver CHECK penetration testing services
Lean into non-CHECK work where necessary
Work with the sales team to flesh out technical input as needed
Deliver quality reports to customers
Stay up to date with industry trends and new attack methods
Take a broad approach to testing, working on INF, APP, Mobile, AD, or Cloud tests

Essential Skills

Currently holds a CHECK equivalency certification
Eligibility to hold or currently hold clearance
Experience working with Linux and Windows OS
Strong understanding of working with common tooling for penetration testing
Ideally, a knowledge of Cloud services such as Azure or AWS.
Capability to script or code in Bash, Python etc
Appreciation for Cyber Security standards such as ISO27001, PCI-DSS or CIS

This is a role with a growing, exciting organisation who can offer you a strong degree of progression and the ability to undertake testing work with incredibly interesting clients.

Mobile Voice Core Engineer

Orchard Recruitment Ltd

Our Client are a leading communications brand with an outstanding reputation for customer service and value commitment. An opportunity has now arisen within their team for an experienced Mobile Voice Core Engineer.

Here the Mobile Voice Core Engineer will:

Ensure the reliable operation, maintenance, and evolution of the Mobile Core network, including CS, EPC, IMS, and associated platforms
Deliver high availability and performance for Packet Switched (PS) and Circuit Switched (CS) services, supporting technologies such as VoLTE, and 5G Core
Act as a subject matter expert for IMS-based services (SIP, Cloud Voice, FTTH voice, Microsoft Teams Operator Connect), providing technical support for integration, troubleshooting, and optimization
Operate and maintain IMS, CS and EPC components, ensuring compliance with KPIs and SLAs
Monitor, perform configuration, upgrades, and patches for Mobile core network elements (MME, SGW, PGW, PCRF, HSS, HLR, SBC, CS Core and IMS nodes) working with Ericsson and other in-house engineers
Monitor and analyse performance metrics to optimize capacity and quality of service
Troubleshoot complex issues across signaling protocols (Diameter, SIP, SS7, HTTPs) and resolve faults promptly
Manage IMS platforms and SIP-based services for mobile and fixed voice
Support Cloud Voice and FTTH voice solutions, ensuring seamless integration with IMS
Implement and maintain Microsoft Teams Operator Connect and related interworking functions
Ensure QoS and security compliance for all IMS-based services
Support roaming services and ensure IREG compliance
Maintain mobile support services such as SMS antifraud, voicemail, and SIM steering
Support the deployment of new SIP carrier interconnects and ongoing support, routing and troubleshooting of existing interconnects
Work with the Security Architect to (a) review assets, identify weaknesses and ensure appropriate security is maintained; (b) to ensure the Security strategy is implemented including the integration from within your domain with the company’s security technology and tools
Investigate security alerts and provide incident response within your domain
If/When potential weaknesses, attacks, intrusions, unusual, unauthorised or illegal activity are identified, assist in the implementation of mitigations, including vulnerability management

The ideal candidate for the role of Mobile Voice Core Engineer will have:

Strong understanding of 2G, 4G and 5G mobile networking and associated core
Strong understanding of protocols utilised in a mobile network including but not limited to SIP, Diameter and SS7
Experience with mobile core nodes (MME, SGW, PGW, PCRF, HSS) and IMS components (SBC S-CSCF, I-CSCF BGCF etc)
Knowledge of IP networks, routers, switches, dynamic routing protocols and an appreciation of system security
An understanding and skills to configure and administer a telecoms virtualised and containerised environment
Good communication skills both written and verbal
Willingness to work and communicate with both internal cross departmental teams as well as external customers
Flexible approach to work and participation in a callout rota
Desire to learn new technologies through both formal and self-learning and ability to adapt to an ever-changing technical environment

Page 4 of 5

Frequently asked questions

Haystack offers a variety of remote Security Engineer positions ranging from entry-level roles to senior and specialized positions, including cloud security, application security, and network security.

To apply, simply create an account, upload your resume, and use our search filters to find remote Security Engineer jobs. Click on the job listing to submit your application directly through the platform.

Many remote Security Engineer jobs on Haystack are open to candidates worldwide, but some positions may have location or timezone restrictions. Job listings will specify any geographic requirements.

Yes! You can subscribe to job alerts by setting up notifications for remote Security Engineer roles that match your preferences. We'll notify you via email as soon as relevant jobs are posted.

Common requirements include proficiency in security tools and protocols, experience with cloud platforms, and certifications such as CISSP, CISM, or CompTIA Security+. Check each job listing for specific requirements.