CBSbutler Holdings Limited trading as CBSbutler
Basingstoke, Hampshire
DV Cleared Infrastructure Test Engineers x 2 Location: Onsite in Hamsphire Contract Length: Initial 12 Months Rate: 480 to 550 per day - Outside IR35 Clearance: Active DV Clearance Required We are seeking experienced DV Cleared Infrastructure Test SMEs to support a major secure infrastructure programme. Working within a complex technical environment, you will be responsible for the planning, execution and assurance of infrastructure testing activities across critical platforms and services. The successful candidates will provide hands-on testing expertise, ensuring infrastructure components are validated against functional, performance and operational requirements while supporting defect management and stakeholder reporting throughout the test lifecycle. Key Responsibilities Develop, review and execute Infrastructure Test Plans, Test Scripts and Test Cases. Perform functional, integration, system and performance testing across infrastructure environments. Manage defects through their full lifecycle, including identification, logging, tracking and resolution validation. Produce comprehensive test evidence, reports and assurance documentation. Validate infrastructure deployments against technical and business requirements. Support test readiness reviews, test execution activities and operational acceptance processes. Work closely with Infrastructure Engineers, Architects, Service Delivery teams and third-party suppliers. Identify testing risks, issues and dependencies and provide mitigation recommendations. Contribute to continuous improvement of testing processes, methodologies and tooling. Essential Experience Active DV Clearance. Proven experience delivering infrastructure testing within secure, complex or enterprise-scale environments. Strong understanding of the full test lifecycle, including planning, execution, defect management and reporting. Experience producing test strategies, plans, scripts and test evidence. Hands-on experience conducting functional, non-functional and performance testing. Ability to work independently within highly secure environments. Strong stakeholder engagement and communication skills. Desirable Technical Experience We are particularly interested in candidates with expertise in one or more of the following areas: Infrastructure Test SME - Virtual Desktop & Windows Technologies Virtual Desktop Infrastructure (VDI) environments. Windows Server administration and testing. Proxy services and proxy chaining technologies. Enterprise authentication and access management. End-user computing and desktop service validation. Infrastructure Test SME - DNS & Virtualisation DNS infrastructure and associated services. VMware vSphere and virtualisation platforms. Infrastructure services testing and validation. Network services and enterprise platform testing. Performance and resilience testing of virtualised environments.
Jul 11, 2026
Contractor
DV Cleared Infrastructure Test Engineers x 2 Location: Onsite in Hamsphire Contract Length: Initial 12 Months Rate: 480 to 550 per day - Outside IR35 Clearance: Active DV Clearance Required We are seeking experienced DV Cleared Infrastructure Test SMEs to support a major secure infrastructure programme. Working within a complex technical environment, you will be responsible for the planning, execution and assurance of infrastructure testing activities across critical platforms and services. The successful candidates will provide hands-on testing expertise, ensuring infrastructure components are validated against functional, performance and operational requirements while supporting defect management and stakeholder reporting throughout the test lifecycle. Key Responsibilities Develop, review and execute Infrastructure Test Plans, Test Scripts and Test Cases. Perform functional, integration, system and performance testing across infrastructure environments. Manage defects through their full lifecycle, including identification, logging, tracking and resolution validation. Produce comprehensive test evidence, reports and assurance documentation. Validate infrastructure deployments against technical and business requirements. Support test readiness reviews, test execution activities and operational acceptance processes. Work closely with Infrastructure Engineers, Architects, Service Delivery teams and third-party suppliers. Identify testing risks, issues and dependencies and provide mitigation recommendations. Contribute to continuous improvement of testing processes, methodologies and tooling. Essential Experience Active DV Clearance. Proven experience delivering infrastructure testing within secure, complex or enterprise-scale environments. Strong understanding of the full test lifecycle, including planning, execution, defect management and reporting. Experience producing test strategies, plans, scripts and test evidence. Hands-on experience conducting functional, non-functional and performance testing. Ability to work independently within highly secure environments. Strong stakeholder engagement and communication skills. Desirable Technical Experience We are particularly interested in candidates with expertise in one or more of the following areas: Infrastructure Test SME - Virtual Desktop & Windows Technologies Virtual Desktop Infrastructure (VDI) environments. Windows Server administration and testing. Proxy services and proxy chaining technologies. Enterprise authentication and access management. End-user computing and desktop service validation. Infrastructure Test SME - DNS & Virtualisation DNS infrastructure and associated services. VMware vSphere and virtualisation platforms. Infrastructure services testing and validation. Network services and enterprise platform testing. Performance and resilience testing of virtualised environments.
Infrastructure Architect Centrica Technology - Power & Energy Storage Contract 6-month fixed-term contract with potential to become permanent , subject to business requirements and performance. Location Windsor, Berkshire (Hybrid) This role is based in Windsor with an expectation to attend the office one day per week , alongside remote working. Occasional travel to operational sites may be required. An opportunity to play your part Centrica is investing in the future of power generation and energy storage, supported by a new Power and Energy Storage Technology Strategy developed in December 2025. This role provides an opportunity to help shape and translate that strategy into practical architectural plans and delivery roadmaps. As an Infrastructure Architect , you will play a key role in defining the future architecture for Centrica's power generation and energy storage infrastructure. Working across engineering, operations, technology and business teams, you will ensure that infrastructure solutions are safe, secure, resilient and capable of supporting the evolving needs of the energy landscape. Initially offered as a six-month contract, this role will focus on establishing architectural direction, defining implementation plans and supporting the mobilisation of strategic initiatives planned for delivery from early 2027. Subject to business needs and performance, there may be an opportunity for the role to become permanent. The Day to Day Develop and maintain infrastructure architecture roadmaps for power generation and energy storage capabilities, aligned to the wider technology strategy. Translate the Power and Energy Storage Technology Strategy into actionable architecture principles, target states and implementation plans. Define and govern infrastructure solutions across operational technology (OT), enterprise technology and industrial environments. Work with engineering, operations, cyber security, data and technology teams to ensure solutions are secure, resilient and fit for purpose. Provide architectural guidance for the evolution, integration and optimisation of critical infrastructure systems. Assess existing infrastructure landscapes, identifying opportunities to simplify, modernise and improve operational effectiveness. Support technology investment decisions through architectural insight, technical assessments and roadmap planning. Ensure alignment between IT and OT environments, understanding the different architectural layers and requirements across industrial systems. Provide technical assurance throughout project lifecycles, from early concept through to implementation. Identify opportunities to leverage operational data, supporting integration with enterprise data platforms and analytics capabilities. Collaborate with data engineering teams to ensure operational data can be effectively and securely used to support business outcomes. What we need from you Essential Experience Significant experience working within the power generation, utilities or energy sector is essential. Proven experience as an Infrastructure Architect, Solution Architect or similar role within a complex industrial or operational environment. Strong understanding of IT and Operational Technology (OT) environments , including the architectural considerations and interfaces between enterprise systems and industrial operations. Experience designing infrastructure solutions that support critical operational environments where reliability, resilience and security are key considerations. Experience developing architecture strategies, target-state designs and technology roadmaps. Experience working with engineering, operations, cyber security and technology stakeholders across complex organisations. Experience with Computerised Maintenance Management Systems (CMMS) or Enterprise Asset Management (EAM) platforms . Desirable Experience Experience with IBM Maximo or similar asset management platforms. Understanding of operational data architectures and how data from OT environments can be securely integrated into enterprise data platforms, including data lakes and analytics environments. Experience supporting digital transformation initiatives within industrial or energy environments. Awareness of industrial cyber security principles and requirements. Skills and Attributes Strong architectural thinking with the ability to balance strategic direction with practical delivery. Excellent stakeholder management skills, with the ability to influence engineering, operational and senior business stakeholders. Ability to communicate complex technical concepts clearly to both technical and non-technical audiences. A pragmatic approach to problem solving, balancing innovation with operational stability. Comfortable working across ambiguity and helping shape future-state capabilities. Collaborative mindset with the ability to work across multidisciplinary teams. Why join Centrica? This is an opportunity to play a key role in shaping the future of Centrica's power generation and energy storage capabilities. You will help define the architecture behind critical energy infrastructure, supporting the transition towards a more flexible, efficient and sustainable energy future. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
Jul 11, 2026
Contractor
Infrastructure Architect Centrica Technology - Power & Energy Storage Contract 6-month fixed-term contract with potential to become permanent , subject to business requirements and performance. Location Windsor, Berkshire (Hybrid) This role is based in Windsor with an expectation to attend the office one day per week , alongside remote working. Occasional travel to operational sites may be required. An opportunity to play your part Centrica is investing in the future of power generation and energy storage, supported by a new Power and Energy Storage Technology Strategy developed in December 2025. This role provides an opportunity to help shape and translate that strategy into practical architectural plans and delivery roadmaps. As an Infrastructure Architect , you will play a key role in defining the future architecture for Centrica's power generation and energy storage infrastructure. Working across engineering, operations, technology and business teams, you will ensure that infrastructure solutions are safe, secure, resilient and capable of supporting the evolving needs of the energy landscape. Initially offered as a six-month contract, this role will focus on establishing architectural direction, defining implementation plans and supporting the mobilisation of strategic initiatives planned for delivery from early 2027. Subject to business needs and performance, there may be an opportunity for the role to become permanent. The Day to Day Develop and maintain infrastructure architecture roadmaps for power generation and energy storage capabilities, aligned to the wider technology strategy. Translate the Power and Energy Storage Technology Strategy into actionable architecture principles, target states and implementation plans. Define and govern infrastructure solutions across operational technology (OT), enterprise technology and industrial environments. Work with engineering, operations, cyber security, data and technology teams to ensure solutions are secure, resilient and fit for purpose. Provide architectural guidance for the evolution, integration and optimisation of critical infrastructure systems. Assess existing infrastructure landscapes, identifying opportunities to simplify, modernise and improve operational effectiveness. Support technology investment decisions through architectural insight, technical assessments and roadmap planning. Ensure alignment between IT and OT environments, understanding the different architectural layers and requirements across industrial systems. Provide technical assurance throughout project lifecycles, from early concept through to implementation. Identify opportunities to leverage operational data, supporting integration with enterprise data platforms and analytics capabilities. Collaborate with data engineering teams to ensure operational data can be effectively and securely used to support business outcomes. What we need from you Essential Experience Significant experience working within the power generation, utilities or energy sector is essential. Proven experience as an Infrastructure Architect, Solution Architect or similar role within a complex industrial or operational environment. Strong understanding of IT and Operational Technology (OT) environments , including the architectural considerations and interfaces between enterprise systems and industrial operations. Experience designing infrastructure solutions that support critical operational environments where reliability, resilience and security are key considerations. Experience developing architecture strategies, target-state designs and technology roadmaps. Experience working with engineering, operations, cyber security and technology stakeholders across complex organisations. Experience with Computerised Maintenance Management Systems (CMMS) or Enterprise Asset Management (EAM) platforms . Desirable Experience Experience with IBM Maximo or similar asset management platforms. Understanding of operational data architectures and how data from OT environments can be securely integrated into enterprise data platforms, including data lakes and analytics environments. Experience supporting digital transformation initiatives within industrial or energy environments. Awareness of industrial cyber security principles and requirements. Skills and Attributes Strong architectural thinking with the ability to balance strategic direction with practical delivery. Excellent stakeholder management skills, with the ability to influence engineering, operational and senior business stakeholders. Ability to communicate complex technical concepts clearly to both technical and non-technical audiences. A pragmatic approach to problem solving, balancing innovation with operational stability. Comfortable working across ambiguity and helping shape future-state capabilities. Collaborative mindset with the ability to work across multidisciplinary teams. Why join Centrica? This is an opportunity to play a key role in shaping the future of Centrica's power generation and energy storage capabilities. You will help define the architecture behind critical energy infrastructure, supporting the transition towards a more flexible, efficient and sustainable energy future. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.
Senior Operational Resilience Lead (Contract) Location: London or Bristol (Hybrid)Rate: £650 per dayDuration: 6 Months Initial Contract We're supporting a major financial services organisation in the appointment of a Senior Operational Resilience Lead to drive the next phase of its Operational Resilience programme. This is a highly visible role with responsibility for enhancing the organisation's resilience framework, embedding resilience thinking across the business, and supporting ongoing regulatory expectations. The successful candidate will work across multiple business and technology functions, influencing senior stakeholders and delivering tangible improvements to the firm's resilience posture. Key Responsibilities Operational Resilience Reporting & Metrics Review and enhance the existing Operational Resilience reporting framework. Develop meaningful management information and resilience metrics aligned to Important Business Services (IBSs). Establish reporting that demonstrates resilience improvements, vulnerability remediation, control effectiveness and strategic progress. Produce clear and actionable insights for senior leadership and governance forums. Training & Awareness Deliver and embed an Operational Resilience training and awareness programme. Create role-based training materials for key stakeholder groups, including Service Owners, Business Leaders and Technology teams. Drive engagement activities that increase awareness and accountability across the organisation. Ensure the programme is sustainable and embedded into business-as-usual operations. Resilience by Design Define practical resilience-by-design principles that can be adopted across change and transformation initiatives. Integrate resilience considerations into delivery lifecycles, governance processes and project frameworks. Work with change, architecture and delivery teams to ensure resilience requirements are considered from inception through to implementation. Tooling & Continuous Improvement Assess the current Operational Resilience tooling landscape and identify opportunities for improvement. Develop a roadmap for future-state capabilities and tooling enhancements. Collaborate with technology, risk and security stakeholders to support implementation planning and investment decisions. Vulnerable Customer Resilience Partner with vulnerable customer and business teams to assess resilience considerations during disruption events. Review whether Important Business Service assessments, impact tolerances and Business Continuity Plans adequately address vulnerable customer needs. Identify opportunities to strengthen customer outcomes during operational disruptions. Required Experience Proven experience leading Operational Resilience programmes within financial services. Strong understanding of UK Operational Resilience regulations and expectations. Experience working with Important Business Services (IBSs), impact tolerances, scenario testing and resilience assessments. Demonstrable experience developing governance reporting, metrics and management information. Ability to influence senior stakeholders across business, operations and technology functions. Experience embedding resilience requirements into change, transformation or technology delivery environments. Excellent communication, facilitation and stakeholder management skills. Desirable Experience within retail banking, insurance or wealth management. Business Continuity, Operational Risk or Enterprise Resilience background. Experience supporting regulatory reviews or resilience maturity assessments. Knowledge of vulnerable customer frameworks and customer outcome considerations. This role would suit an experienced Operational Resilience professional who enjoys working across strategy, governance, change and delivery, and is comfortable operating autonomously within a complex regulated environment.
Jul 10, 2026
Full time
Senior Operational Resilience Lead (Contract) Location: London or Bristol (Hybrid)Rate: £650 per dayDuration: 6 Months Initial Contract We're supporting a major financial services organisation in the appointment of a Senior Operational Resilience Lead to drive the next phase of its Operational Resilience programme. This is a highly visible role with responsibility for enhancing the organisation's resilience framework, embedding resilience thinking across the business, and supporting ongoing regulatory expectations. The successful candidate will work across multiple business and technology functions, influencing senior stakeholders and delivering tangible improvements to the firm's resilience posture. Key Responsibilities Operational Resilience Reporting & Metrics Review and enhance the existing Operational Resilience reporting framework. Develop meaningful management information and resilience metrics aligned to Important Business Services (IBSs). Establish reporting that demonstrates resilience improvements, vulnerability remediation, control effectiveness and strategic progress. Produce clear and actionable insights for senior leadership and governance forums. Training & Awareness Deliver and embed an Operational Resilience training and awareness programme. Create role-based training materials for key stakeholder groups, including Service Owners, Business Leaders and Technology teams. Drive engagement activities that increase awareness and accountability across the organisation. Ensure the programme is sustainable and embedded into business-as-usual operations. Resilience by Design Define practical resilience-by-design principles that can be adopted across change and transformation initiatives. Integrate resilience considerations into delivery lifecycles, governance processes and project frameworks. Work with change, architecture and delivery teams to ensure resilience requirements are considered from inception through to implementation. Tooling & Continuous Improvement Assess the current Operational Resilience tooling landscape and identify opportunities for improvement. Develop a roadmap for future-state capabilities and tooling enhancements. Collaborate with technology, risk and security stakeholders to support implementation planning and investment decisions. Vulnerable Customer Resilience Partner with vulnerable customer and business teams to assess resilience considerations during disruption events. Review whether Important Business Service assessments, impact tolerances and Business Continuity Plans adequately address vulnerable customer needs. Identify opportunities to strengthen customer outcomes during operational disruptions. Required Experience Proven experience leading Operational Resilience programmes within financial services. Strong understanding of UK Operational Resilience regulations and expectations. Experience working with Important Business Services (IBSs), impact tolerances, scenario testing and resilience assessments. Demonstrable experience developing governance reporting, metrics and management information. Ability to influence senior stakeholders across business, operations and technology functions. Experience embedding resilience requirements into change, transformation or technology delivery environments. Excellent communication, facilitation and stakeholder management skills. Desirable Experience within retail banking, insurance or wealth management. Business Continuity, Operational Risk or Enterprise Resilience background. Experience supporting regulatory reviews or resilience maturity assessments. Knowledge of vulnerable customer frameworks and customer outcome considerations. This role would suit an experienced Operational Resilience professional who enjoys working across strategy, governance, change and delivery, and is comfortable operating autonomously within a complex regulated environment.
hackajob is collaborating with EY to connect them with exceptional professionals for this role. Director, Cybersecurity, Engineering, OT, TC, UKI Location: London Other locations: Primary Location Only Salary: Competitive Date: 26 Jan 2026 Job description Requisition ID: At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Job Title: Director - Cybersecurity OT About EY: At EY, we are committed to building a better working world. Our Cybersecurity Consulting Practice is rapidly expanding, and we are investing in our capabilities to meet the increasing demand for cybersecurity solutions. Join us and be part of a global team of over 13,000 professionals dedicated to delivering cutting-edge security transformation programs and services. The Opportunity: As a Director in Cybersecurity, you will bring diverse perspectives and deep subject matter expertise to deliver high quality insights and outcomes for our clients. You will play a strategic leadership role in shaping and overseeing complex cybersecurity engagements, strengthening senior client relationships, and guiding teams to develop innovative, practical solutions that address the evolving security challenges organisations face. Key Responsibilities: Lead and manage large OT Security engagements, overseeing day to day delivery across industrial environments including manufacturing, energy, utilities, and critical infrastructure. Ensure delivery meets quality, time and budget expectations while navigating complex OT operational constraints. Apply deep technical and sector knowledge across OT, ICS, and IIoT environments to shape and deliver client programmes. Leverage expertise in IEC 62443, NIST CSF for OT, and the Purdue Model to conduct maturity assessments, design secure architectures, and lead OT cyber risk reduction initiatives. Identify, shape, and originate new OT security opportunities, using established industry relationships across engineering, operations, and cyber functions. Position the firm with senior OT decision makers, including engineering directors, CISOs, and asset owners, demonstrating a strong understanding of safety, reliability, and availability priorities. Partner with senior practice and market leaders to pursue high value OT security focused opportunities. Develop differentiated proposals, point of view materials, and transformation roadmaps aligned to industrial cybersecurity trends such as OT-IT convergence, zero trust for OT, asset visibility, and secure remote access. Provide visible leadership into a globally established high performing OT security team, sharing deep domain expertise in ICS/SCADA, industrial protocols, and secure OT architecture patterns. Mentor consultants to develop both technical skills and commercial acumen, fostering a culture of continuous learning and cross disciplinary collaboration. Develop impactful OT cybersecurity thought leadership, articulating market-relevant insights on IEC 62443 adoption, secure operations, industrial threat landscapes, and practical transformation strategies. Support the creation of frameworks and tools that differentiate the firm's OT security offering. Build and maintain strategic relationships with senior client leaders, including operations executives, heads of engineering, CTOs, and CISOs. Use these relationships to identify transformation opportunities, influence senior stakeholders, and steer delivery outcomes across complex industrial ecosystems. Skills and Attributes for Success: Exceptional communicator, able to clearly explain complex OT security concepts, risks, and architectures to both technical engineering teams and senior business stakeholders. Skilled at translating OT cyber risks into operational, safety, and financial impact. Strategic thinker with deep OT cybersecurity expertise, capable of diagnosing complex industrial cyber challenges and shaping robust, standards-aligned solutions (e.g., IEC 62443 reference models, Purdue Model segmentation strategies, OT Zero Trust). Able to secure executive buy in by aligning cyber outcomes with operational priorities such as uptime, safety, and regulatory compliance. Proven people leader, experienced in developing skilled OT cybersecurity teams through coaching, mentoring, and modelling inclusive, collaborative leadership behaviours. Strong commercial acumen, consistently delivering high quality outcomes, managing programme risks, and ensuring operational excellence across large scale industrial cybersecurity engagements. Experienced programme and engagement leader, adept at structuring and managing multi site OT security transformations, including asset discovery, segmentation, architecture redesign, and secure remote access implementation. Skilled at navigating the unique constraints of OT systems including legacy technologies and safety-critical environments. Pragmatic, client centric approach, able to navigate ambiguity across industrial operations, anticipate issues related to safety and continuity, and guide clients confidently through complex decision making regarding OT system modernisation and cyber risk reduction. Strong market access and trusted relationships, leveraging established networks in OT-heavy sectors (e.g., energy, utilities, manufacturing, transport) to influence market conversations, originate new opportunities, and position the firm as a leader in industrial cybersecurity. To Qualify for the Role, You Must Have: Proven experience defining and delivering OT centric cybersecurity strategies across industrial environments (ICS, SCADA, IIoT), with the ability to clearly articulate the operational and commercial value of OT security to senior stakeholders across engineering and enterprise leadership. A strong track record developing OT cybersecurity investment and transformation cases, including business justification, cost-benefit analysis, and prioritisation of remediation activities across multi site industrial estates. Capable of aligning OT security investment with organisational goals such as regulatory compliance, contractual obligations and digital transformation. Hands on experience designing and implementing OT security target operating models, covering governance, incident response, asset lifecycle management, engineering processes, and roles/responsibilities across IT-OT converged environments. Experienced in embedding secure by design principles aligned to IEC 62443, NIST , and recognised OT security best practice. Robust understanding of OT relevant cybersecurity regulations and frameworks, including IEC 62443, NIST , NIS/NIS2, sector specific regulatory requirements, and the Purdue Model for segmentation. Ideally, You'll Also Have: Relevant security and OT security specific qualifications, such as CISSP, CIISEC, GICSP, or ISA/IEC 62443 certifications. Experience operating within or alongside NCSC Assured Cyber Consultancies or equivalent industrial cybersecurity practices, including delivering OT threat assessments, architecture reviews, red team exercises, or resilience programmes in regulated sectors. Sector experience across OT heavy industries, such as Energy & Utilities, Oil & Gas, Manufacturing, Transport, Chemicals, Pharmaceuticals, or Critical National Infrastructure - with a strong understanding of engineering processes, operational constraints, and safety critical environments. Professional services experience delivering large scale OT cybersecurity transformations, working with multi disciplinary teams of engineers, cyber specialists, and operational leaders in market leading organisations. Please note: The successful candidate must undergo and pass checks in line with SC (Security Check) clearance standards after joining EY. These checks may include, but are not limited to, verification of identity, right to work in the UK, employment history, proof of address may be required and unspent criminal convictions. Candidates must be a UK national or have been a resident in the UK for a minimum of five years and ensure that they have not spent more than six months outside the UK. Join Us: At EY, you'll have the chance to build a meaningful and fulfilling career, supported by an inclusive culture and cutting-edge technology. Together, we can create a better working world for all. What we look for We're interested in people with integrity who can collaborate with people from a diverse range of backgrounds and crucially a growth mindset. What we offer We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Continuous learning: You'll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way. . click apply for full job details
Jul 08, 2026
Full time
hackajob is collaborating with EY to connect them with exceptional professionals for this role. Director, Cybersecurity, Engineering, OT, TC, UKI Location: London Other locations: Primary Location Only Salary: Competitive Date: 26 Jan 2026 Job description Requisition ID: At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. Job Title: Director - Cybersecurity OT About EY: At EY, we are committed to building a better working world. Our Cybersecurity Consulting Practice is rapidly expanding, and we are investing in our capabilities to meet the increasing demand for cybersecurity solutions. Join us and be part of a global team of over 13,000 professionals dedicated to delivering cutting-edge security transformation programs and services. The Opportunity: As a Director in Cybersecurity, you will bring diverse perspectives and deep subject matter expertise to deliver high quality insights and outcomes for our clients. You will play a strategic leadership role in shaping and overseeing complex cybersecurity engagements, strengthening senior client relationships, and guiding teams to develop innovative, practical solutions that address the evolving security challenges organisations face. Key Responsibilities: Lead and manage large OT Security engagements, overseeing day to day delivery across industrial environments including manufacturing, energy, utilities, and critical infrastructure. Ensure delivery meets quality, time and budget expectations while navigating complex OT operational constraints. Apply deep technical and sector knowledge across OT, ICS, and IIoT environments to shape and deliver client programmes. Leverage expertise in IEC 62443, NIST CSF for OT, and the Purdue Model to conduct maturity assessments, design secure architectures, and lead OT cyber risk reduction initiatives. Identify, shape, and originate new OT security opportunities, using established industry relationships across engineering, operations, and cyber functions. Position the firm with senior OT decision makers, including engineering directors, CISOs, and asset owners, demonstrating a strong understanding of safety, reliability, and availability priorities. Partner with senior practice and market leaders to pursue high value OT security focused opportunities. Develop differentiated proposals, point of view materials, and transformation roadmaps aligned to industrial cybersecurity trends such as OT-IT convergence, zero trust for OT, asset visibility, and secure remote access. Provide visible leadership into a globally established high performing OT security team, sharing deep domain expertise in ICS/SCADA, industrial protocols, and secure OT architecture patterns. Mentor consultants to develop both technical skills and commercial acumen, fostering a culture of continuous learning and cross disciplinary collaboration. Develop impactful OT cybersecurity thought leadership, articulating market-relevant insights on IEC 62443 adoption, secure operations, industrial threat landscapes, and practical transformation strategies. Support the creation of frameworks and tools that differentiate the firm's OT security offering. Build and maintain strategic relationships with senior client leaders, including operations executives, heads of engineering, CTOs, and CISOs. Use these relationships to identify transformation opportunities, influence senior stakeholders, and steer delivery outcomes across complex industrial ecosystems. Skills and Attributes for Success: Exceptional communicator, able to clearly explain complex OT security concepts, risks, and architectures to both technical engineering teams and senior business stakeholders. Skilled at translating OT cyber risks into operational, safety, and financial impact. Strategic thinker with deep OT cybersecurity expertise, capable of diagnosing complex industrial cyber challenges and shaping robust, standards-aligned solutions (e.g., IEC 62443 reference models, Purdue Model segmentation strategies, OT Zero Trust). Able to secure executive buy in by aligning cyber outcomes with operational priorities such as uptime, safety, and regulatory compliance. Proven people leader, experienced in developing skilled OT cybersecurity teams through coaching, mentoring, and modelling inclusive, collaborative leadership behaviours. Strong commercial acumen, consistently delivering high quality outcomes, managing programme risks, and ensuring operational excellence across large scale industrial cybersecurity engagements. Experienced programme and engagement leader, adept at structuring and managing multi site OT security transformations, including asset discovery, segmentation, architecture redesign, and secure remote access implementation. Skilled at navigating the unique constraints of OT systems including legacy technologies and safety-critical environments. Pragmatic, client centric approach, able to navigate ambiguity across industrial operations, anticipate issues related to safety and continuity, and guide clients confidently through complex decision making regarding OT system modernisation and cyber risk reduction. Strong market access and trusted relationships, leveraging established networks in OT-heavy sectors (e.g., energy, utilities, manufacturing, transport) to influence market conversations, originate new opportunities, and position the firm as a leader in industrial cybersecurity. To Qualify for the Role, You Must Have: Proven experience defining and delivering OT centric cybersecurity strategies across industrial environments (ICS, SCADA, IIoT), with the ability to clearly articulate the operational and commercial value of OT security to senior stakeholders across engineering and enterprise leadership. A strong track record developing OT cybersecurity investment and transformation cases, including business justification, cost-benefit analysis, and prioritisation of remediation activities across multi site industrial estates. Capable of aligning OT security investment with organisational goals such as regulatory compliance, contractual obligations and digital transformation. Hands on experience designing and implementing OT security target operating models, covering governance, incident response, asset lifecycle management, engineering processes, and roles/responsibilities across IT-OT converged environments. Experienced in embedding secure by design principles aligned to IEC 62443, NIST , and recognised OT security best practice. Robust understanding of OT relevant cybersecurity regulations and frameworks, including IEC 62443, NIST , NIS/NIS2, sector specific regulatory requirements, and the Purdue Model for segmentation. Ideally, You'll Also Have: Relevant security and OT security specific qualifications, such as CISSP, CIISEC, GICSP, or ISA/IEC 62443 certifications. Experience operating within or alongside NCSC Assured Cyber Consultancies or equivalent industrial cybersecurity practices, including delivering OT threat assessments, architecture reviews, red team exercises, or resilience programmes in regulated sectors. Sector experience across OT heavy industries, such as Energy & Utilities, Oil & Gas, Manufacturing, Transport, Chemicals, Pharmaceuticals, or Critical National Infrastructure - with a strong understanding of engineering processes, operational constraints, and safety critical environments. Professional services experience delivering large scale OT cybersecurity transformations, working with multi disciplinary teams of engineers, cyber specialists, and operational leaders in market leading organisations. Please note: The successful candidate must undergo and pass checks in line with SC (Security Check) clearance standards after joining EY. These checks may include, but are not limited to, verification of identity, right to work in the UK, employment history, proof of address may be required and unspent criminal convictions. Candidates must be a UK national or have been a resident in the UK for a minimum of five years and ensure that they have not spent more than six months outside the UK. Join Us: At EY, you'll have the chance to build a meaningful and fulfilling career, supported by an inclusive culture and cutting-edge technology. Together, we can create a better working world for all. What we look for We're interested in people with integrity who can collaborate with people from a diverse range of backgrounds and crucially a growth mindset. What we offer We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer: Continuous learning: You'll develop the mindset and skills to navigate whatever comes next. Success as defined by you: We'll provide the tools and flexibility, so you can make a meaningful impact, your way. . click apply for full job details
Cloud Systems Engineer Permanent Hybrid Working South Wales Are you an experienced Cloud Engineer looking for an opportunity to shape cloud strategy, influence technical decisions, and take ownership of a growing multi-cloud environment? We're supporting a well-established organisation undergoing a significant digital transformation programme. As part of this journey, they're looking to appoint a Cloud Systems Engineer to lead the design, security, operation and continuous improvement of their cloud platforms. This role will suit someone who thrives on solving complex technical challenges, enjoys working across multiple teams, and wants to play a key role in delivering secure, resilient and scalable cloud services. The Role As the Cloud Systems Engineer, you'll act as the organisation's cloud subject matter expert, taking primary responsibility for AWS environments while also supporting Azure and Microsoft 365 services. You'll be responsible for designing, implementing and managing cloud infrastructure, ensuring platforms remain secure, cost-effective, highly available and aligned to best practice. Working closely with infrastructure, development, cyber security and support teams, you'll provide both hands-on engineering expertise and strategic technical guidance. Key Responsibilities Cloud Engineering & Architecture Design, build and maintain secure cloud infrastructure across AWS and Azure Develop cloud architectures aligned with industry best practice and the AWS Well-Architected Framework Implement and manage Infrastructure as Code (CloudFormation and similar technologies) Design secure multi-account environments, networking and connectivity solutions Define cloud standards, patterns and engineering best practices Support the organisation's ongoing digital transformation initiatives Security, Identity & Governance Implement and maintain secure identity and access management controls Apply Zero Trust and least-privilege security principles Integrate AWS workloads with Microsoft Entra ID Manage cloud-native security services, monitoring and alerting Work alongside cyber security teams to improve security posture and reduce risk Resilience & Operations Manage monitoring, performance and availability across cloud environments Design and maintain backup, disaster recovery and business continuity solutions Provide 3rd line support for cloud-related incidents and technical issues Support service reliability and operational excellence Cost & Performance Optimisation Monitor cloud consumption and costs Implement governance, reporting and optimisation measures Balance performance, resilience and commercial efficiency What We're Looking For Essential Experience Strong hands-on AWS engineering experience within an enterprise or commercial environment Experience acting as a cloud SME or technical authority Experience designing and operating secure cloud platforms Strong infrastructure automation and Infrastructure as Code experience Experience working closely with cyber security teams Technical Skills AWS EC2, Auto Scaling and Load Balancing VPC design, networking and connectivity RDS and managed database services Lambda and event-driven architectures IAM, KMS, Secrets Manager and Parameter Store CloudWatch, CloudTrail and AWS Config GuardDuty, Security Hub, WAF and other AWS security services AWS Organizations Azure networking, virtual machines and monitoring Microsoft Entra ID, MFA and Conditional Access AWS and Azure identity integration Desirable Microsoft 365 administration and governance IBM Cloud exposure Hybrid or multi-cloud experience Experience supporting large-scale transformation programmes Knowledge of OAuth2, OIDC and SAML Certifications Highly desirable: AWS Solutions Architect Associate or Professional Additional certifications welcomed: AWS Security Specialty Azure Certifications Microsoft 365 Certifications Security+ CCNA Other infrastructure, networking or cyber security qualifications What's in It for You? Salary of £47,00 - £51,000 Hybrid working model in South Wales Generous annual leave entitlement Excellent pension scheme Ongoing professional development and training opportunities Opportunity to play a key role in a major cloud transformation programme Collaborative and supportive working environment Apply Now If you're a skilled AWS-focused Cloud/Infrastructure Engineer looking to combine architecture, security, automation and technical leadership in a highly visible role, we'd love to hear from you.
Jul 07, 2026
Full time
Cloud Systems Engineer Permanent Hybrid Working South Wales Are you an experienced Cloud Engineer looking for an opportunity to shape cloud strategy, influence technical decisions, and take ownership of a growing multi-cloud environment? We're supporting a well-established organisation undergoing a significant digital transformation programme. As part of this journey, they're looking to appoint a Cloud Systems Engineer to lead the design, security, operation and continuous improvement of their cloud platforms. This role will suit someone who thrives on solving complex technical challenges, enjoys working across multiple teams, and wants to play a key role in delivering secure, resilient and scalable cloud services. The Role As the Cloud Systems Engineer, you'll act as the organisation's cloud subject matter expert, taking primary responsibility for AWS environments while also supporting Azure and Microsoft 365 services. You'll be responsible for designing, implementing and managing cloud infrastructure, ensuring platforms remain secure, cost-effective, highly available and aligned to best practice. Working closely with infrastructure, development, cyber security and support teams, you'll provide both hands-on engineering expertise and strategic technical guidance. Key Responsibilities Cloud Engineering & Architecture Design, build and maintain secure cloud infrastructure across AWS and Azure Develop cloud architectures aligned with industry best practice and the AWS Well-Architected Framework Implement and manage Infrastructure as Code (CloudFormation and similar technologies) Design secure multi-account environments, networking and connectivity solutions Define cloud standards, patterns and engineering best practices Support the organisation's ongoing digital transformation initiatives Security, Identity & Governance Implement and maintain secure identity and access management controls Apply Zero Trust and least-privilege security principles Integrate AWS workloads with Microsoft Entra ID Manage cloud-native security services, monitoring and alerting Work alongside cyber security teams to improve security posture and reduce risk Resilience & Operations Manage monitoring, performance and availability across cloud environments Design and maintain backup, disaster recovery and business continuity solutions Provide 3rd line support for cloud-related incidents and technical issues Support service reliability and operational excellence Cost & Performance Optimisation Monitor cloud consumption and costs Implement governance, reporting and optimisation measures Balance performance, resilience and commercial efficiency What We're Looking For Essential Experience Strong hands-on AWS engineering experience within an enterprise or commercial environment Experience acting as a cloud SME or technical authority Experience designing and operating secure cloud platforms Strong infrastructure automation and Infrastructure as Code experience Experience working closely with cyber security teams Technical Skills AWS EC2, Auto Scaling and Load Balancing VPC design, networking and connectivity RDS and managed database services Lambda and event-driven architectures IAM, KMS, Secrets Manager and Parameter Store CloudWatch, CloudTrail and AWS Config GuardDuty, Security Hub, WAF and other AWS security services AWS Organizations Azure networking, virtual machines and monitoring Microsoft Entra ID, MFA and Conditional Access AWS and Azure identity integration Desirable Microsoft 365 administration and governance IBM Cloud exposure Hybrid or multi-cloud experience Experience supporting large-scale transformation programmes Knowledge of OAuth2, OIDC and SAML Certifications Highly desirable: AWS Solutions Architect Associate or Professional Additional certifications welcomed: AWS Security Specialty Azure Certifications Microsoft 365 Certifications Security+ CCNA Other infrastructure, networking or cyber security qualifications What's in It for You? Salary of £47,00 - £51,000 Hybrid working model in South Wales Generous annual leave entitlement Excellent pension scheme Ongoing professional development and training opportunities Opportunity to play a key role in a major cloud transformation programme Collaborative and supportive working environment Apply Now If you're a skilled AWS-focused Cloud/Infrastructure Engineer looking to combine architecture, security, automation and technical leadership in a highly visible role, we'd love to hear from you.
Technical Lead (Contract) Contract: Initial 6-Month Contract (Rolling) Rate: £500-£650 per day Location: London (Hybrid Working) Reporting to: Head of Service Delivery Technical Lead - Enterprise Technology & Service Operations We are currently seeking an experienced Technical Lead to join a high-profile organisation on an initial 6-month rolling contract. This is an excellent opportunity for a hands-on technical leader to take ownership of a complex enterprise technology estate, ensuring operational excellence, resilience, security, and continuous improvement across business-critical systems. Working closely with the Enterprise Architect, Head of Service Delivery, managed service providers, and senior business stakeholders, you will play a key role in bridging the gap between technology design and operational delivery, ensuring new solutions are successfully transitioned into BAU support and optimised throughout their lifecycle. Key Responsibilities Lead the transition of newly implemented technology solutions into operational support. Act as the technical custodian for the live IT environment, ensuring stability, resilience, performance, and security. Provide technical governance and oversight of third-party managed service providers. Assess technical changes for impact, risk, and alignment with architectural standards. Lead root cause analysis and resolution of major incidents and recurring technical issues. Maintain technical standards, documentation, and operational architecture artefacts. Drive platform lifecycle management, upgrades, patching strategies, and technical debt reduction. Collaborate with Security and Resilience teams to ensure secure-by-design principles are embedded throughout the technology estate. Facilitate technical reviews with stakeholders to identify risks, improvements, and optimisation opportunities. Contribute operational insight into technology roadmap planning and future-state initiatives. Ensure compliance, security, and regulatory requirements are effectively managed. Required Experience We're looking for a technically strong leader with broad enterprise technology experience and a proven track record of operating within complex environments. Essential Skills Strong technical expertise across enterprise infrastructure, cloud platforms, security, systems, and integration technologies. Experience supporting enterprise architecture within operational environments. Strong understanding of ITIL and service management best practices. Ability to translate architectural designs into sustainable operational support models. Experience managing and governing outsourced or managed service providers. Strong knowledge of change management, risk assessment, and technical governance. Experience balancing BAU support, operational improvement, and strategic technology initiatives. Comfortable working within both agile and traditional delivery frameworks. Stakeholder Management Excellent communication and stakeholder engagement skills. Ability to influence senior business and technology stakeholders. Proven experience working closely with architects, service delivery teams, and external partners. Strong leadership skills with the ability to drive technical discussions and resolve complex issues. Passion for operational excellence, documentation standards, and continuous improvement. What's on Offer? Initial 6-month contract with strong likelihood of extension. Competitive day rate of £500-£650 per day. Hybrid working model with a London-based office. Opportunity to influence the operational direction of a large-scale enterprise technology environment. Work alongside senior technology leaders and architects on strategically important initiatives. If you're an experienced Technical Lead with a strong background in enterprise technology operations, service governance, and stakeholder management, we'd like to hear from you.
Jul 07, 2026
Contractor
Technical Lead (Contract) Contract: Initial 6-Month Contract (Rolling) Rate: £500-£650 per day Location: London (Hybrid Working) Reporting to: Head of Service Delivery Technical Lead - Enterprise Technology & Service Operations We are currently seeking an experienced Technical Lead to join a high-profile organisation on an initial 6-month rolling contract. This is an excellent opportunity for a hands-on technical leader to take ownership of a complex enterprise technology estate, ensuring operational excellence, resilience, security, and continuous improvement across business-critical systems. Working closely with the Enterprise Architect, Head of Service Delivery, managed service providers, and senior business stakeholders, you will play a key role in bridging the gap between technology design and operational delivery, ensuring new solutions are successfully transitioned into BAU support and optimised throughout their lifecycle. Key Responsibilities Lead the transition of newly implemented technology solutions into operational support. Act as the technical custodian for the live IT environment, ensuring stability, resilience, performance, and security. Provide technical governance and oversight of third-party managed service providers. Assess technical changes for impact, risk, and alignment with architectural standards. Lead root cause analysis and resolution of major incidents and recurring technical issues. Maintain technical standards, documentation, and operational architecture artefacts. Drive platform lifecycle management, upgrades, patching strategies, and technical debt reduction. Collaborate with Security and Resilience teams to ensure secure-by-design principles are embedded throughout the technology estate. Facilitate technical reviews with stakeholders to identify risks, improvements, and optimisation opportunities. Contribute operational insight into technology roadmap planning and future-state initiatives. Ensure compliance, security, and regulatory requirements are effectively managed. Required Experience We're looking for a technically strong leader with broad enterprise technology experience and a proven track record of operating within complex environments. Essential Skills Strong technical expertise across enterprise infrastructure, cloud platforms, security, systems, and integration technologies. Experience supporting enterprise architecture within operational environments. Strong understanding of ITIL and service management best practices. Ability to translate architectural designs into sustainable operational support models. Experience managing and governing outsourced or managed service providers. Strong knowledge of change management, risk assessment, and technical governance. Experience balancing BAU support, operational improvement, and strategic technology initiatives. Comfortable working within both agile and traditional delivery frameworks. Stakeholder Management Excellent communication and stakeholder engagement skills. Ability to influence senior business and technology stakeholders. Proven experience working closely with architects, service delivery teams, and external partners. Strong leadership skills with the ability to drive technical discussions and resolve complex issues. Passion for operational excellence, documentation standards, and continuous improvement. What's on Offer? Initial 6-month contract with strong likelihood of extension. Competitive day rate of £500-£650 per day. Hybrid working model with a London-based office. Opportunity to influence the operational direction of a large-scale enterprise technology environment. Work alongside senior technology leaders and architects on strategically important initiatives. If you're an experienced Technical Lead with a strong background in enterprise technology operations, service governance, and stakeholder management, we'd like to hear from you.
Role Specification - Mobile Voice Core Signalling Designer Role Purpose The Mobile Voice Core Signalling Designer is responsible for designing and supporting signalling solutions across the mobile core voice network, ensuring designs are robust, scalable, secure, and aligned with business and customer requirements. Working within the Signalling Design team, the role provides technical leadership for signalling-related projects, produces high and low-level designs, and collaborates with internal stakeholders and vendors to support network evolution and service delivery. Key Responsibilities Design signalling solutions for core voice network platforms, including IP STP, DSC (DRA/DEA), IMS, and Legacy voice core nodes. Produce high- and low-level design documentation, including capacity modelling and network impact assessments. Support the development of automated testing capabilities for 5G Standalone (5G SA) and Legacy core network platforms. Provide technical design guidance to project teams and ensure solutions meet performance, resilience, security, and fraud prevention requirements. Develop Statements of Requirements (SoRs), review supplier Statements of Compliance (SoCs), Statements of Work (SoWs), and vendor proposals. Assess the impact of network evolution initiatives and contribute to technology roadmaps covering hardware, software, capacity, and capability planning. Collaborate with engineering, operations, vendors, and third parties to deliver successful project outcomes. Ensure designs comply with industry standards, operational requirements, and network architecture principles. Knowledge, Skills & Experience Strong understanding of mobile core networks, including 2G, 3G, 4G, IMS, and 5G signalling architectures. Experience with signalling protocols such as SS7, SIGTRAN, SIP, Diameter, and MAP. Knowledge of networking principles, traffic engineering, switching technologies, and telecommunications standards. Experience producing technical design documentation and supporting complex network transformation projects. Strong analytical and problem-solving skills with the ability to balance technical and business requirements. Excellent communication and stakeholder management skills, with the ability to explain complex technical concepts to both technical and non-technical audiences. Self-motivated and able to work independently while contributing effectively within cross-functional teams.
Jul 07, 2026
Contractor
Role Specification - Mobile Voice Core Signalling Designer Role Purpose The Mobile Voice Core Signalling Designer is responsible for designing and supporting signalling solutions across the mobile core voice network, ensuring designs are robust, scalable, secure, and aligned with business and customer requirements. Working within the Signalling Design team, the role provides technical leadership for signalling-related projects, produces high and low-level designs, and collaborates with internal stakeholders and vendors to support network evolution and service delivery. Key Responsibilities Design signalling solutions for core voice network platforms, including IP STP, DSC (DRA/DEA), IMS, and Legacy voice core nodes. Produce high- and low-level design documentation, including capacity modelling and network impact assessments. Support the development of automated testing capabilities for 5G Standalone (5G SA) and Legacy core network platforms. Provide technical design guidance to project teams and ensure solutions meet performance, resilience, security, and fraud prevention requirements. Develop Statements of Requirements (SoRs), review supplier Statements of Compliance (SoCs), Statements of Work (SoWs), and vendor proposals. Assess the impact of network evolution initiatives and contribute to technology roadmaps covering hardware, software, capacity, and capability planning. Collaborate with engineering, operations, vendors, and third parties to deliver successful project outcomes. Ensure designs comply with industry standards, operational requirements, and network architecture principles. Knowledge, Skills & Experience Strong understanding of mobile core networks, including 2G, 3G, 4G, IMS, and 5G signalling architectures. Experience with signalling protocols such as SS7, SIGTRAN, SIP, Diameter, and MAP. Knowledge of networking principles, traffic engineering, switching technologies, and telecommunications standards. Experience producing technical design documentation and supporting complex network transformation projects. Strong analytical and problem-solving skills with the ability to balance technical and business requirements. Excellent communication and stakeholder management skills, with the ability to explain complex technical concepts to both technical and non-technical audiences. Self-motivated and able to work independently while contributing effectively within cross-functional teams.
Location: London (Hybrid, 3 days on-site - City of London) Duration: Contract (6-9 months initially with potential for extension) Key Essential Skills: Strong architecture experience - mapping as-is and to-be states, defining transformation pathways, and developing target-state architectures that align with business strategy. Proven experience in Operational Risk and Resilience frameworks within large, regulated financial environments. Deep exposure to Governance, Risk & Compliance (GRC) tools and frameworks - understanding how policies, controls, and data constructs InterconnecT (eg DORA, MiFID II, SOX, ISO22301). Strong knowledge of technology architecture principles and how they intersect with risk and resilience objectives. Proven ability to manage and influence senior stakeholders, gaining alignment across Risk, Compliance, and Technology leadership teams. Experience working across the three lines of defence, partnering with Risk, Compliance, and Architecture Governance functions. Excellent communication skills, capable of articulating complex architectural and risk concepts to both technical and non-technical audiences. Desirable Skills Prior experience in operational resilience, technology risk, or enterprise architecture within financial services. Familiarity with enterprise architecture and control frameworks (TOGAF, SABSA, NIST). Hands-on experience with resilience testing, RCSA, or control design . Exposure to GRC tooling ecosystems such as MetricStream, ServiceNow GRC, or Archer. Background in consulting or transformation programmes , particularly around risk and compliance integration. Understanding of automation, metrics, and control assurance tooling . Overview: We have an exciting opportunity for an experienced Operational Risk & Resilience Architect to join Thebes Group , supporting a major financial institution in defining and delivering its next-generation risk and resilience architecture. This strategic and hands-on role combines architectural strategy, GRC enablement, and stakeholder influence . You'll be responsible for assessing the current ecosystem, designing the target-state architecture, and shaping a pragmatic transformation roadmap that connects technology, controls, and business outcomes. Working across Risk, Compliance, and Technology, you'll ensure that resilience, control effectiveness, and governance are Embedded into every layer of the organisation's operating model. The ideal candidate will demonstrate the credibility, confidence, and influence to bring diverse senior stakeholders together behind a unified architectural vision - turning regulatory and risk requirements into practical, measurable design outcomes that enhance organisational resilience. Role & Responsibilities: Architecture & Target State Design Assess the current ( as-is ) architectural landscape and define a clear, actionable ( to-be ) target state. Map the transformation journey - immediate improvements, medium-term priorities, and long-term strategic objectives. Develop architectural blueprints that align technology solutions with enterprise goals, regulatory expectations, and resilience outcomes. Risk & Resilience Framework Design Design and implement enterprise-level operational resilience frameworks aligned to DORA, PRA SS1/21, ISO22301, and related standards. Define and document risk control architectures , ensuring processes, technologies, and controls align with risk appetite and governance requirements. Develop and maintain control taxonomies , impact tolerance metrics , and resilience testing methodologies . GRC & Control Integration Leverage experience with GRC tools and data models to integrate policies, controls, and standards within enterprise architectures. Connect regulatory compliance , operational risk , and technical controls into a cohesive architecture. Collaborate with Risk and Compliance to ensure consistent control application and traceability. Governance & Oversight Partner with Operational Risk , Compliance , and Architecture Governance teams to ensure consistent application of resilience and control principles. Support RCSA processes , control assessments , and governance reviews . Produce and present risk and resilience dashboards , reports, and architectural artefacts to senior stakeholders. Stakeholder Engagement & Influence Manage upwards - influencing senior stakeholders with clarity, credibility, and confidence. Build alignment across functions through a balanced and collaborative approach to change. Act as a trusted advisor, providing architectural insight that drives business confidence in transformation decisions. Importance of Influence: Beyond technical and architectural capability, the ideal candidate will possess the ability to influence through confidence and credibility - guiding senior stakeholders toward consensus and adoption of the architectural vision. They will not only design the path forward but bring others along with it. Outline Thebes Group: Thebes Group is a leading UK wide IT infrastructure technology consultancy. We are well-known for our extensive talent pool of highly competent IT professionals and exclusive Academy programmes, which provide a great opportunity to undertake technical training in core disciplines. Thebes work with a number of leading vendors, Government, financial institutions and insurance companies including investment banks, brokers and hedge funds. Thebes does IT solutions & services differently from most other IT service providers. As an Assured Outcome Provider (AOP) we have spent fifteen years willingly sharing the client's risk with them by focusing on outputs (ie quality service & solutions and ROI) rather than inputs (ie pricelists and headcount). We do this by fitting our skills, solutions & capabilities to needs, augmenting our staff with enthusiastic professionals from our Academy programme and remaining flexible as our clients' needs change.
Oct 08, 2025
Contractor
Location: London (Hybrid, 3 days on-site - City of London) Duration: Contract (6-9 months initially with potential for extension) Key Essential Skills: Strong architecture experience - mapping as-is and to-be states, defining transformation pathways, and developing target-state architectures that align with business strategy. Proven experience in Operational Risk and Resilience frameworks within large, regulated financial environments. Deep exposure to Governance, Risk & Compliance (GRC) tools and frameworks - understanding how policies, controls, and data constructs InterconnecT (eg DORA, MiFID II, SOX, ISO22301). Strong knowledge of technology architecture principles and how they intersect with risk and resilience objectives. Proven ability to manage and influence senior stakeholders, gaining alignment across Risk, Compliance, and Technology leadership teams. Experience working across the three lines of defence, partnering with Risk, Compliance, and Architecture Governance functions. Excellent communication skills, capable of articulating complex architectural and risk concepts to both technical and non-technical audiences. Desirable Skills Prior experience in operational resilience, technology risk, or enterprise architecture within financial services. Familiarity with enterprise architecture and control frameworks (TOGAF, SABSA, NIST). Hands-on experience with resilience testing, RCSA, or control design . Exposure to GRC tooling ecosystems such as MetricStream, ServiceNow GRC, or Archer. Background in consulting or transformation programmes , particularly around risk and compliance integration. Understanding of automation, metrics, and control assurance tooling . Overview: We have an exciting opportunity for an experienced Operational Risk & Resilience Architect to join Thebes Group , supporting a major financial institution in defining and delivering its next-generation risk and resilience architecture. This strategic and hands-on role combines architectural strategy, GRC enablement, and stakeholder influence . You'll be responsible for assessing the current ecosystem, designing the target-state architecture, and shaping a pragmatic transformation roadmap that connects technology, controls, and business outcomes. Working across Risk, Compliance, and Technology, you'll ensure that resilience, control effectiveness, and governance are Embedded into every layer of the organisation's operating model. The ideal candidate will demonstrate the credibility, confidence, and influence to bring diverse senior stakeholders together behind a unified architectural vision - turning regulatory and risk requirements into practical, measurable design outcomes that enhance organisational resilience. Role & Responsibilities: Architecture & Target State Design Assess the current ( as-is ) architectural landscape and define a clear, actionable ( to-be ) target state. Map the transformation journey - immediate improvements, medium-term priorities, and long-term strategic objectives. Develop architectural blueprints that align technology solutions with enterprise goals, regulatory expectations, and resilience outcomes. Risk & Resilience Framework Design Design and implement enterprise-level operational resilience frameworks aligned to DORA, PRA SS1/21, ISO22301, and related standards. Define and document risk control architectures , ensuring processes, technologies, and controls align with risk appetite and governance requirements. Develop and maintain control taxonomies , impact tolerance metrics , and resilience testing methodologies . GRC & Control Integration Leverage experience with GRC tools and data models to integrate policies, controls, and standards within enterprise architectures. Connect regulatory compliance , operational risk , and technical controls into a cohesive architecture. Collaborate with Risk and Compliance to ensure consistent control application and traceability. Governance & Oversight Partner with Operational Risk , Compliance , and Architecture Governance teams to ensure consistent application of resilience and control principles. Support RCSA processes , control assessments , and governance reviews . Produce and present risk and resilience dashboards , reports, and architectural artefacts to senior stakeholders. Stakeholder Engagement & Influence Manage upwards - influencing senior stakeholders with clarity, credibility, and confidence. Build alignment across functions through a balanced and collaborative approach to change. Act as a trusted advisor, providing architectural insight that drives business confidence in transformation decisions. Importance of Influence: Beyond technical and architectural capability, the ideal candidate will possess the ability to influence through confidence and credibility - guiding senior stakeholders toward consensus and adoption of the architectural vision. They will not only design the path forward but bring others along with it. Outline Thebes Group: Thebes Group is a leading UK wide IT infrastructure technology consultancy. We are well-known for our extensive talent pool of highly competent IT professionals and exclusive Academy programmes, which provide a great opportunity to undertake technical training in core disciplines. Thebes work with a number of leading vendors, Government, financial institutions and insurance companies including investment banks, brokers and hedge funds. Thebes does IT solutions & services differently from most other IT service providers. As an Assured Outcome Provider (AOP) we have spent fifteen years willingly sharing the client's risk with them by focusing on outputs (ie quality service & solutions and ROI) rather than inputs (ie pricelists and headcount). We do this by fitting our skills, solutions & capabilities to needs, augmenting our staff with enthusiastic professionals from our Academy programme and remaining flexible as our clients' needs change.
Role Title: Senior Security AI Solution Architect/Consultant Duration: contract to run until 26/03/2026 Location: London, Hybrid/Flexible (Occasional travel to NW may be required) Rate: up to £671 p/d Umbrella inside IR35 Role purpose/summary Our client is looking for a Snr Security AI Solution Architect/Consultant To support and deliver secure AI solutions within financial services. The architect will shape strategy, design future-state architecture, and deliver practical security capabilities for AI adoption, ensuring compliance with evolving regulations and maintaining a strong security posture. Key Skills/requirements Assess "as-is" and "to-be" security architectures for AI Platforms, AI & GENAI Delivery Roadmaps. Share Security AI & GENAI Security Learnings & Subject Matter Expertise. Shape the short- & long-term AI Security Architecture Strategy incorporating regulation (EUAI Act), standards, framework & policy priorities. Develop architectural documentation for AI security initiatives. Support the delivery of the AI Security Architecture Strategy across both internal & external stakeholders to Security. Ensure there is a fit for purpose set of Functional and Non-Functional Requirements for project technology deliveries Provide hands-on delivery support where required. General "architect" responsibilities that they would also contribute to: Ensure there is a current Security Architecture defined and maintained for key domains (eg, Endpoint, Cloud, Network, etc.) which clearly outlines the security principles, requirements and capabilities required and how those are instantiated Ensure there is an architectural vision for all projects that at minimum has a component architecture and high-level business process defined (including the product owner and operational team) Ensure architecture artifacts allow to us to quickly answer and evidence routine regulatory queries and attestations Ensure there is a fit for purpose set of Functional and Non-Functional Requirements for project technology deliveries Map security tooling deployed in the estate (including non-standard environments and non-CISO managed technologies) to the capabilities it implements (not the set of product features - what is actually in use and operationalised) Ensure that projects have correctly aligned scope to Cyber Excellence Programmes and technology/platform strategy Provide input to and take ownership of relevant architectural artifacts that will be produced as part of Excellence Programme workstreams. Survey emerging threats and emerging technologies to identify opportunities for targeted innovation exercises such Proof of Value evaluations Produce patterns which outline solutions for commonly occurring business security needs and security service consumption Validate patterns are adopted by control domain solutions Support Security Consultants as required on complex engagements and provide architectural artifacts such as patterns and principles where necessary Essential Skills & Experience Proven experience as a Security Solution Architect Deep understanding of AI and Generative AI technologies. Deep understanding of AI and Generative AI Security Capabilities. Knowledge of infrastructure and cloud security (AWS; exposure to Azure, GCP, and on-premise environments also valuable). Areas of Knowledge/Skillset: Emergent Technology Governance Artificial Intelligence Data Security within AI Systems Machine Learning AI Operation Cyber recovery IT Infrastructure, Cloud Risk and Regulation Experience in financial services environments. Ability to work across both strategic (roadmaps, future planning) and tactical (delivery, hands-on execution) levels. Personable and collaborative approach, with the ability to engage stakeholders and "roll up sleeves" when needed. Desirable Skills: Experience with regulatory compliance in AI and security, especially EU AI Act. Previous work on securing AI models and platforms (model trust, data security, usage monitoring). AI & GenAI Architecture: Design and implementation of AI factories, pipelines, and modular platforms across regulated environments. GenAI System Design and Implementation: End to end delivery of AI and GenAI systems using modern architecture techniques including LLM optimisation, RAG and Agentic design. AI Risk Management & Governance: Development of bespoke risk frameworks, taxonomies, and AI control libraries tailored to MRM, CRO, and CDO functions. Responsible & Ethical AI: Integration of RAI principles into system design, controls, audit frameworks, and enterprise AI strategies. Cyber & Resilience in AI: Embedding threat modelling, adversarial robustness, data integrity, and continuity planning into AI solution architecture. AI Enablement & Delivery: End-to-end AI life cycle orchestration including readiness assessments, regulatory reviews, and business adoption. Emerging Technology Strategy: Digital responsibility, AI assurance, and horizon scanning for next-gen regulatory, legal, and societal risks. Experience liaising with senior stakeholders and external consultancies (PwC, Accenture, etc.) All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Oct 03, 2025
Contractor
Role Title: Senior Security AI Solution Architect/Consultant Duration: contract to run until 26/03/2026 Location: London, Hybrid/Flexible (Occasional travel to NW may be required) Rate: up to £671 p/d Umbrella inside IR35 Role purpose/summary Our client is looking for a Snr Security AI Solution Architect/Consultant To support and deliver secure AI solutions within financial services. The architect will shape strategy, design future-state architecture, and deliver practical security capabilities for AI adoption, ensuring compliance with evolving regulations and maintaining a strong security posture. Key Skills/requirements Assess "as-is" and "to-be" security architectures for AI Platforms, AI & GENAI Delivery Roadmaps. Share Security AI & GENAI Security Learnings & Subject Matter Expertise. Shape the short- & long-term AI Security Architecture Strategy incorporating regulation (EUAI Act), standards, framework & policy priorities. Develop architectural documentation for AI security initiatives. Support the delivery of the AI Security Architecture Strategy across both internal & external stakeholders to Security. Ensure there is a fit for purpose set of Functional and Non-Functional Requirements for project technology deliveries Provide hands-on delivery support where required. General "architect" responsibilities that they would also contribute to: Ensure there is a current Security Architecture defined and maintained for key domains (eg, Endpoint, Cloud, Network, etc.) which clearly outlines the security principles, requirements and capabilities required and how those are instantiated Ensure there is an architectural vision for all projects that at minimum has a component architecture and high-level business process defined (including the product owner and operational team) Ensure architecture artifacts allow to us to quickly answer and evidence routine regulatory queries and attestations Ensure there is a fit for purpose set of Functional and Non-Functional Requirements for project technology deliveries Map security tooling deployed in the estate (including non-standard environments and non-CISO managed technologies) to the capabilities it implements (not the set of product features - what is actually in use and operationalised) Ensure that projects have correctly aligned scope to Cyber Excellence Programmes and technology/platform strategy Provide input to and take ownership of relevant architectural artifacts that will be produced as part of Excellence Programme workstreams. Survey emerging threats and emerging technologies to identify opportunities for targeted innovation exercises such Proof of Value evaluations Produce patterns which outline solutions for commonly occurring business security needs and security service consumption Validate patterns are adopted by control domain solutions Support Security Consultants as required on complex engagements and provide architectural artifacts such as patterns and principles where necessary Essential Skills & Experience Proven experience as a Security Solution Architect Deep understanding of AI and Generative AI technologies. Deep understanding of AI and Generative AI Security Capabilities. Knowledge of infrastructure and cloud security (AWS; exposure to Azure, GCP, and on-premise environments also valuable). Areas of Knowledge/Skillset: Emergent Technology Governance Artificial Intelligence Data Security within AI Systems Machine Learning AI Operation Cyber recovery IT Infrastructure, Cloud Risk and Regulation Experience in financial services environments. Ability to work across both strategic (roadmaps, future planning) and tactical (delivery, hands-on execution) levels. Personable and collaborative approach, with the ability to engage stakeholders and "roll up sleeves" when needed. Desirable Skills: Experience with regulatory compliance in AI and security, especially EU AI Act. Previous work on securing AI models and platforms (model trust, data security, usage monitoring). AI & GenAI Architecture: Design and implementation of AI factories, pipelines, and modular platforms across regulated environments. GenAI System Design and Implementation: End to end delivery of AI and GenAI systems using modern architecture techniques including LLM optimisation, RAG and Agentic design. AI Risk Management & Governance: Development of bespoke risk frameworks, taxonomies, and AI control libraries tailored to MRM, CRO, and CDO functions. Responsible & Ethical AI: Integration of RAI principles into system design, controls, audit frameworks, and enterprise AI strategies. Cyber & Resilience in AI: Embedding threat modelling, adversarial robustness, data integrity, and continuity planning into AI solution architecture. AI Enablement & Delivery: End-to-end AI life cycle orchestration including readiness assessments, regulatory reviews, and business adoption. Emerging Technology Strategy: Digital responsibility, AI assurance, and horizon scanning for next-gen regulatory, legal, and societal risks. Experience liaising with senior stakeholders and external consultancies (PwC, Accenture, etc.) All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Imperial Recruitment Group are delighted to announce that we are working in partnership with Sembcorp Energy UK who are recruiting for an IT-OT Security Specialist on a permanent basis. Salary: Competitive Contract Type: Permanent Location: Wilton International Hours: Full Time Job Purpose This role works alongside the Cyber and Security Manager, coordinating with the ITSM team, to help embrace the development of a Cyber Resilience and Secure by design system. The ultimate goal is to build a unified team capable of performing all tasks in conjunction with the ITSM (NOC Manager) and Cyber and Security Manager (SOC Manager) to enable and underpin critical business services. This role is part of an out of hours support rota. Responsibilities: Accountable for the execution of Sembcorp s information security program thereby keeping IT (Information Technology) and OT (Operational Technology) assets safe from internal and external threats. Accountable for ensuring the confidentiality, integrity, and availability of company information resources by implementing and maintaining security controls, performing comprehensive security incident response, engaging in proactive threat assessment, mitigation planning, incident trend analysis, and security architecture review. Accountable for gap analysis and regular audits of OT environments to ensure compliance with company security requirements and industry security standards. Accountable for complex and speedy troubleshooting to minimise any network security threats to the company. Provide 2nd line IT support when and where required. IT Security Incident Management Coordinate and carry out the security incident management lifecycle including preparation, detection and analysis, containment, eradication and recovery. Coordinate incident handling and contingency planning activities. Incorporate lessons learned from ongoing incident handling activities into incident response procedures, training, and testing and implement resulting changes accordingly. Manage escalations in or out of normal business hours liaising with global internal and external service providers. Security Operations Daily support and security auditing of the firewall landscape. Support and audit remote access to internal company resources. Create and implement network hardening guidelines and procedures Maintain current awareness of technology trends, and act as a valued Subject Matter Expert in selecting and designing new solutions. Knowledge & Experience: Experience in managing: Windows 10, Microsoft Office 365 (SharePoint and Exchange Online in particular), Active Directory Good knowledge of GPO deployment and configuration Understanding of Firewall technologies Ability to troubleshoot IT related issues Understanding of industrial control systems HMI/SCADA Understanding of industrial control systems communication protocols Networking knowledge covering LAN/VLAN/WAN technologies A sound range of IT/OT skills, which need to be kept up to date in line with IT/OT developments in the business. Demonstrate the ability to acquire and apply new technical knowledge, be able to work without close supervision Understand NIST Understand ISO 27001 Cyber Resilience Disaster Recovery For more information on this opportunity please feel free to contact Imperial Recruitment Group. Imperial Recruitment Group is committed to being an equal opportunities employer. We celebrate diversity and are dedicated to creating an inclusive environment for all employees. We welcome applications from individuals of all backgrounds, experiences, and abilities, ensuring fair treatment throughout the recruitment process.
Oct 02, 2025
Full time
Imperial Recruitment Group are delighted to announce that we are working in partnership with Sembcorp Energy UK who are recruiting for an IT-OT Security Specialist on a permanent basis. Salary: Competitive Contract Type: Permanent Location: Wilton International Hours: Full Time Job Purpose This role works alongside the Cyber and Security Manager, coordinating with the ITSM team, to help embrace the development of a Cyber Resilience and Secure by design system. The ultimate goal is to build a unified team capable of performing all tasks in conjunction with the ITSM (NOC Manager) and Cyber and Security Manager (SOC Manager) to enable and underpin critical business services. This role is part of an out of hours support rota. Responsibilities: Accountable for the execution of Sembcorp s information security program thereby keeping IT (Information Technology) and OT (Operational Technology) assets safe from internal and external threats. Accountable for ensuring the confidentiality, integrity, and availability of company information resources by implementing and maintaining security controls, performing comprehensive security incident response, engaging in proactive threat assessment, mitigation planning, incident trend analysis, and security architecture review. Accountable for gap analysis and regular audits of OT environments to ensure compliance with company security requirements and industry security standards. Accountable for complex and speedy troubleshooting to minimise any network security threats to the company. Provide 2nd line IT support when and where required. IT Security Incident Management Coordinate and carry out the security incident management lifecycle including preparation, detection and analysis, containment, eradication and recovery. Coordinate incident handling and contingency planning activities. Incorporate lessons learned from ongoing incident handling activities into incident response procedures, training, and testing and implement resulting changes accordingly. Manage escalations in or out of normal business hours liaising with global internal and external service providers. Security Operations Daily support and security auditing of the firewall landscape. Support and audit remote access to internal company resources. Create and implement network hardening guidelines and procedures Maintain current awareness of technology trends, and act as a valued Subject Matter Expert in selecting and designing new solutions. Knowledge & Experience: Experience in managing: Windows 10, Microsoft Office 365 (SharePoint and Exchange Online in particular), Active Directory Good knowledge of GPO deployment and configuration Understanding of Firewall technologies Ability to troubleshoot IT related issues Understanding of industrial control systems HMI/SCADA Understanding of industrial control systems communication protocols Networking knowledge covering LAN/VLAN/WAN technologies A sound range of IT/OT skills, which need to be kept up to date in line with IT/OT developments in the business. Demonstrate the ability to acquire and apply new technical knowledge, be able to work without close supervision Understand NIST Understand ISO 27001 Cyber Resilience Disaster Recovery For more information on this opportunity please feel free to contact Imperial Recruitment Group. Imperial Recruitment Group is committed to being an equal opportunities employer. We celebrate diversity and are dedicated to creating an inclusive environment for all employees. We welcome applications from individuals of all backgrounds, experiences, and abilities, ensuring fair treatment throughout the recruitment process.