16 jobs found

Role Title: SNOW SIR Engineer Duration: contract to run until 30/11/2026 Location: Knutsford, Hybrid 3 days per week onsite Rate: up to £471.96 p/d Umbrella inside IR35 Role purpose/summary We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play a critical part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security, SOC, IT Operations, and Compliance teams to ensure security incidents are handled efficiently, consistently, and in line with organisational and regulatory requirements. Key Responsibilities ServiceNow SIR Implementation & Configuration Configure and customise the ServiceNow Security Incident Response (SIR) module to support end-to-end incident handling workflows. Design and implement security incident life cycle processes, including intake, triage, investigation, containment, eradication, and closure. Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer flows, and business rules to reduce manual effort and speed up response times. Collaboration with Security & IT Teams Act as a trusted technical partner to SOC analysts, Cyber Security teams, and IT Operations. Translate security and operational requirements into scalable ServiceNow solutions. Support security teams during active incidents, providing platform expertise and tooling support. Reporting, Metrics & Continuous Improvement Build dashboards and reports to track KPIs such as MTTR, incident volumes, severity trends, and SLA compliance. Support audit, compliance, and regulatory reporting requirements. Identify opportunities to improve incident response maturity through enhanced automation, tooling, and process refinement. Platform Governance & Best Practice Ensure configurations align with ServiceNow best practices and security standards. Support platform upgrades, patching, and module enhancements related to SecOps and SIR. Contribute to documentation, knowledge articles, and operational runbooks. Required Skills & Experience Technical Skills Proven hands-on experience implementing and supporting ServiceNow SIR within ServiceNow SecOps. Strong understanding of security incident response frameworks (eg NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion pipelines. Security & Operational Knowledge Good understanding of cyber threats, vulnerabilities, and incident response processes. Familiarity with SOC operations and security monitoring workflows. Ability to assess and prioritise incidents based on risk and impact. Professional Skills Strong stakeholder management and communication skills, able to work with both technical and non-technical teams. Analytical and problem-solving mindset with attention to detail. Ability to work calmly under pressure during critical incidents. Desirable Skills & Certifications ServiceNow Certified Implementation Specialist - Security Incident Response (preferred). ITIL or ITSM certification. Background in Cyber Security, SOC operations, or Security Engineering. Experience with ServiceNow Vulnerability Response or Threat Intelligence modules. All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!

Network Security Analyst required by a financial services organisation - responsible for influencing and shaping the overarching security strategy, and to recommend and adopt technologies to better safeguard the organisation. This role would be ideal opportunity for an Infrastructure specialist with cyber security knowledge looking for a role to specialise further in Cyber security. The role offers the opportunity for hybrid working with only 1 day a week required in office in a really welcoming and positive working environment. Our client offers a competitive salary and package which includes:- c£40K salary depending on experience Hybrid Working - mainly remote with 1 day per week required in office 35 Hour Week Private Healthcare Generous pension Free Onsite Parking 25 days holidays (rising with service) + 8 bank holidays plus other benefits. Key Skills & Experience: Prior experience of a cyber security role. Experience of a regulated or audited industry would be beneficial. Experience in managing Windows 11, Microsoft Office & Active Directory. Excellent working knowledge of Microsoft Group Policy and InTune configuration Excellent understanding of firewall (NGFW) and network technologies and configuration. Proficiently troubleshoot and resolve IT related issues A sound general range of IT skills, which need to be kept up to date in line with IT developments in the business. An excellent understanding of NIST, CIS, ISO27001 framework and controls Experience developing cyber resilience and disaster recovery Confidence to communicate effectively with all layers of the business, including the delivery of reports to management and training and best-practice guidance to all staff Drive efficiency through automation utilising PowerShell, with integration to Microsoft services such as Active Directory and Graph API Responsibilities: End to end management of phishing, through design, scheduling, reporting and training. Conduct staff training covering emerging threats, end-user best practices, phishing, password management and more. Vulnerability management life cycle including detection and remediation Maintain third party 24/7 SOC relationship and workflow approvals Engage in proactive threat assessment with support of the SOC Oversee access reviews across all systems with continued development Infrastructure best practice audit, development and maintenance including work on firewalls, networking, Microsoft Office 365, MDM and antivirus to reduce exposure Data Loss Prevention development and maintenance Maintaining server and end-user compute security in addition to MDM compliance Collaborate within the IT Team to develop security policies, hardening guidelines and department procedure guides Continue development in ISO27001 / CIS / NIST type frameworks ensuring industry best practices This is an excellent opportunity to join a professional working environment with exciting career development opportunities. The role is offered as a permanent role and will provide the incumbent the chance to develop their skills and experience. In return you will enjoy an attractive salary c£40K, a hybrid working environment and a range of benefits including a 35-hour week, healthcare, pension, and free onsite parking. Our client welcomes applications from a diverse background and encourages equality and inclusion in their workforce. Forward your CV to Elaine Hallworth and we will be back in touch to discuss the role and client further.

Security Assurance Analyst (Contractor) Reports To: Head of Information and Cyber Security Department: Information Security Location: London (Hybrid - 2 days per week onsite) Contract Type: Contract (3 months) Organisation: Financial Services Compensation Scheme (FSCS) About the Role We are seeking a Security Assurance Analyst to support a strategic sourcing programme within our Information Security function. This is a short-term, delivery-focused contract role centred on evaluating Security Operations Centre (SOC) service performance, conducting structured comparisons across service pillars, and producing clear, evidence-based assessment outputs to support a provider transition. You will work within a small, professional security team and will be expected to operate independently, delivering high-quality analysis and documentation to tight timescales. Key Responsibilities Review and critically evaluate SOC performance reporting across core service pillars, assessing quality, completeness, and relevance Define what meaningful performance measurement looks like across: Managed Detection and Response (MDR) Vulnerability Management Cyber Threat Intelligence Continuous Improvement Conduct structured comparisons of SOC provider performance, identifying material differences across key service dimensions Produce comparative performance assessments at agreed intervals during the transition and dual-running period, including: Detailed technical analysis Clear executive summaries for senior stakeholders Collaborate with the Project Manager, Legal advisers, and internal stakeholders to ensure outputs align with contractual and operational requirements Skills, Knowledge & Experience Solid understanding of SOC service delivery, including MDR, Vulnerability Management, and Cyber Threat Intelligence Experience reviewing, interpreting, and critically assessing security performance data and management information Strong analytical skills, with the ability to identify trends, gaps, and meaningful insights Excellent written communication skills, with the ability to produce clear, structured documentation for both technical and non-technical audiences Comfortable working independently in a fast-paced environment with minimal supervision Desirable: Experience supporting vendor assessments, supplier evaluations, or security sourcing programmes Familiarity with SOC performance metrics, SLAs, and service reporting frameworks Key Deliverables Comparative SOC performance assessments produced at agreed intervals throughout the transition and dual-running period Each deliverable to include: A detailed technical assessment A concise executive summary suitable for senior stakeholders We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention. Adecco is an employment consultancy. We put expertise, energy, and passion into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an all-encompassing environment that helps them thrive. Candidates will ideally show evidence of the above in their CV to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunity's employer. Please email me (url removed)

Job Purpose: This role is responsible for overseeing and enhancing the security of our IT systems, data, and networks. You will conduct regular security audits, assessments, and tests, and identify and resolve any vulnerabilities or breaches.You will also develop and implement security policies, procedures, and standards, and ensure compliance with the relevant laws and regulations, and train and educate employees on the best practices and awareness of IT security. Operating Environment: The role operates within the IT Services Team, The IT Services Team includes specialist staff delivering core outputs that are both external-facing and internal key enablers. Framework & Boundaries: The role is responsible for improving the quality, wellbeing and efficiency of our IT Security. The role has external-facing responsibilities and is required and authorised to act as a representative for the organisation. Key accountabilities: Monitor and Inspect: Regularly monitor the network for security threats or breaches. Policy Development: Develop and implement security policies and procedures to safeguard data and systems. Vulnerability Testing: Perform regular vulnerability testing and risk assessments to identify and mitigate security risks. Incident Response: Investigate security incidents and provide post-event analysis and recommendations. Security Tools Management: Manage and maintain Firewalls, intrusion detection and prevention systems, antivirus software, and other security tools. Compliance: Ensure compliance with industry regulations and standards. Training: Train technical and non-technical employees on security protocols, procedures, and best practices. Disaster Recovery: Participate in disaster recovery planning and testing to ensure business continuity in the event of a security incident. Job impact: Risk Mitigation: Implementing robust security measures to significantly reduce the risk of data breaches, cyber-attacks, and other security incidents. Proactive Threat Management: Identifying and addressing vulnerabilities before they can be exploited, thereby enhancing the overall security posture of the organisation. Ensuring that the organisation complies with relevant laws, regulations, and industry standards (eg, GDPR, HIPAA, PCI-DSS), thereby avoiding legal penalties and enhancing trust with stakeholders. Maintaining a state of readiness for security audits and assessments, ensuring that all security controls and measures are well-documented and effective. Developing and implementing disaster recovery plans to ensure business continuity in the event of a security incident or data loss. Efficiently managing and mitigating the impact of security incidents to minimise downtime and operational disruption. Knowledge and experience: Technical Proficiency: In-depth knowledge of network security software - Meraki Cloud, Cloudflare, Mimecast, encryption technologies, and other security hardware and software tools. Current Trends: Stay current with the latest trends in cybersecurity threats and defence strategies. Problem-Solving: Strong problem-solving skills and the ability to work well under pressure. Communication: Good communication skills to effectively train employees and coordinate with other departments. Functional/technical skills: Firewall Management: Proficiency in configuring and managing Firewalls to protect network boundaries. Intrusion Detection/Prevention Systems (IDS/IPS): Experience with IDS/IPS to monitor and respond to potential threats. VPNs and Remote Access: Knowledge of setting up and managing Virtual Private Networks (VPNs) and secure remote access solutions. Patch Management: Ability to manage and deploy security patches and updates to systems and applications. Endpoint Security: Experience with endpoint protection solutions, such as antivirus and anti-malware software. Proficiency in implementing and managing encryption technologies to protect data at rest and in transit. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found on our website.

Senior Cyber Security Analyst Location: London hybrid working IR35: Inside via Triumph Consultants you will be paid PAYE for the length of the 3 month contract It is essential for candidates to have advanced proficiency in using Splunk for security monitoring, log analysis, threat detection, and reporting The role: The Cyber Defence team at the delivers threat intelligence, threat detection, incident response, and vulnerability management to defend both internal IT infrastructure and citizen-facing services. They are looking for a Senior Cyber Security Analyst with proven experience in incident response and Splunk to take a leading role in strengthening the organisation's cyber defence capability. Key Accountabilities: Lead investigations into security alerts and cyber incidents. Perform forensic analysis of systems, files, network traffic, and cloud environments. Drive technical response actions including containment, eradication, and recovery. Coordinate cyber incident responses across teams and stakeholders. Identify lessons learned and embed continual improvement. Develop and update incident response playbooks and knowledge base articles. Act as an escalation point and mentor for security analysts. Provide leadership and line management within the team. Join the out-of-hours on-call rota to support 24/7 incident response. Key Criteria: 5+ years' experience investigating and responding to cyber incidents in large organisations. Strong track record with incident response coordination. Significant hands-on experience with Splunk and security tools (eg, EDR, SIEM). Analytical, problem-solving, and forensic investigation skills. Proven experience coaching or mentoring junior staff. Strong understanding of threat actor tools, techniques, and procedures. Experience of cloud environments such as AWS Excellent written and verbal communication skills. How to Apply Quote the Job Title and Reference Number in your application. Submit your CV in Word format. Applications are reviewed on a rolling basis-early submission is recommended. We will also add your details to our mail out lists. Please note you may receive details of roles outside of your immediate vicinity, as many candidates are able to relocate temporarily for work. Please disregard any such emails that are not of interest and let us know if you would rather not receive such mailouts and/or if you wish us to delete your details and prefer to apply direct to our advertised roles. If you do not hear from us within three working days, unfortunately your application has not been shortlisted on this occasion. Thank you for your interest in working with us.

SOC Analyst - Corsham - Circa 46,000 per annum - On-site (5 days per week) Permanent SC Clearance Required. Deerfoot Recruitment is working on behalf of a leading organisation seeking to hire an experienced SOC Analyst to join their Security Operations Centre based in Corsham . This is a full-time, on-site role requiring 5 days per week presence. The successful candidate will play a vital role in monitoring, analysing, and responding to security threats using tools such as Splunk, Flexera, and other industry-standard SIEM platforms. You'll investigate security incidents, coordinate with other IT and security teams, and support continuous improvement of threat detection and response processes. Key Requirements: Previous experience in a SOC Analyst or similar cybersecurity role Strong expertise in Splunk or similar SIEM tools Familiarity with Flexera for vulnerability management Understanding of firewalls, network protocols, intrusion detection/prevention systems Relevant certifications (e.g., CISSP, CEH, Splunk) advantageous Must be eligible for Developed Vetting (DV) clearance , requiring 10 years continuous UK residency Please Note: All offers will be subject to standard pre-employment checks including ID, employment history (last 3 years), immigration status, and an unspent criminal record check. This is an excellent opportunity to join a forward-thinking, inclusive environment with strong investment in training, development, and employee wellbeing. To apply or learn more, please contact us today at Deerfoot Recruitment . Deerfoot Recruitment Solutions Ltd is a leading independent tech recruitment consultancy in the UK. For every CV sent to clients, we donate 1 to The Born Free Foundation. We are a Climate Action Workforce in partnership with Ecologi. If this role isn't right for you, explore our referral reward program with payouts at interview and placement milestones. Visit our website for details. Deerfoot Recruitment Solutions Ltd is acting as an Employment Agency in relation to this vacancy.

My client are looking for a Cyber Security Analyst for an initial 3 month contract opportunity to start ASAP. IR35 Status: Inside IR35 Rate: Up to £800 per day Location: Hybrid - London Duration: Initial 3 months THIS ROLE REQUIRES AN ACTIVE SC CLEARANCE Essential Requirements: Threat Detection & Incident Response: Proven ability to monitor, detect, and respond to cybersecurity incidents using SIEM tools (eg, Splunk, Sentinel, QRadar). Vulnerability Management: Experience with vulnerability scanning, risk assessment, and remediation processes across network, cloud, and endpoint environments. Security Frameworks & Compliance: Working knowledge of NIST, ISO 27001, CIS Controls, and regulatory requirements (eg, GDPR, HIPAA, or SOC 2). A thorough understanding of HMG policies and guidance, especially regarding requirements and controls around the Government Security Policy Classification, mainly at OFFICIAL. Secured web applications and cloud infrastructure environments (AWS/Azure) against vulnerabilities, and applied common and innovative remediation techniques. Secured AWS components, in particular IAM, S3 and EC2. Knowledge of security monitoring, prevention and control systems including but not limited to Firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions. If you are interested, please apply with your most up to date CV. Lawrence Harvey is acting as an Employment Business in regards to this position.

Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources

Senior Vulnerability Analyst 50,000 - 57,000 + bonus and extensive benefits Full Time / Permanent West Midlands / Hybrid - 1-2 days a month in the office on average The Role and Company: I am looking for a driven Senior Vulnerability Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Senior Vulnerability Analyst you will be joining a highly skilled Cyber Defence team. As a key part if this team you will manage threats to the organisation and safeguard systems that enable the business to function safely and effectively. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities: Conducting regular vulnerability assessments using automated scanning tools, manual testing techniques, and security best practices to identify vulnerabilities in systems, networks, and applications Managing the lifecycle of vulnerabilities from discovery to remediation, including vulnerability triage, prioritisation, tracking, and reporting Analysing the impact and severity of identified vulnerabilities based on factors such as the likelihood of exploitation, potential impact on the organisation, and existing security controls Collaborating with system administrators, developers, and other stakeholders to develop and implement effective remediation plans to address identified vulnerabilities in a timely manner Working closely with IT teams to ensure that security patches and updates are applied promptly to mitigate known vulnerabilities and reduce the organisation's exposure to security risks Generating detailed vulnerability assessment reports, including findings, recommendations, and risk assessments, to communicate the status of vulnerabilities to management and stakeholders Providing guidance and training to employees on best practices for identifying and reporting security vulnerabilities, promoting a culture of security awareness within the organisation Experience required: Previous experience in a similar Vulnerability Management role preferably with experience in Operational Technology (OT) Skilled in cyber security, physical security, and risk management principles Excellent analytical and investigative skills Strong knowledge of the hardware and software systems in use across both IT and OT domains and the architectural arrangements in place to support management and operation of systems Ability to adapt to evolving threat landscapes Effective communication, critical thinking and problem-solving skills Must either hold SC clearance already or be eligible to obtain this if successful Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.

Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.

Job Title: Lead Security Solution Architect- PAM Location: Hybrid-London, UK (Days/Week Onsite) Duration: 6months+ 550GBP/Day Inside IR35 Project Overview CLIENT is working on a strategic Identity and Access Management programme and is re-shaping the way Authentication, Federation, Privileged Access Management, Access Governance, Secrets Management and API Security is done across the bank. One of the pillars of that programe is Privileged Access Management (PAM). CLIENT is working on uplifting controls and capabilities in privileged access for the Group and introducing the strategic password vaulting solution that will enable to meet strategic requirements. We are seeking an experienced Lead Security Solution Architect that can complement an existing team of Solution Architects to progress with designs of different components of the PAM solution and other supporting systems it will need to integrate with as part of the end-to-end journey. Security Solution Architects manage end-to-end solution design and are responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. Alongside the creation of high-level designs, Security Solution Architects will be required to record key decisions, design deviations, and technical risks and issues where appropriate. Security Solution Architects should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. The Lead Security Solution Architect will provide technical thought leadership and direction to their project team and may represent the project/programme as subject matter expert. This role will require someone experienced in managing a team of on-shore and off-shore resources to deliver High- and Low-level designs to the required quality and standard. Principal Preferred Requirements Cybersecurity Expertise: Significant experience and proven technical depth within one of the following domains of cybersecurity; security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud Broad background across information technology with the ability to communicate clearly with non-security technical SMEs at a comfortable level Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives Experience working in large-scale IT transformation programmes Experience working with PAM solutions such as CyberArk, Centrify, Delinea and OneIdentity Preparing end-to-end configuration of the strategic PAM capability - including on-prem deployments as well as Cloud native toolings Assisting in preparation of demonstrable journeys on the configured PAM tooling Platform & Technology: BizzDesign, Archi, or generic UML visualisation experience for high-level designs High proficiency and expertise in Jira for project & tasks management Working proficiency in Confluence for documentation Principal Accountabilities and Responsibilities Architecture & Design: Produce, manage, and update end-to-end solution designs in line with reference architecture & business requirements (including High and Low Level Designs Articulate and publish key design decision records and options to ensure all solutions follow a logical, transparent decision-making process Articulate, publish, and ensure approval of any design deviations resulting in technical debt Ensure any technical risks or issues arising from a solution design are recorded and mitigated. Produces, manages and translates the requirements into the architecture for that solution, ensuring technology and services meet the customer needs and expected business outcomes Ensures the design of the solutions are efficient, timely and cost effective throughout the project life cycle Clear understanding of both the motivations of the business and technical security Promote strong documentation and clerkship Governance: Ensures all high-level designs, architecture patterns, decision records, deviation requests, and technical risks or issue records undergo architectural and project governance processes Ensure all architecture artefacts undergo appropriate peer review prior to design authority presentation Present publications at technical design authorities for input, feedback, and approval Risk and Dependency Management: Effectively manages and escalates both technical and project risks or issues Articulates solutions and remediation steps to technical risks & issues Ability to map design decisions to resultant technical risks & issues to articulate the cause and rationale which leads to any negatively impacting change Leadership & Teamwork Provides technical thought leadership to the Design Team and the Project Ability to manage a project team of technical architects, engineers, and/or analysts Ability to take a deputised role in programme management-related tasks where necessary Qualifications & Certifications: Masters or doctorate degree in cybersecurity, computer science, software engineering, or related field CISSP/CISM certification or other broad cybersecurity industry-recognised certificate SABSA or TOGAF certified preferred Priyanka Sharma Senior Delivery Consultant

Launch Your Cyber Security Career - Job Guaranteed! Cyber attacks are rising, and companies need skilled professionals now more than ever. With Newto Training's Cyber Security Career Programme, you'll gain 4 top certifications (Azure Fundamentals, CompTIA Security+, CompTIA CySA+, Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per month We guarantee you will be offered a job upon completion, or we will refund you 100% of your course fees.

Launch Your Cyber Security Career - Job Guaranteed! Cyber attacks are rising, and companies need skilled professionals now more than ever. With Newto Training's Cyber Security Career Programme, you'll gain 4 top certifications (Azure Fundamentals, CompTIA Security+, CompTIA CySA+, Forescout FSCA) plus real-world project work that doubles as hands-on experience. 100+ hours of live training Practical skills in troubleshooting, networking (Cisco), Azure cloud, Splunk SIEM & Tenable vulnerability management Job guarantee with our hiring partners Get certified, get experience, get hired. Apply today and start your journey into cyber security. Course cost - £2795, or, £232.91 per month We guarantee you will be offered a job upon completion, or we will refund you 100% of your course fees.

Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.