We are seeking a Technical GRC Analyst to support the day-to-day operation of our governance, risk, compliance, and security assurance processes within a growing EdTech SaaS environment. This role will focus on administering established policies and workflows, coordinating compliance and security activities, handling requests from across the business, and performing risk assessments particularly where personal data, information security, and GDPR considerations are involved. You will play a key role in ensuring that our systems, processes, security tooling, and third-party relationships meet our security, compliance, and data protection standards. Working closely with the IT & Information Security Manager and wider IT team, you will help maintain audit readiness, support operational security assurance activities, and coordinate remediation and evidence management across the organisation. The role offers exposure across governance, operational security assurance, compliance, and risk management within a growing SaaS environment. Key Responsibilities Administer and operate IT risk, compliance, and security assurance processes aligned to internal policies and regulatory requirements (including GDPR) Act as a central point of contact for compliance-related requests (e.g. Subject Access Requests (SARs), data sharing requests, access requests, exceptions, and supplier onboarding) Perform risk assessments using defined criteria, with a focus on data protection and information security risks Review requests against defined policies and controls, escalating where appropriate in line with internal governance processes Support third-party / supplier risk assessments, including reviewing security and data protection documentation and tracking follow-up actions Support periodic reviews of high-risk and business-critical suppliers, applications, and technology platforms to ensure appropriate security, compliance, and data protection controls remain in place Support the implementation and ongoing operation of compliance and assurance tooling (Vanta), including evidence collection, test management, stakeholder coordination, remediation tracking, and control adoption activities. Ensure appropriate documentation, audit trails, and evidence are maintained for assessments, compliance activities, and operational processes Support internal and external audits (e.g. ISO 27001), including evidence gathering, action tracking, and coordination of remediation activities Monitor compliance with policies and highlight potential risks, gaps, or control weaknesses for review Support coordination and operational delivery of security improvement initiatives across IT and business teams. Support incident management processes through documentation, tracking, and coordination of follow-up actions Coordinate security awareness activities, including phishing simulation campaigns and training tracking Assist with reviews of security tooling configurations and collection of supporting control evidence Work closely with engineering, product, and business teams to ensure compliance and security processes are understood and followed Contribute ideas and feedback to improve workflows and operational processes, particularly where they impact scalability, operational efficiency, or customer trust Skills & Experience Essential: Experience in IT risk, compliance, or GRC roles within a SaaS or technology environment Understanding of GDPR and handling of personal data (especially sensitive or child/student data) Experience performing risk assessments using structured frameworks and defined processes Ability to interpret policies and apply them to operational and real-world scenarios Strong organisational, coordination, and documentation skills (audit trails, evidence, decision logs) Experience working with cross-functional teams (e.g. engineering, product, operations) Experience supporting operational security assurance activities, such as evidence collection, control validation, remediation tracking, or audit preparation Desirable: Familiarity with ISO 27001, Cyber Essentials, or similar frameworks Experience supporting audits, evidence collection, or remediation tracking activities Experience with vendor / third-party risk management Exposure to data protection processes (e.g. SARs, DPIAs, data sharing assessments) Exposure to data classification, data governance, or data loss prevention (DLP) processes Experience with GRC, compliance, or assurance platforms (e.g. Vanta, Drata) and ticketing/workflow management tools Exposure to Microsoft 365 security and compliance tooling (e.g. Entra ID, Intune, Secure Score, Defender) Basic understanding of cloud/SaaS architecture and common security controls Key Behaviours: Pragmatic approach to risk, with the ability to balance compliance requirements with business needs Comfortable assessing requests against defined policies and escalating concerns where appropriate Confident communicating risks, issues, and follow-up actions to stakeholders Detail-oriented, with a strong focus on documentation, evidence quality, and traceability Organised and proactive, with the ability to manage multiple tasks and follow through on actions Able to operate independently within established processes and governance frameworks Collaborative approach to working with technical and non-technical teams Bromcom is an equal opportunities employer.
Jun 15, 2026
Full time
We are seeking a Technical GRC Analyst to support the day-to-day operation of our governance, risk, compliance, and security assurance processes within a growing EdTech SaaS environment. This role will focus on administering established policies and workflows, coordinating compliance and security activities, handling requests from across the business, and performing risk assessments particularly where personal data, information security, and GDPR considerations are involved. You will play a key role in ensuring that our systems, processes, security tooling, and third-party relationships meet our security, compliance, and data protection standards. Working closely with the IT & Information Security Manager and wider IT team, you will help maintain audit readiness, support operational security assurance activities, and coordinate remediation and evidence management across the organisation. The role offers exposure across governance, operational security assurance, compliance, and risk management within a growing SaaS environment. Key Responsibilities Administer and operate IT risk, compliance, and security assurance processes aligned to internal policies and regulatory requirements (including GDPR) Act as a central point of contact for compliance-related requests (e.g. Subject Access Requests (SARs), data sharing requests, access requests, exceptions, and supplier onboarding) Perform risk assessments using defined criteria, with a focus on data protection and information security risks Review requests against defined policies and controls, escalating where appropriate in line with internal governance processes Support third-party / supplier risk assessments, including reviewing security and data protection documentation and tracking follow-up actions Support periodic reviews of high-risk and business-critical suppliers, applications, and technology platforms to ensure appropriate security, compliance, and data protection controls remain in place Support the implementation and ongoing operation of compliance and assurance tooling (Vanta), including evidence collection, test management, stakeholder coordination, remediation tracking, and control adoption activities. Ensure appropriate documentation, audit trails, and evidence are maintained for assessments, compliance activities, and operational processes Support internal and external audits (e.g. ISO 27001), including evidence gathering, action tracking, and coordination of remediation activities Monitor compliance with policies and highlight potential risks, gaps, or control weaknesses for review Support coordination and operational delivery of security improvement initiatives across IT and business teams. Support incident management processes through documentation, tracking, and coordination of follow-up actions Coordinate security awareness activities, including phishing simulation campaigns and training tracking Assist with reviews of security tooling configurations and collection of supporting control evidence Work closely with engineering, product, and business teams to ensure compliance and security processes are understood and followed Contribute ideas and feedback to improve workflows and operational processes, particularly where they impact scalability, operational efficiency, or customer trust Skills & Experience Essential: Experience in IT risk, compliance, or GRC roles within a SaaS or technology environment Understanding of GDPR and handling of personal data (especially sensitive or child/student data) Experience performing risk assessments using structured frameworks and defined processes Ability to interpret policies and apply them to operational and real-world scenarios Strong organisational, coordination, and documentation skills (audit trails, evidence, decision logs) Experience working with cross-functional teams (e.g. engineering, product, operations) Experience supporting operational security assurance activities, such as evidence collection, control validation, remediation tracking, or audit preparation Desirable: Familiarity with ISO 27001, Cyber Essentials, or similar frameworks Experience supporting audits, evidence collection, or remediation tracking activities Experience with vendor / third-party risk management Exposure to data protection processes (e.g. SARs, DPIAs, data sharing assessments) Exposure to data classification, data governance, or data loss prevention (DLP) processes Experience with GRC, compliance, or assurance platforms (e.g. Vanta, Drata) and ticketing/workflow management tools Exposure to Microsoft 365 security and compliance tooling (e.g. Entra ID, Intune, Secure Score, Defender) Basic understanding of cloud/SaaS architecture and common security controls Key Behaviours: Pragmatic approach to risk, with the ability to balance compliance requirements with business needs Comfortable assessing requests against defined policies and escalating concerns where appropriate Confident communicating risks, issues, and follow-up actions to stakeholders Detail-oriented, with a strong focus on documentation, evidence quality, and traceability Organised and proactive, with the ability to manage multiple tasks and follow through on actions Able to operate independently within established processes and governance frameworks Collaborative approach to working with technical and non-technical teams Bromcom is an equal opportunities employer.
Role: Finance and Procurement Manager Employer: Single Source Regulations Office Sector: Non-Departmental Public Body Location: London / Hybrid / Remote Salary: Up to £59,000 (pro rata) and Civil Service Pension + up to Zones 1-6 London oyster card + 30 days holiday plus bank holidays (pro rata) Closing Date: 26 June 2026 Interviews planned for: W/c 6 July 2026 Working pattern: Part-time (0.8 FTE). The SSRO welcomes flexible working arrangements. Introduction The Single Source Regulations Office (SSRO) is an executive non-departmental public body that supports the regulatory framework for single source defence contracts established by Part 2 of the Defence Reform Act 2014. It plays a key role in the regulation of the UK government's 'single source,' or non-competitive, procurement of military goods, works and services. The framework places controls on the prices of qualifying defence contracts and requires greater transparency from defence contractors. In conducting its functions, the SSRO aims to ensure that government obtains good value for money in its expenditure on qualifying defence contracts, and that contractors are paid fair and reasonable prices. By working for the SSRO you will be an important part of a dynamic organisation. Our staff have a range of professional skills and include accountants, analysts, economists, researchers, and military experts. The SSRO is seeking a qualified accountant with experience in preparing and managing a corporate budget. This role involves managing a tight budget and provides an opportunity to tackle complex transactions working in an outsourced system environment. You will also be required to provide advice on the SSRO's financial policies and ensuring compliance across the organisation. Working with the Head of Corporate Services, this role will also provide end-to-end procurement support for the organisation's purchasing of goods and services. Whilst a procurement qualification is not needed for this role, some procurement experience (ideally gained in the public sector) is required. Role Responsibilities Finance Lead on the preparation of the SSRO's corporate budget and the subsequent management of it. Ensuring regular review of expenditure takes place; developing relationships with budget holders and/or managers within SSRO and understanding their priorities and spending plans; providing advice and guidance. Communicating and interpreting of financial data to non-financial managers to facilitate monitoring of annual spend outturn on projects and long-term contracts; Production of monthly, quarterly and annual budgets and forecast reporting. Liaising with budget holders and/or managers to collate information and identify key financial risks, pressures and opportunities. Adminstration of the quarterly drawdown of Grant-In-Aid funding. Providing input into the development of and then ensuring compliance with finance and procurement policies and procedures. Lead on the production of the Remunertion Report for inclusion in the Annual Report and Accounts. Assist with the management of the outsourced finance and payroll contract and supplier. Liaise with internal and external auditors on matters relating to the budget and remuneration report. Provide cover, as needed for the Finance Manager. Procurement Provide end-to-end procurement support activity, while identifying and managing procurement risks, including: supporting service managers in identifying appropriate routes to market, production of procurement project plans, securing internal approvals and managing any market pre-engagement. preparing and issuing procurement documentation and co-ordinating communications with bidders. supporting evaluation panels, assisting the Legal Team with any contract negotiations and making the contract award; and fulfilling relevant transparency requirements, including the publishing of notices and compliance with relevant government procurement policy. Contribute to the review and development of the SSRO's Procurement Strategy, policy and processes. Undertake periodic reviews and updating of the SSRO's procurement policy and procedures. Manage the SSRO's Contract Register and contract management processes. Liaise with internal and external auditors on matters relating to procurement. General Engage actively with internal and external stakeholders and work closely with them. Manage and maintain effective relationships. Actively learn and develop your skills and experience. Act with integrity, apply the SSRO's governance procedures, and promote good governance. Make best use of available technology and contribute to the delivery of new and innovative ways to deliver our work that improve quality and efficiency. Promote the SSRO's values. Undertake such other duties as the SSRO may require, in line with business need. Support working relationships with the MOD sponsor team, the internal audit function, NAO and HM Treasury. Represent the SSRO in meetings and other forums as requested. Participate actively and constructively in discussions in line with the SSRO's vision, values, objectives, and priorities. What skills do I need to be effective in this role? Essential criteria AAT qualified or Part qualified accountant e.g., CAB, ACA, CIMA, ACCA, CIPFA or equivalent Experience of financial planning, budgeting, forecasting and supporting senior management with decision making. Experience of supporting end-to-end procurement activity. Strong financial analytical skills with the ability to interpret data, generate insights and construct solutions. Good communication skills with the ability to explain financial data to non-financial managers. Intermediate excel skills. Demonstrable ability to meet deadlines and a "can do" attitude with the willingness and ability to work flexibly and undertake a wide variety of activities. A natural team player who can interact easily with colleagues and have strong communication skills. An ability to switch between tasks, to quickly get up-to-speed on new subjects and to deliver to sometimes challenging timetables, consistently delivering high quality and robust advice and support. Strong communication skills, with ability to explain and defend a position to a variety of audiences and to express procurement issues in easy-to-understand plain English. A team player who enjoys and has experience of working collaboratively with others. An ability to build strong working relationships, internally and externally, and to engage with stakeholders at all levels in business and government. Desirable criteria Relevant professional qualification(s), or part qualification in procurement and supply. A good understanding of the defence sector. Experience of contract relationship management, and an understanding of how that can deliver and improve value for money. Experience of working in a similarly sized and funded NDPB, or a public body would be an advantage but is not essential Security clearance The role will require you to undergo and successfully secure national security vetting and obtain Security Check (SC) clearance. Applying for the position To apply for the position, please submit both of the following: A covering letter of no more than 1000 words (font size 12), clearly explaining how you meet the essential and desirable criteria as outlined above, using appropriate examples; and Your CV, setting out your qualifications and experience. This should clearly include any professional bodies of which you are a member. Applications that do not contain both covering letter and CV may be rejected. The SSRO embraces diversity and promotes equal opportunities. We recruit by merit based on fair and open competition. Contact point for applicants:
Jun 15, 2026
Full time
Role: Finance and Procurement Manager Employer: Single Source Regulations Office Sector: Non-Departmental Public Body Location: London / Hybrid / Remote Salary: Up to £59,000 (pro rata) and Civil Service Pension + up to Zones 1-6 London oyster card + 30 days holiday plus bank holidays (pro rata) Closing Date: 26 June 2026 Interviews planned for: W/c 6 July 2026 Working pattern: Part-time (0.8 FTE). The SSRO welcomes flexible working arrangements. Introduction The Single Source Regulations Office (SSRO) is an executive non-departmental public body that supports the regulatory framework for single source defence contracts established by Part 2 of the Defence Reform Act 2014. It plays a key role in the regulation of the UK government's 'single source,' or non-competitive, procurement of military goods, works and services. The framework places controls on the prices of qualifying defence contracts and requires greater transparency from defence contractors. In conducting its functions, the SSRO aims to ensure that government obtains good value for money in its expenditure on qualifying defence contracts, and that contractors are paid fair and reasonable prices. By working for the SSRO you will be an important part of a dynamic organisation. Our staff have a range of professional skills and include accountants, analysts, economists, researchers, and military experts. The SSRO is seeking a qualified accountant with experience in preparing and managing a corporate budget. This role involves managing a tight budget and provides an opportunity to tackle complex transactions working in an outsourced system environment. You will also be required to provide advice on the SSRO's financial policies and ensuring compliance across the organisation. Working with the Head of Corporate Services, this role will also provide end-to-end procurement support for the organisation's purchasing of goods and services. Whilst a procurement qualification is not needed for this role, some procurement experience (ideally gained in the public sector) is required. Role Responsibilities Finance Lead on the preparation of the SSRO's corporate budget and the subsequent management of it. Ensuring regular review of expenditure takes place; developing relationships with budget holders and/or managers within SSRO and understanding their priorities and spending plans; providing advice and guidance. Communicating and interpreting of financial data to non-financial managers to facilitate monitoring of annual spend outturn on projects and long-term contracts; Production of monthly, quarterly and annual budgets and forecast reporting. Liaising with budget holders and/or managers to collate information and identify key financial risks, pressures and opportunities. Adminstration of the quarterly drawdown of Grant-In-Aid funding. Providing input into the development of and then ensuring compliance with finance and procurement policies and procedures. Lead on the production of the Remunertion Report for inclusion in the Annual Report and Accounts. Assist with the management of the outsourced finance and payroll contract and supplier. Liaise with internal and external auditors on matters relating to the budget and remuneration report. Provide cover, as needed for the Finance Manager. Procurement Provide end-to-end procurement support activity, while identifying and managing procurement risks, including: supporting service managers in identifying appropriate routes to market, production of procurement project plans, securing internal approvals and managing any market pre-engagement. preparing and issuing procurement documentation and co-ordinating communications with bidders. supporting evaluation panels, assisting the Legal Team with any contract negotiations and making the contract award; and fulfilling relevant transparency requirements, including the publishing of notices and compliance with relevant government procurement policy. Contribute to the review and development of the SSRO's Procurement Strategy, policy and processes. Undertake periodic reviews and updating of the SSRO's procurement policy and procedures. Manage the SSRO's Contract Register and contract management processes. Liaise with internal and external auditors on matters relating to procurement. General Engage actively with internal and external stakeholders and work closely with them. Manage and maintain effective relationships. Actively learn and develop your skills and experience. Act with integrity, apply the SSRO's governance procedures, and promote good governance. Make best use of available technology and contribute to the delivery of new and innovative ways to deliver our work that improve quality and efficiency. Promote the SSRO's values. Undertake such other duties as the SSRO may require, in line with business need. Support working relationships with the MOD sponsor team, the internal audit function, NAO and HM Treasury. Represent the SSRO in meetings and other forums as requested. Participate actively and constructively in discussions in line with the SSRO's vision, values, objectives, and priorities. What skills do I need to be effective in this role? Essential criteria AAT qualified or Part qualified accountant e.g., CAB, ACA, CIMA, ACCA, CIPFA or equivalent Experience of financial planning, budgeting, forecasting and supporting senior management with decision making. Experience of supporting end-to-end procurement activity. Strong financial analytical skills with the ability to interpret data, generate insights and construct solutions. Good communication skills with the ability to explain financial data to non-financial managers. Intermediate excel skills. Demonstrable ability to meet deadlines and a "can do" attitude with the willingness and ability to work flexibly and undertake a wide variety of activities. A natural team player who can interact easily with colleagues and have strong communication skills. An ability to switch between tasks, to quickly get up-to-speed on new subjects and to deliver to sometimes challenging timetables, consistently delivering high quality and robust advice and support. Strong communication skills, with ability to explain and defend a position to a variety of audiences and to express procurement issues in easy-to-understand plain English. A team player who enjoys and has experience of working collaboratively with others. An ability to build strong working relationships, internally and externally, and to engage with stakeholders at all levels in business and government. Desirable criteria Relevant professional qualification(s), or part qualification in procurement and supply. A good understanding of the defence sector. Experience of contract relationship management, and an understanding of how that can deliver and improve value for money. Experience of working in a similarly sized and funded NDPB, or a public body would be an advantage but is not essential Security clearance The role will require you to undergo and successfully secure national security vetting and obtain Security Check (SC) clearance. Applying for the position To apply for the position, please submit both of the following: A covering letter of no more than 1000 words (font size 12), clearly explaining how you meet the essential and desirable criteria as outlined above, using appropriate examples; and Your CV, setting out your qualifications and experience. This should clearly include any professional bodies of which you are a member. Applications that do not contain both covering letter and CV may be rejected. The SSRO embraces diversity and promotes equal opportunities. We recruit by merit based on fair and open competition. Contact point for applicants:
Locations: London, Manchester, Cardiff At Engine by Starling, we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. You'll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a hands-on role, ideally suited to someone who can engage with stakeholders across our business. What you'll get to do: Compliance Management: Support the day-to-day management of our compliance programs, with a primary focus on ISO 27001 , SOC 2 , and PCI DSS/3DS . Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings. Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. You'll also assist in developing and monitoring risk treatment plans. Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements. Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness. Cross-Functional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture. Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes. Requirements Essential A minimum of 3 years of experience in an information security role. Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS. Strong skills in security metrics and reporting. Experience with audit processes and evidence collection. A proactive, organized, and detail-oriented approach to your work. Experience with GRC software is a plus. Desired qualifications, if you have some of these great! CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 45 mins with BISO Stage 2 - 60 min with Team Members Stage 3 - Final with CTO Benefits 33 days holiday (including public holidays, which you can take when it works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Incentives refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Engine by Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Jun 15, 2026
Full time
Locations: London, Manchester, Cardiff At Engine by Starling, we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of one of our offices so that we're able to interact and collaborate in person. About the Role In this role you will be instrumental in helping us maintain and mature our governance, risk, and compliance program. You'll play a crucial part in ensuring our ongoing adherence to security standards and regulations, building a foundation of trust for our clients and stakeholders. This is a hands-on role, ideally suited to someone who can engage with stakeholders across our business. What you'll get to do: Compliance Management: Support the day-to-day management of our compliance programs, with a primary focus on ISO 27001 , SOC 2 , and PCI DSS/3DS . Audit Support: Act as a key liaison for internal and external auditors, helping to gather evidence, prepare for audits, and track the timely remediation of any findings. Risk Management: Participate in our risk assessment process, helping to identify, analyse, and document information security risks. You'll also assist in developing and monitoring risk treatment plans. Policy & Procedure Maintenance: Help to develop, update, and maintain our information security policies, standards, and procedures to ensure they are current, accurate, and aligned with compliance requirements. Evidence Collection & Review: Automate and streamline the collection of evidence for our various compliance frameworks to ensure audit readiness. Cross-Functional Collaboration: Work closely with our Engineering, Product and Security Operations teams to embed security controls into our processes and culture. Continuous Improvement: Identify opportunities to improve the effectiveness and efficiency of our GRC program and related processes. Requirements Essential A minimum of 3 years of experience in an information security role. Proven experience in supporting and managing compliance efforts for ISO 27001, SOC 2, and PCI DSS. Strong skills in security metrics and reporting. Experience with audit processes and evidence collection. A proactive, organized, and detail-oriented approach to your work. Experience with GRC software is a plus. Desired qualifications, if you have some of these great! CompTIA Security+ Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Security Professional (CISSP) Interviewing is a two way process and we want you to have the time and opportunity to get to know us, as much as we are getting to know you! Our interviews are conversational and we want to get the best from you, so come with questions and be curious. In general you can expect the below, following a chat with one of our Talent Team: Stage 1 - 45 mins with BISO Stage 2 - 60 min with Team Members Stage 3 - Final with CTO Benefits 33 days holiday (including public holidays, which you can take when it works best for you) An extra day's holiday for your birthday Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off 16 hours paid volunteering time a year Salary sacrifice, company enhanced pension scheme Life insurance at 4x your salary & group income protection Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton Generous family-friendly policies Incentives refer a friend scheme Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing About Us You may be put off applying for a role because you don't tick every box. Forget that! While we can't accommodate every flexible working request, we're always open to discussion. So, if you're excited about working with us, but aren't sure if you're 100% there yet, get in touch anyway. We're on a mission to radically reshape banking - and that starts with our brilliant team. Whatever came before, we're proud to bring together people of all backgrounds and experiences who love working together to solve problems. Engine by Starling is an equal opportunity employer, and we're proud of our ongoing efforts to foster diversity & inclusion in the workplace. Individuals seeking employment at Engine by Starling are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law. When you provide us with this information, you are doing so at your own consent, with full knowledge that we will process this personal data in accordance with our Privacy Notice. By submitting your application, you agree that Engine by Starling and Starling will collect your personal data for recruiting and related purposes. Our Privacy Notice explains what personal information we will process, where we will process your personal information, its purposes for processing your personal information, and the rights you can exercise over our use of your personal information.
Information Security Analyst 6 months Contract Outside IR35 A client is looking for an experienced Information Security analyst to own the full end to end onboarding of a new third party risk management (TPRM) tool. The role will focus on supplier due diligence, risk assessments, security control reviews, continuous monitoring, audit support, remediation tracking, and technology risk reporting across the wider estate. Key Responsibilities of the Information Security Analyst: Managing and supporting the end-to-end TPRM lifecycle Conducting supplier due diligence and risk assessments Reviewing security controls, contractual clauses, and exit strategies Supporting continuous monitoring and supplier assurance activities Assisting with internal and external technology audits Coordinating audit evidence, remediation tracking, and management responses Producing risk reporting, dashboards, and stakeholder updates Skills and Experience of the Information Security Analyst: Proven experience in Information Security and Governance, Risk and Compliance (GRC). Experience managing the full lifecycle of Third-Party Risk Management Systems Strong working understanding of supplier risk assessments, audit processes, and security controls. Knowledge of deployment and tailoring systems within a business is desirable Confident stakeholder engagement and communication skills The Successful Information Security Analyst will be expected to work 2 / 3 days a week onsite. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment
Jun 12, 2026
Contractor
Information Security Analyst 6 months Contract Outside IR35 A client is looking for an experienced Information Security analyst to own the full end to end onboarding of a new third party risk management (TPRM) tool. The role will focus on supplier due diligence, risk assessments, security control reviews, continuous monitoring, audit support, remediation tracking, and technology risk reporting across the wider estate. Key Responsibilities of the Information Security Analyst: Managing and supporting the end-to-end TPRM lifecycle Conducting supplier due diligence and risk assessments Reviewing security controls, contractual clauses, and exit strategies Supporting continuous monitoring and supplier assurance activities Assisting with internal and external technology audits Coordinating audit evidence, remediation tracking, and management responses Producing risk reporting, dashboards, and stakeholder updates Skills and Experience of the Information Security Analyst: Proven experience in Information Security and Governance, Risk and Compliance (GRC). Experience managing the full lifecycle of Third-Party Risk Management Systems Strong working understanding of supplier risk assessments, audit processes, and security controls. Knowledge of deployment and tailoring systems within a business is desirable Confident stakeholder engagement and communication skills The Successful Information Security Analyst will be expected to work 2 / 3 days a week onsite. Apply now to speak with VIQU IT in confidence. Or reach out to Matt Farrell via the VIQU IT website. Do you know someone great? We ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on IT Recruitment
Salesforce Business Analyst 75,000- 80,000 Hybrid South West England Role Overview We are looking for an experienced Salesforce Business Analyst to support the governance, optimisation, and continuous improvement of the Salesforce platform. You will work closely with business stakeholders, delivery teams, architects, QA, and Information Security to ensure Salesforce processes, controls, and solutions are effectively managed and aligned to business requirements. Key Responsibilities Gather, analyse, and document business and functional requirements. Support Salesforce governance, standards, and compliance activities. Document business processes, workflows, and operating procedures. Produce governance reporting, management information (MI), and control evidence. Perform assurance activities including access reviews and platform assessments. Support risk management, audit readiness, and remediation activities. Collaborate with cross-functional teams to deliver scalable Salesforce solutions. Drive continuous improvement across Salesforce processes and governance. Required Skills & Experience 8-10+ years' experience as a Business Analyst within Salesforce environments. Strong Salesforce functional knowledge and hands-on declarative configuration experience including: Flows Validation Rules Objects & Fields Page Layouts Workflows Experience gathering and translating business requirements into functional solutions. Strong understanding of Salesforce governance, controls, and compliance processes. Experience working within Agile/Scrum delivery environments. Excellent stakeholder management, communication, and facilitation skills. Strong analytical and problem-solving abilities. Ability to work effectively in fast-paced, changing environments. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
Jun 12, 2026
Full time
Salesforce Business Analyst 75,000- 80,000 Hybrid South West England Role Overview We are looking for an experienced Salesforce Business Analyst to support the governance, optimisation, and continuous improvement of the Salesforce platform. You will work closely with business stakeholders, delivery teams, architects, QA, and Information Security to ensure Salesforce processes, controls, and solutions are effectively managed and aligned to business requirements. Key Responsibilities Gather, analyse, and document business and functional requirements. Support Salesforce governance, standards, and compliance activities. Document business processes, workflows, and operating procedures. Produce governance reporting, management information (MI), and control evidence. Perform assurance activities including access reviews and platform assessments. Support risk management, audit readiness, and remediation activities. Collaborate with cross-functional teams to deliver scalable Salesforce solutions. Drive continuous improvement across Salesforce processes and governance. Required Skills & Experience 8-10+ years' experience as a Business Analyst within Salesforce environments. Strong Salesforce functional knowledge and hands-on declarative configuration experience including: Flows Validation Rules Objects & Fields Page Layouts Workflows Experience gathering and translating business requirements into functional solutions. Strong understanding of Salesforce governance, controls, and compliance processes. Experience working within Agile/Scrum delivery environments. Excellent stakeholder management, communication, and facilitation skills. Strong analytical and problem-solving abilities. Ability to work effectively in fast-paced, changing environments. If you receive suspicious outreach claiming to be from us, please contact us via the ManpowerGroup website.
About Scrumconnect At Scrumconnect, we are a people-first digital consultancy that partners with government and private sector organisations to design, build, and deliver user-centred digital services. We bring together multidisciplinary teams of consultants, designers, engineers, researchers, and data specialists to solve complex challenges and create meaningful outcomes for millions of users. We are passionate about delivering high-quality digital solutions that improve public services, drive innovation, and create lasting impact. Our culture is built on collaboration, continuous learning, inclusivity, and excellence. About the Role Scrumconnect is seeking an experienced Data Lead to lead the development and execution of a strategic data vision for a large-scale government programme supporting services used by millions of citizens. This role will be responsible for assessing the current data landscape, defining the future-state architecture and operating model, and creating a roadmap that enables data-driven decision making, operational excellence, and regulatory compliance. The successful candidate will provide both strategic leadership and technical direction while helping shape and scale the data capability required to deliver long-term transformation. Working closely with senior stakeholders, delivery teams, architects, and data specialists, you will ensure that data platforms, governance frameworks, and analytical capabilities align with organisational objectives and government standards. Key Responsibilities Data Strategy & Governance Lead the development and execution of the overall data strategy. Assess and document current ("as-is") data capabilities, platforms, processes, and governance arrangements. Define the target ("to-be") data architecture, operating model, and roadmap. Establish and maintain data governance frameworks, standards, policies, and best practices. Ensure alignment with wider government data strategies and organisational objectives. Promote a culture of data-driven decision making across programmes and stakeholders. Technical Leadership & Architecture Provide technical leadership across data engineering, analytics, and data science initiatives. Define and evolve data architecture, engineering standards, tools, and methodologies. Design scalable, secure, and resilient cloud-based data solutions. Oversee the implementation of data platforms, ETL/ELT pipelines, and analytical solutions. Ensure data services meet both functional and non-functional requirements, including security, performance, and scalability. Drive continuous improvement of data engineering and analytical capabilities. Team Leadership & Delivery Define the optimal team structure, skills, and capabilities required to deliver the data strategy. Lead multidisciplinary teams including data engineers, analysts, data scientists, and architects. Mentor and support team members to foster technical excellence and professional growth. Collaborate with delivery partners and stakeholders to identify and onboard specialist expertise when required. Ensure successful delivery of strategic data initiatives within agreed timelines and budgets. Data Quality, Compliance & Security Implement robust data quality, lineage, metadata, and governance practices. Ensure compliance with GDPR, security policies, government standards, and regulatory requirements. Establish monitoring and reporting mechanisms to maintain data integrity and reliability. Support audits, risk assessments, and compliance activities. Champion secure-by-design and privacy-by-design principles across all data initiatives. Stakeholder Engagement Build strong relationships with senior stakeholders across business and technical teams. Translate complex technical concepts into clear business outcomes and recommendations. Present strategic plans, progress updates, and key insights to executive audiences. Facilitate workshops and decision-making sessions to drive alignment and delivery. Essential Skills & Experience Data Leadership Significant experience leading data engineering, analytics, or data science functions within complex organisations. Proven track record of developing and delivering enterprise-wide data strategies. Experience establishing data governance frameworks and operating models. Technical Expertise Strong experience with AWS cloud services and modern data platforms. Expertise in designing and implementing scalable data architectures and engineering solutions. Experience with ETL/ELT frameworks, data integration, and pipeline automation. Strong understanding of data modelling, data warehousing, and transformation methodologies. Experience supporting data science and machine learning initiatives from experimentation through production deployment. Strong understanding of data security, governance, and operational best practices. Public Sector Experience Experience delivering data initiatives within government or highly regulated environments. Strong understanding of GDPR, information governance, data protection legislation, and public sector compliance requirements. Familiarity with Government Digital Service (GDS) standards and ways of working. Communication & Leadership Excellent stakeholder management and communication skills. Ability to influence senior leaders and drive strategic decision-making. Experience building, leading, and mentoring high-performing data teams. Strong facilitation, collaboration, and workshop leadership capabilities. Technical Environment Experience with some or all of the following technologies is desirable: Cloud & Data Platforms AWS Amazon S3 AWS Glue AWS Lambda Amazon Redshift AWS Lake Formation Data Engineering & Analytics SQL Python ETL/ELT frameworks Data Warehousing solutions Data Modelling methodologies Performance & Digital Analytics Google Analytics Google BigQuery Google Looker Studio Google Tag Manager Desirable Experience Experience within benefits, welfare, citizen services, or wider public sector domains. Previous experience delivering services through public sector frameworks. Security clearance (BPSS, SC, or DV) or willingness to undergo clearance. Experience working within Agile multidisciplinary delivery teams. Experience defining and scaling enterprise data capabilities and operating models.
Jun 12, 2026
Full time
About Scrumconnect At Scrumconnect, we are a people-first digital consultancy that partners with government and private sector organisations to design, build, and deliver user-centred digital services. We bring together multidisciplinary teams of consultants, designers, engineers, researchers, and data specialists to solve complex challenges and create meaningful outcomes for millions of users. We are passionate about delivering high-quality digital solutions that improve public services, drive innovation, and create lasting impact. Our culture is built on collaboration, continuous learning, inclusivity, and excellence. About the Role Scrumconnect is seeking an experienced Data Lead to lead the development and execution of a strategic data vision for a large-scale government programme supporting services used by millions of citizens. This role will be responsible for assessing the current data landscape, defining the future-state architecture and operating model, and creating a roadmap that enables data-driven decision making, operational excellence, and regulatory compliance. The successful candidate will provide both strategic leadership and technical direction while helping shape and scale the data capability required to deliver long-term transformation. Working closely with senior stakeholders, delivery teams, architects, and data specialists, you will ensure that data platforms, governance frameworks, and analytical capabilities align with organisational objectives and government standards. Key Responsibilities Data Strategy & Governance Lead the development and execution of the overall data strategy. Assess and document current ("as-is") data capabilities, platforms, processes, and governance arrangements. Define the target ("to-be") data architecture, operating model, and roadmap. Establish and maintain data governance frameworks, standards, policies, and best practices. Ensure alignment with wider government data strategies and organisational objectives. Promote a culture of data-driven decision making across programmes and stakeholders. Technical Leadership & Architecture Provide technical leadership across data engineering, analytics, and data science initiatives. Define and evolve data architecture, engineering standards, tools, and methodologies. Design scalable, secure, and resilient cloud-based data solutions. Oversee the implementation of data platforms, ETL/ELT pipelines, and analytical solutions. Ensure data services meet both functional and non-functional requirements, including security, performance, and scalability. Drive continuous improvement of data engineering and analytical capabilities. Team Leadership & Delivery Define the optimal team structure, skills, and capabilities required to deliver the data strategy. Lead multidisciplinary teams including data engineers, analysts, data scientists, and architects. Mentor and support team members to foster technical excellence and professional growth. Collaborate with delivery partners and stakeholders to identify and onboard specialist expertise when required. Ensure successful delivery of strategic data initiatives within agreed timelines and budgets. Data Quality, Compliance & Security Implement robust data quality, lineage, metadata, and governance practices. Ensure compliance with GDPR, security policies, government standards, and regulatory requirements. Establish monitoring and reporting mechanisms to maintain data integrity and reliability. Support audits, risk assessments, and compliance activities. Champion secure-by-design and privacy-by-design principles across all data initiatives. Stakeholder Engagement Build strong relationships with senior stakeholders across business and technical teams. Translate complex technical concepts into clear business outcomes and recommendations. Present strategic plans, progress updates, and key insights to executive audiences. Facilitate workshops and decision-making sessions to drive alignment and delivery. Essential Skills & Experience Data Leadership Significant experience leading data engineering, analytics, or data science functions within complex organisations. Proven track record of developing and delivering enterprise-wide data strategies. Experience establishing data governance frameworks and operating models. Technical Expertise Strong experience with AWS cloud services and modern data platforms. Expertise in designing and implementing scalable data architectures and engineering solutions. Experience with ETL/ELT frameworks, data integration, and pipeline automation. Strong understanding of data modelling, data warehousing, and transformation methodologies. Experience supporting data science and machine learning initiatives from experimentation through production deployment. Strong understanding of data security, governance, and operational best practices. Public Sector Experience Experience delivering data initiatives within government or highly regulated environments. Strong understanding of GDPR, information governance, data protection legislation, and public sector compliance requirements. Familiarity with Government Digital Service (GDS) standards and ways of working. Communication & Leadership Excellent stakeholder management and communication skills. Ability to influence senior leaders and drive strategic decision-making. Experience building, leading, and mentoring high-performing data teams. Strong facilitation, collaboration, and workshop leadership capabilities. Technical Environment Experience with some or all of the following technologies is desirable: Cloud & Data Platforms AWS Amazon S3 AWS Glue AWS Lambda Amazon Redshift AWS Lake Formation Data Engineering & Analytics SQL Python ETL/ELT frameworks Data Warehousing solutions Data Modelling methodologies Performance & Digital Analytics Google Analytics Google BigQuery Google Looker Studio Google Tag Manager Desirable Experience Experience within benefits, welfare, citizen services, or wider public sector domains. Previous experience delivering services through public sector frameworks. Security clearance (BPSS, SC, or DV) or willingness to undergo clearance. Experience working within Agile multidisciplinary delivery teams. Experience defining and scaling enterprise data capabilities and operating models.
12 month FTC (would suit someone immediately available or on short notice period Strengthen risk. Shape governance. Drive confidence. Excellent team culture. Hybrid working (2 days per week in office) Join my client in a pivotal second-line Operational Risk role where you'll help elevate the organisation's risk maturity, strengthen governance, and embed a forward-looking Operational Risk Framework across key Group Functions. This 12-month FTC offers the opportunity to shape how risk is understood, managed, and governed at scale - delivering insight, challenge, and real impact at the heart of a major UK Financial Services Institution. Produce high-quality, insight-led risk reporting to support committees and senior stakeholders Analyse risk events to identify trends, root causes and emerging risks Build strong working relationships with colleagues across EORM, Information Security, Compliance, HR and Finance Support and challenge business Risk owners and Risk Champions with the identification, assessment and documentation of their risks and control. You will have: Experience in operational risk, risk management, audit or a business control function within financial services Strong understanding of risk and control frameworks, including control assurance Experience in risk event or incident management and analysis My client offers a first class culture where you opinion matters and is heard, offering a flexible and mature approach to work.
Jun 12, 2026
Full time
12 month FTC (would suit someone immediately available or on short notice period Strengthen risk. Shape governance. Drive confidence. Excellent team culture. Hybrid working (2 days per week in office) Join my client in a pivotal second-line Operational Risk role where you'll help elevate the organisation's risk maturity, strengthen governance, and embed a forward-looking Operational Risk Framework across key Group Functions. This 12-month FTC offers the opportunity to shape how risk is understood, managed, and governed at scale - delivering insight, challenge, and real impact at the heart of a major UK Financial Services Institution. Produce high-quality, insight-led risk reporting to support committees and senior stakeholders Analyse risk events to identify trends, root causes and emerging risks Build strong working relationships with colleagues across EORM, Information Security, Compliance, HR and Finance Support and challenge business Risk owners and Risk Champions with the identification, assessment and documentation of their risks and control. You will have: Experience in operational risk, risk management, audit or a business control function within financial services Strong understanding of risk and control frameworks, including control assurance Experience in risk event or incident management and analysis My client offers a first class culture where you opinion matters and is heard, offering a flexible and mature approach to work.
Job Title: Senior Delphi Developer Location: Fully Remote Salary: £55k-£60k Job Description This Senior Application Developer role sits within the Application Support function and provides operational ownership, support, and technical stewardship for a critical CRM, audit, and invoicing system supporting EMEA business operations. You will act as the technical owner and subject matter expert for a predominantly Delphi-based platform, ensuring its ongoing stability, performance, and resilience. This is a hands-on technical leadership position that combines deep Delphi and Object Pascal expertise with strong skills in SQL Server and Azure SQL, and exposure to .NET technologies. You will work closely with DevOps, infrastructure, cloud, and business stakeholders to maintain high service reliability while driving continuous improvements in maintainability, security, and long-term sustainability. Responsibilities Act as the technical owner of the KVS/KVSIFS platform within the Run organisation, taking primary responsibility for the Delphi and Object Pascal codebase. Ensure high availability, stability, and resilience of the application in a business-critical production environment. Own incident and problem management, including leading root cause analysis and implementing corrective and preventative actions. Provide 2nd and 3rd line support for complex application issues, ensuring timely resolution and clear communication with stakeholders. Drive continuous improvements in service reliability, incident resolution times, and overall platform performance. Maintain and support the existing Windows-based desktop application, including resolving defects, delivering minor enhancements, and managing technical debt. Support and maintain the codebase and associated third-party components, ensuring compatibility and stability. Manage application releases, patches, and controlled deployments, ensuring changes are implemented safely and in line with operational standards. Support and optimise the Azure SQL database, including stored procedures, data integrity, and performance tuning. Work with infrastructure and cloud teams to diagnose performance issues, resolve latency and throughput challenges, and support high-volume transactional processing. Collaborate with infrastructure, cloud, and DevOps teams to improve scalability, resilience, and observability of the platform. Support the transition to more modern hosting patterns where appropriate, ensuring the application remains performant and stable during architectural or deployment model changes. Deploy and configure websites and web applications using Microsoft IIS, including managing application pools, bindings, and site configurations. Troubleshoot application and server-level issues in IIS, such as HTTP errors and application pool failures, and support secure configurations including SSL certificates and authentication methods. Support and monitor all application integrations, including REST APIs, external audit and certification platforms, and invoicing and payment systems. Troubleshoot and resolve data synchronisation issues and integration failures that impact business operations. Ensure the platform operates within defined security and network controls, validating secure data access and API-based external communications. Support the platform's technical and security posture, contributing to audit, compliance, and assurance activities. Maintain comprehensive and up-to-date documentation, including architecture diagrams, support runbooks, known errors, and recovery procedures. Reduce key-person dependency by ensuring knowledge is documented, shared, and accessible across teams. Act as a trusted technical partner to business stakeholders, IT Operations, and cloud and infrastructure teams. Provide clear communication on incidents, risks, technical limitations, and platform sustainability, translating technical concepts into clear business language. Operate effectively within a complex and Legacy environment while aligning with modern engineering and operational practices. Essential Skills Strong, hands-on experience with Delphi and Object Pascal in enterprise or business-critical applications. Proven experience supporting and maintaining Legacy or long-lived codebases, particularly VCL-based applications. Strong SQL Server and Azure SQL capability, including performance tuning, troubleshooting, and support for high-volume transactional workloads. experience supporting and developing web applications and API endpoints, including REST APIs. experience operating applications in production environments with high availability and reliability requirements. Solid understanding of incident, problem, and change management within a Run/Operate model. Strong problem-solving and analytical skills, with the ability to diagnose and resolve complex issues across application, database, and integration layers. Self-motivated and proactive approach, with the ability to work independently with minimal supervision while driving continuous improvement. Excellent communication skills, with the ability to engage both technical and non-technical stakeholders and explain technical concepts in clear business language. Ability to operate effectively in complex and Legacy environments, balancing stability with modernisation. Strong organisational and prioritisation skills, with the ability to manage competing demands and deliver within deadlines. Resilient and pragmatic approach to technology challenges. 5+ years of hands-on experience with Delphi and Object Pascal. Strong experience with SQL Server and Azure SQL in production environments. Demonstrable experience as both a developer and administrator of a Delphi-based codebase environment. Proven experience supporting business-critical applications in production. experience maintaining VCL-based applications. experience delivering solutions using Agile methodologies, working alongside Product Owners and Business Analysts. experience managing application releases, user communications, and training for a commercial user base. Additional Skills & Qualifications experience keeping software versions up to date and ensuring applications remain within vendor support windows. experience with .NET technologies, including .NET Core and C# MVC, or a strong interest in developing skills in modern .NET technologies. experience working closely with DevOps and platform teams to evolve delivery and hosting practices. Hands-on experience with Microsoft IIS, including deploying and configuring websites and web applications, managing application pools and bindings, and troubleshooting application and server-level issues. Familiarity with secure configurations in IIS, including SSL certificate management and authentication methods. experience supporting integrations with external audit and certification platforms, invoicing systems, and payment systems. Familiarity with Azure-based hosting environments and modern hosting patterns. experience participating in or supporting audit, compliance, and assurance activities. Comfort working as a subject matter expert and self-starter in a role with significant autonomy and ownership. Location Birmingham, UK Rate/Salary .00 GBP Yearly Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Jun 10, 2026
Full time
Job Title: Senior Delphi Developer Location: Fully Remote Salary: £55k-£60k Job Description This Senior Application Developer role sits within the Application Support function and provides operational ownership, support, and technical stewardship for a critical CRM, audit, and invoicing system supporting EMEA business operations. You will act as the technical owner and subject matter expert for a predominantly Delphi-based platform, ensuring its ongoing stability, performance, and resilience. This is a hands-on technical leadership position that combines deep Delphi and Object Pascal expertise with strong skills in SQL Server and Azure SQL, and exposure to .NET technologies. You will work closely with DevOps, infrastructure, cloud, and business stakeholders to maintain high service reliability while driving continuous improvements in maintainability, security, and long-term sustainability. Responsibilities Act as the technical owner of the KVS/KVSIFS platform within the Run organisation, taking primary responsibility for the Delphi and Object Pascal codebase. Ensure high availability, stability, and resilience of the application in a business-critical production environment. Own incident and problem management, including leading root cause analysis and implementing corrective and preventative actions. Provide 2nd and 3rd line support for complex application issues, ensuring timely resolution and clear communication with stakeholders. Drive continuous improvements in service reliability, incident resolution times, and overall platform performance. Maintain and support the existing Windows-based desktop application, including resolving defects, delivering minor enhancements, and managing technical debt. Support and maintain the codebase and associated third-party components, ensuring compatibility and stability. Manage application releases, patches, and controlled deployments, ensuring changes are implemented safely and in line with operational standards. Support and optimise the Azure SQL database, including stored procedures, data integrity, and performance tuning. Work with infrastructure and cloud teams to diagnose performance issues, resolve latency and throughput challenges, and support high-volume transactional processing. Collaborate with infrastructure, cloud, and DevOps teams to improve scalability, resilience, and observability of the platform. Support the transition to more modern hosting patterns where appropriate, ensuring the application remains performant and stable during architectural or deployment model changes. Deploy and configure websites and web applications using Microsoft IIS, including managing application pools, bindings, and site configurations. Troubleshoot application and server-level issues in IIS, such as HTTP errors and application pool failures, and support secure configurations including SSL certificates and authentication methods. Support and monitor all application integrations, including REST APIs, external audit and certification platforms, and invoicing and payment systems. Troubleshoot and resolve data synchronisation issues and integration failures that impact business operations. Ensure the platform operates within defined security and network controls, validating secure data access and API-based external communications. Support the platform's technical and security posture, contributing to audit, compliance, and assurance activities. Maintain comprehensive and up-to-date documentation, including architecture diagrams, support runbooks, known errors, and recovery procedures. Reduce key-person dependency by ensuring knowledge is documented, shared, and accessible across teams. Act as a trusted technical partner to business stakeholders, IT Operations, and cloud and infrastructure teams. Provide clear communication on incidents, risks, technical limitations, and platform sustainability, translating technical concepts into clear business language. Operate effectively within a complex and Legacy environment while aligning with modern engineering and operational practices. Essential Skills Strong, hands-on experience with Delphi and Object Pascal in enterprise or business-critical applications. Proven experience supporting and maintaining Legacy or long-lived codebases, particularly VCL-based applications. Strong SQL Server and Azure SQL capability, including performance tuning, troubleshooting, and support for high-volume transactional workloads. experience supporting and developing web applications and API endpoints, including REST APIs. experience operating applications in production environments with high availability and reliability requirements. Solid understanding of incident, problem, and change management within a Run/Operate model. Strong problem-solving and analytical skills, with the ability to diagnose and resolve complex issues across application, database, and integration layers. Self-motivated and proactive approach, with the ability to work independently with minimal supervision while driving continuous improvement. Excellent communication skills, with the ability to engage both technical and non-technical stakeholders and explain technical concepts in clear business language. Ability to operate effectively in complex and Legacy environments, balancing stability with modernisation. Strong organisational and prioritisation skills, with the ability to manage competing demands and deliver within deadlines. Resilient and pragmatic approach to technology challenges. 5+ years of hands-on experience with Delphi and Object Pascal. Strong experience with SQL Server and Azure SQL in production environments. Demonstrable experience as both a developer and administrator of a Delphi-based codebase environment. Proven experience supporting business-critical applications in production. experience maintaining VCL-based applications. experience delivering solutions using Agile methodologies, working alongside Product Owners and Business Analysts. experience managing application releases, user communications, and training for a commercial user base. Additional Skills & Qualifications experience keeping software versions up to date and ensuring applications remain within vendor support windows. experience with .NET technologies, including .NET Core and C# MVC, or a strong interest in developing skills in modern .NET technologies. experience working closely with DevOps and platform teams to evolve delivery and hosting practices. Hands-on experience with Microsoft IIS, including deploying and configuring websites and web applications, managing application pools and bindings, and troubleshooting application and server-level issues. Familiarity with secure configurations in IIS, including SSL certificate management and authentication methods. experience supporting integrations with external audit and certification platforms, invoicing systems, and payment systems. Familiarity with Azure-based hosting environments and modern hosting patterns. experience participating in or supporting audit, compliance, and assurance activities. Comfort working as a subject matter expert and self-starter in a role with significant autonomy and ownership. Location Birmingham, UK Rate/Salary .00 GBP Yearly Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
The successful candidate will need to be able to work full time onsite in Methil, Fife Must have experience with Siemens Team Centre and NX. MISSION Implement IT digitalisation projects across various functional areas including both corporate and supply chain in accordance with Digital Transformation Strategy and Plan. Collaborate in maintenance and continuous improvement of implemented solutions, anticipating business needs to ensure maximum value, productivity, and return for the clients Businesses. Exercise technical authority over applications and information systems within scope, implementation, optimisation, and strategy driven evolution. MAIN RESULTS Digitalisation projects and solutions implemented that increase business value and operational productivity. Contribution to system implementation strategies that maximise benefits delivered by corporate and supply chain information systems. Development and support of ICT projects and solutions across all functional domains. Reduction of recurring incidents via standardisation and continuous improvement practices. Effective coordination with internal teams and external partners to deliver predictable outcomes and value. KEY DIMENSIONS Customer-focused and approachable with strong analytical and problem-solving skills. Ability to work under pressure and meet deadlines while supporting users with varying expertise. Continuous learner with a passion for digital engineering solutions. Affected Areas: All company directorates, including Corporate (Finance, Legal, HR, Sustainability, Audit, Compliance, Strategy, Secretariat), Supply Chain (Purchasing, Logistics, Warehousing), Technology, and Digital Transformation. MAIN RESPONSIBILITIES Support the end users in the business with 1st line queries Understanding of PLM engineering data flows into ERP and their purposes, ensuring accurate integration and life cycle continuity across systems Broader SuccessFactors knowledge and understanding across corporate and supply-chain domains, ensuring alignment of HR data and processes with enterprise systems. Understanding of integrations across SAP and adjacent platforms (eg, Materials, Sales, Finance/Controlling, HR, and PLM/Teamcenter) and with non-SAP systems-focusing on end-to-end data flow, quality, and life cycle. Maintain broad understanding of Operations domains-production, maintenance, projects, and quality-and how they interact with supply chain and finance at a solution level (no module-level detail). Support test for major changes (functional, integration, UAT), ensure maintainable documentation and handovers, and drive continuous improvement aligned to the Digital Transformation Strategy. Coordinate delivery with UK Operations, IT teams in Spain, and external partners, aligning priorities, SLAs, and standards across teams. Establish standards and controls for operational master data across manufacturing contexts to safeguard traceability and operational performance. Assist projects involving implementations, migrations, upgrades, and new digital solutions across both corporate and supply chain domains. Ensure optimal, continuous, secure operation of systems, meeting quality standards and improving user satisfaction. Security Clearance: BPSS Clearance eligible.
Jun 09, 2026
Full time
The successful candidate will need to be able to work full time onsite in Methil, Fife Must have experience with Siemens Team Centre and NX. MISSION Implement IT digitalisation projects across various functional areas including both corporate and supply chain in accordance with Digital Transformation Strategy and Plan. Collaborate in maintenance and continuous improvement of implemented solutions, anticipating business needs to ensure maximum value, productivity, and return for the clients Businesses. Exercise technical authority over applications and information systems within scope, implementation, optimisation, and strategy driven evolution. MAIN RESULTS Digitalisation projects and solutions implemented that increase business value and operational productivity. Contribution to system implementation strategies that maximise benefits delivered by corporate and supply chain information systems. Development and support of ICT projects and solutions across all functional domains. Reduction of recurring incidents via standardisation and continuous improvement practices. Effective coordination with internal teams and external partners to deliver predictable outcomes and value. KEY DIMENSIONS Customer-focused and approachable with strong analytical and problem-solving skills. Ability to work under pressure and meet deadlines while supporting users with varying expertise. Continuous learner with a passion for digital engineering solutions. Affected Areas: All company directorates, including Corporate (Finance, Legal, HR, Sustainability, Audit, Compliance, Strategy, Secretariat), Supply Chain (Purchasing, Logistics, Warehousing), Technology, and Digital Transformation. MAIN RESPONSIBILITIES Support the end users in the business with 1st line queries Understanding of PLM engineering data flows into ERP and their purposes, ensuring accurate integration and life cycle continuity across systems Broader SuccessFactors knowledge and understanding across corporate and supply-chain domains, ensuring alignment of HR data and processes with enterprise systems. Understanding of integrations across SAP and adjacent platforms (eg, Materials, Sales, Finance/Controlling, HR, and PLM/Teamcenter) and with non-SAP systems-focusing on end-to-end data flow, quality, and life cycle. Maintain broad understanding of Operations domains-production, maintenance, projects, and quality-and how they interact with supply chain and finance at a solution level (no module-level detail). Support test for major changes (functional, integration, UAT), ensure maintainable documentation and handovers, and drive continuous improvement aligned to the Digital Transformation Strategy. Coordinate delivery with UK Operations, IT teams in Spain, and external partners, aligning priorities, SLAs, and standards across teams. Establish standards and controls for operational master data across manufacturing contexts to safeguard traceability and operational performance. Assist projects involving implementations, migrations, upgrades, and new digital solutions across both corporate and supply chain domains. Ensure optimal, continuous, secure operation of systems, meeting quality standards and improving user satisfaction. Security Clearance: BPSS Clearance eligible.
You will need to be able to work full time onsite in Appledore, North Devon Must have experience with Siemens Team Centre and NX. MISSION Implement IT digitalisation projects across various functional areas including both corporate and supply chain in accordance with Digital Transformation Strategy and Plan. Collaborate in maintenance and continuous improvement of implemented solutions, anticipating business needs to ensure maximum value, productivity, and return for the clients Businesses. Exercise technical authority over applications and information systems within scope, implementation, optimisation, and strategy?driven evolution. MAIN RESULTS Digitalisation projects and solutions implemented that increase business value and operational productivity. Contribution to system implementation strategies that maximise benefits delivered by corporate and supply chain information systems. Development and support of ICT projects and solutions across all functional domains. Reduction of recurring incidents via standardisation and continuous improvement practices. Effective coordination with internal teams and external partners to deliver predictable outcomes and value. KEY DIMENSIONS Customer-focused and approachable with strong analytical and problem-solving skills. Ability to work under pressure and meet deadlines while supporting users with varying expertise. Continuous learner with a passion for digital engineering solutions. Affected Areas: All company directorates, including Corporate (Finance, Legal, HR, Sustainability, Audit, Compliance, Strategy, Secretariat), Supply Chain (Purchasing, Logistics, Warehousing), Technology, and Digital Transformation. MAIN RESPONSIBILITIES Support the end users in the business with 1st line queries Understanding of PLM engineering data flows into ERP and their purposes, ensuring accurate integration and life cycle continuity across systems Broader SuccessFactors knowledge and understanding across corporate and supply-chain domains, ensuring alignment of HR data and processes with enterprise systems. Understanding of integrations across SAP and adjacent platforms (eg, Materials, Sales, Finance/Controlling, HR, and PLM/Teamcenter) and with non-SAP systems-focusing on end-to-end data flow, quality, and life cycle. Maintain broad understanding of Operations domains-production, maintenance, projects, and quality-and how they interact with supply chain and finance at a solution level (no module-level detail). Support test for major changes (functional, integration, UAT), ensure maintainable documentation and handovers, and drive continuous improvement aligned to the Digital Transformation Strategy. Coordinate delivery with UK Operations, IT teams in Spain, and external partners, aligning priorities, SLAs, and standards across teams. Establish standards and controls for operational master data across manufacturing contexts to safeguard traceability and operational performance. Assist projects involving implementations, migrations, upgrades, and new digital solutions across both corporate and supply?chain domains. Ensure optimal, continuous, secure operation of systems, meeting quality standards and improving user satisfaction. Security Clearance: BPSS Clearance eligible.
Jun 09, 2026
Full time
You will need to be able to work full time onsite in Appledore, North Devon Must have experience with Siemens Team Centre and NX. MISSION Implement IT digitalisation projects across various functional areas including both corporate and supply chain in accordance with Digital Transformation Strategy and Plan. Collaborate in maintenance and continuous improvement of implemented solutions, anticipating business needs to ensure maximum value, productivity, and return for the clients Businesses. Exercise technical authority over applications and information systems within scope, implementation, optimisation, and strategy?driven evolution. MAIN RESULTS Digitalisation projects and solutions implemented that increase business value and operational productivity. Contribution to system implementation strategies that maximise benefits delivered by corporate and supply chain information systems. Development and support of ICT projects and solutions across all functional domains. Reduction of recurring incidents via standardisation and continuous improvement practices. Effective coordination with internal teams and external partners to deliver predictable outcomes and value. KEY DIMENSIONS Customer-focused and approachable with strong analytical and problem-solving skills. Ability to work under pressure and meet deadlines while supporting users with varying expertise. Continuous learner with a passion for digital engineering solutions. Affected Areas: All company directorates, including Corporate (Finance, Legal, HR, Sustainability, Audit, Compliance, Strategy, Secretariat), Supply Chain (Purchasing, Logistics, Warehousing), Technology, and Digital Transformation. MAIN RESPONSIBILITIES Support the end users in the business with 1st line queries Understanding of PLM engineering data flows into ERP and their purposes, ensuring accurate integration and life cycle continuity across systems Broader SuccessFactors knowledge and understanding across corporate and supply-chain domains, ensuring alignment of HR data and processes with enterprise systems. Understanding of integrations across SAP and adjacent platforms (eg, Materials, Sales, Finance/Controlling, HR, and PLM/Teamcenter) and with non-SAP systems-focusing on end-to-end data flow, quality, and life cycle. Maintain broad understanding of Operations domains-production, maintenance, projects, and quality-and how they interact with supply chain and finance at a solution level (no module-level detail). Support test for major changes (functional, integration, UAT), ensure maintainable documentation and handovers, and drive continuous improvement aligned to the Digital Transformation Strategy. Coordinate delivery with UK Operations, IT teams in Spain, and external partners, aligning priorities, SLAs, and standards across teams. Establish standards and controls for operational master data across manufacturing contexts to safeguard traceability and operational performance. Assist projects involving implementations, migrations, upgrades, and new digital solutions across both corporate and supply?chain domains. Ensure optimal, continuous, secure operation of systems, meeting quality standards and improving user satisfaction. Security Clearance: BPSS Clearance eligible.
Cyber Security Specialist (Operational) Salary: £57,528 - £64,750 per annum Location: Manchester Vacancy Type: Permanent Closing date: 21/06/2026 The National Institute for Health and Care Excellence (NICE) is the independent organisation responsible for providing national guidance and advice on promoting high quality health, public health and social care. We have modern offices in Manchester city centre and Stratford, London. Please take into consideration that you may be required to commute to one of our offices for business purposes if necessary. Job overview Do you want to do meaningful work that makes a genuine difference to society? Our main purpose here at The National Institute for Health and Care Excellence (NICE) is to improve health and wellbeing by putting science and evidence at the heart of health and care decision-making. As an organisation we all collaborate to achieve this goal by empowering our workforce to do great things! Please note that this role may not be eligible for sponsorship under the Skilled Worker route. Please refer to the DirectGov website for more information on eligibility. We reserve the right to close the advert early should we receive sufficient applications, so please don t delay your submission. Main duties of the job As a Cyber Security Specialist (Operational), you will play a key hands on role in protecting NICE s digital platforms, systems, and data from cyber threats. Working as part of a collaborative cyber security function, you will investigate security alerts, manage vulnerabilities, respond to incidents and help ensure our services remain secure, resilient and compliant. The role combines technical expertise with clear communication, supporting both operational delivery and the continual improvement of NICE s cyber security posture. What the candidate will be expected to do / bring Act as a hands on cyber security specialist, investigating security alerts, responding to incidents and supporting day to day operational cyber resilience Configure, manage and maintain security tooling and infrastructure across on premise and cloud environments, embedding secure by design principles Carry out routine vulnerability assessments, threat analysis and horizon scanning to identify and mitigate emerging risks Serve as a technical escalation point for complex security issues, contributing expert analysis and practical solutions Support compliance with recognised security standards and frameworks (e.g. Cyber Essentials, ISO27001), maintaining clear and auditable records Communicate complex technical risks and findings clearly to both technical and non technical stakeholders Person specification Essential: Holds highly developed specialist knowledge and expertise acquired through master s degree level or equivalent qualification/experience. Additionally holds specialist knowledge of the relevant area(s) of expertise as outlined in the person specification, acquired through relevant practical experience and training/development Proven hands on experience in cyber security operations, such as working as a Security Analyst, SOC Analyst or in a similar technical cyber security role Demonstrable experience of incident response and security configuration, with the ability to systematically analyse issues, identify root causes and implement effective solutions Strong technical knowledge of cyber security tooling and techniques, including vulnerability management, incident investigation and monitoring tools such as SIEM, EDR and vulnerability scanners Practical understanding of core cyber security concepts, including network, infrastructure and system security across Windows and Linux environments, with awareness across networking, operating systems and cloud platforms Desirable: One or more of the following qualifications, or equivalent experience, is desirable for this role: FEDIP Senior Practitioner, Cyber Security Professional (ACSP) ,BCS Certificate in Information Security Management Principles (CISMP), SSCP Systems Security Certified Practitioner Working for our organisation The Infrastructure, Cyber & IT Operations team plays a critical role in ensuring NICE s digital services are secure, resilient, and reliable. The team is responsible for safeguarding systems and information, supporting users across the organisation, and maintaining operational stability with minimal risk or disruption. As part of this team, you will help protect nationally important digital services while enabling NICE to deliver trusted guidance and information to health and care users across England. We are passionate and proud of the work we do and the impact we make. NICE offer: Generous NHS Pension Secure your future with one of the most rewarding pension schemes in the UK Flexible working Enjoy a healthy work-life balance with options like remote working, compressed hours and flexible start/finish times Exclusive discounts Save on shopping, dining and more with a Blue Light Card Time to recharge Start with 27 days annual leave plus bank holidays Inclusive staff networks Join supportive communities like Women in NICE, Race Equality Network, Disability Advocacy and NICE and Proud we celebrate diversity Tailored development Grow your career with personalised learning and development opportunities If you feel this is the type of environment you will enjoy working in, apply today! To Apply If you feel you are a suitable candidate and would like to work for The National Institute for Health and Care Excellence (NICE), please click apply to be redirected to our website to complete your application.
Jun 09, 2026
Full time
Cyber Security Specialist (Operational) Salary: £57,528 - £64,750 per annum Location: Manchester Vacancy Type: Permanent Closing date: 21/06/2026 The National Institute for Health and Care Excellence (NICE) is the independent organisation responsible for providing national guidance and advice on promoting high quality health, public health and social care. We have modern offices in Manchester city centre and Stratford, London. Please take into consideration that you may be required to commute to one of our offices for business purposes if necessary. Job overview Do you want to do meaningful work that makes a genuine difference to society? Our main purpose here at The National Institute for Health and Care Excellence (NICE) is to improve health and wellbeing by putting science and evidence at the heart of health and care decision-making. As an organisation we all collaborate to achieve this goal by empowering our workforce to do great things! Please note that this role may not be eligible for sponsorship under the Skilled Worker route. Please refer to the DirectGov website for more information on eligibility. We reserve the right to close the advert early should we receive sufficient applications, so please don t delay your submission. Main duties of the job As a Cyber Security Specialist (Operational), you will play a key hands on role in protecting NICE s digital platforms, systems, and data from cyber threats. Working as part of a collaborative cyber security function, you will investigate security alerts, manage vulnerabilities, respond to incidents and help ensure our services remain secure, resilient and compliant. The role combines technical expertise with clear communication, supporting both operational delivery and the continual improvement of NICE s cyber security posture. What the candidate will be expected to do / bring Act as a hands on cyber security specialist, investigating security alerts, responding to incidents and supporting day to day operational cyber resilience Configure, manage and maintain security tooling and infrastructure across on premise and cloud environments, embedding secure by design principles Carry out routine vulnerability assessments, threat analysis and horizon scanning to identify and mitigate emerging risks Serve as a technical escalation point for complex security issues, contributing expert analysis and practical solutions Support compliance with recognised security standards and frameworks (e.g. Cyber Essentials, ISO27001), maintaining clear and auditable records Communicate complex technical risks and findings clearly to both technical and non technical stakeholders Person specification Essential: Holds highly developed specialist knowledge and expertise acquired through master s degree level or equivalent qualification/experience. Additionally holds specialist knowledge of the relevant area(s) of expertise as outlined in the person specification, acquired through relevant practical experience and training/development Proven hands on experience in cyber security operations, such as working as a Security Analyst, SOC Analyst or in a similar technical cyber security role Demonstrable experience of incident response and security configuration, with the ability to systematically analyse issues, identify root causes and implement effective solutions Strong technical knowledge of cyber security tooling and techniques, including vulnerability management, incident investigation and monitoring tools such as SIEM, EDR and vulnerability scanners Practical understanding of core cyber security concepts, including network, infrastructure and system security across Windows and Linux environments, with awareness across networking, operating systems and cloud platforms Desirable: One or more of the following qualifications, or equivalent experience, is desirable for this role: FEDIP Senior Practitioner, Cyber Security Professional (ACSP) ,BCS Certificate in Information Security Management Principles (CISMP), SSCP Systems Security Certified Practitioner Working for our organisation The Infrastructure, Cyber & IT Operations team plays a critical role in ensuring NICE s digital services are secure, resilient, and reliable. The team is responsible for safeguarding systems and information, supporting users across the organisation, and maintaining operational stability with minimal risk or disruption. As part of this team, you will help protect nationally important digital services while enabling NICE to deliver trusted guidance and information to health and care users across England. We are passionate and proud of the work we do and the impact we make. NICE offer: Generous NHS Pension Secure your future with one of the most rewarding pension schemes in the UK Flexible working Enjoy a healthy work-life balance with options like remote working, compressed hours and flexible start/finish times Exclusive discounts Save on shopping, dining and more with a Blue Light Card Time to recharge Start with 27 days annual leave plus bank holidays Inclusive staff networks Join supportive communities like Women in NICE, Race Equality Network, Disability Advocacy and NICE and Proud we celebrate diversity Tailored development Grow your career with personalised learning and development opportunities If you feel this is the type of environment you will enjoy working in, apply today! To Apply If you feel you are a suitable candidate and would like to work for The National Institute for Health and Care Excellence (NICE), please click apply to be redirected to our website to complete your application.
SAP Basis Administrator 60,000 - 65,000 + Bonus and Benefits Full Time / Permanent Hybrid / Birmingham The Role I am looking for a driven SAP Basis Administrator / Analyst to join a large and nationally recognised manufacturing client based in the Birmingham area as the continue on their digital evolution. As a SAP Basis Administrator / Analyst you will be a key member of a dynamic internal IT team acting as the technical subject matter expert for all things SAP infrastructure. The successful candidate will work across a broad technical landscape - translating business needs into innovative SAP platform solutions, ensuring system availability, security, and performance. Responsibilities Lead SAP infrastructure service management activities, ensuring reliable, secure and cost-effective solutions. Manage third-party SAP hosting providers, ensuring delivery against SLAs and governance standards. Acting as SAP SME on IT and business transformation projects. Monitor system performance, capacity, and availability - and planning smart enhancements. Support compliance with SOx, audit and security standards such as ISO27001 and Cyber Essentials. Investigate and resolve incidents, support users, and ensure root cause analysis is actioned. The Person Experience in a similar SAP Basis Administration role in a large enterprise environment Extensive experience of SAP infrastructure and associated technologies Strong knowledge of IT governance, audit, and service management principles Ability to translate business requirements into robust, scalable solutions Excellent communication and stakeholder engagement skills Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Oct 09, 2025
Full time
SAP Basis Administrator 60,000 - 65,000 + Bonus and Benefits Full Time / Permanent Hybrid / Birmingham The Role I am looking for a driven SAP Basis Administrator / Analyst to join a large and nationally recognised manufacturing client based in the Birmingham area as the continue on their digital evolution. As a SAP Basis Administrator / Analyst you will be a key member of a dynamic internal IT team acting as the technical subject matter expert for all things SAP infrastructure. The successful candidate will work across a broad technical landscape - translating business needs into innovative SAP platform solutions, ensuring system availability, security, and performance. Responsibilities Lead SAP infrastructure service management activities, ensuring reliable, secure and cost-effective solutions. Manage third-party SAP hosting providers, ensuring delivery against SLAs and governance standards. Acting as SAP SME on IT and business transformation projects. Monitor system performance, capacity, and availability - and planning smart enhancements. Support compliance with SOx, audit and security standards such as ISO27001 and Cyber Essentials. Investigate and resolve incidents, support users, and ensure root cause analysis is actioned. The Person Experience in a similar SAP Basis Administration role in a large enterprise environment Extensive experience of SAP infrastructure and associated technologies Strong knowledge of IT governance, audit, and service management principles Ability to translate business requirements into robust, scalable solutions Excellent communication and stakeholder engagement skills Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Job Title: Cryptography Analyst Location: Hybrid working - 2 days a week in Knutsford Cheshire Duration: Till 31st December 2025 Rate: 445.00 per day (Inside IR35) Successful candidates will be required to go through a BPSS Clearance We are looking for an experienced Cryptography Analyst to join a dedicated security team. You will be supporting the integrity and availability of the clients cryptographic infrastructure. You will play a key role in supporting cryptographic hardware, key management services, certificate management, and ensuring adherence to IT security standards. Your expertise will help shape and secure the operations, aligning with the Crypto strategy and wider departmental goals. Key Responsibilities Manage cryptographic hardware (HSMs - Thales, Entrust, Gemalto, etc.), including installation, configuration, and on-site activities Perform SSH key and certificate management Support cryptographic key lifecycle activities: generation, distribution, storage, recovery, and deletion Maintain accurate documentation and perform regular risk and compliance checks Handle incident, problem, and change management processes (aligned with ITIL best practices) Ensure strong governance, audit trails, and adherence to Barclays' IT Security Standards Contribute to automation and scripting efforts (e.g., Python) to streamline operations Participate in out-of-hours support and provide monthly risk/management reporting Collaborate with global teams across diverse platforms (IBM, Tandem, Unix) Essential Skills & Qualifications Proven experience in cryptography or information security roles Hands-on experience with HSMs from vendors such as Thales, Entrust, or Gemalto Familiarity with HSM monitoring tools Strong scripting or coding skills (Python preferred) ITIL Foundation Certification Bachelor's Degree in Computer Science or related field Strong stakeholder management and communication skills Excellent attention to detail and ability to multitask Proficient in Microsoft Office tools Desirable Skills Operational experience in IT Security environments Industry certifications in security and/or project management Experience with Unix/Windows operating systems Proficiency in tools such as SharePoint, Confluence, and JIRA Understanding of compliance, data protection, and incident response best practices Experience creating and maintaining operational documentation If you are interested and looking for your next role, please apply with a copy of your CV or email - (url removed)
Oct 07, 2025
Contractor
Job Title: Cryptography Analyst Location: Hybrid working - 2 days a week in Knutsford Cheshire Duration: Till 31st December 2025 Rate: 445.00 per day (Inside IR35) Successful candidates will be required to go through a BPSS Clearance We are looking for an experienced Cryptography Analyst to join a dedicated security team. You will be supporting the integrity and availability of the clients cryptographic infrastructure. You will play a key role in supporting cryptographic hardware, key management services, certificate management, and ensuring adherence to IT security standards. Your expertise will help shape and secure the operations, aligning with the Crypto strategy and wider departmental goals. Key Responsibilities Manage cryptographic hardware (HSMs - Thales, Entrust, Gemalto, etc.), including installation, configuration, and on-site activities Perform SSH key and certificate management Support cryptographic key lifecycle activities: generation, distribution, storage, recovery, and deletion Maintain accurate documentation and perform regular risk and compliance checks Handle incident, problem, and change management processes (aligned with ITIL best practices) Ensure strong governance, audit trails, and adherence to Barclays' IT Security Standards Contribute to automation and scripting efforts (e.g., Python) to streamline operations Participate in out-of-hours support and provide monthly risk/management reporting Collaborate with global teams across diverse platforms (IBM, Tandem, Unix) Essential Skills & Qualifications Proven experience in cryptography or information security roles Hands-on experience with HSMs from vendors such as Thales, Entrust, or Gemalto Familiarity with HSM monitoring tools Strong scripting or coding skills (Python preferred) ITIL Foundation Certification Bachelor's Degree in Computer Science or related field Strong stakeholder management and communication skills Excellent attention to detail and ability to multitask Proficient in Microsoft Office tools Desirable Skills Operational experience in IT Security environments Industry certifications in security and/or project management Experience with Unix/Windows operating systems Proficiency in tools such as SharePoint, Confluence, and JIRA Understanding of compliance, data protection, and incident response best practices Experience creating and maintaining operational documentation If you are interested and looking for your next role, please apply with a copy of your CV or email - (url removed)
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Oct 03, 2025
Full time
IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
Oct 02, 2025
Full time
Information Security Analyst - Heron Foods Salary: £35,000 - £45,000 per annum (depending on experience) Location: Hull (with hybrid working flexibility) About the Role We are looking for an Information Security Analyst to join the Group Information Security Function at B&M, with a dedicated focus on Heron Foods. In this role, you'll act as the primary contact for all things cyber and information security at Heron Foods, working day-to-day under the steer of the Head of IT at Heron Foods while aligning with the security strategy, policies, and standards set by the Group Head of Information Security. This is an exciting opportunity to be at the frontline of cyber defence - monitoring threats, responding to incidents, managing vulnerabilities, and embedding security into everyday operations across Heron Foods. Key Responsibilities As Information Security Analyst, you will: Be the first point of contact for all cyber and information security matters within Heron Foods. Monitor and respond to alerts from our Managed Security Operations Centre (SOC). Coordinate incident response, containment, and recovery activities. Oversee vulnerability management: assessing risks, tracking remediation, and validating fixes. Support forensic investigations and evidence handling when needed. Contribute to compliance activities including PCI DSS evidence gathering and audit readiness. Deliver security awareness training, phishing simulations, and staff engagement campaigns. Provide local insights to the Group Information Security team to strengthen overall resilience. About You We're looking for someone who combines technical knowledge with an investigative mindset and strong stakeholder communication skills. Essential skills & experience: Experience working in security operations, SOC, or incident response. Knowledge of SIEM tools, vulnerability management, and log analysis. Understanding of security frameworks such as ISO 27001, NIST, or PCI DSS. Strong communication skills to engage with IT teams, business stakeholders, and non-technical staff. Ability to work independently at Heron Foods while remaining aligned to Group Information Security. Desirable: Hands-on exposure to security tooling (e.g., EDR, SIEM, vulnerability scanners). Experience supporting audits and compliance activities. Scripting/automation skills (e.g., PowerShell, Python) to streamline tasks. Why Join Us? At B&M and Heron Foods, we are on a journey to strengthen our cyber resilience. This role offers: A unique opportunity to be the dedicated security lead for Heron Foods while benefiting from Group-level support and expertise. A competitive salary of £35,000 - £45,000 (depending on experience). Hybrid working arrangements. Excellent staff discount across B&M and Heron Foods stores. Opportunities for training, development, and progression within a growing security function. How to Apply If you're passionate about cyber security and want to make a real impact by protecting business-critical systems and data, apply today and help us keep Heron Foods secure.
IT Security Manager Hybrid We are seeking an experienced IT Security Manager to lead our clients security function across the EMEA region. Reporting to the Head of IT Infrastructure, you will manage a team of internal security analysts as well as external consultants and managed services providers. This role requires strong interpersonal skills to collaborate effectively with IT Infrastructure teams across multiple European sites, as well as wider business units within the group. The successful candidate will take ownership of their Information Security Management System (ISMS) , supporting ISO 27001 certification, ensuring compliance with relevant regulations, and safeguarding our IT assets. You will also play a proactive role in shaping and delivering future security programmes as part of the Global IT Security Team. Key Responsibilities Lead and manage the IT security team, including outsourced SOC/MDR/DFIR providers. Maintain and enhance our ISMS, including policies, procedures, registers, and reports. Ensure compliance with ISO 27001, ISAE 3402 Type II, and NIS2 requirements. Prepare and present regular security reports to senior management. Liaise with external auditors, customers, and vendors as required. Conduct regular security assessments, penetration tests, and risk analyses. Monitor networks and systems for breaches, incidents, and vulnerabilities. Respond to and manage security incidents, including investigation, mitigation, and reporting. Oversee user access controls, identity management, and data protection measures. Lead Business Continuity and Disaster Recovery (BC/DR) planning and testing. Manage and deliver IT security awareness training for staff and end users. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or related field. Professional certification (CISM, CISSP, or equivalent) required. 7+ years' experience in IT security, with at least 3 years in a leadership or managerial role. Strong knowledge of ISO 27001, ISAE 3402, and related frameworks. Experience with security technologies such as XDR, MDR, EDR, SIEM, NAC, IDS/IPS, and SASE. Proven background in incident response, risk management, and ISMS operation. Essential Skills Demonstrated leadership and team management experience. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to prioritise effectively and perform under pressure. What they Offer An influential leadership role in a global organisation. Opportunity to shape security programmes and strategy at an international level. Competitive salary and benefits package. Professional development and certification support. If you are a proven IT Security leader with the vision, expertise, and drive to safeguard critical systems and data, we would like to hear from you. IT Security Manager Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Oct 02, 2025
Full time
IT Security Manager Hybrid We are seeking an experienced IT Security Manager to lead our clients security function across the EMEA region. Reporting to the Head of IT Infrastructure, you will manage a team of internal security analysts as well as external consultants and managed services providers. This role requires strong interpersonal skills to collaborate effectively with IT Infrastructure teams across multiple European sites, as well as wider business units within the group. The successful candidate will take ownership of their Information Security Management System (ISMS) , supporting ISO 27001 certification, ensuring compliance with relevant regulations, and safeguarding our IT assets. You will also play a proactive role in shaping and delivering future security programmes as part of the Global IT Security Team. Key Responsibilities Lead and manage the IT security team, including outsourced SOC/MDR/DFIR providers. Maintain and enhance our ISMS, including policies, procedures, registers, and reports. Ensure compliance with ISO 27001, ISAE 3402 Type II, and NIS2 requirements. Prepare and present regular security reports to senior management. Liaise with external auditors, customers, and vendors as required. Conduct regular security assessments, penetration tests, and risk analyses. Monitor networks and systems for breaches, incidents, and vulnerabilities. Respond to and manage security incidents, including investigation, mitigation, and reporting. Oversee user access controls, identity management, and data protection measures. Lead Business Continuity and Disaster Recovery (BC/DR) planning and testing. Manage and deliver IT security awareness training for staff and end users. Qualifications & Experience Bachelor's degree in Computer Science, Information Security, or related field. Professional certification (CISM, CISSP, or equivalent) required. 7+ years' experience in IT security, with at least 3 years in a leadership or managerial role. Strong knowledge of ISO 27001, ISAE 3402, and related frameworks. Experience with security technologies such as XDR, MDR, EDR, SIEM, NAC, IDS/IPS, and SASE. Proven background in incident response, risk management, and ISMS operation. Essential Skills Demonstrated leadership and team management experience. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to prioritise effectively and perform under pressure. What they Offer An influential leadership role in a global organisation. Opportunity to shape security programmes and strategy at an international level. Competitive salary and benefits package. Professional development and certification support. If you are a proven IT Security leader with the vision, expertise, and drive to safeguard critical systems and data, we would like to hear from you. IT Security Manager Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls, including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong experience in risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g., audit, compliance). Strong stakeholder engagement and influencing skills. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Sep 27, 2025
Full time
Information Security Senior Analyst Location: Surrey (Hybrid) Our client, a large corporate organisation based in Surrey, is seeking an Information Security Senior Analyst with experience of Risk & Controls to join their team. The successful candidate will have proven experience in risk management, controls, and governance frameworks, who can lead initiatives, mentor others, and collaborate effectively across business units. You should be both strategic and hands-on, with a passion for proactive security and continuous improvement. Responsibilities: Lead the InfoSec risk register - Identify, assess, and mitigate information security risks. Own control frameworks - Maintain and improve controls to ensure alignment with standards like NIST CSF and COBIT. Drive assurance - Monitor the effectiveness of security controls, including outcomes of penetration testing and red team exercises. Collaborate with business units - Act as a security advocate and guide cross-functional teams in secure practices. Lead technical initiatives - Provide hands-on leadership and mentor more junior team members. Conduct threat and vulnerability assessments - Take a proactive role in identifying potential security threats. Skills and experience required: Strong experience in risk & controls within the information security, ideally in a regulated industry. Experience in large, complex enterprise environments (e.g., multiple sites, technologies). Hands-on leadership in technical InfoSec initiatives. Strong understanding and implementation of control frameworks (NIST CSF, COBIT). Ability to run threat intelligence and vulnerability assessments. Experience collaborating with 2nd and 3rd line governance teams (e.g., audit, compliance). Strong stakeholder engagement and influencing skills. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
LA International Computer Consultants Ltd
Leamington Spa, Warwickshire
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Sep 26, 2025
Contractor
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Sep 26, 2025
Contractor
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
