Project Recruit
Principal Security Engineer Our client, a leading global supplier for IT services, requires Principal Security Engineer to be based at their client's office in London, UK. This is a hybrid role - you can work remotely in the UK and attend the London office 4 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Senior hands-on secure engineer responsible for secure-by-design and operational security across the programme. Validate every delivery activity from a cyber security perspective - from threat model at requirements capture, through architecture and design approval, build assurance, security testing, live validation, hyper-care, and operational handover to BAU and external assurance. The principal authority on threat modelling, control validation, and security evidence across the CIS Controls v8.1 IG3 scope. Key Responsibilities Operate as senior cyber architect and SME within the programme's structured operating model - actively engaged from requirements capture through to BAU handover, owning Definition-of-Done evidence at every gate. Break down each Master Programme Plan activity into discrete People/Process/Technology tasks viewed through a cyber security lens - define the validation and assurance criteria, embed them as DoD acceptance criteria, and evidence them before status can advance. Requirements: author threat model v1, control intent statement, and compensating controls; validate requirements against current operational baseline and monitoring posture. Architecture (LEAD): author security architecture, safeguard mapping, and trust boundaries; approve the threat model; chair Security Council review of the architecture pack. Design (LEAD): approve detailed security design, evidence template, and telemetry specification; validate operational controls in the design; confirm evidence-capture feasibility before build commences. Build: run periodic build-vs-design reviews, architecture drift checks, and re-approve changes; configure operational controls, prepare security testing, support agent rollout, validate log feeds. Test (LEAD): sign off that the security architecture is proven by test evidence; revalidate the threat model; lead security testing, penetration testing, control validation, and evidence pack creation. Deploy: provide production architecture sign-off; confirm final control mapping in Continuous Control Monitoring (CCM); run live security validation, monitoring tuning, alert calibration, and IR playbook readiness. Hyper-care (LEAD): address security-architecture defects, approve in-warranty changes; lead control monitoring and tuning; produce security evidence and establish Key Risk Indicator (KRI) baselines. Handover: hand architecture over to the Security Council, lodge the final threat model, ensure the CCM tile goes live; transition operational controls to L1 SOC operations with a complete evidence pack to external assurance. Liaise directly with external assurance providers on threat-model defensibility, control effectiveness, and evidence chain across the CIS Controls v8.1 IG3 scope. Chair or jointly chair the Security Council review at the architecture stage gate; participate in TDA decisions at the design stage gate. People: Led security engineering across the programme; senior peer to Security Solution Architects, Cyber Operations, and the MSSP L1 SOC interface. Process: Embedded structured operating-model discipline into every security validation and assurance step; Definition-of-Done evidence at every gate, no exceptions. Technology: Delivered secure-by-design as bui personally signed off every architecture and operational handover, with an audit-traceable evidence chain from threat model to live monitoring Key Requirements Essential Skills: 12+ years cyber engineering and security architecture experience at enterprise scale. 5+ years hands-on security design AND validation - comfortable both as architect (design authority) and as engineer (hands-on implementer). Direct experience with CIS Controls v8.1, NIST CSF, ISO 27001/27002 control frameworks. Threat modelling at scale - proven authorship using STRIDE, MITRE ATT&CK, OWASP - across multiple in-scope controls. Hands-on penetration testing, security testing, and control validation track record. Workflow discipline - operates comfortably within Definition-of-Done, evidence-at-gate frameworks. Exceptional executive-level interactions, presentation, and engagement - proven ability to influence CISO, Security Council, External Assurance, and cross-functional senior stakeholders across Procurement, Architecture, and Technology heads. Retail or large dispersed-estate enterprise experience strongly preferred. CISSP (Certified Information Systems Security Professional) One of: CISM, CISA, CCSP, SABSA Practitioner, or CRISC One penetration-testing certification: OSCP, GIAC GPEN, or CEH (or equivalent demonstrable experience) Tooling & Methodology Proficiency: Hands-on with leading enterprise PM tools - Jira, Azure DevOps, MS Project, or equivalent - and willing to adopt (the programme's tool) on the job at senior architect and SME level. End-to-end Agile delivery - Scrum/Kanban - combined with DevSecOps deep hands-on practice (security gates Embedded in CI/CD). SAFe PI Planning participation as the cyber security representative. Executive-grade MS PowerPoint - Security Council paper authoring, threat-model presentation, design narrative for Programme Board. Advanced dashboards and modelling - one or more of Advanced MS Excel, PowerBI, Python, or Copilot - for KRI baselines, control-effectiveness analytics, and risk reporting. Budgeting awareness - security control cost shaping and total-cost-of-ownership analysis . Desirable Skills: Direct hands-on experience at senior architect/SME level. Practical DevSecOps Foundation or SANS GIAC GCSA. SABSA for Architects. Microsoft Threat Modeling Tool/OWASP Threat Dragon authorship. PowerBI Data Analyst (PL-300) for KRI and risk dashboards. CompTIA CASP+ or PenTest+ GIAC GCIH, GCFA, GCIA, or GREM AWS Security Specialty or Azure Security Engineer/Security Architect Expert BMC Helix Certified Professional (SecOps) ISO 27001 Lead Auditor or Lead Implementer TOGAF 9.2 awareness Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
Principal Security Engineer Our client, a leading global supplier for IT services, requires Principal Security Engineer to be based at their client's office in London, UK. This is a hybrid role - you can work remotely in the UK and attend the London office 4 days per week . This is a 6+ month temporary contract to start ASAP Day rate: Competitive Market rate Senior hands-on secure engineer responsible for secure-by-design and operational security across the programme. Validate every delivery activity from a cyber security perspective - from threat model at requirements capture, through architecture and design approval, build assurance, security testing, live validation, hyper-care, and operational handover to BAU and external assurance. The principal authority on threat modelling, control validation, and security evidence across the CIS Controls v8.1 IG3 scope. Key Responsibilities Operate as senior cyber architect and SME within the programme's structured operating model - actively engaged from requirements capture through to BAU handover, owning Definition-of-Done evidence at every gate. Break down each Master Programme Plan activity into discrete People/Process/Technology tasks viewed through a cyber security lens - define the validation and assurance criteria, embed them as DoD acceptance criteria, and evidence them before status can advance. Requirements: author threat model v1, control intent statement, and compensating controls; validate requirements against current operational baseline and monitoring posture. Architecture (LEAD): author security architecture, safeguard mapping, and trust boundaries; approve the threat model; chair Security Council review of the architecture pack. Design (LEAD): approve detailed security design, evidence template, and telemetry specification; validate operational controls in the design; confirm evidence-capture feasibility before build commences. Build: run periodic build-vs-design reviews, architecture drift checks, and re-approve changes; configure operational controls, prepare security testing, support agent rollout, validate log feeds. Test (LEAD): sign off that the security architecture is proven by test evidence; revalidate the threat model; lead security testing, penetration testing, control validation, and evidence pack creation. Deploy: provide production architecture sign-off; confirm final control mapping in Continuous Control Monitoring (CCM); run live security validation, monitoring tuning, alert calibration, and IR playbook readiness. Hyper-care (LEAD): address security-architecture defects, approve in-warranty changes; lead control monitoring and tuning; produce security evidence and establish Key Risk Indicator (KRI) baselines. Handover: hand architecture over to the Security Council, lodge the final threat model, ensure the CCM tile goes live; transition operational controls to L1 SOC operations with a complete evidence pack to external assurance. Liaise directly with external assurance providers on threat-model defensibility, control effectiveness, and evidence chain across the CIS Controls v8.1 IG3 scope. Chair or jointly chair the Security Council review at the architecture stage gate; participate in TDA decisions at the design stage gate. People: Led security engineering across the programme; senior peer to Security Solution Architects, Cyber Operations, and the MSSP L1 SOC interface. Process: Embedded structured operating-model discipline into every security validation and assurance step; Definition-of-Done evidence at every gate, no exceptions. Technology: Delivered secure-by-design as bui personally signed off every architecture and operational handover, with an audit-traceable evidence chain from threat model to live monitoring Key Requirements Essential Skills: 12+ years cyber engineering and security architecture experience at enterprise scale. 5+ years hands-on security design AND validation - comfortable both as architect (design authority) and as engineer (hands-on implementer). Direct experience with CIS Controls v8.1, NIST CSF, ISO 27001/27002 control frameworks. Threat modelling at scale - proven authorship using STRIDE, MITRE ATT&CK, OWASP - across multiple in-scope controls. Hands-on penetration testing, security testing, and control validation track record. Workflow discipline - operates comfortably within Definition-of-Done, evidence-at-gate frameworks. Exceptional executive-level interactions, presentation, and engagement - proven ability to influence CISO, Security Council, External Assurance, and cross-functional senior stakeholders across Procurement, Architecture, and Technology heads. Retail or large dispersed-estate enterprise experience strongly preferred. CISSP (Certified Information Systems Security Professional) One of: CISM, CISA, CCSP, SABSA Practitioner, or CRISC One penetration-testing certification: OSCP, GIAC GPEN, or CEH (or equivalent demonstrable experience) Tooling & Methodology Proficiency: Hands-on with leading enterprise PM tools - Jira, Azure DevOps, MS Project, or equivalent - and willing to adopt (the programme's tool) on the job at senior architect and SME level. End-to-end Agile delivery - Scrum/Kanban - combined with DevSecOps deep hands-on practice (security gates Embedded in CI/CD). SAFe PI Planning participation as the cyber security representative. Executive-grade MS PowerPoint - Security Council paper authoring, threat-model presentation, design narrative for Programme Board. Advanced dashboards and modelling - one or more of Advanced MS Excel, PowerBI, Python, or Copilot - for KRI baselines, control-effectiveness analytics, and risk reporting. Budgeting awareness - security control cost shaping and total-cost-of-ownership analysis . Desirable Skills: Direct hands-on experience at senior architect/SME level. Practical DevSecOps Foundation or SANS GIAC GCSA. SABSA for Architects. Microsoft Threat Modeling Tool/OWASP Threat Dragon authorship. PowerBI Data Analyst (PL-300) for KRI and risk dashboards. CompTIA CASP+ or PenTest+ GIAC GCIH, GCFA, GCIA, or GREM AWS Security Specialty or Azure Security Engineer/Security Architect Expert BMC Helix Certified Professional (SecOps) ISO 27001 Lead Auditor or Lead Implementer TOGAF 9.2 awareness Due to the volume of applications received, unfortunately we cannot respond to everyone. If you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.
Savant Recruitment
My client is looking for a BMC Helix - Tech Lead or Developer to work on a transformation project. This role requires active Security clearance or eligible to re-activate expired clearance or eligible to get security clearance. Experienced required: 10+ years of experience in IT within the telecom domain across different SDLC phases including design, development, and solution delivery 5+ years of hands-on experience implementing and architecting BMC Helix/BMC Remedy ITSM solutions including Incident, Problem, Change, Request, Knowledge, CMDB, and Discovery Strong prior experience as a BMC Helix Technical Lead/Solution Architect, preferably supporting Tier 1 or Tier 2 telecom service providers Expertise in CMDB architecture, service modelling, data governance, reconciliation, normalization, and integration with OSS/BSS systems Hands-on experience with BMC Helix ITOM, including Event Management, Discovery, Integration Service, and automation workflows Extensive experience designing and developing solutions using Helix Innovation Studio, codeless applications, custom objects, and data models Strong understanding of BMC AR System architecture, workflow customization, forms, filters, escalations, and APIs Hands-on experience with REST/SOAP integrations, webhooks, and building robust data interfaces with telecom IT systems Ensure new business requirements are delivered by maximizing OOTB Helix capabilities, introducing customizations only when necessary Define technical standards, development guidelines, and ensure the team aligns with approved Helix architecture patterns Responsible for the quality, performance, and scalability of BMC Helix solutions delivered by the development team Demonstrated ability to debug and resolve issues across SIT/UAT/Production by analysing AR System logs, API traces, CMDB data, and platform diagnostics Develop automation, utilities, and deployment tools to improve team productivity and delivery efficiency Engage with telecom technology and architecture teams in governance forums to ensure alignment with enterprise technology strategy Hands-on experience working with cloud deployments of BMC Helix (AWS/Azure) and understanding SaaS security and compliance frameworks
My client is looking for a BMC Helix - Tech Lead or Developer to work on a transformation project. This role requires active Security clearance or eligible to re-activate expired clearance or eligible to get security clearance. Experienced required: 10+ years of experience in IT within the telecom domain across different SDLC phases including design, development, and solution delivery 5+ years of hands-on experience implementing and architecting BMC Helix/BMC Remedy ITSM solutions including Incident, Problem, Change, Request, Knowledge, CMDB, and Discovery Strong prior experience as a BMC Helix Technical Lead/Solution Architect, preferably supporting Tier 1 or Tier 2 telecom service providers Expertise in CMDB architecture, service modelling, data governance, reconciliation, normalization, and integration with OSS/BSS systems Hands-on experience with BMC Helix ITOM, including Event Management, Discovery, Integration Service, and automation workflows Extensive experience designing and developing solutions using Helix Innovation Studio, codeless applications, custom objects, and data models Strong understanding of BMC AR System architecture, workflow customization, forms, filters, escalations, and APIs Hands-on experience with REST/SOAP integrations, webhooks, and building robust data interfaces with telecom IT systems Ensure new business requirements are delivered by maximizing OOTB Helix capabilities, introducing customizations only when necessary Define technical standards, development guidelines, and ensure the team aligns with approved Helix architecture patterns Responsible for the quality, performance, and scalability of BMC Helix solutions delivered by the development team Demonstrated ability to debug and resolve issues across SIT/UAT/Production by analysing AR System logs, API traces, CMDB data, and platform diagnostics Develop automation, utilities, and deployment tools to improve team productivity and delivery efficiency Engage with telecom technology and architecture teams in governance forums to ensure alignment with enterprise technology strategy Hands-on experience working with cloud deployments of BMC Helix (AWS/Azure) and understanding SaaS security and compliance frameworks
