Security Designer/Security Architect (SC Cleared) - Remote- 500 - 600 per day Inside IR35 DOE Role Overview We are seeking an experienced SC Cleared Security Design/Security Architect to support the delivery of secure services within a major Home Office programme. The successful candidate will work with solution architects, engineering teams, security stakeholders and delivery managers to ensure security requirements are effectively incorporated into system and service designs. The Security Design/Security Architect will be responsible for producing security designs, undertaking threat modelling activities, assessing security risks, supporting assurance processes and ensuring compliance with wider Government security standards. Key Responsibilities Develop and maintain security design documentation for new and existing services. Produce Security Design Packs, Security Architecture Documents and Security Assurance artefacts. Conduct threat modelling workshops and document security controls. Review solution designs and ensure alignment with security policies and standards. Define security requirements for projects and programmes. Support security assurance, accreditation and governance activities. Identify security risks and recommend proportionate mitigations. Work with delivery teams to embed security throughout the system development life cycle. Support implementation of Secure by Design principles. Review security testing outputs and track remediation activities. Provide security advice to project and technical stakeholders. Contribute to security design reviews and architecture forums. Essential Experience Active SC Clearance. Experience producing security designs and security architecture artefacts. Experience undertaking threat modelling and risk assessments. Knowledge of NCSC guidance and Government security standards. Experience supporting security assurance and accreditation activities. Understanding of cloud security principles (AWS, Azure and/or GCP). Experience working in Agile and DevSecOps delivery environments. Strong stakeholder engagement and documentation skills. Experience working within UK Government Security Designer/Security Architect (SC Cleared) - Remote- 500 - 600 per day Inside IR35 DOE This temporary contract is inside IR35 and will require working under the direction of the client delivery manager as part of a multi-disciplinary team. The successful candidate will follow established delivery processes and working practices This role requires the successful candidate to undergo and be eligible for UK Security Vetting at SC/DV level. Clearance sponsorship will be provided where required. Due to the nature of the work, candidates should meet the relevant residency requirements. If applicable, reserved post nationality restrictions will be confirmed by the client. Damia is committed to inclusive recruitment and welcomes applicants from all backgrounds. Due to the secure nature of the position and working environment, you must have, or be eligible to obtain Security Clearance List of national security vetting clearance levels with guidance on who requires clearance and what checks are completed. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Should the role require the successful candidate to undergo and be eligible for UK Security Vetting. Clearance sponsorship will be provided where required. Due to the nature of the work, candidates should meet the relevant residency requirements. If applicable, Reserved Post nationality restrictions will be confirmed by the client. Damia is committed to inclusive recruitment and welcomes applicants from all backgrounds. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Jun 20, 2026
Contractor
Security Designer/Security Architect (SC Cleared) - Remote- 500 - 600 per day Inside IR35 DOE Role Overview We are seeking an experienced SC Cleared Security Design/Security Architect to support the delivery of secure services within a major Home Office programme. The successful candidate will work with solution architects, engineering teams, security stakeholders and delivery managers to ensure security requirements are effectively incorporated into system and service designs. The Security Design/Security Architect will be responsible for producing security designs, undertaking threat modelling activities, assessing security risks, supporting assurance processes and ensuring compliance with wider Government security standards. Key Responsibilities Develop and maintain security design documentation for new and existing services. Produce Security Design Packs, Security Architecture Documents and Security Assurance artefacts. Conduct threat modelling workshops and document security controls. Review solution designs and ensure alignment with security policies and standards. Define security requirements for projects and programmes. Support security assurance, accreditation and governance activities. Identify security risks and recommend proportionate mitigations. Work with delivery teams to embed security throughout the system development life cycle. Support implementation of Secure by Design principles. Review security testing outputs and track remediation activities. Provide security advice to project and technical stakeholders. Contribute to security design reviews and architecture forums. Essential Experience Active SC Clearance. Experience producing security designs and security architecture artefacts. Experience undertaking threat modelling and risk assessments. Knowledge of NCSC guidance and Government security standards. Experience supporting security assurance and accreditation activities. Understanding of cloud security principles (AWS, Azure and/or GCP). Experience working in Agile and DevSecOps delivery environments. Strong stakeholder engagement and documentation skills. Experience working within UK Government Security Designer/Security Architect (SC Cleared) - Remote- 500 - 600 per day Inside IR35 DOE This temporary contract is inside IR35 and will require working under the direction of the client delivery manager as part of a multi-disciplinary team. The successful candidate will follow established delivery processes and working practices This role requires the successful candidate to undergo and be eligible for UK Security Vetting at SC/DV level. Clearance sponsorship will be provided where required. Due to the nature of the work, candidates should meet the relevant residency requirements. If applicable, reserved post nationality restrictions will be confirmed by the client. Damia is committed to inclusive recruitment and welcomes applicants from all backgrounds. Due to the secure nature of the position and working environment, you must have, or be eligible to obtain Security Clearance List of national security vetting clearance levels with guidance on who requires clearance and what checks are completed. Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Should the role require the successful candidate to undergo and be eligible for UK Security Vetting. Clearance sponsorship will be provided where required. Due to the nature of the work, candidates should meet the relevant residency requirements. If applicable, Reserved Post nationality restrictions will be confirmed by the client. Damia is committed to inclusive recruitment and welcomes applicants from all backgrounds. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Security Assurance Manager Up to £55,000 per annum 2x per month on site - Portsmouth We have a brilliant opportunity to join an industry-leading utility company based in the Southeast. They are going through a period of growth, undergoing multiple digital, and tech transformations. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. We are looking for an Information Security Assurance Manager who will 'fly the flag' for Information Security, providing assurance to the leadership team regarding the design and operating effectiveness of IT security controls within future IT projects and implementation. You will be responsible for reviewing and identifying security control gaps in design documents, providing recommendations for amendments and mitigation. We are looking for: Strong experience of performing threat modelling exercises Experience of reviewing high/low level architecture definition documents for compliance against security policies and standards Knowledge of technology risk and controls including relevant tools and techniques Good understanding and practical experience of Cyber Security Frameworks including NCSC CAF, NIST and ISO 27001 Must have at least 2 years' cyber security experience. Excellent communication skills with the ability to deal with conflicting priorities. In turn, we can offer you: The opportunity to work in a highly skilled team, with exposure to OT technologies. Salary sacrifice pension scheme. 25 days holiday + Bank Holidays. You will need to be eligible for SC Clearance/have an active SC Clearance to be considered for this role. There couldn't be a more exciting time to join this organisation while they take huge steps to decarbonise their network and modernise and innovate like never before. If this sounds of interest, please apply today.
Jun 17, 2026
Full time
Security Assurance Manager Up to £55,000 per annum 2x per month on site - Portsmouth We have a brilliant opportunity to join an industry-leading utility company based in the Southeast. They are going through a period of growth, undergoing multiple digital, and tech transformations. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. We are looking for an Information Security Assurance Manager who will 'fly the flag' for Information Security, providing assurance to the leadership team regarding the design and operating effectiveness of IT security controls within future IT projects and implementation. You will be responsible for reviewing and identifying security control gaps in design documents, providing recommendations for amendments and mitigation. We are looking for: Strong experience of performing threat modelling exercises Experience of reviewing high/low level architecture definition documents for compliance against security policies and standards Knowledge of technology risk and controls including relevant tools and techniques Good understanding and practical experience of Cyber Security Frameworks including NCSC CAF, NIST and ISO 27001 Must have at least 2 years' cyber security experience. Excellent communication skills with the ability to deal with conflicting priorities. In turn, we can offer you: The opportunity to work in a highly skilled team, with exposure to OT technologies. Salary sacrifice pension scheme. 25 days holiday + Bank Holidays. You will need to be eligible for SC Clearance/have an active SC Clearance to be considered for this role. There couldn't be a more exciting time to join this organisation while they take huge steps to decarbonise their network and modernise and innovate like never before. If this sounds of interest, please apply today.
Application Security Engineer Manchester - Hybrid, 3 days a week in the office. Commutable from Stockport, Wigan, Bolton, Rochdale, Bury, Sale, Liverpool, Warrington, and Runcorn. Up to £75,000 + benefits We're partnered exclusively with a Fintech business in Manchester who've been building their own SaaS platform for a decade. It's live, it's scaling, and it's handling sensitive financial data - which means application security really matters here. They're bringing in an Application Security Engineer to take proper ownership of AppSec across the engineering function. This isn't a bolt-on role where you sit at the end of the process flagging issues. You'll be embedded in the development lifecycle from the start - running threat models, helping developers ship securely, reviewing code, and making sure the right tooling is in place. The engineering teams are collaborative and they actually want security involvement. So if you're someone who enjoys working with developers and educating as much as you do finding vulnerabilities, you'll fit right in here. Key skills needed: Strong background in application security, ideally in a SaaS or Fintech environment Experience with SAST, DAST, and SCA tooling - Snyk, Checkmarx, Semgrep, Burp Suite, or similar Threat modelling - comfortable running sessions with engineering and product teams Solid understanding of OWASP Top 10 and how to actually remediate real-world vulnerabilities API security - REST, GraphQL, and the common attack vectors around them Knowledge of secure SDLC and how to embed security into CI/CD pipelines Auth concepts - OAuth, OIDC, JWT, SAML - and where they typically go wrong Able to communicate risk clearly to engineers, product managers, and leadership alike This is a role with real stakes and real scope. If you want more than just writing reports and waiting for developers to fix things, this is the one. Click "APPLY" now to be considered for this role. Application Security Engineer - Manchester - Hybrid - Up to £75,000 + benefits
Jun 17, 2026
Full time
Application Security Engineer Manchester - Hybrid, 3 days a week in the office. Commutable from Stockport, Wigan, Bolton, Rochdale, Bury, Sale, Liverpool, Warrington, and Runcorn. Up to £75,000 + benefits We're partnered exclusively with a Fintech business in Manchester who've been building their own SaaS platform for a decade. It's live, it's scaling, and it's handling sensitive financial data - which means application security really matters here. They're bringing in an Application Security Engineer to take proper ownership of AppSec across the engineering function. This isn't a bolt-on role where you sit at the end of the process flagging issues. You'll be embedded in the development lifecycle from the start - running threat models, helping developers ship securely, reviewing code, and making sure the right tooling is in place. The engineering teams are collaborative and they actually want security involvement. So if you're someone who enjoys working with developers and educating as much as you do finding vulnerabilities, you'll fit right in here. Key skills needed: Strong background in application security, ideally in a SaaS or Fintech environment Experience with SAST, DAST, and SCA tooling - Snyk, Checkmarx, Semgrep, Burp Suite, or similar Threat modelling - comfortable running sessions with engineering and product teams Solid understanding of OWASP Top 10 and how to actually remediate real-world vulnerabilities API security - REST, GraphQL, and the common attack vectors around them Knowledge of secure SDLC and how to embed security into CI/CD pipelines Auth concepts - OAuth, OIDC, JWT, SAML - and where they typically go wrong Able to communicate risk clearly to engineers, product managers, and leadership alike This is a role with real stakes and real scope. If you want more than just writing reports and waiting for developers to fix things, this is the one. Click "APPLY" now to be considered for this role. Application Security Engineer - Manchester - Hybrid - Up to £75,000 + benefits
Risk Manager (SC Cleared) Bristol + Andover (Hybrid) 6 Month Contract £450/day (Outside IR35) Risk Manager needed with active SC Security Clearance . 6 Month Contract split between Bristol and Andover (Hybrid). Start ideally in June/July 2026. Must have Defence / MOD / Government sector experience + knowledge of HMG Treasury Orange Book risk management best practice. Hybrid Working - 3 days/week remote (WFH), and 2 days/week working on-site in Bristol and Andover . Paying up to £450/day (Outside IR35). A chance to work with a leading global IT transformation on a large-scale Government project: Risk Manager within Defence / MOD / Government sector experience, to lead programme wife Risk Management, ensuring alignment with HM Treasury Orange Book principles and MOD governance frameworks. Risk Management Strategy & Planning: developing + implementing Programme Risk Management Strategy and Risk Management Plan, aligned to NAD, MOD, and HMG best practice. Strong knowledge of HM Treasury Orange Book and risk management best practice. Stakeholder Engagement - working as a trusted advisor to Senior Responsible Owners (SROs), Programme Boards, and assurance bodies, enabling risk-informed decision-making, shaping strategic trade-offs, and ensuring both threats and opportunities are actively managed. Demonstrated experience developing Risk Management Strategies and Plans. Hands-on experience with Active Risk Manager (ARM), Predict! or equivalent tools. Experience delivering quantitative risk analysis (QRA), including schedule and/or cost modelling. Strong understanding of commercial, supplier, and multi-vendor risk environments. Ability to influence senior stakeholders and provide independent challenge at Board level. Advantageous: NAD / Defence Digital, Land iSTAR, Digital Transformation, HM Treasury Green Book, Infrastructure & Projects Authority (IPA), GMPP Assurance, Risk Management Certifications (APM Risk, MoR, PMI-RMP).
Jun 17, 2026
Contractor
Risk Manager (SC Cleared) Bristol + Andover (Hybrid) 6 Month Contract £450/day (Outside IR35) Risk Manager needed with active SC Security Clearance . 6 Month Contract split between Bristol and Andover (Hybrid). Start ideally in June/July 2026. Must have Defence / MOD / Government sector experience + knowledge of HMG Treasury Orange Book risk management best practice. Hybrid Working - 3 days/week remote (WFH), and 2 days/week working on-site in Bristol and Andover . Paying up to £450/day (Outside IR35). A chance to work with a leading global IT transformation on a large-scale Government project: Risk Manager within Defence / MOD / Government sector experience, to lead programme wife Risk Management, ensuring alignment with HM Treasury Orange Book principles and MOD governance frameworks. Risk Management Strategy & Planning: developing + implementing Programme Risk Management Strategy and Risk Management Plan, aligned to NAD, MOD, and HMG best practice. Strong knowledge of HM Treasury Orange Book and risk management best practice. Stakeholder Engagement - working as a trusted advisor to Senior Responsible Owners (SROs), Programme Boards, and assurance bodies, enabling risk-informed decision-making, shaping strategic trade-offs, and ensuring both threats and opportunities are actively managed. Demonstrated experience developing Risk Management Strategies and Plans. Hands-on experience with Active Risk Manager (ARM), Predict! or equivalent tools. Experience delivering quantitative risk analysis (QRA), including schedule and/or cost modelling. Strong understanding of commercial, supplier, and multi-vendor risk environments. Ability to influence senior stakeholders and provide independent challenge at Board level. Advantageous: NAD / Defence Digital, Land iSTAR, Digital Transformation, HM Treasury Green Book, Infrastructure & Projects Authority (IPA), GMPP Assurance, Risk Management Certifications (APM Risk, MoR, PMI-RMP).
Security Assurance Manager Up to 55,000 per annum 2x per month on site - Portsmouth We have a brilliant opportunity to join an industry-leading utility company based in the Southeast. They are going through a period of growth, undergoing multiple digital, and tech transformations. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. We are looking for an Information Security Assurance Manager who will 'fly the flag' for Information Security, providing assurance to the leadership team regarding the design and operating effectiveness of IT security controls within future IT projects and implementation. You will be responsible for reviewing and identifying security control gaps in design documents, providing recommendations for amendments and mitigation. We are looking for: Strong experience of performing threat modelling exercises Experience of reviewing high/low level architecture definition documents for compliance against security policies and standards Knowledge of technology risk and controls including relevant tools and techniques Good understanding and practical experience of Cyber Security Frameworks including NCSC CAF, NIST and ISO 27001 Must have at least 2 years' cyber security experience. Excellent communication skills with the ability to deal with conflicting priorities. In turn, we can offer you: The opportunity to work in a highly skilled team, with exposure to OT technologies. Salary sacrifice pension scheme. 25 days holiday + Bank Holidays. You will need to be eligible for SC Clearance/have an active SC Clearance to be considered for this role. There couldn't be a more exciting time to join this organisation while they take huge steps to decarbonise their network and modernise and innovate like never before. If this sounds of interest, please apply today.
Jun 16, 2026
Full time
Security Assurance Manager Up to 55,000 per annum 2x per month on site - Portsmouth We have a brilliant opportunity to join an industry-leading utility company based in the Southeast. They are going through a period of growth, undergoing multiple digital, and tech transformations. As a UK Critical National Infrastructure provider, Information Security is an integral part of their business operation, so this role is critical to the business. We are looking for an Information Security Assurance Manager who will 'fly the flag' for Information Security, providing assurance to the leadership team regarding the design and operating effectiveness of IT security controls within future IT projects and implementation. You will be responsible for reviewing and identifying security control gaps in design documents, providing recommendations for amendments and mitigation. We are looking for: Strong experience of performing threat modelling exercises Experience of reviewing high/low level architecture definition documents for compliance against security policies and standards Knowledge of technology risk and controls including relevant tools and techniques Good understanding and practical experience of Cyber Security Frameworks including NCSC CAF, NIST and ISO 27001 Must have at least 2 years' cyber security experience. Excellent communication skills with the ability to deal with conflicting priorities. In turn, we can offer you: The opportunity to work in a highly skilled team, with exposure to OT technologies. Salary sacrifice pension scheme. 25 days holiday + Bank Holidays. You will need to be eligible for SC Clearance/have an active SC Clearance to be considered for this role. There couldn't be a more exciting time to join this organisation while they take huge steps to decarbonise their network and modernise and innovate like never before. If this sounds of interest, please apply today.
Risk Manager Location: RG7 4PR, Aldermaston. Package: Salary from 49,830 - 78,770 (depending on suitability, qualifications, and experience) Working pattern: AWE operates a 9-day working fortnight. We will consider flexible working requests so that your work may fit in with your lifestyle. Just let us know your preferred working pattern on your application. This is not just another role. This is an opportunity to contribute to one of the most significant, complex and high-impact defence programmes in the UK today. Following the publication of the Defence Nuclear Enterprise Command, AWE has begun work on a sovereign replacement warhead programme known as Astraea. This programme sits at the heart of the UK's national security ensuring a safe, secure, and credible nuclear deterrent for generations to come. Ready to play your part? At AWE, it's not just a job, it's far more than that. we are transforming how we deliver our Mission-Critical Programmes, and our Project, Programme & Portfolio (P3M) function is growing. The Risk Manager will be embedded within a designated Delivery Area, providing dedicated risk, assumptions, dependencies, issues, and opportunities management. The role is central to enabling informed decision-making, protecting delivery confidence and ensuring that threats and opportunities are proactively identified, assessed and managed effectively within the Delivery Area and in line with the programmes governance requirements. As a Risk Manager at AWE, your responsibilities may include: Develop maintain improve Delivery Area risk register aligned to ASTRAEA standards Facilitate risk workshops reviews with technical design manufacturing PMs stakeholders Perform qualitative quantitative risk analysis including scoring modelling Monte Carlo Define assign track mitigation contingency actions ensure accountability escalation Escalate risks breaches cross-area impacts maintain alignment with risk appetite Manage dependencies via ADMA ensure alignment with PMO programme schedule Identify resolve dependency conflicts gaps escalate to Programme Dependency Manager Maintain issues log distinguish risks vs issues drive resolution root cause analysis Identify assess track opportunities promote cost schedule performance improvements Produce RADIO reports dashboards support governance engage stakeholders provide guidance We do need you to have the following: Proven experience in risk and/or programme controls management within a large-scale, complex programme or project environment. Demonstrable knowledge of risk management frameworks, methodologies, and tools. Experience maintaining and managing RADIO or equivalent logs within a structured PMO or delivery environment. Strong analytical skills with the ability to assess complex risk landscapes and present findings clearly. Excellent written and verbal communication skills, with experience producing governance-ready reports and briefings. Ability to build effective working relationships and influence without direct authority. High level of personal integrity and professionalism, with the ability to handle sensitive information appropriately. Whilst not to be considered a tick list, we'd like you to have experience in some of the following: Experience working within a defence, nuclear, or other highly regulated programme environment. Familiarity with quantitative risk analysis techniques and tools ARM and Saffran) Experience working within or alongside a PMO. APM PMQ, APM RPQ, MoR, or equivalent professional qualification. Understanding of the Defence Nuclear Enterprise and associated governance structures. Work hard, be rewarded: We ask a lot and set the bar high because our work truly matters. In return we offer balance, with award winning benefits including: 9-day working fortnight - meaning you get every other Friday off work, in addition to 270 hours of annual leave. Market leading contributory pension scheme (we will pay between 9% and 13% of your pensionable pay depending on your contributions). Family friendly policies: Maternity Leave - 39 Weeks Full Pay and Paternity Leave - 4 Weeks Full Pay. Opportunities for Professional Career Development including funding for annual membership of a relevant professional body. Employee Assistance Programme and Occupational Health Services. Life Assurance (4 x annual salary). Discounts - access to savings on a wide range of everyday spending. Special Leave Policy including paid time off for volunteering, public service (including reserve forces) and caring. The 'Working at AWE' page on our website is where you can find full details in the 'AWE Benefits Guide'.
Jun 16, 2026
Full time
Risk Manager Location: RG7 4PR, Aldermaston. Package: Salary from 49,830 - 78,770 (depending on suitability, qualifications, and experience) Working pattern: AWE operates a 9-day working fortnight. We will consider flexible working requests so that your work may fit in with your lifestyle. Just let us know your preferred working pattern on your application. This is not just another role. This is an opportunity to contribute to one of the most significant, complex and high-impact defence programmes in the UK today. Following the publication of the Defence Nuclear Enterprise Command, AWE has begun work on a sovereign replacement warhead programme known as Astraea. This programme sits at the heart of the UK's national security ensuring a safe, secure, and credible nuclear deterrent for generations to come. Ready to play your part? At AWE, it's not just a job, it's far more than that. we are transforming how we deliver our Mission-Critical Programmes, and our Project, Programme & Portfolio (P3M) function is growing. The Risk Manager will be embedded within a designated Delivery Area, providing dedicated risk, assumptions, dependencies, issues, and opportunities management. The role is central to enabling informed decision-making, protecting delivery confidence and ensuring that threats and opportunities are proactively identified, assessed and managed effectively within the Delivery Area and in line with the programmes governance requirements. As a Risk Manager at AWE, your responsibilities may include: Develop maintain improve Delivery Area risk register aligned to ASTRAEA standards Facilitate risk workshops reviews with technical design manufacturing PMs stakeholders Perform qualitative quantitative risk analysis including scoring modelling Monte Carlo Define assign track mitigation contingency actions ensure accountability escalation Escalate risks breaches cross-area impacts maintain alignment with risk appetite Manage dependencies via ADMA ensure alignment with PMO programme schedule Identify resolve dependency conflicts gaps escalate to Programme Dependency Manager Maintain issues log distinguish risks vs issues drive resolution root cause analysis Identify assess track opportunities promote cost schedule performance improvements Produce RADIO reports dashboards support governance engage stakeholders provide guidance We do need you to have the following: Proven experience in risk and/or programme controls management within a large-scale, complex programme or project environment. Demonstrable knowledge of risk management frameworks, methodologies, and tools. Experience maintaining and managing RADIO or equivalent logs within a structured PMO or delivery environment. Strong analytical skills with the ability to assess complex risk landscapes and present findings clearly. Excellent written and verbal communication skills, with experience producing governance-ready reports and briefings. Ability to build effective working relationships and influence without direct authority. High level of personal integrity and professionalism, with the ability to handle sensitive information appropriately. Whilst not to be considered a tick list, we'd like you to have experience in some of the following: Experience working within a defence, nuclear, or other highly regulated programme environment. Familiarity with quantitative risk analysis techniques and tools ARM and Saffran) Experience working within or alongside a PMO. APM PMQ, APM RPQ, MoR, or equivalent professional qualification. Understanding of the Defence Nuclear Enterprise and associated governance structures. Work hard, be rewarded: We ask a lot and set the bar high because our work truly matters. In return we offer balance, with award winning benefits including: 9-day working fortnight - meaning you get every other Friday off work, in addition to 270 hours of annual leave. Market leading contributory pension scheme (we will pay between 9% and 13% of your pensionable pay depending on your contributions). Family friendly policies: Maternity Leave - 39 Weeks Full Pay and Paternity Leave - 4 Weeks Full Pay. Opportunities for Professional Career Development including funding for annual membership of a relevant professional body. Employee Assistance Programme and Occupational Health Services. Life Assurance (4 x annual salary). Discounts - access to savings on a wide range of everyday spending. Special Leave Policy including paid time off for volunteering, public service (including reserve forces) and caring. The 'Working at AWE' page on our website is where you can find full details in the 'AWE Benefits Guide'.
Application Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Application Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role You will own security across the software development lifecycle, embedding automated security testing into CI/CD pipelines and enabling development teams to ship secure code quickly. This role works closely with UK and France engineering teams. As an experienced Application Security Engineer, your working day will include but not be limited to: DevSecOps & Pipeline Security Implement and maintain security testing in GitLab CI pipelines Configure and tune SAST, DAST, dependency scanning, and secrets detection Build automated security gates that balance rigour with delivery velocity Enable self-serve security tooling for development teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch and track application vulnerabilities through to remediation Manage dependency vulnerabilities and upgrade cycles Report on application security posture to senior leadership Risk & Compliance Embed GDPR and healthcare regulatory requirements into development processes Support DCB0129 clinical safety compliance for software changes Support customer security due diligence and audits Support ISO27001:2022 ISMS controls and audit process Key Skills and Experience Essential: 3+ years in application security, DevSecOps, and secure software development Hands-on experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able to translate security requirements for developers Desirable: Development background with security focus Familiarity with SIEM platforms (Snowbit, Splunk, Sentinel) Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture. What we offer A full induction training programme, which will be undertaken via Microsoft Teams. An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic. 25 days leave. Bank Holidays and your birthday off as leave. Regular 1-2-1s with your line Manager. 24/7 on-call staff support. Auto-enrolment pension scheme. Health Scheme and access to our Employee Assistance Programme. Life Insurance Scheme. Apply If you are interested in making a difference and believe this role is a good fit for you, we would love to hear from you. If you have any questions, please contact our Recruitment Team at Hybrid: London or Bristol (There is a requirement to work in the office for a minimum of two days per week) Closing date for applications: Friday 29 May (5pm) Additional information We reserve the right to close this job in the event we receive a sufficient number of applications. Please note that we are unfortunately unable to offer a sponsor licence to candidates who require sponsorship from their employer.
Jun 13, 2026
Full time
Application Security Engineer (London or Bristol) We are HealthHero, Europe's largest digital clinic. Join us at a pivotal moment as we scale our digital healthcare platform across Europe - giving you the chance to shape security at the heart of a fast-growing, AI-driven business. We are recruiting an exciting Application Security Engineer on an initial 12 month fixed term contract, with a view to becoming permanent - based in either our London or Bristol office two days per week. About the role You will own security across the software development lifecycle, embedding automated security testing into CI/CD pipelines and enabling development teams to ship secure code quickly. This role works closely with UK and France engineering teams. As an experienced Application Security Engineer, your working day will include but not be limited to: DevSecOps & Pipeline Security Implement and maintain security testing in GitLab CI pipelines Configure and tune SAST, DAST, dependency scanning, and secrets detection Build automated security gates that balance rigour with delivery velocity Enable self-serve security tooling for development teams Contribute code and patches to security tooling and configurations Secure Development Define and enforce secure coding standards Conduct security-focused code reviews and threat modelling for new features Provide remediation guidance for application vulnerabilities Train and support developers on secure coding practices Vulnerability Management Triage, patch and track application vulnerabilities through to remediation Manage dependency vulnerabilities and upgrade cycles Report on application security posture to senior leadership Risk & Compliance Embed GDPR and healthcare regulatory requirements into development processes Support DCB0129 clinical safety compliance for software changes Support customer security due diligence and audits Support ISO27001:2022 ISMS controls and audit process Key Skills and Experience Essential: 3+ years in application security, DevSecOps, and secure software development Hands-on experience with CI/CD security integration (GitLab CI or similar) Familiarity with SAST/DAST tooling and dependency scanning Understanding of common vulnerabilities (OWASP Top 10) and remediation Previous experience working as a back end or full stack developer Knowledge of GDPR and data protection legislation Strong communicator; able to translate security requirements for developers Desirable: Development background with security focus Familiarity with SIEM platforms (Snowbit, Splunk, Sentinel) Experience with CSPM tooling (Wiz, Prisma Cloud, or similar) Penetration testing or bug bounty experience Experience in regulated environments (healthcare, financial services) Familiarity with threat modelling frameworks (STRIDE, PASTA) About us We exist to simplify healthcare and improve lives by making care feel instant, intelligent and human. HealthHero is Europe's largest digital health provider , delivering 4 million consultations per year. But we're just getting started. We've built a seamless digital clinic that brings body and mind together - from GP appointments and mental health support to long-term condition management. By sitting behind the world's leading insurers and employers and supporting public health systems, we make it easier for millions of people to get the care they need, exactly when they need it. We are a high-growth, capital-backed business with a sophisticated scale strategy. Our team is a unique blend of those with strong digital experience, management consultants, creatives and industry-leading clinical experts. We aren't just digitising appointments; we're building the next generation of healthcare. We're creating an AI-powered, always-on ecosystem that learns from every interaction to shift the needle from reactive treatment to proactive, sustainable health. At HealthHero, we are digital when it should be and human where it counts. Join us, and help build a next generation health system the world is waiting for. We're proud to be recognised as a which reflects our commitment to creating a supportive and engaging culture. We have also been featured as the fastest growing digital healthcare company of scale in the first Sunday Times 100 Tech list. This recognition shows our impact in the digital health sector and our dedication to innovation and excellence. Committed to achieving excellence in the delivery of person-centred care, we invest in people, resources and technology to continuously improve the quality of its services and organisational culture. What we offer A full induction training programme, which will be undertaken via Microsoft Teams. An opportunity to work as part of an experienced team who are passionate in their field, supportive, diverse and dynamic. 25 days leave. Bank Holidays and your birthday off as leave. Regular 1-2-1s with your line Manager. 24/7 on-call staff support. Auto-enrolment pension scheme. Health Scheme and access to our Employee Assistance Programme. Life Insurance Scheme. Apply If you are interested in making a difference and believe this role is a good fit for you, we would love to hear from you. If you have any questions, please contact our Recruitment Team at Hybrid: London or Bristol (There is a requirement to work in the office for a minimum of two days per week) Closing date for applications: Friday 29 May (5pm) Additional information We reserve the right to close this job in the event we receive a sufficient number of applications. Please note that we are unfortunately unable to offer a sponsor licence to candidates who require sponsorship from their employer.
Role Overview A leading biotech organization is transforming its approach to early-stage drug discovery by embracing computational methods to accelerate innovation. They're seeking a strategic, technically fluent Product Manager to lead the development of in silico tools that predict molecular structures and protein interactions-replacing slow, costly lab-based experimentation with scalable digital-first solutions. This role sits at the intersection of science, technology, and product strategy. You'll drive initiatives that integrate AI, machine learning, and high-throughput modelling to reshape how promising compounds are identified-delivering faster cycles, reduced R&D costs, and greater agility in responding to emerging health threats. Key Responsibilities Define and own the product vision for the computational drug discovery platform Collaborate with cross-functional teams (Tech, R&D, Science & Lab) across the US, UK, Germany, and India to align on goals and execution Translate scientific challenges into scalable product solutions using AI, ML, and simulation tools Prioritize features and roadmap based on impact, feasibility, and strategic alignment Champion a product-led mindset across scientific and technical domains Ensure seamless communication between technical teams and scientific stakeholders Monitor performance, adoption, and scientific outcomes to iterate and improve What You'll Bring Proven experience in Product Management, ideally in biotech, pharma, or health tech Ability to communicate fluently with both technical engineers and scientific researchers Strategic mindset with a bias for action and experimentation Location Hook, UK Rate/Salary .00 GBP Daily Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Oct 08, 2025
Contractor
Role Overview A leading biotech organization is transforming its approach to early-stage drug discovery by embracing computational methods to accelerate innovation. They're seeking a strategic, technically fluent Product Manager to lead the development of in silico tools that predict molecular structures and protein interactions-replacing slow, costly lab-based experimentation with scalable digital-first solutions. This role sits at the intersection of science, technology, and product strategy. You'll drive initiatives that integrate AI, machine learning, and high-throughput modelling to reshape how promising compounds are identified-delivering faster cycles, reduced R&D costs, and greater agility in responding to emerging health threats. Key Responsibilities Define and own the product vision for the computational drug discovery platform Collaborate with cross-functional teams (Tech, R&D, Science & Lab) across the US, UK, Germany, and India to align on goals and execution Translate scientific challenges into scalable product solutions using AI, ML, and simulation tools Prioritize features and roadmap based on impact, feasibility, and strategic alignment Champion a product-led mindset across scientific and technical domains Ensure seamless communication between technical teams and scientific stakeholders Monitor performance, adoption, and scientific outcomes to iterate and improve What You'll Bring Proven experience in Product Management, ideally in biotech, pharma, or health tech Ability to communicate fluently with both technical engineers and scientific researchers Strategic mindset with a bias for action and experimentation Location Hook, UK Rate/Salary .00 GBP Daily Trading as TEKsystems. Allegis Group Limited, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at our website. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go our website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice on our website for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Cloud Architect - MOD DV - Perm Location: Corsham, 4 days on-site Clearance: Active MOD DV - Must have DV in place, no scope for sponsorship Salary : £80,000 - £95,000 + Benefits An exciting opportunity has opened up to join one of Google Cloud's primary technical partners, as they push on with a new programme of work in the UK Defence sector, utilising cutting edge Cloud technologies. The role suits a Cloud Architect with a defence background that has an interest in utilising their AWS/Azure experience and up-skilling with GCP certifications and a training programme. As well as applying any existing GCP experience. About the role As a Cloud Architect you will be responsible for designing and advising on secure cloud architectures within Google Cloud Platform (GCP), ensuring compliance with UK and international standards. You will work with clients across sectors to assess risks, implement robust security controls, and guide secure cloud adoption strategies. This role requires a strong understanding of cloud-native security, regulatory frameworks, and the ability to translate technical risks into business impact. Part of this role, you will be required to obtain GCP certification. What You'll Do: Design and implement secure architectures, incorporating identity, access management, encryption, and network security. Conduct cloud security assessments and gap analyses for UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incident response planning and cloud-specific disaster recovery strategies. Stay up to date with GCP security features, UK regulatory changes, and emerging threats. Requirements What You'll Bring Essential Skills & Experience: Experience in cloud security. Strong knowledge of: Security services (IAM, Cloud KMS, VPC Service Controls, etc.) UK data protection and compliance frameworks (GDPR, ICO guidance) Identity federation, SSO, and role-based access control Network segmentation and firewall configuration in cloud environments. Logging, monitoring, and SIEM integration (e.g. Splunk, Chronicle) Experience with Infrastructure as Code (Terraform, Deployment Manager). Desirable: Google Cloud Professional Cloud Security Engineer certification. Experience with UK public sector or regulated industries (e.g. finance, healthcare). Familiarity with container security (GKE, Kubernetes RBAC, image scanning). Proficiency in scripting (Python, Bash) for automation and tooling. Experience with incident response in cloud-native environments. Previous consultancy experience within UK public sector organisations. If you're interested in the above, reach out to or apply Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Oct 07, 2025
Full time
Cloud Architect - MOD DV - Perm Location: Corsham, 4 days on-site Clearance: Active MOD DV - Must have DV in place, no scope for sponsorship Salary : £80,000 - £95,000 + Benefits An exciting opportunity has opened up to join one of Google Cloud's primary technical partners, as they push on with a new programme of work in the UK Defence sector, utilising cutting edge Cloud technologies. The role suits a Cloud Architect with a defence background that has an interest in utilising their AWS/Azure experience and up-skilling with GCP certifications and a training programme. As well as applying any existing GCP experience. About the role As a Cloud Architect you will be responsible for designing and advising on secure cloud architectures within Google Cloud Platform (GCP), ensuring compliance with UK and international standards. You will work with clients across sectors to assess risks, implement robust security controls, and guide secure cloud adoption strategies. This role requires a strong understanding of cloud-native security, regulatory frameworks, and the ability to translate technical risks into business impact. Part of this role, you will be required to obtain GCP certification. What You'll Do: Design and implement secure architectures, incorporating identity, access management, encryption, and network security. Conduct cloud security assessments and gap analyses for UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools such as Google SecOps tooling, Security Command Center, Cloud Armour, and VPC Service Controls. Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines. Support incident response planning and cloud-specific disaster recovery strategies. Stay up to date with GCP security features, UK regulatory changes, and emerging threats. Requirements What You'll Bring Essential Skills & Experience: Experience in cloud security. Strong knowledge of: Security services (IAM, Cloud KMS, VPC Service Controls, etc.) UK data protection and compliance frameworks (GDPR, ICO guidance) Identity federation, SSO, and role-based access control Network segmentation and firewall configuration in cloud environments. Logging, monitoring, and SIEM integration (e.g. Splunk, Chronicle) Experience with Infrastructure as Code (Terraform, Deployment Manager). Desirable: Google Cloud Professional Cloud Security Engineer certification. Experience with UK public sector or regulated industries (e.g. finance, healthcare). Familiarity with container security (GKE, Kubernetes RBAC, image scanning). Proficiency in scripting (Python, Bash) for automation and tooling. Experience with incident response in cloud-native environments. Previous consultancy experience within UK public sector organisations. If you're interested in the above, reach out to or apply Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients. If you need any help or adjustments during the recruitment process for any reason , please let us know when you apply or talk to the recruiters directly so we can support you.
Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Do you have experience in Security Infrastructure? Do you have experience in Secure by Design? Do you want to work with an industry-leading company? If your answers are yes to these, then this could be the role for you! As the Product Security Architect, you will be working alongside a market-leading Defence and Aerospace company who are constantly growing and developing. They are always looking to bring on new talents such as yourself and further develop your skills to enable you to grow within the company and industry! Some of what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks. Collaborate with the product development teams to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Oct 07, 2025
Full time
Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Do you have experience in Security Infrastructure? Do you have experience in Secure by Design? Do you want to work with an industry-leading company? If your answers are yes to these, then this could be the role for you! As the Product Security Architect, you will be working alongside a market-leading Defence and Aerospace company who are constantly growing and developing. They are always looking to bring on new talents such as yourself and further develop your skills to enable you to grow within the company and industry! Some of what you will be involved in: Identify security requirements and ensure the integration of security controls during the product development lifecycle Develop and implement risk management strategies Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified Collaborate with the development teams to ensure the adoption of Secure by Design principles Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks. Collaborate with the product development teams to integrate security best practices ensuring Secure by Design Identify and mitigate security vulnerabilities and risks in products Develop and maintain security guidelines, documentation, and training materials Participate in incident response and remediation efforts for security breaches affecting products Your skillset may include: Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Oct 06, 2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
Oct 06, 2025
Full time
Ideas People Trust We're BDO. An accountancy and business advisory firm, providing the advice and solutions entrepreneurial organisations need to navigate today's changing world. We work with the companies that are Britain's economic engine - ambitious, entrepreneurially-spirited and high growth businesses that fuel the economy - and directly advise the owners and management teams that lead them. We'll broaden your horizons To ensure our services and applications are fit for the modern market, our IT team collaborates with every department. They develop, they explore and they implement the new ideas helping us to change the future of accounting, tax and business consulting. But, just as importantly, they maintain the tech that keeps us advancing. By testing and adopting the future of financial technical solutions, they find new and exciting ways to drive us forward. And you could too. In an IT role at BDO, you'll become part of a team that act as the backbone for our business. No matter who you are or what your skillset is, we'll give you the training and support you need to achieve whatever you put your mind to. We'll help you succeed Leading organisations trust us because of the quality of our advice. That quality grows from a thorough understanding of their business, and that understanding comes from working closely with them and building long-lasting relationships. You'll be someone who is both comfortable working proactively and managing your own tasks, as well as confident collaborating with others and communicating regularly with senior managers, directors, and BDO's partners to help businesses effectively. You'll be encouraged to identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role, you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Develop and maintain security documentation and training materials Develop and implement the product security strategy in alignment with organisational goals Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Define security NFR's and ensure these are met Report on compliance with security standards You'll be someone with: Strong experience in software development and security Proficient in scripting languages such as Powershell, YAML, JASON, etc. Collaborate with development teams to integrate security best practices into the secure software development lifecycle (SDLC) and ensure products are built securely Oversee vulnerability management and remediation efforts, including leading responses to pen test findings and security assessments Experience conducting risk assessments and threat modelling for software development and advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience with Azure DevOps, particularly CI/CD and backlog management Prepare and present regular security reports to senior management, ensuring compliance with security standards and regulations Expertise with security tools and familiarity with DevSecOps processes Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field (preferable) You'll be able to be yourself; we'll recognise and value you for who you are and celebrate and reward your contributions to the business. We're committed to agile working, and we offer every colleague the opportunity to work in ways that suit you, your teams, and the task at hand. At BDO, we'll help you achieve your personal goals and career ambitions, and we have programmes, resources, and frameworks that provide clarity and structure around career development. We're in it together Mutual support and respect is one of BDO's core values and we're proud of our distinctive, people-centred culture. From informal success conversations to formal mentoring and coaching, we'll support you at every stage in your career, whatever your personal and professional needs. Our agile working framework helps us stay connected, bringing teams together where and when it counts so they can share ideas and help one another. At BDO, you'll always have access to the people and resources you need to do your best work. We know that collaboration is the key to creating value for the companies we work with and satisfying experiences for our colleagues, so we've invested in state-of-the-art collaboration spaces in our offices. BDO's people represent a wealth of knowledge and expertise, and we'll encourage you to build your network, work alongside others, and share your skills and experiences. With a range of multidisciplinary events and dedicated resources, you'll never stop learning at BDO. We're looking forward to the future At BDO, we help entrepreneurial businesses to succeed, fuelling the UK economy. Our success is powered by our people, which is why we're always finding new ways to invest in you. Across the UK thousands of unique minds continue to come together to help companies we work with to achieve their ambitions We've got a clear purpose, and we're confident in our future, because we're adapting and evolving to build on our strengths, ensuring we continue to find the right combination of global reach, integrity and expertise. We shape the future together with openness and clarity, because we believe in empowering people to think creatively about how we can do things better.
LA International Computer Consultants Ltd
Leamington Spa, Warwickshire
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
Sep 26, 2025
Contractor
SOC Manager 6 Month contract initially Based: Hybrid/Leamington & Gaydon - Hybrid as per business need Rate: £Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a SOC Manager to join the team. As SOC Manager you will: * Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators * Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible * Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team * Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences * Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. * Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Key Responsibilities: * Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations * POC for SOC engineering team, threat intelligence analyst and Threat exposure management * Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques * Act as the lead coordinator to individual information security incidents * Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. * Document incidents from initial detection through final resolution * Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring * Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. * Act as focal point for any investigations involving security; to prepare reports and note follow up action * Participate in the role of Incident Manager during any incidents and emergencies * Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date * Coordinate with IT teams on escalations, tracking, performance issues, and outages Key skills & experience: * Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR * Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar * In-depth familiarity with security policies based on industry standards and best practices * Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) * Experience in Log source integration and in Developing new correlation rules & Parser writing * Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance * Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience * Solid understanding of information technology and information security required * Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) * Ability to work well under pressure with differing levels of Management This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Sep 26, 2025
Contractor
SOC Manager Whitehall Resources are looking for a SOC Manager. This role is hybrid working with 2-3 days per week onsite in Warwickshire, and the remainder remote working, for an initial 6-month contract. *Inside IR35* Job Description: Establish goals and priorities by working closely with your team to identify the most critical focus areas. These include: Improving incident response times Reducing false positives and other extraneous alerts Enhancing threat detection capabilities Oversee your staff's activities and ensure they focus on the right priorities Oversee SOC activities by reviewing your team's performance metrics, incident reports and other key indicators Lead incident response efforts when a security incident occurs, the SOC team has to respond as quickly as possible Lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Analyse incident reports to understand your organization's security posture by reviewing incident reports, SOC managers identify patterns and trends that may indicate weaknesses or vulnerabilities in their security defences Serve as the point of contact (POC) for security incidents within the company. You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies. Be responsible for conducting information security investigations as a result of security incidents. These are previously identified by the Level 2 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone) End to end security incident management. You will play a key role in providing the highest level of technical expertise and handling the most complex security incidents. Report to the Customer about security operations. This means that you must keep the CISO and Head of security operations informed about everything that's happening in the operations centre. You can do this by preparing clear and concise reports that highlight key findings, and recommendations about the operations. Your reports will help the customer make informed decisions about security investments and strategies that align with the company's goals. Your responsibilities: Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations POC for SOC engineering team, threat intelligence analyst and Threat exposure management Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques Act as the lead coordinator to individual information security incidents Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre. Document incidents from initial detection through final resolution Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. Act as focal point for any investigations involving security; to prepare reports and note follow up action Participate in the role of Incident Manager during any incidents and emergencies Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date Coordinate with IT teams on escalations, tracking, performance issues, and outages Essential skills and experience: Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., Firewall, IDS, etc.) Experience in Log source integration and in Developing new correlation rules & Parser writing Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience Solid understanding of information technology and information security required Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives) Ability to work well under pressure with differing levels of Management Desirable skills and experience: Experience of Agile ways of working. All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
