Penetration testing jobs in United Kingdom

Sheer Jobs Limited is recruiting on behalf of a local authority client for a Senior Cyber Security Engineer to play a critical role in strengthening and optimising their cyber security function. This position is key to maximising the effectiveness of a newly implemented outsourced SOC (NCC Group), leveraging Splunk and CrowdStrike. You will provide senior-level technical expertise to enhance security operations, improve threat detection, and upskill the internal team. Key Responsibilities • Lead CrowdStrike Falcon deployment, configuration, and optimisation, • Design and enhance Splunk SIEM dashboards, alerts, and data models, • Act as an escalation point for major cyber incidents, • Develop SOAR automation workflows to improve response times, • Conduct proactive threat hunting using advanced queries, • Work closely with SOC partner to optimise security operations, • Provide training and knowledge transfer to internal teams Mandatory Requirements (Must Have), • 5+ years’ experience in Cyber Security Engineering or SOC Tier 3 environments, • Strong hands-on expertise in CrowdStrike Falcon (Prevent, Insight, Discover), • Advanced Splunk experience – including SPL and Splunk Enterprise Security (ES), • Splunk Certified Cybersecurity Defence Engineer (MANDATORY), • Strong understanding of:, • Network security & protocols, • Cloud security (AWS/Azure), • MITRE ATT&CK frameworkDesirable Experience, • Vulnerability Assessment tools (2+ years preferred), • Exposure to Penetration Testing / Web Application Testing, • Experience developing security policies and standardsCertifications (Highly Desirable), • CrowdStrike Certifications (CCFA / CCFR / CCSE – ideally 2+), • Cyber Security Certifications:, • CompTIA Security+, CySA+, GSEC, • CISSP, GCIH, GCIA, CCSPWhy Apply?, • Work on a high-impact cyber transformation programme, • Engage with cutting-edge tools (CrowdStrike & Splunk), • Opportunity to shape and optimise a live SOC environment

PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance.Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: • You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures., • The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions., • You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non-technical stakeholders., • The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks., • You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report., • Continuous improvement is a core responsibility. You will conduct post-incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required., • The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices., • You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset., • Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management., • Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies., • Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports., • Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Are you looking for a Security role within a dynamic, innovative financial technology organisation? If so, we are recruiting for a Cyber Security Engineer to join our Cyber Security team! The Role Working alongside the team you will help to design, develop, and mature the companys cyber security capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer assets. Responsibilities include • Work with technology and business teams to deliver security processes, technologies and controls, acting as the authority on security related queries., • Define, design, implement, and maintain security solutions appropriate to the business needs., • Support the definition, execution and continuous improvement of key cyber security processes including vulnerability & patch management, security incident response, security monitoring, endpoint security, identity and access management, network security, and cryptography., • Assist with developing and maintaining security policies, processes and incident response management plans and playbooks., • Prepare and document standard operating procedures and protocols., • Provide expertise on security requirements into core technology processes like asset management, change management, third-party management, technology development & acquisition, configuration management, etc., • Minimum of 2 years experience in a Security Engineer/Analyst, role focusing on designing and implementing security solutions and managing security infrastructure., • Previous experience working within a financial services environment and a working understanding of relevant regulations., • Experience and in-depth technical knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.), • Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying protocol/packet analysis/manipulation tools., • Understanding of key operating systems and network appliances and the ability to assess their security posture based on their configuration/deployment., • Experience of working effectively with a variety of stakeholders from different technology and business teams., • Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM)., • Strong knowledge of Operating System security and system hardening concepts such as CIS Benchmarks., • Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. We offer a competitive remuneration package, including company discretionary bonus, excellent pension contributions, an attractive staff share scheme, BUPA health insurance, buying and selling of annual leave and sponsorship of relevant professional qualifications. The role is based in our central London office, working a minimum of two days a week in the office and three days a week from home. About Us Transact is a leading UK investment wrap platform for financial advisers and their clients. Our culture is collaborative, inclusive and open-minded. We work hard to continually challenge the way we do things to maintain our market leading status. As a customer-centric and client focused business, we put our clients, like Mrs Miggins, at the heart of everything we do. Our platform enables clients and their advisers to manage their financial portfolio in one single online place, and is supported by unrivalled personal service. Our goal is to make all aspects of portfolio management as easy and efficient as possible for everyone involved, through the features we develop, our integrations with other systems, and the support we provide. Our purpose: We enable the Miggins family and their adviser to hold their investments on a single platform across wrappers. We provide custody, tax wrapping, trading and reporting.

Robert Half have partnered with an insurtech organisation based in London who are looking to engage an experienced Application Tester to support testing across thier internal legacy .NET application. This is an initial 3-month contract focused on maintaining quality and stability across existing systems during ongoing change and maintenance activity. Responsibilities: • Manual testing of legacy .NET applications, • Creation and execution of test cases, test scenarios, and test scripts, • Functional, regression, and UAT testing, • Identification, logging, and tracking of defects through to resolution, • Working closely with developers and wider stakeholders to clarify requirements, • Supporting release cycles and ensuring applications meet agreed quality standards, • Maintaining clear and accurate test documentationSkills:, • Proven experience working as an Application Tester / Software Tester, • Strong hands-on experience testing legacy .NET applications, • Solid understanding of the software development lifecycle and testing methodologies, • Experience using defect tracking and test management tools, • Experience identifying and validating application vulnerabilities within legacy systems, • Supporting vulnerability assessments and working with development teams to verify findings, • Tracking, retesting, and validating remediation activities to ensure issues are fully resolved, • Collaborating with security and engineering teams to prioritise risk-based fixes, • Experience supporting or coordinating penetration testing activities (internal or third-party), • Strong attention to detail and analytical skills, • Comfortable working within established, mature application environments, • Experience working within insurance or insurtech environments (desirable but not essential), • Exposure to enterprise-scale or complex systems, • Some experience or awareness of test automation toolsContract:, • Initial 3-month contract with potential to extend, • London-based assignment with hybrid working flexibility Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data:

Senior Cyber Security Engineer (Contract)Hybrid | 6-Month Contract | Start: ASAP Day Rate: 500p/d inside The Opportunity We're looking for a Senior Cyber Security Engineer to join a forward-thinking public sector environment at a critical point in its cyber maturity journey. With a newly implemented outsourced Security Operations Centre (SOC) powered by Splunk and CrowdStrike, this role is key to maximising both investment and capability. You'll act as the senior technical lead-optimising tooling, strengthening detection and response, and upskilling the internal team. This is a hands-on, high-impact role suited to someone who can hit the ground running and elevate an evolving security function. Key Responsibilities • Endpoint Security Leadership: Own deployment, configuration, and optimisation of CrowdStrike Falcon, • SIEM Optimisation: Partner with the SOC to enhance Splunk dashboards, alerts, and data models, • Incident Response: Act as escalation point for high-priority incidents, driving rapid containment, • Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry, • Automation (SOAR): Build workflows to streamline response and reduce manual effort, • Capability Building: Upskill internal teams across CrowdStrike, Splunk, and security analysis Required Experience • 5+ years in Cyber Security Engineering or SOC (Tier 3 level), • Deep hands-on experience with CrowdStrike Falcon (Prevent, Insight, Discover), • Strong Splunk expertise, including SPL and Enterprise Security (ES), • Solid understanding of:, • Network protocols, • Cloud security (AWS/Azure), • Vulnerability Assessment tools, • Penetration Testing / Web Application Testing exposure, • Security policy and standards development Certifications (Desirable) Cyber Security: • CompTIA Security+, Network+, CySA+, GSEC, • CCFA (Falcon Administrator), • CCFR (Falcon Responder), • Splunk Certified Cybersecurity Defense Engineer (preferred) Why Apply? • Shape and optimise a modern SOC capability, • Work with best-in-class tools (CrowdStrike & Splunk), • High-impact role with visibility across the organisation, • Opportunity to leave a lasting legacy through capability uplift and knowledge transfer If you're a senior cyber specialist who thrives in hands-on, technically challenging environments and enjoys building capability as well as solving problems, this is worth a conversation Eden Brown Synergy is an equal opportunities employer. Eden Brown Limited is a limited company registered in England and Wales with registered number 3643845. Our registered address is 5th floor 4 Coleman Street, London, EC2R 5AR, part of nGAGE Specialist Recruitment Limited T/A nGAGE Talent. Please consider the environment before printing this e-mail. This message is intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to us, and immediately and permanently delete it. Do not use, copy or disclose the information contained in this message or in any attachment. We take reasonable precautions to ensure no viruses are present in this email but cannot accept responsibility for any loss or damage sustained as a result of computer viruses and the recipient must ensure that the email (and attachments) are virus free.

Robert Half have partnered with an insurtech organisation based in London who are looking to engage an experienced Application Tester to support testing across thier internal legacy .NET application. This is an initial 3-month contract focused on maintaining quality and stability across existing systems during ongoing change and maintenance activity. Responsibilities: • Manual testing of legacy .NET applications, • Creation and execution of test cases, test scenarios, and test scripts, • Functional, regression, and UAT testing, • Identification, logging, and tracking of defects through to resolution, • Working closely with developers and wider stakeholders to clarify requirements, • Supporting release cycles and ensuring applications meet agreed quality standards, • Maintaining clear and accurate test documentationSkills:, • Proven experience working as an Application Tester / Software Tester, • Strong hands-on experience testing legacy .NET applications, • Solid understanding of the software development lifecycle and testing methodologies, • Experience using defect tracking and test management tools, • Experience identifying and validating application vulnerabilities within legacy systems, • Supporting vulnerability assessments and working with development teams to verify findings, • Tracking, retesting, and validating remediation activities to ensure issues are fully resolved, • Collaborating with security and engineering teams to prioritise risk-based fixes, • Experience supporting or coordinating penetration testing activities (internal or third-party), • Strong attention to detail and analytical skills, • Comfortable working within established, mature application environments, • Experience working within insurance or insurtech environments (desirable but not essential), • Exposure to enterprise-scale or complex systems, • Some experience or awareness of test automation toolsContract:, • Initial 3-month contract with potential to extend, • London-based assignment with hybrid working flexibility Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data:

A Council in London is seeking a Contract Senior Cybersecurity Engineer for 6 months. With the strategic deployment of an outsourced Security Operations Center (SOC) that leverages Splunk and CrowdStrike, the Senior Cyber Security Engineer role is a key addition to our team to maximise the timeline and investment. The ideal candidate will be a technical expert in CrowdStrike for endpoint protection and Splunk for security telemetry, capable of turning raw data into actionable intelligence. Key Responsibilities • Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of the CrowdStrike Falcon, • SIEM Mastery: Work with our SOC partner to architect and optimize Splunk dashboards, alerts, and data models to identify sophisticated threats., • Incident Response: Serve as a technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment., • Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times., • Threat Hunting: Proactively search for undetected malicious activity using specialized queries., • Experience: 5+ years in a dedicated Cyber Security Engineering or SOC Tier 3 role., • CrowdStrike Expert: Deep hands-on experience with Falcon Prevent, Insight, and Discover. Certification (CCFA/CCFR) is a major plus., • Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES)., • Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK, • Vulnerability Assessment: 2+ years using VA tools would be a bonus, • Penetration Testing: Exposure to Penetration Testing and Web Application Testing.

We’re seeking a highly capable Senior Cyber Security Engineer to join our client at a pivotal stage of our security evolution. Following the implementation of an outsourced Security Operations Centre (SOC) this role will play a key part in strengthening our clients security posture and maximising the value of security tooling. You will act as the technical lead between the SOC and internal teams, transforming security data into actionable intelligence, optimising platforms, leading incident response, and mentoring the wider security function. Key Responsibilities • Lead and manage the deployment, configuration, and optimisation of CrowdStrike Falcon, • Collaborate closely with NCC Group to enhance Splunk dashboards, alerts, and detections, • Act as the technical escalation point for high-severity security incidents, • Develop automation and SOAR workflows to improve response effectiveness, • Conduct proactive threat hunting activities, • 5+ years’ experience in a senior Cyber Security Engineering or SOC Tier 3 role, • Strong hands-on expertise with CrowdStrike Falcon (Prevent, Insight, Discover), • Advanced Splunk / Splunk ES experience, including strong SPL capability, • Solid understanding of networking, cloud security (AWS/Azure), and the MITRE ATT&CK framework, • Experience with vulnerability management, penetration testing, or web application testing is advantageous

Hands on Head of Pen Testing | £85,000 | London, Hybrid We're working with a growing cyber security consultancy looking to hire a Head of Penetration Testing to lead and scale their offensive security capability. This is a hands-on leadership role, ideal for someone from a strong penetration testing background who wants to step into a position where they can own technical delivery, shape a team, and influence the direction of a testing practice - without stepping away from the tools. The Role: You'll take ownership of the organisation's penetration testing function, leading from the front on technical delivery, quality standards, and team development. This role is best suited to someone who is already operating as a Senior / Lead Penetration Tester or CHECK Team Leader, and is looking to step into a broader leadership position while remaining technically hands-on. You'll play a key role in defining methodologies, mentoring testers, engaging clients, and driving the growth of the penetration testing offering. Key Responsibilities: • Lead and scale the penetration testing function (people, processes, tooling), • Deliver and oversee high-quality penetration testing engagements (web, infrastructure, cloud, application), • Act as a technical authority across offensive security engagements, • Ensure consistency and quality across all reports and deliverables, • Support pre-sales, scoping and client engagements, • Mentor and develop a team of penetration testers, • Manage utilisation, capacity, and technical performance of the team, • Contribute to service development and growth of the practice Key Skills & Experience: • Strong background in penetration testing (offensive security) across web, infrastructure, and cloud, • Experience operating at Senior / Lead Pen Tester or CHECK Team Leader level, • Hands-on experience delivering client-facing penetration testing engagements, • Strong reporting skills and ability to communicate findings to both technical and non-technical stakeholders, • Experience mentoring or leading testers Certifications (essential) Candidates must hold two or more of the following (or equivilant) • CREST CRT or CCT, • OSCP, • OSCE / OSWE, • CISSP, • CHECK Team Member (CTM) or CHECK Team Leader (CTL) Why Join? This is an opportunity to step into a role where you can shape and lead a penetration testing function, not just deliver within one. You'll have the autonomy to influence how the practice evolves, while still staying close to the technical work that got you here. If this sounds like you, apply now! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.

Senior Security Engineer, reporting to the IT Security Officer, you will work as part of a 3-person IT Security team. As the Senior Security Engineer, you should have at least 5 years security team leadership and project management. You will implement and maintain robust security systems and protocols across the IT infrastructure. You will conduct risk assessments and vulnerability scans, mitigate vulnerabilities identified in penetration testing, and implement preventative measures to protect against cyber threats. You will monitor the security infrastructure and detect and respond to potential threats. You will mentor and develop the IT security engineer and collaborate with the IT team to ensure compliance with security standards and best practices; you will essentially be a key technical leader in safeguarding sensitive data and systems. Key Responsibilities/Duties Manage the Secure Web Gateway Manage the Email Security Gateway Carry out vulnerability scans, identify risks, and remediation. Manage the perimeter and VPN firewalls. Manage MFA and SSO. Manage MDM\MAM and Conditional Access Manage security certificates and keys. Deliver Cyber Security Awareness Training Remediate vulnerabilities and weaknesses identified during penetration testing.Experience - EssentialThe successful candidate will have a good working knowledge and experience in managing the majority of the following technology stack CrowdStrike EDR Mimecast Mail Security Gateway Duo Okta Rapid7 IVM, Tenable IO or Nessus Palo Alto Firewalls and Panorama InTune and Conditional Access Entra ID, Purview, Defender, Active Directory, DNS, GPOExperience - DesiredExperience using the following technology stack would be advantageous; understanding the principles is required. Cisco Secure Access Cisco Umbrella Cisco ASA Digicert Certificates and Microsoft Certificate Services Ivanti patching Kali Linux (NMAP, Metasploit, BurpSuite, John etc) Microsoft Purview Candidate Profile Desired Education: CISM, CISSP, OSCP or other penetration testing qualifications. Industry: Financial services, SOC, Pentesting is desirable* Personal Skills: Excellent inter-personal, written and verbal communication skills The ability to handle multiple priorities, tasks and projects simultaneously Clear and precise verbal and written communication Ability to deliver presentations to staff Cross functional influence, engagement and collaboration skills Location and Hours The position is usually based in our London Head Office, which is currently located in High Holborn. Hours: The team works on a shift pattern to ensure cover from : (0730 to 1630 (2 days working from home), and 0830 to 1730 (3 days working in the office))* There will be periods of the weekend and out-of-hours work.

The Role We are looking for a highly experienced New Business Cyber Security Development Director to drive enterprise penetration testing and offensive security engagements valued at £1M+. This role is 100% focused on new logo acquisition. The successful candidate will be responsible for identifying, developing, and closing large-scale security testing opportunities with enterprise organisations, working alongside an experienced team of technicians and cyber experts. You will bring a strong track record of winning complex cybersecurity services deals, particularly in penetration testing, red teaming, and offensive security programmes. You will collaborate closely with our security consulting and delivery teams to design and close strategic engagements that help organisations strengthen their cyber resilience. Key Responsibilities • Generate and close net-new enterprise clients for penetration testing and offensive security services, • Build and manage a new business pipeline targeting deals £1M+ in value, • Proactively identify and pursue opportunities across enterprise and regulated sectors including financial services and critical infrastructure, • Engage senior decision makers including CISOs, CTOs, and security leadership teams, • Lead the sales process from prospecting through to deal closure for complex, high-value engagements, • Work closely with internal technical experts to scope and shape large-scale penetration testing and red teaming programmes, • Develop tailored proposals and commercial structures for multi-year security testing programmes, • Navigate complex procurement cycles and lead enterprise-level commercial negotiations, • Flexible and creative to take considered risks, • Inquisitive and persistent, able to hunt out new business opportunity, • Learn and adapt quickly to changing situations, • Self-motivated and able to work under pressure, • Ability to travel to different sites and locations on a weekly basis, • Manages conflict and challenges in an open and constructive manner, • Flexible and creative to take considered risks, • Extensive experience in enterprise technology or cybersecurity sales, • Demonstrable track record of generating new business and closing large cybersecurity services deals (£1M+), • Significant experience selling penetration testing, offensive security, or cyber assurance services, • Strong ability to prospect and build relationships with senior enterprise stakeholders, • Experience managing long, complex enterprise sales cycles At Claranet, we go the extra mile with our people—because we believe in building a workplace where everyone feels valued and supported. Our flexible benefits package includes: • Pension Scheme: Employer-matched contributions to help you plan for the future., • Comprehensive Healthcare Coverage: Access to private medical care for your peace of mind and wellbeing., • Discounted Gym Memberships: Prioritise your fitness with exclusive rates at leading gyms., • Personalised Wellbeing Support: App-based resources and services available 24/7, • Enhanced Annual Leave: 25 days of holiday, increasing to 27 days with service, plus bank holidays and a day off for your birthday. We’re proud founding members of TC4RE (Technology Community for Racial Equality) working collectively to build a more diverse and inclusive tech industry. About Claranet Founded at the beginning of the dot com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries. Equal Opportunities Statement Diversity, equity and inclusion are at the heart of what we value as an organisation. Claranet is an equal opportunities employer and all qualified applicants will receive consideration for employment without regard to race, religion, sex, sexual orientation, age, disability or any other status protected by law. Our recruitment team are happy to support any reasonable adjustments that are needed within the recruitment process. Ready to take the next step in your career with Claranet? Click ‘apply’ – we can’t wait to meet you! To view full job description please visit our careers page

Connect2Hackney, the internal talent team for the London Borough of Hackney, are looking for a high-level Senior Cyber Security Engineer to join our team during a pivotal phase of our security evolution. With the strategic deployment of our new outsourced Security Operations Center (SOC) from NCC Group, we need a technical expert to bridge the gap between our raw security data and actionable intelligence. You will be the technical lead responsible for managing, integrating, and optimising our SOC capabilities while mentoring and training our existing team to elevate their technical skill sets. Key Responsibilities • Endpoint Strategy: Lead the deployment, policy configuration, and maintenance of our CrowdStrike Falcon platform., • SIEM Mastery: Collaborate with our SOC partner to architect and optimise Splunk dashboards, alerts, and data models., • Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment., • Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. We are seeking a candidate who brings at least 5+ years of experience in a dedicated Cyber Security Engineering or SOC Tier 3 role. Technical Requirements: • CrowdStrike Expertise: Deep hands-on experience with Falcon Prevent, Insight, and Discover., • Splunk Power User: Proficiency in writing complex Search Processing Language (SPL) and managing Splunk Enterprise Security (ES)., • Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework., • Additional Skills: Experience with Vulnerability Assessment (VA) tools, Penetration Testing, and Web Application Testing is a significant bonus.Desired Qualifications:, • Mandatory: Splunk Certified Cybersecurity Defense Engineer., • CrowdStrike: Ideally 2 or more certifications from CCFA, CCFR, or CCSE., • General: Advanced certifications such as CISSP, GCIH, GCIA, or CCSP are highly valued. Why Join LBH? This is a critical role that goes beyond daily operations; you will be instrumental in maturing our SOC service and ensuring our investment in NCC Group, Splunk, and CrowdStrike is fully realised. If you are a technical expert capable of turning raw data into defense, we want to hear from you. Commercial Services Trading Ltd is acting as an Employment Business in relation to this vacancy.

Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y £80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: • Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment, • Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security, • Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification, • Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures, • Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable), • Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows, • Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting, • Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities, • Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: • Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty, • Demonstrable proficiency across a wide range of IT and cybersecurity technologies, • Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management, • High-level analytical ability to solve unusual and complex problems, • Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices, • Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal., • Eligibility to work in the UK. Desirable: • Experience in technology projects such as cyber infrastructure implementation or replacement initiatives, • Understanding of global program structures, launch plans, timing, and ownership, • Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.

Join Keith to build the future of legal services; using technology to add speed, consistency and affordability. Keith is an AI-native and full-stack regulated law firm, initially focusing on disrupting the UK conveyancing market. By leveraging technology, we aim to automate c. 80% of the current human workload - delivering game-changing levels of client service, improved responsiveness, and reduced transaction time duration. We have ambitions to expand into other formulaic process-driven practice areas, targeting a £19B UK total addressable market. Keith also aims to create a loveable and recognisable brand within legal services - arguably a first. Keith's been founded by Andy Shovel, Pete Sharman and Sam Tucker. Andy and Pete co-founded THIS (this.co) which in 6 years, has grown into a market-leading plant-based food brand, delivering over £20m in annual sales. THIS has become known for game-changing innovation and highly engaging comms. Sam Tucker is also a serial founder, having previously founded Common Surface, now part of deskbird. Backed VC and Breega are two europe-leading VC funds who have invested in Keith. Between them, they've also backed Moneybox, Exotec, Thought Machine and many other high-growth start-ups. About the Role We're looking for a Senior Software Engineer to lead our engineering team. You'll set the technical direction, make key architecture decisions, and help hire and build out the team as we grow. This is a senior role - you'll have significant ownership over how Keith's platform is built, deployed and secured. You Will: • Design and own the architecture of Keith's platform - the state machine, workflow engine, API layer and data model that orchestrate every transaction, • Own infrastructure, deployments and CI/CD - ensure the platform is reliable, scalable and fast as we grow from launch to thousands of concurrent transactions, • Build and maintain security practices appropriate for a regulated law firm - data encryption, access controls, audit logging, penetration testing, • Build and improve AI agent pipelines - document review, correspondence handling, structured data extraction, • Build internal tooling for conveyancers - inbox, document review, approval workflows, transaction oversight, • Help hire and build out the engineering team as we scale About You • 5+ years building production software, with a strong backend emphasis, • Strong command of Python, TypeScript and React/Next.js, • Experience building and operating scalable, secure systems - you understand infrastructure, observability and deployment pipelines, • Experience with AI agent orchestration frameworks (LangGraph, OpenAI Agent SDK, or similar), • Strong architectural judgement - you'll be making foundational decisions about the stack, data model and system design, • Comfortable with security and compliance requirements - you've worked in regulated or security-sensitive environments, • Experience hiring and managing engineers, • Join a small, senior founding team building one of the first AI-native regulated law firms from scratch, • Founding team with a proven track record - including founders of one of the UK's fastest growing consumer brands, • Have real ownership and help redefine how legal work gets done, • Collaborate with senior lawyers and technologists to automate complex workflows at scale, • Work at the frontier of AI and law - move fast, experiment, and shape the product

Business Development Manager – Bromley (BR1) – Hybrid (1-2 days per week in office) Role Overview: Our client are looking for a Business Development Manager to join their growing cyber security consultancy at a pivotal stage of its expansion. The business has built a strong reputation delivering services such as penetration testing, vulnerability assessments, and purple teaming, and is now looking for a Business Development Manager to lead sales activity and drive new business growth. This is the first dedicated sales hire, offering the chance to take ownership of the commercial function and progress into a leadership role as the company scales over the next 12–24 months. Key Responsibilities: • Identify, target, and secure new business opportunities across a range of sectors., • Develop and execute a sales strategy to support growth objectives., • Build and manage a pipeline of opportunities, with deal sizes ranging from £10k to £200k., • Generate leads through proactive outreach, networking, and leveraging existing contacts., • Manage the full sales cycle from initial engagement through to close., • Collaborate with technical teams to develop tailored client solutions and proposals., • Contribute to the wider commercial strategy, with scope to build and lead a future sales team. Key Skills required: • Proven track record in business development within cyber security services., • Strong understanding of services such as penetration testing or related areas., • Experience closing deals within the £10k–£200k range., • Ability to operate effectively in a small, high-growth consultancy environment., • Self-motivated, proactive, and commercially driven approach., • Strong communication and stakeholder management skills., • Ambition to progress into a leadership position. Salary: £50,000–£55,000 basic + commission (circa 10% per deal).

About CFGI: CFGI is a global consulting firm that helps organisations navigate complex business challenges with confidence. With a strong presence in the UK, we partner with companies across industries to deliver best-in-class advisory services in accounting, risk, cyber security, technology, and business transformation. We pride ourselves on combining technical expertise with a practical, hands-on approach, helping our clients strengthen resilience, meet regulatory requirements, and stay ahead in an increasingly digital and risk-driven landscape. Technical and Domain Experience: · Conduct cybersecurity maturity and risk assessment and for clients. · Practical experience implementing security controls, in areas such as MDR, IAM, Network Security, Cloud Deployments. · Advise clients on cybersecurity strategy, metrics and reporting for various levels of stakeholders, including Audit Committees and Board of Directors. · Build risk management practices for clients, including policies, procedures, Risk Register, etc. · Previous experience as a systems administrator, systems engineer, or security analyst. · Understanding of operating system hardening principles, network design principles, and systems security. · Guide clients in establishing cybersecurity policies, standards, and procedures. · Manage cybersecurity training & awareness services for clients from design to implementation. · Understanding of security analysis, security events, and penetration testing. Soft Skills: · Strong interpersonal and communication skills; experience with cross-cultural communications. · Calmness and clarity of thought under pressure and ability to maintain positive attitude. · Agile and flexible, capable of dealing with ambiguity, and confronting challenges and opportunities with speed, endurance, and decisiveness. · Confidence to manage upwards, provide forward thinking ideas and actively participate in improving CFGI’s cyber offering. Technical Qualifications and Certifications: · Industry certifications are preferred, but not required: CISSP, CISM, etc. · Technology specific qualifications in technology or security solutions. Experience: · Whilst we will judge the quality of candidates not their time-served in the industry, a good gauge for this role would be around 5 years’ experience in technology and security related fields. · Your experience does not have to be purely cyber security consulting. We believe individuals with practical skillsets from in-house roles, broader technology management or GRC, for example, would be well placed in our team. · We know great candidates bring a mix of skills and experiences, you don’t need to have done everything listed in this job description to apply. We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Security Architect (DevSecOps) Retail Hybrid: 3 days onsite per week in London 6 months+ £750 - £800 per day In short: We require a strong, application-focused Security Architect with a keen background in development or at least the ability to assure a product’s architecture and have low-level, detailed conversations with engineers on the product whilst also facing off to more senior stakeholders in the business. In full: You will be responsible for augmenting the Security Architecture team with speciality skills and help scale our security presence across the wider technology and infrastructure teams. • Provide engineering and product teams with direction and guidance for all security matters., • Help product teams deliver new business features securely while balancing and clearly articulating technical and business risk., • You will be expected to drive the deployment/integration of security capabilities into engineering teams within the product domain., • You will drive security initiatives such as developing security requirements, threat modelling, strengthening application security, vulnerability reduction, etc., with the engineering teams., • Reducing friction is paramount and we are all about fast feedback within existing workflows, not adding another console for a developer to check., • Support teams in a collaborative manner in matters of mobile application, web application, cloud and data security, with threat modelling, risk treatment and security advice across all security domains. If you can raise a PR to fix a security issue, do so., • Facilitate risk remediation but also challenge decisions and status-quo., • Facilitate in assurance activities like penetration testing, purple testing, app assurance., • Build quarterly/monthly roadmaps for security activities and plan them. You will need To excel in this position, we expect you to have the following: • Solid security experience across common security domains – the technology might have changed but most of the security challenges have not., • A thorough understanding of modern application development practices so that security capabilities can be introduced and embedded while minimising developer friction., • Excellent interpersonal, facilitation, and leadership skills along with effective communication (both written and verbal) skills., • Be able to provide security guidance to engineering teams throughout the product development lifecycle., • Be able to develop threat models, attack trees, and embed security by design in product engineering effort., • Good understanding of web technologies, REST APIs, micro services, modern application development, and mobile apps. Good understanding of software architecture, dev-sec-ops, and network security., • Experience in browser security or mobile app security is desirable., • Good understanding of industry standards such as OWASP ASVS, OWASP Top-10, CIS benchmarks., • Hands-on experience with complex Azure and AWS architectures with an emphasis on containerised workloads., • Command-line/API experience is highly desirable as security automation is a strategic priority., • Some coding experience in something is always a plus - Java, HTML, JavaScript. You do not need to “be a developer” but you do need to understand the implications of security on engineering velocity., • Knowledge of and experience with PCI-DSS will be desirable., • Multiple examples of completed projects in security engineering or closely related areas., • Azure or AWS cloud security certifications (preferred). Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer. We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

We have a current opportunity for a Head of Azure Platform Security on a permanent basis. The position will be based in London. For further information about this position please apply.\n\nRequirements\n\n- Hands-on Azure cloud security architecture and implementation - Defender for Cloud, Policy-as-Code, RBAC, PIM, private endpoints, and secure landing zone design; AWS security experience also considered\n\n- Network security engineering: firewall policy design and lifecycle management, micro-segmentation, NSG/UDR/NVA architecture, hub-spoke topology, and perimeter defence for hybrid environments\n\n- WAF design, deployment, and operational tuning - Cloudflare, Azure Application Gateway, or equivalent; custom rule authoring and false-positive management at production scale\n\n- Network flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns\n\n- SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage workflow - you write the rules, not just read the dashboard\n\n- Endpoint and desktop security: EDR deployment and tuning (Defender for Endpoint, CrowdStrike), Intune/Jamf device management, privileged access workstations, JIT/JEA models\n\n- API and application security: threat modelling (STRIDE/PASTA), OAuth 2.0/OIDC implementation review, secrets management (Key Vault, HashiCorp Vault), and secure SDLC integration\n\n- PKI, certificate lifecycle automation, identity federation, and SSO across hybrid cloud and on-premises environments\n\n- Security automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them\n\n- MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs\n\n- Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management\n\nNice to Have\n\no Financial services, trading, or capital markets - operational security in a regulated, high-availability, zero-downtime-tolerance environment\n\no Zero-trust architecture: BeyondCorp, Zscaler, or equivalent; conditional access policy design and implementation\n\no DDoS mitigation, BGP security, and network resilience engineering for latency-sensitive financial infrastructure\n\no ISO 27001, SOC 2, DORA, or equivalent - hands-on implementation, not just audit participation\n\no Red team, adversarial simulation, or penetration testing programme design - experience on both sides of the exercise\n\nTo find out more about Huxley, please visit \n\nHuxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC(phone number removed) England and Wales

Hands on Head of Pen Testing | £85,000 | London, Hybrid.We're working with a growing cyber security consultancy looking to hire a Head of Penetration Testing to lead and scale their offensive security capability.This is a hands-on leadership role, ideal for someone from a strong penetration testing

Hands on Head of Pen Testing | £85,000 | London, Hybrid. This is a hands-on leadership role, ideal for someone from a strong penetration testing background who wants to step into a position where they can own technical delivery, shape a team, and influence the direction of a testing practice - with

The Opportunity ProCheckUp, an elite independent cybersecurity consultancy serving FTSE 100 corporations, UK government authorities, and international financial institutions, is seeking an experienced Penetration Tester with SC Clearance to join our expanding remote team. This is an exceptional opportunity to conduct high-impact security assessments across diverse enterprise environments while maintaining work-life balance through flexible remote working. You'll contribute to ProCheckUp's ambitious expansion phase, working alongside industry-leading security professionals on mission-critical infrastructure, applications, and network security testing for the UK's most security-conscious organizations. What You'll Do Core Responsibilities: • Conduct advanced penetration testing across network infrastructure, web applications, and mobile platforms for enterprise clients, • Perform vulnerability assessments, threat modelling, and risk analysis across diverse technical environments, • Execute social engineering assessments and physical security testing, • Produce detailed scoping documents and executive-level penetration testing reports aligned with CREST and NCSC standards, • Lead incident response investigations and digital forensic analysis when required, • Work independently on client-facing assessments whilst collaborating with senior consultants and team leaders, • SCADA/OT environment security testing, • Cloud infrastructure penetration testing (AWS, Azure), • Web services and API security, • Mobile application testing (iOS/Android) Who You Are Essential Experience & Skills: • Minimum 3+ years professional penetration testing experience, • Demonstrable expertise in network, application, and infrastructure security testing, • Strong hands-on proficiency with penetration testing frameworks, exploitation techniques, and security tools (Metasploit, Burp Suite, Wireshark, custom tools), • Deep technical knowledge of Windows, Linux, Unix operating systems and TCP/IP networking protocols, • Proven ability to perform source code reviews and application security analysis, • Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies, • Excellent report writing and executive communication skills—ability to translate technical findings into business risk, • Ability to work autonomously and adapt to client-specific environments, • CREST/CyberScheme CCTM/CSTM CCT/CSTL-INF or CCT/CSTL-APP (current), • NCSC CHECK Team Leader (CTL) (current) or CHECK Team Member (CTM) (current) preferred but not essential, • CEH Advanced (AECH) or OSCP, • SANS GCIH, GPEN, or GWAPT, • EnCase Certified Examiner (EnCE), • CWSP (Certified Wireless Security Professional), • Published security research, CVE disclosures, or white papers, • Curiosity and passion for emerging security threats and attack methodologies, • Drive to mentor junior consultants and contribute to technical innovation, • Professional demeanour with excellent client-facing communication, • Attention to detail in all deliverables, particularly technical reports and evidence documentation Why ProCheckUp? ✓ Proven Track Record: 25+ years delivering security services to world-leading organisations; holders of NCSC CHECK, CREST, PCI QSA, and PCI ASV accreditation's ✓ Prestigious Client Base: Work directly with FTSE 100 companies, UK government bodies, international law firms, and critical infrastructure operators ✓ Technical Leadership: Collaborate with industry experts who publish research, present at major conferences, and drive the cybersecurity industry forward ✓ Flexibility & Autonomy: Remote-first working with complete location flexibility across the UK—work from home, co-working spaces, or client sites as you prefer ✓ Career Progression: Clear advancement pathway from Consultant → Senior Consultant → Team Leader → Technical Director; investment in advanced certifications and professional development ✓ Competitive Remuneration: Market-leading salary package (£65,000–£85,000+ depending on experience and certifications) plus comprehensive benefits ✓ Backing of a Stable, Well-Funded Firm: Work for an independent, profitable, growth-focused security consultancy—not a commodity testing mill ✓ Continuous Learning: Access to research funding, certification sponsorship, conference attendance, and exposure to cutting-edge threat landscapes The Application Process This is a carefully selected search—we're looking for genuine penetration testing professionals with the technical depth to advise enterprise clients, not script-runner-test shops. To Apply: • Submit your CV (including certifications, security clearance status, and estimated clearance renewal date), • Write a brief covering letter (150–250 words) addressing:, • Why ProCheckUp's mission and client base appeal to you, • Your remote working setup and availability (notice period, start date), • Screening call with HR (15 mins): Verify background, clearance status, and role fit, • Technical interview with Senior Consultant (45 mins): Deep-dive on penetration testing methodology, recent case studies, and security trends, • Final interview with Hiring Manager/Technical Director (30 mins): Culture fit, growth ambition, and team dynamics Logistics | Position Type | Full-Time, Permanent | | Location | Remote, United Kingdom | | Security Clearance | SC (Minimum) | | Working Arrangements | Flexible remote; occasional travel for client engagements | | Salary | £65,000–£95,000+ based on experience, certifications, and client-facing impact | | Benefits Package | Competitive pension, health insurance, professional development budget, | | Notice Period | 2-8 weeks preferred; negotiable for exceptional candidates | About ProCheckUp Founded in 1999, ProCheckUp has evolved from a specialist penetration testing firm into a multi-disciplinary cybersecurity consultancy trusted by the world's most security-conscious organizations. Our team of CHECK Team Leaders, CREST Certified Testers, and forensic specialists delivers: • Penetration Testing & Security Audits: Infrastructure, application, and mobile assessments, • Compliance Advisory: PCI DSS, GDPR, ISO27001 implementations and certifications, • Incident Response & Forensics: 24/7 emergency response and digital evidence analysis Equal Opportunities ProCheckUp is an equal opportunities employer. We celebrate diversity and are committed to building an inclusive environment for all employees, regardless of gender, race, ethnicity, religion, disability, age, sexual orientation, or gender identity. We encourage applications from underrepresented groups in cybersecurity. Security Vetting: All successful candidates will be subject to UK security vetting procedures. Applicants must have resided in the UK for the last 5+ years to be eligible for SC clearance (or provide documented reasons for absence). Previous security clearance experience is valued but not essential. *

Key Responsibilities * Generate and close net-new enterprise clients for penetration testing and offensive security services * Build and manage a new business pipeline targeting deals £1M+ in value * Proactively identify and pursue opportunities across enterprise and regulated sectors in

Job Title: Cyber Security Architect (Contract) Scroll down for a complete overview of what this job will require Are you the right candidate for this opportunity Duration: Initial 6 months (with potential extension) Location: London (hybrid – minimum 2 days per week onsite, with occasional travel to other sites as required) Overview We are currently partnering with a leading organisation to appoint an experienced Cyber Security Architect on a contract basis. This role will play a key part in designing and delivering secure technology solutions across a range of programmes and projects. Role Responsibilities * Collaborate with business, technical, operational, and third-party stakeholders to gather requirements and design secure solutions * Produce high-level and low-level architecture and design artefacts aligned to programme objectives * Provide technical leadership and guidance across the full secure development lifecycle, particularly within cloud and DevOps environments * Translate business requirements into robust, scalable, and secure technical solutions * Contribute to architecture governance, including participation in design authority and review boards * Support the development and evolution of security architecture frameworks, standards, and best practices * Work closely with engineering and DevOps teams to embed “secure by design” principles across cloud platforms and CI/CD pipelines * Assess existing environments and recommend improvements to enhance overall security posture * Engage with internal and external stakeholders to ensure alignment with organisational and industry security standards Key Skills & Experience * Strong communication skills, with the ability to engage both technical and non-technical stakeholders * Proven experience producing architecture and design documentation * Deep understanding of cloud security, particularly within Microsoft Azure environments * Experience with secure DevOps practices and modern cloud-based architectures * Knowledge of security frameworks and standards (e.g. ISO 27001/27002, NCSC guidance, Cyber Essentials, NIS/CAF) * Experience in application security, including threat modelling, security reviews, and penetration testing * Familiarity with enterprise architecture frameworks such as TOGAF (or equivalent) * Relevant certifications (e.g. Azure Security Engineer/Architect) highly desirable Desirable * Exposure to Operational Technology (OT) environments or critical infrastructure sectors Additional Information This is an excellent opportunity to work on high-impact programmes within a complex and evolving technology landscape. xrnqpay The role offers a hybrid working model with a London base and flexibility for the right candidate.

A leading security firm in the City of Westminster is seeking a skilled Security Engineer to manage the company's security posture and protect applications from external threats. The ideal candidate will have over 3 years of experience in penetration testing and a strong understanding of common secu

Computacenter is growing our penetration testing capability and we are looking for an experienced penetration tester to support the delivery of vulnerability assessment and penetration testing services to Computacenter and our customers delivered services.As a highly skilled and motivated Penetratio

Synergy Solutions Limited is now looking for a Penetration tester to join our growing team. Ensuring that penetration tests performed by the whole team are effective and scoped correctly. You will have expert knowledge of Information Security Penetration Testing.

A cybersecurity firm is seeking a Senior Penetration Tester to identify vulnerabilities in systems and networks. You will support the delivery of vulnerability assessment and penetration testing services and collaborate with a dynamic Cybersecurity team. Ideal candidates will have experience in pene

The ideal candidate will have over 3 years of penetration testing experience and a strong understanding of security vulnerabilities.

A global consumer goods company seeks a Senior Manager for Offensive Security to lead penetration testing and manage a global bug bounty program. This role requires building a high-performing team and developing the offensive security roadmap. The ideal candidate has 15+ years in cybersecurity, with

The Senior Manager – Offensive Security will lead the evolution of our offensive security capabilities, delivering penetration testing, managing attack surface, and overseeing a global bug bounty program. Security Control Validation: Experience assessing the effectiveness of EDR, WAF, IAM, and oth

Demonstrable expertise in one of the major security specialist areas, such as penetration testing, incident response, endpoint security, network security, malware analysis or identity access management. The Security Threat Specialist, working in collaboration with the business, will be responsible f

Your role will include conducting penetration tests, managing firewall rules, and working with the security team on cloud infrastructure and threats. The ideal candidate will have over 3 years’ experience in penetration testing and relevant technical knowledge.

Significant senior leadership experience in information security within a FCA and PRA regulated UK bank, fintech, or other regulated financial services organisation, with demonstrated engagement on CBEST matters (including oversight of threat led penetration testing) at Board Risk Committee level. P

Open to the whole of the UK Our Clients Cyber Practice is a fast-growing community of industry-leading experts. The practice spans multiple disciplines, including Assurance, Compliance, Security Operations (SecOps), Offensive Security, and Security Research . We are committed to maintaining the highest quality of service while ensuring our team members have every opportunity to grow and learn alongside the organization. This is a highly rewarding, hands-on role offering exposure to both traditional enterprise IT and groundbreaking, custom operational technology (OT) systems. As a key member of the team, you will lead the discovery and implementation of solutions for complex customer problems in an agile, innovative, and team-centric environment. Core Responsibilities Technical Leadership: Lead penetration testing engagements across diverse environments. Problem Solving: Derive security requirements from functional objectives, even when dealing with limited initial knowledge of underlying solutions. Collaboration: Work in partnership with internal and external stakeholders to ensure synergy and effective project outcomes. Strategic Thinking: Analyze and evaluate complex information to reach decisive, actionable security solutions. Required Skills & Qualifications Technical Expertise CHECK Team Member (CTM) status: Candidates must currently hold a valid CHECK Team Member exam certification. Broad Penetration Testing Knowledge: A deep understanding of various specialties, including infrastructure, applications, and cloud testing . Adaptive Analysis: Demonstrable ability to identify security requirements and risks within custom or niche technical environments. Communication & Influence Technical Translation: Ability to effectively explain complex technical vulnerabilities and solutions to a non-technical audience. Documentation: High proficiency in writing meaningful, clear reports that provide actionable guidance. Presentation: Experience in delivering impactful presentations and articulating key security findings to stakeholders. Critical Thinking & Teamwork Analytical Mindset: Proven ability to use gathered information to present creative solutions and reach sound decisions. Stakeholder Management: Ability to collaborate meaningfully with all parties to ensure project goals are met efficiently. TPBN1_UKTJ

Job Title: Security Consultant/Architect Location: London (hybrid) Length: 6 months PAYE only Overall purpose of the role Are you a security professional with a "shift-left" mindset and a passion for building secure-by-design platforms? Join Barclaycard Payments as we build a brand-new, cloud-native, and fully independent fintech-style merchant acquiring platform. This isn't about maintaining legacy systems; it’s about building a target-state platform from the ground up. As a Security Consultant / Analyst , you will be embedded within the CISO function, working directly with engineering and product teams to ensure security is woven into the fabric of the GAIA roadmap. You will act as a bridge between high-level security standards and technical execution. This role is a blend of Cyber Business Analysis, GRC (Governance, Risk, and Compliance), and Technical Consultancy. Key Accountabilities: Secure-by-Design: Provide pragmatic security guidance to engineering workstreams, reviewing designs and technical specifications to identify risks early in the SDLC. Control Mapping & BA: Perform deep-dive business analysis to map cyber controls against the GAIA roadmap, ensuring alignment with the Barclays Cyber Control Library and refreshed Cyber Standards. Cloud & DevOps Security: Support the secure configuration of AWS workloads, CI/CD pipelines (GitHub), and containerised environments (Docker/Kubernetes). Compliance & Frameworks: Ensure the platform is built to be PCI DSS compliant, utilizing frameworks such as ISO 27001/2 and NIST CSF . Risk Orchestration: Help translate complex technical risks into business-relevant terms for stakeholders, ensuring all risks are logged, understood, and mitigated. Assurance: Assist in preparing for penetration testing, remediating findings, and validating control improvements. Key Skills: We are looking for a high-energy consultant who has spent the last 5+ years in Cyber Security, ideally within Fintech or Financial Services. You should be comfortable "spinning plates" in a greenfield environment and have a strong background in reporting to CISO leadership. Essential Experience: Cyber experience within Fintech/Financial Services: Proven experience in security consultancy, advisory, or GRC roles. Cyber Business Analysis: At least 2 years of recent experience in mapping cyber controls and navigating complex project roadmaps. Framework Fluency: Deep understanding of ISO 27001/2, NIST CSF, and PCI DSS. Cloud & Modern Engineering: A solid grasp of cloud implementations (AWS preferred) and secure development lifecycle principles. Stakeholder Mastery: The ability to challenge and influence developers, architects, and risk officers effectively. Desirable Skills: Experience securing End User Compute (EUC), specifically MacBooks managed via JAMF. Administration and securing of Google Workspace environments. Knowledge of merchant acquiring, payment flows, and fintech ecosystems. Security certifications (CISM, CISSP, or equivalent) are a plus. About Barclays Barclays is a British universal bank. It is diversified by business, by different types of customers and clients, and by geography. Barclays businesses include consumer banking and payments operations around the world, as well as a top-tier, full service, global corporate and investment bank, all of which are supported by its service company which provides technology, operations and functional services across the Group. Values Everything Barclays does is shaped by its five values of Respect, Integrity, Service, Excellence and Stewardship. The Barclays values inform the foundations of its relationships with customers and clients, but they also shape how Barclays measures and rewards the performance of colleagues. Simply put, success is not just about what you achieve, but about how you achieve it. Diversity Barclays aims to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included and their talents are nurtured, empowering them to contribute fully to Barclays vision and goals. Hybrid Working Barclays is currently in the early stages of implementing a hybrid working environment, which means that many colleagues spend part of their working hours at home and part in the office, depending on the nature of the role they are in. Barclays is flexible on how this works and it may continue to change and evolve. Depending on your team, typically this means that colleagues spend a minimum of between 20% to 60% of their time in the office, which could be over a week, a month or a quarter. However, some colleagues may choose to spend more time in the office over a typical period than their role type requires. Barclays also has a flexible working process where, subject to business needs, all colleagues globally are able to request work patterns to reflect their personal circumstances Your Benefits As a contract employee of Randstad Sourceright, you’ll receive a wide range of financial and personal benefits. There’s enrolment in a pension plan (after 12 weeks on assignment) and holiday pay. You’ll also get 24/7 access to an Employee Assistance Programme, designed to help you deal with any problems that could be affecting your home or work life. Plus, there’s discounts at heaps of high street shops, restaurants and entertainment - from Asda to Zizzi Italian restaurants.

Job description We have an exciting new opportunity for an Identity & Access Management Senior Architect to join the A&O Shearman London office. About the team The firms ability to keep our clients data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the worlds large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of the Board. Led by our new CISO, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where global complexity creates opportunity. In addition, you will have the opportunity to share and gain intel from the firms cybersecurity lawyers. The global team have experience advising clients on hundreds of incidents. Leveraging this experience, they feedback practical lessons learned into clients cyber risk management and incident response programmes. What you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will be responsible for maintaining the identity and access management (IAM) security of the firms assets. This role is critical in translating the organisations IAM vision into a workable, mature and optimized function and service. This role requires extensive experience across all IAM core disciples including identity management, identity governance and administration, privileged access, and conditional access. This role will support the transformation of IAM into a modern, automated, predictable and customer-oriented function. The ideal candidate will excel at Microsoft Entra ID technologies, CyberArk, machine identity management, and translation of identified requirements into practical identity architecture and design. This will include: IAM Strategy and Architecture Design, implement and continuously improve the organisational IAM architecture for a modern security perimeter, leveraging extensive knowledge and experience across all IAM disciplines. Review functional and non-functional requirements, apply architectural acceptance criteria, and produce artefacts describing the logical and physical design of IT and security (IAM) solutions scaled for the enterprise needs, and assist in solution architecture. Influence and evaluate decisions on IAM components: directory, identity, privileged access, entitlements management. Configure and maintain technologies that support the IAM function such as Active Directory, Entra ID Privileged Identity, Privileged Access, and Governance; Conditional Access Policies; CyberArk. Design and transition IAM service components into operation operational manuals, support patterns, standard changes, request management. IAM Risk and Change Management Work alongside Solution Architects to ensure solutions are designed securely from an access management perspective. Ensure adherence to the change management process when implementing IAM relevant changes to architecture. Perform detailed analysis of application architectures to provide IAM assurance. Understand threat modelling and participate in major incidents responses with IAM components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure teams to implement IAM design patterns. Ensure IAM security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented IAM security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and manage IAM security testing including penetration tests and Red Teaming as well as remediation activities. Work closely with wider Information Security team to ensure compliance, assurance, risk management, monitoring, and other operational requirements related to IAM are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non-compliance related to PAM, IAM and IGA policies and processes. Leadership & Team Development Provide leadership and structured mentorship to a team of identity and access management staff, supporting their technical development, training & certifications, and career progression. Oversee the design and management of the on-call support structure, ensuring appropriate coverage, escalation paths, and minimal disruption to business operations. What you will have Extensive experience in working with Microsoft identity products, namely Active Directory and Entra ID. Extensive experience working in architecture or information security, with a significant focuson identity and access management. Current Azure certifications (e.g., Azure Security Engineer Associate). Strong knowledge of security and compliance standards and frameworks, such as ISO27001, MS CAF, and WAF. Excellent communication, leadership, and interpersonal skills, with the ability to collaborate across teams and with external parties such as MSSP. Ability to work effectively in a fast-paced, dynamic environment. You will stand out if you bring Bachelor's degree in Information Security, Computer Science, or a related field. Additional relevant security certifications e.g. CISSP, SABSA, TOGAF. Legal or professional services experience is highly desirable. Knowledge of additional cloud platforms e.g. AWS, GCP. Experience with zero trust architecture implementation and least privilege principles. Background in application security and secure SDLC practices Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required. We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic. We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing an onsite gym, wellbeing centre and GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, season ticket loans and online discounts and lifestyle management services. Our approach to hybrid working seeks to combine and maximise the benefits of effective remote working with the benefits of being in the office. Our current hybrid working arrangements require office based working for a minimum of 60% of your time ( i.e. three days per week for a full time role ) in accordance with our hybrid working policy. Additional information - External A&O Shearman is a new global industry-leading law firm, with nearly 50 offices in 28 countries worldwide. Our fluency in English law, US law, and the laws of the worlds most dynamic markets, enables us to provide unmatched insight and seamless delivery to clients. We work on challenging and important deals and disputes that have the potential to shape the future. We offer exceptional opportunities for our people; opportunities to work for the worlds leading businesses; to transform the status quo, and to deliver your best work, helping you and your career to thrive, while delivering unparalleled outcomes for our clients. Whether you're helping clients solve complex challenges, transforming the ways we manage our business, or ensuring the smooth-running of our operations, this is an environment where you can belong and excel. We provide first-rate training and development, we are committed to an inclusive environment, and we provide support and ways of working that help you optimise your wellbeing. What truly defines a career with us? We recruit the best and ask for the best of you. And together, we will redefine success. TPBN1_UKTJ

Business Development Manager - Cyber Security Services/products We’re partnering with a fast-growing cyber security startup looking to make its first commercial hire — a high-impact New Business Sales Executive who wants more than just another sales role. This is an opportunity to join at an early stage, work directly with the founder, and play a key role in shaping the company’s growth strategy. You won’t inherit a territory or a rigid playbook — you’ll help build it.If you’re someone who enjoys autonomy, thrives in a “hunter” role, and wants to influence how a business scales this role will be perfect for you, You’ll take full ownership of the new business sales cycle, from prospecting through to close, while helping define go-to-market strategy and target sectors. Working closely with technical teams and leadership, you’ll be instrumental in driving adoption of a subscription-based penetration testing offering across a range of high-value industries. Key Responsibilities • Own the full end-to-end sales cycle, from lead generation to closing deals, • Identify and win new business across sectors such as financial services, defence, government, and critical infrastructure, • Build and manage a strong, self-generated pipeline, • Drive adoption of a subscription-led cyber security testing model, • Work closely with technical consultants to scope solutions and develop proposals, • Represent the business at industry events and through your network, • Provide market insights to help shape sales strategy and growth plans Skills/Experience • 3 yrs + B2B sales experience within cyber security (services or products), • Understanding of offensive security (penetration testing, red teaming, vulnerability management), • Proven ability to generate your own pipeline and close new business, • Confidence engaging senior stakeholders (CISO, CIO, Head of Security, etc.), • Self-starter mentality with the ability to operate in a fast-paced, early-stage environment, • London-based or able to commute, • Experience selling into the defence sector(not essential but is a nice to have) If you are keen to hear more, apply now for immediate consideration

Security Testing Practice Lead | £80-85k | London (Hybrid) We're working with a growing cyber security consultancy looking to hire a Security Testing Practice Lead to take ownership of their security testing function. This is a hands-on leadership role, combining technical delivery with practice growth, team development, and client engagement - ideal for someone who wants to step into (or is already operating at) a leadership level while still staying close to the tech. Salary: £80-85,000 Location: London (2 days onsite) The Role: You'll be responsible for leading and scaling the security testing practice, ensuring high-quality delivery across engagements while shaping the future direction of the service offering. This includes owning delivery standards, supporting commercial activity, and mentoring a team of testers - all while remaining hands-on where needed. Key Responsibilities: Lead and develop the security testing practice (services, tooling, methodologies) Oversee delivery across testing engagements (web, infra, cloud, etc.) Ensure quality, consistency, and technical excellence across all outputs Support pre-sales, scoping and client engagement activities Manage team utilisation, capacity, and performance Mentor and develop testers, driving a strong technical culture Contribute to practice growth and new service development Key Skills & Experince: Strong background in penetration testing / security testing (CHECK or equivalent) Experience leading or mentoring teams (or ready to step up) Ability to engage with clients and support commercial discussions Strong reporting and stakeholder communication skills Experience across web, infrastructure, cloud and application testing Understanding of delivery processes, quality assurance and scaling services This is a great opportunity to step into a role where you can shape a security testing function , not just deliver within one. If this sounds like something you'd be interested in, apply now! Oscar Associates (UK) Limited is acting as an Employment Agency in relation to this vacancy. To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website. TPBN1_UKTJ

Job description We are currently recruiting for an AI Security Senior Architect to join our London office. DEPARTMENT PURPOSE The Information Security team is a strategic enabler for our global law firm, focused on protecting client data, intellectual property, and business operations while enabling secure innovation. Through four key pillars Digital Trust, Technical Assurance, Security Operations, and Governance, Risk and Compliance (GRC) the team delivers comprehensive security solutions that align with our firms strategic objectives as well as client and regulatory requirements. Our integrated approach combines secure by design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firms legal tech incubator, we ensure emerging technologies, and our innovative generative AI-powered tool are implemented securely while maintaining the confidentiality, integrity and availability of our systems and data. This collaborative model allows us to stay ahead of evolving threats while supporting the firms digital transformation initiatives and maintaining the trust of our clients and stakeholders. ROLE PURPOSE The AI Security Senior Architect will be part of the Digital Trust team and will be responsible for architecting, maintaining and implementing the security of the Artificial Intelligence ecosystem in the organization. The position will be accountable for the security of the firms flagship AI product ContractMatrix, as well as the security of the individual AI workloads. This role is critical in translating the organisations Digital Trust vision into a workable, mature and optimized function and service. This role requires extensive experience across all Identity and Access Management core disciples including identity management, identity governance and administration, privileged access, and conditional access and in particular, machine identities. It also requires deep technical skills in the DevSecOps. This role will support the transformation of IAM into a modern, automated, predictable and customer-oriented function. The ideal candidate will excel at Microsoft Entra ID technologies, Microsoft Azure, workload identities, managed accounts, machine identity management, and translation of identified requirements into practical identity architecture and design. ROLE & RESPONSIBILITIES IAM Strategy and Architecture for Artificial Intelligence Leverage extensive knowledge and experience across all IAM disciplines to design, implement and continuously improve the portions of the organisational IAM architecture relating to AI workload identities. Work with firms strategic technology partners in evaluating concepts to secure AI workloads, working towards the selection of the platform and architecture for securing them in the future. Influence and evaluate the decisions on the wider IAM components: directory, identity, privileged access, entitlements management to accommodate AI workloads into a coherent identity Configure and maintain technologies that support the IAM function and AI security such as Active Directory, Entra ID Privileged Identity, Privileged Access, and Governance; Conditional Access Policies (for AI IDs); CyberArk, Palo Altos XSIAM and XSOAR platforms. Design and transition AI IAM service components into operation operational manuals, support patterns, standard changes, request management. AI Contract Matrix Security Governance Risk and Change Management Work alongside ContractMatrix product team to ensure that the solutions are designed securely from an access management perspective. Ensure adherence to the AI governance. Integrate security into the SDLC from the ground up, ensuring AI models and systems are secure by default. Define and enforce secure coding practices for AI/ML components and APIs. Identify and assess threats specific to AI systems, such as model inversion, data poisoning, adversarial attacks, and model theft. Implement model encryption, and access controls to prevent unauthorized use or tampering. Provide training and guidance to development teams on AI security risks and mitigations. Work on internal and external audits and implement findings against ISO27001 and ISO42001 security standards. Collaborate with Client Audit, GRC and product teams in responding to client audit requests as they relate to AI use at the firm. Perform detailed security analysis of application architectures to provide assurance. Understand threat modelling and participate in major incidents responses with IAM and AI components. Review and approve the IAM components of solution designs. Collaborate with cloud infrastructure teams to implement IAM and AI security design patterns. Ensure AI security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and manage AI security testing including penetration tests and Red Teaming as well as remediation activities. Work closely with wider Information Security team to ensure compliance, assurance, risk management, monitoring, and other operational requirements related to IAM and AI are met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non-compliance related to AI security, PAM, IAM and IGA policies and processes. Leadership & Team Development Provide leadership and structured mentorship to identity and access management staff and AI platform teams and supporting their technical development. Oversee the design and management of the on-call support structure, ensuring appropriate coverage, escalation paths, and minimal disruption to business operations. Influence key senior stakeholders in adopting best practices for secure AI use in the firm. KEY REQUIREMENTS Essential Minimum of 10 years experience in working with Microsoft identity products, namely Active Directory and Entra ID. Minimum of 7 years experience working in architecture or information security, with at least 4 years focused on identity and access management. Current Azure certifications (e.g., Azure Security Engineer Associate). Strong knowledge of security and compliance standards and frameworks, such as ISO42001, ISO27001, MS CAF, and WAF. Excellent communication, leadership, and interpersonal skills, with the ability to collaborate across teams and with external parties such as MSSP. Ability to work effectively in a fast-paced, dynamic environment. A genuine passion for continuous learning and development in cybersecurity, staying up to date with the latest developments, trends, and technologies in the field. High level of personal integrity and ethics, demonstrating an appropriate level of judgement, handling any potentially high-pressure situations in a manner which upholds the highest ethical standards. Desirable Bachelor's degree in Information Security, Computer Science, or a related field. Additional relevant security certifications e.g. CISSP, SABSA, TOGAF. Legal or professional services experience is highly desirable. Knowledge of additional cloud platforms e.g. AWS, GCP. Experience with zero trust architecture implementation and least privilege principles. Background in application security and secure SDLC practices. Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required. We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic. We recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, private medical insurance, mental health resources and free apps, health and wellbeing services encompassing an onsite gym, wellbeing centre and GP service, emergency back-up care support, parental and special leave, holiday entitlement increasing with length of service, holiday trading, season ticket loans and online discounts and lifestyle management services. Additional information - External A&O Shearman is a global industry-leading law firm, with nearly 50 offices in 28 countries worldwide. Our fluency in English law, US law, and the laws of the worlds most dynamic markets, enables us to provide unmatched insight and seamless delivery to clients. We work on challenging and important deals and disputes that have the potential to shape the future. We offer exceptional opportunities for our people; opportunities to work for the worlds leading businesses; to transform the status quo, and to deliver your best work, helping you and your career to thrive, while delivering unparalleled outcomes for our clients. Whether you're helping clients solve complex challenges, transforming the ways we manage our business, or ensuring the smooth-running of our operations, this is an environment where you can belong and excel. We provide first-rate training and development, we are committed to an inclusive environment, and we provide support and ways of working that help you optimise your wellbeing. What truly defines a career with us? We recruit the best and ask for the best of you. And together, we will redefine success. TPBN1_UKTJ

SALES MANAGER – IT SOLUTIONS / CYBER SECURITY New Malden, Greater London £65,000 – £75,000 Basic + £40,000 OTE (Year 1) An outstanding opportunity has arisen for an experienced Sales Manager to join a fast-growing, multi-award-winning Managed Service Provider at the forefront of cyber security, data resilience, cloud storage, and managed IT services. Established in 1986, this business has built a strong reputation for delivering enterprise-grade cyber security and data protection solutions to organisations with 400+ IT users across the UK. Their consultative approach focuses on strengthening security posture, avoiding vendor lock-in, and delivering predictable, high-value cloud and backup solutions. Their flagship Cloudlake® platform provides secure, immutable backup and storage solutions designed to protect businesses from ransomware and critical data loss. Working with leading global technology partners including Veeam, Wasabi, Microsoft, Cisco, Dell, and Palo Alto Networks, they provide cutting-edge services across: Cyber Security Maturity Assessments Virtual CISO Services Penetration Testing 24/7 MDR (Managed Detection & Response) Microsoft 365 Backup Immutable Cloud Storage Managed Backup Solutions Hybrid Cloud Infrastructure Data Centre & Cloud ServicesThis role is ideal for a commercially driven sales leader with strong MSP experience, a passion for developing high-performing teams, and a proven ability to drive both new business acquisition and account growth within a consultative sales environment. What We’re Looking For Minimum 5 years’ experience within IT / MSP sales Strong background in cyber security, cloud, infrastructure, or data protection sales Proven track record of revenue growth and delivering measurable sales success Experience managing and developing high-performing sales teams Strong commercial awareness and consultative selling approach Willingness to travel nationally when required Full UK driving licence and access to a vehicleKey Responsibilities Lead the full sales cycle from prospecting through to close Drive growth across both new and existing client accounts Identify whitespace opportunities and expand strategic customer relationships Manage, coach, and mentor the Account Management team Strengthen vendor and distributor partnerships Deliver accurate forecasting, pipeline management, and CRM reporting Support go-to-market strategy and demand generation initiatives Collaborate with Business Development, Marketing, and Pre-Sales teams Represent the business at customer meetings, trade shows, and industry eventsWhat’s On Offer Competitive basic salary up to £75,000 £40,000 realistic OTE in Year 1 Excellent earning potential in Year 2 and beyond Private healthcare and additional health benefits 25 days annual leave + UK bank holidays Additional paid time off between Christmas and New Year Ongoing training and professional certifications Access to major industry networking events Genuine long-term progression path into senior leadership, with potential for Director / CRO-level advancementThis is a fantastic opportunity to join one of the UK’s most respected MSPs, helping shape the next phase of growth within a business known for innovation, customer retention, and exceptional service delivery. If you’d like to find out more, please apply today or contact Kylie for a confidential discussion: (phone number removed) (url removed)

PRINCIPAL CYBERSECURITY ENGINEER SC Cleared - UK Only - (Sponsorship is unavailable) you must hold SC Clearance. Provide expert advice on the defences against cyber threats, data breaches, and emerging risks. This includes offering guidance on the selection, design, justification, implementation, and operational management of cybersecurity strategies, technologies, and standards. Contribute to the development and refinement of controls and processes to ensure the safety, confidentiality, integrity, availability, and overall security of data stored on systems. You will be responsible for identifying gaps in existing cybersecurity policies and procedures and, in collaboration with security, network, information governance, and technical leads, developing new measures to address these gaps. KEY RESPONSIBILITIES: You will work closely with system and service owners, as well as internal and external stakeholders, to design, implement, and enforce appropriate protective and detective security controls, policies, and procedures. The role includes the administration and operational management of security tooling and SIEM platforms, with responsibility for monitoring, detecting, and responding to cyber threats, intrusions, and unauthorised or suspicious activity. This includes Microsoft Sentinel (data and source tuning, creation and maintenance of workbooks and connectors, and threat intelligence review), Microsoft Defender for Endpoint and Defender for Cloud, and Darktrace, including system and model tuning, email module management, and configuration of autonomous response actions. You will be responsible for incident response activities, including triaging security alerts, investigating incidents, coordinating escalation and remediation, and conducting root cause analysis. You must be able to communicate effectively about security incidents and cyber risks to both technical and non‑technical stakeholders. The role works closely with the Security Operations Centre (SOC) partner, supporting the assessment and investigation of alerts and contributing to the development and refinement of incident response plans and playbooks. You will support vulnerability management activities, including vulnerability assessments, annual audits, and penetration testing. This includes preparing and presenting incident, threat, and compliance reporting to stakeholders at all levels, including compiling a monthly SIRO report. Continuous improvement is a core responsibility. You will conduct post‑incident reviews, recommend control and process improvements, and contribute to the creation and maintenance of cybersecurity governance documentation. You will also research emerging cyber threats and mitigation strategies and provide reports or presentations to senior stakeholders as required. The role supports cybersecurity training and awareness initiatives, promoting a strong security culture and helping to upskill colleagues in cybersecurity best practices. You will also collaborate with solution architects and project teams to ensure security is embedded into system and application designs, supporting secure architecture and delivery from the outset. Compliance & Framework Alignment: Ensure security operations align with regulatory standards and frameworks such as NIST, ISO 27001, and NCSC CAF.Person Specification Essential: Demonstrated experience with Microsoft Sentinel, Microsoft Defender for Endpoint/Cloud SIEM tools, threat intelligence platforms, and vulnerability management. Technical experience securing Microsoft Azure and Amazon Web Services cloud environments as well as on-premise/virtual Microsoft technologies. Strong analytical, communication, and problem-solving skills, including the ability to produce clear technical and non-technical reports. Ability to analyse and interpret security events/logs and perform remediation work to address security issues.Desirable: Recognised cybersecurity certifications (e.g., CompTIA Security+, CEH, GIAC, CISSP). Experience with DarkTrace Qualifications Bachelor's degree in Cybersecurity or Computer Science Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

Company: Global Retail Company (Join as one of the start-up members in the UK) Position: Infrastructure Specialist (Retail Technology) Location: London (Hybrid) Salary: 50,000 – 55,000 GBP Job responsibilities: Retail & Store Technology Deliver full IT setup for new store openings, refits, relocations, and pop‑ups (POS systems, printers, scanners, tablets, payment devices, WiFi, LAN, SD‑WAN). Ensure stable operations of store technology through monitoring, maintenance, and incident response. Support store teams with troubleshooting across devices, connectivity, POS systems, and peripherals. Warehouse Technology & 3PL Coordination Lead IT coordination for warehouse operations supported by 3PL partners. Ensure technical readiness for inbound/outbound operations, including: Warehouse device onboarding (scanners, RF guns, label printers) Network access, WiFi readiness, and VLAN configuration VPN / SD‑WAN connectivity between us and 3PL environments Firewall rules, routing updates, and IP whitelisting Support integration‑adjacent activities such as label printing flows, device connectivity and operational tooling. Act as the primary IT point of contact during warehouse onboarding, transitions, and operational changes. Ensure warehouse technology aligns with our information security and compliance requirements. Office & Corporate IT Manage IT operations across EMEA offices and showrooms (laptops, mobile devices, M365, conferencing systems, telephony). Oversee onboarding/offboarding, account lifecycle, and access provisioning. Maintain device compliance via Intune/MDM and ensure security baseline adherence. Information Security & Compliance Implement security policies across the environment: MFA, encryption, endpoint protection, vulnerability management, threat detection. Support penetration testing activities, remediation, and alignment with HQ security standards. Ensure compliance with GDPR, ITGC, audit requirements and internal security frameworks for stores, warehouses, and offices. Infrastructure Management Manage infrastructure across EMEA (LAN/WAN/WiFi, SD‑WAN, VPN, firewalls, identity services). Coordinate closely with global teams to align network architecture, cloud services, and enterprise device standards. Support SAP technical operations such as printing, connectivity, RFC endpoints, POS → ERP feeds, and network dependencies. Improve infrastructure resiliency, automation, monitoring, and telemetry. Performance Monitoring & Reporting Monitor system uptime, network performance, vendor SLAs and incident trends across retail, warehouse, and office environments. Produce regular reports on infrastructure stability, risk areas, asset posture, and operational readiness. Communicate risk, incidents, dependencies, and improvement opportunities to EMEA leadership. Documentation & Training Maintain and update documentation for infrastructure configurations, store rollout playbooks, warehouse technical guides and troubleshooting procedures. Train retail, warehouse and office teams on IT processes, device usage and security best practices. Build knowledge‑base articles, SOPs and IT runbooks. Service Delivery & Vendor Management Manage vendor relationships for POS, networking, 3PL infrastructure, retail hardware, telecoms and field support partners. Oversee incident, problem and change workflows through ticketing tools such as ServiceNow. Maintain a complete and accurate IT asset inventory across all EMEA sites. Experience 10+ years in IT infrastructure roles supporting multi‑site retail, fashion, logistics, or hospitality businesses. Hands‑on experience with store environments (POS, payments, scanners, WiFi, local networking). Experience coordinating IT activities with external 3PL warehouse operators. Exposure to SAP‑related infrastructure topics (printing, RFC connections, connectivity). Strong vendor management experience. Technical Skills Core Skills (Must‑Have) Strong hands‑on experience with networking (LAN/WAN/WiFi), routing, switching, firewall rules, SD‑WAN, VPN. Expert knowledge of MDM/Intune, endpoint management, identity lifecycle (Entra ID/Azure AD). Advanced understanding of retail hardware ecosystems: POS, printers, scanners, payment terminals. Experience coordinating with warehouse/3PL partners on: Device onboarding Network readiness Access provisioning IP whitelisting and firewall rule changes Strong troubleshooting across network, hardware, and device layers. Essential Skills Ability to manage end‑to‑end IT operations for stores, 3PL warehouses and corporate environments. Familiarity with SAP technical touchpoints (printing, network prerequisites, POS feeds). Understanding of enterprise security practices (patching, EDR, MFA, vulnerability management). Experience with M365, Windows, MacOS and cloud‑managed enterprise systems. Strong documentation and process ownership skills. Nice‑to‑Have Skills Experience with logistics or warehouse automation technologies (RFID, handheld terminals). Knowledge of SD‑WAN platforms (Meraki, Fortinet, Aruba). Familiarity with SIEM/EDR tools and penetration testing workflows. Basic scripting (PowerShell, Bash) for automation. Understanding of API connectivity and network prerequisites for integration flows. We regret to inform applicants that only shortlisted candidates will be notified. Thank you for understanding

Synapri are working with a London-based technology driven organisation looking to hire a Security Engineer to support security operations, governance, and compliance across a modern cloud environment. Responsibilities: • Monitor and respond to security alerts, incidents, and threats, • Manage Microsoft 365 security tools (Defender, Purview, Sentinel, Entra ID), • Support ISO 27001 compliance and broader security frameworks, • Assist with third-party risk assessments and penetration testing, • Contribute to security policies, controls, and incident response, • Promote security awareness across the business Experience: • 5+ years in cybersecurity or security operations, • Strong experience with Microsoft security stack (Defender, Sentinel, Entra ID, Intune), • Good knowledge of cloud security and frameworks (ISO 27001, NIST), • Strong communication and problem-solving skills This role is a hybrid position in Central London. Please apply with your latest CV for consideration...

SAP Application Security Consultant London based and minimum of 3 to 4 days onsite 12 Months SC eligible would be considered but SC cleared are preferred £550 We are seeking a specialist SAP Application Security Consultant to embed within a UK Government SAP S/4HANA programme and deliver a robust, compliant, and well-governed security model. You will be responsible for the full lifecycle of SAP security design and implementation, including role concept design, authorisation object configuration, Segregation of Duties (SoD) analysis, and remediation across both SAP GUI and SAP Fiori environments. A strong understanding of Fiori authorisation concepts - including business catalogues, business groups, and Fiori Launchpad security - is essential, as is experience integrating SAP security with Identity Access Management (IAM) solutions and Single Sign-On (SSO) frameworks. You will work to security policies and support audit, compliance, and penetration testing activities throughout the programme. The successful candidate will produce and maintain comprehensive security documentation including role matrices, SoD rulesets, and access control policies, ensuring alignment with Government Security Classifications and Cabinet Office guidance. You will provide expert advice to functional and technical workstreams on security-by-design principles and act as the key point of escalation for security incidents and access queries. Experience with GRC tools (SAP GRC Access Control preferred) and a working knowledge of NCSC guidance for enterprise security will be advantageous. Due to the sensitive nature of this UK Government programme, SC clearance is required; active SC clearance is highly desirable, with eligibility for SC being the absolute minimum. Candidates must have the right to work in the UK and consent to pre-employment security vetting

Passive Fire Protection Project Manager Location: London Salary: £500 - £600 per day Sector: Infrastructure | Rail | Major Projects The Role We are seeking an experienced Passive Fire Protection Project Manager to join a growing specialist contractor delivering high-profile infrastructure and rail projects across London. You will take ownership of the design, commercial, and delivery of passive fire packages, working across structural steel, MEP penetrations, and compartmentation within complex live environments. This is a hands-on role managing projects end-to-end, from design coordination through to site delivery and commercial close-out. Key Responsibilities Lead delivery of passive fire protection packages across multiple assets/projects Manage design coordination to ensure compliance with tested details, fire strategies, and British Standards Administer contracts under NEC (NEC3/NEC4), including: Compensation Events Early Warnings Applications for Payment Oversee programme, cost, and resource management (CVR, Earned Value, planning) Coordinate with subcontractors and internal teams across MEP, structural, and fit-out trades Ensure all works meet FIRAS / ASFP standards and successfully pass audits Provide technical solutions for firestopping, fireboarding, and intumescent coatings Manage QA, inspections, and assurance processes Requirements Proven experience in Passive Fire Protection / Firestopping Background as a Project Manager, Contracts Manager, or Senior Engineer Strong knowledge of: Compartmentation and fire strategy drawings Tested details and certification Structural steel fire protection and penetration sealing Experience working with systems/products such as Rockwool, Promat, Hilti, FSi, British Gypsum, Sherwin Williams (or similar) Strong understanding of NEC contracts Experience on rail, tunnelling, or heavy civils projects (e.g. HS2, London Underground, infrastructure) Strong leadership and stakeholder management skills Desirable FIRAS or ASFP accreditation/knowledge Experience with intumescent coatings and DFT testing Exposure to BIM coordination Fire engineering or design coordination experience Why Join Opportunity to work on major UK infrastructure projects Strong pipeline of secured work Clear progression into senior leadership roles Competitive salary and package Apply If you are a Passive Fire specialist with strong project delivery experience, we would welcome your application

Security Assurance Manager London - Hybrid 12-18 months £600 - £750 per day inside IR35 - umbrella only Active SC clearance required Responsibilities Oversee and guide a team of consultants from the UK business who are fulfilling our cloud security assurance process for non-core cloud systems Maintain and implement our overall Secure Networks Security Assurance framework, including creation of protocols and processes as required. Maintain our secure network approvals including risk assessments, security arguments, and compliance statements against the DCPP Cyber Security Model (plus against other standards and control sets as required) Carry out and maintain security assessments for core Secure Networks cloud systems such as Microsoft 365 Oversee Secure Networks elements of broader company certification to the Defence Cyber Certification Carry out compliance audits to ensure that the Secure Networks Team, local security contacts, and project teams are carrying out required assurance activities, both in our secure networks and for cloud systems Stay up to date with MOD and other regulatory guidance, and relevant commercial standards such as Microsoft 365 guidance, and incorporate the results into our Secure Networks security assurance approaches Provide security assurance guidance to the Secure Networks Team to review and influence the design and operation of our secure networks Periodically update the risk assessments for our secure networks, communicate implications to relevant stakeholders, and track progress against action items Stay up to date with the threat landscape affecting our secure networks, using a range of sources such as the corporate Threat Intelligence team Track progress made by a range of parties against security action plans Collaborate with, learn from and advise relevant internal stakeholders such as Global Security, Security Points of Contact, the Secure Networks Team, the UK business security managers, Security Controllers, corporate and UK project procurement, HR Vetting, project teams, and individual staff members seeking guidance e.g. for overseas working Liaise with relevant external stakeholders such as MOD CyDR Annually revise and reissue Security Operating Procedures for our secure networks and core Secure Networks cloud systems Support external security-related audits such as ISO27001 and by clients including MOD Oversee authorisations of third parties who will handle information from our secure networks or connect in to them, including both initial approval and ongoing maintenance Assess devices that require connection to our secure networks, for example point cloud scanners Maintain a co-ordinated programme for all security assurance activities to ensure they are delivered in a timely manner Arrange, report to, and provide advice and recommendations to Secure Networks Governance Committee meetings Report into the Office of the Chief Information Security Officer to provide confidence to them that our UK Secure Networks have adequate security assurance Carry out security assurance for key elements of the Secure Networks supply chain (hardware, software, services) Create and maintain infrastructure required to move the Security Assurance function from being an individual contact to a comprehensive standalone function, for example a group mailbox, a Team, communications methods, and site(s) for publication of Security Assurance policies, trackers, etc.Required Skills & Qualifications A 'completer finisher', with an eye for detail. Demonstrable experience of working in cyber security in a UK MOD-related environment Strong familiarity with UK MOD security standards such as Def Stan 05-138 versions 3 and 4, the Cyber Security Model, Secure By Design, Industry Security Notices Strong familiarity with UK Government security standards such as 007/SPF, NCSC Cloud Security Principles, NCSC Principles for Using Software as a Service (SaaS) securely, Cyber Essentials, and the CHECK penetration testing scheme Broad familiarity with UK Government physical and personnel security such as NPSA and UKSV Risk assessment using recognised standards such as IS1 and NIST SP800-30 Able to express yourself effectively, with a high degree of clarity, in English, especially when justifying and explaining required security measures Able to liaise effectively with a wide range of stakeholders, from senior leaders to technical IT staff Able to prioritise and manage your time to achieve multiple different tasks (Desirable) Familiarity with broader international security standards such as ISO27001, CMMC, and the NIST Cyber Security Framework (especially SP800-30 and SP800-53) (Desirable) Familiarity with UK nuclear regulations such as the ONR SyAPs (Desirable) Familiarity with the AtkinsRéalis corporate security standards and approaches Competent with Microsoft Word, Excel and PowerPoint Join a dynamic team supporting vital national security projects. Apply now to be part of a forward-thinking organisation committed to safeguarding critical infrastructure

About the Role: The role holder will serve as a trusted advisor to the CBRE Global Security senior management team providing project oversight of the regional project teams, along with the Security integration and Technical excellence and will provide actionable insights and recommendations to inform strategic decision-making from experience gained within the Security industry, ensuring clear communications to both CBRE and the Client is developed and maintained throughout the lifecycle of every delivery. Communication is a critical component to the success of any change initiative, and communicating to client and T1/T2 teams will be a top priority throughout every change intiaitive you will work on. As a CBRE change manager, you will oversee the security projects as part of FCP RCP, and CTB (change the Bank) and RTB (Run the bank). This role is key to ensuring security projects are delivered in a consistent format, having the skills and capabilities to turn complexity into simplicity. What You will Do: Develop and maintain relationships with clients to understand their security needs and provide tailored security solutions, overseeing a project delivery team of subject matter experts Able to own and deliver Security technology driven change within the client domain on a small to medium scale for Corporate Security and Global Real Estate projects. For RFP's, conduct security assessments of physical and technical security control suppliers, including access control systems, CCTV systems, and alarm systems Implement security metrics and reporting to measure the effectiveness of security program delivery Comply with security policies, procedures, and standards to ensure compliance with regulatory requirements Provide security consulting services to clients, including security audits, penetration testing, and security awareness training Collaborate with clients to identify and prioritize security risks and develop strategies to address them As a trusted consultant, have the capability to work on Security technology as and when needed without supervision Own/drive security incident response plans to ensure prompt and effective response to identified security project vulnerabilities Conduct security awareness training for clients and their employees to educate them on security best practices Stay up to date with emerging security threats and technologies, and provide recommendations to clients on how to stay ahead of these threats Collaborate with other security professionals to share knowledge and best practices What You'll Need: Bachelor's Degree preferred with 5-8 years of relevant experience. In lieu of a degree, a combination of experience and education will be considered. Security industry recognised accreditation, CISM, CSIP, MSyl or similar Project or programme management qualification or willingness to attain one Membership of a Security industry organisation: ASIS, Security institute or similar Ability to exercise judgment based on the analysis of multiple sources of information. Willingness to take a new perspective on existing solutions. In-depth technical knowledge of security solutions, principles, practices, and technologies. Organizational skills with an advanced inquisitive mindset. In-depth knowledge of Microsoft Office products, including Word, Excel, Outlook, etc. Ability to travel to client sites within region as needed.Why CBRE When you join CBRE, you become part of the global leader in commercial real estate services and investment that helps businesses and people thrive. We are dynamic problem solvers and forward-thinking professionals who create significant impact. Our collaborative culture is built on our shared values - respect, integrity, service and excellence - and we value the diverse perspectives, backgrounds and skillsets of our people. At CBRE, you have the opportunity to chart your own course and realize your potential. We welcome all applicants. Applicant AI Use Disclosure We value human interaction to understand each candidate's unique experience, skills and aspirations. We do not use artificial intelligence (AI) tools to make hiring decisions, and we ask that candidates disclose any use of AI in the application and interview process

Cyber Security Consultant As one of the world's largest networks of audit, tax and consulting firms, RSM delivers big ideas and premium service to help middle-market businesses thrive. We are a fast-growing firm with big ambitions -- we have a clear goal to become the premium adviser to the middle market, globally. This vision touches everything we do, motivating and inspiring us to become better every day. If you are looking for a firm where you can build a future and make an impact, then RSM is the place for you. Make an Impact at RSM UK At RSM, our consulting team brings together diverse advisory experts to deliver our six core solutions: business transformation, forensic, deal services, restructuring, finance function support, and risk and governance. Our solutions are designed to address the unique needs, challenges, and opportunities our clients face as they strive to achieve their aspirations and organisational goals. Whether it’s supporting global expansion, developing acquisition strategies, facilitating private equity investments, or collaborating with boards to manage risk and governance, our consulting experts work as one cohesive team. We prioritise simplicity, providing data-driven insights, value-added assurance, and high-quality execution to empower our clients in building sustainable, future-fit businesses. It’s an exciting time to join our consulting team, as we embark on ambitious growth plans that promise to create diverse career opportunities. We are committed to enhancing our six solutions, expanding and developing our team of expert consultants, embracing a digital-first approach, strengthening our global presence, and building strong client relationships. We are seeking an enthusiastic Cyber Security Consultant to join our team. Working alongside our experienced team of specialists, you’ll be delivering offensive security services including digital footprint reconnaissance, social engineering, penetration testing and vulnerability assessments and more to high profile clients across all industries. The purpose of this role is to deliver our offensive security services including digital footprint reconnaissance, social engineering, vulnerability assessments, penetration testing, threat modelling, cyber-attack simulation exercises, and more to high profile clients across all industries. You’ll benefit from ongoing coaching, career mentoring, and be supported by our career pathway. You will have an opportunity to continue to develop market leading skills across our different capabilities and advance your professional development. You will make an impact by: • Supporting technical scoping activities as part of client assignments., • Responsible for delivering fieldwork and assignment reporting., • Prioritise and manage tasks through to completion., • Stay current with the latest cyber-attacks and technology trends. What we are looking for: Are you someone who thrives on variety, loves learning new things, and enjoys connecting with people? If you can spot inefficiencies in everyday life and are passionate about making improvements, this role is perfect for you! We value diverse experiences and perspectives. Here’s what we’re looking for in our ideal candidate: • Experience of offensive security and penetration testing, • Demonstrable experience in infrastructure and web application testing, experience in API testing is desirable., • Demonstrable experience using common pen testing tools including Kali Linux, Burpsuite, Nessus and other industry standard tools., • Hold or working towards an industry recognised certification including CompTIA PenTest+; CHECK, CREST; Offensive Security Certified Professional (OSCP) etc., • Relevant experience within a cyber security role., • Familiar with technology trends, and cyber threats. What we can offer you: We recognise that our people are our most important assets. That’s why we offer a flexible reward and benefits package that will help you have fulfilling experience, both in and out of work. • Hybrid working although travel to your local office will be required weekly., • 25 Days Holiday., • Lifestyle, Health, and Wellbeing including financial wellbeing benefits such as financial tools, electric car scheme and access to a virtual GP., • Access to a suite of 300+ courses on demand developed by our inhouse Talent Development team