179 jobs found

Penetration Tester Remote 5 Months Role Overview: The successful candidate for this role will be working closely with like-minded individuals as part of the Penetration Testing Team and will be supporting and often taking the lead on Technical Reviews of solutions requiring a penetration test to establish what the scope is, any pre-requisites, and complexity of the tests. The role holder will require excellent communication skills and will collaborate closely with internal teams and third parties. Technical acumen and knowledge in various network security technologies is a must, for the person who is successful in this role will be required to hit the ground running in a fast-paced environment. Required Skills: Subject matter expertise in, and hands-on experience with various security and network security technologies (e.g., firewalls, VPNs, network isolation, etc.) Experience with Windows and Linux server Operating Systems and Cloud platforms, Deep Analytical capabilities and an inquisitive mind, to identify potential vulnerabilities, architecture or process design flaws, or violations of best practices in the application of cybersecurity controls Experience in interpreting industry best practices, cyber risk management, security compliance requirements, and audit reports, and in planning or making recommendations for the remediation of audit findings in the realm of cybersecurity and data privacy Significant work experience with infrastructure, network, cloud, and application solutions Excellent communication skills (verbal and written) Significant prior experience in communicating with clients and stakeholders Strong decision making and negotiation skills Desired Skills: Prior involvement in penetration testing, whether hands-on, coordination, scoping, support, quality assurance, or using commonly used penetration testing tools (e.g., NMAP, Nessus, NodeZero, Appscan, BurpSuite, etc. for assessing IT solutions' security posture Experience interpreting OWASP and CVSS resources and familiarity with secure coding best practices Basic understanding of Kubernetes and application containerization Minimum Qualifications: Bachelor's Degree PC literacy, including desktop and collaboration application competency (Microsoft Office, Outlook, Teams, Chrome, etc.) Ability to work independently, but as a team toward common goals Quick to learn new concepts and technologies Problem solving skills and attention to detail Able to work on multiple focus points in parallel and interact with different team members If you feel you have the relevant experience and skills required, please do not hesitate to apply now!

Senior IT Security Architect West Midlands, Permanent with a six-figure package. 80% remote working available This is a highly visible role which will have a significant voice across the enterprise. Working for a brand known by most across the UK, operating within a regulated sector. Following significant technology investment this appointment will be responsible for defining Security Architecture Artefacts and Roadmaps, ensuring alignment between the business and Security. Focused on both maturity of internal Security Architecture and responsible for high profile project/programme work. The role will also be supporting a large Cyber Security Programme, as well as a focus on IAM Responsibilities: Take a lead role in defining Security Related Standards and Design Principles Creation and Maintenance of Design Patterns Architectural and System Building Blocks for security Creation and Maintenance of 3-5-year roadmaps for Security related products Ensure organisation Information Assets are protected against insider and external threats through the provision of Security Architectures Working across Cloud, Infrastructure, Business and Application environments Experience required: Demonstrable Security Architecture experience, this role is not focused on governance or assurance Ability to manage multiple Stakeholders and shape Security Architecture around business objectives Experience in creating and owning Security Roadmaps Beneficial: CISSP Cloud Security Architecture experience Flexible, remote role. The business have a HQ in the Midlands and occasional office visits may be required from time to time.

Cyber Governance & Assurance Specialist This is an opportunity to play your part in protecting our client, their customers, and their communities from a cyber-attack. Be part of a growing dedicated security team and get ready to make a difference by bringing your cyber skills and experience onboard. You'll learn from those around you and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and flexible working environment where your contribution is always valued. What you'll do: Provide security leadership and assurance for a specific customer contract Act as the primary security contact, interfacing with your peers and our partners Work with the existing team to understand the security requirements and ensure deliverables are planned and aligned to the wider contract schedule Ensure security controls are embedded from the outset, following Secure by Design principles through delivery and in-life Direct the delivery and maintenance of the security accreditation Manage the through life Security Management Plan and ongoing assurance of the service Manage and lead operational risk relating to people, information, assets, revenue, and reputation, to ensure compliance with relevant security requirements Be a key representative at the customer's Security Working Group (SWG) Provide security advice and direction to stakeholders and our external customer(s) Work with our Defence security operations team to ensure alignment and support from existing processes and personnel Be a security ambassador for our company, our customers, and our team You'll definitely: Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum) Have a proven track record in security and information risk management Be a SME of technical, physical, procedural, personnel security management Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies Have knowledge and experience of the following security standards - ISO27001, MoD JSP604, 440 & 490, NIST, NCSC best practice Benefit from lots of different resources to help you stay in tune with latest developments and future strategy (e.g. Defence Cyber Protection Partnership - DCPP, Team Defence Information - TD-Info) Be experienced in communicating and influencing across all levels Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines Have excellent communication and leadership qualities Be self-motivated and proactive Be organised and able to multi-task Promote security best practice and awareness You might even: Have knowledge of Secure by Design Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background Have a Certified Information Systems Security Professional (CISSP) certification or background Have ISO 27001 Implementor and/or Auditor certification

Information Security Analyst required by market leading, award winning, professional services organisation based on a hybrid working basis (1-2 days a week onsite in Central Bristol). The successful candidate will join our clients InfoSec Team based in Bristol. Main Duties: Assisting the Information Security Manager with maintaining the businesses internal InfoSec resilience and ensuring the company complies with internal policies and procedures. Assisting with providing responses to client and supplier questionnaires and correspondence in relation to InfoSec. Providing assurance and assessment over our clients supply chain. Work closely with the DPO to promptly investigate potential data breaches. Work closely with the SOC team to assist with investigations. Assist with auditing to ensure internal standards are being applied consistently. Assist with annual ISO 27001 information security audit. Ideal Background: Experience working within the information and cyber security field. Previous experience in conducting risk assessments. Working knowledge of legislation and accreditations such as DPA, ISO 27001 and CE+. Able to work both as an individual and as part of a team. Ability to be flexible managing tasks and workload on a daily basis. Accuracy, sound organisational skills and attention to detail. This fantastic role comes with a basic salary of £30,000-35,000 p/a and on top of the bespoke training package, comes with the following benefits: A performance related bonus, remote working, annual salary review, 25 days holiday (which will increase to 30 days based upon length of service), private medical insurance, pension and many more.

Technical Manager/IT Manager /Technical Lead/Permanent/Leeds/Wakefield/Hybrid Working Your new company Hays Technology are recruiting an IT Manager/Technical Lead for a growing public sector organisation based in the Leeds area on a permanent basis. You will be reporting to the Head of Digital and will be part of the IT leadership team. Your new role You will be providing technical expertise, strategic thinking and advising on appropriate solutions and stakeholder management whilst contributing to the IT strategy, identifying opportunities for improving digital maturity, digital transformation, service, cost, and process improvements. Within this role, you will be responsible for IT Governance and assurance and the general wellbeing of the IT function within the organisation, whilst being on-call for all things IT. Some of your wider responsibilities include, scoping, and managing the execution of penetration testing and vulnerability scanning, ad hoc technical audits, technical design, cyber security, support of new procurement services, and software licenses. What you'll need to succeed Significant & demonstrable experience of supporting complex IT departments with a wide-ranging IT knowledge Experience in technical design, solutions, service continuity, disaster recovery and IT security would be ideal. Windows technology and Azure/Cloud experience ideal IT management skills and strategic thinking Experience of IT Governance, Assurance and Cyber Security Experience of leading continuous improvement activities and facilitating sustainable change in working practices, process, and culture Experience of procurement and licensing Excellent stakeholder management and negotiation skills What you'll get in return This exciting position is paying up to £55,000 negotiable on experience and offers an excellent work life balance including: home working, 27 days annual leave, generous employer contribution pension scheme, flexibility, training, and development opportunities. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Cyber Security Network Manager £500 - £650 a day ( Inside IR35 ) Hybrid Working Pattern Your new companyHays is proud to be working with this public sector organisation that are now employing for a Cyber Security Network Manager that will be looking after two senior network security engineers.Your new role To approve, and implement best practice in cyber defence and network security including ISO27001, CESG (the National Technical Authority for Information Assurance) guidance and Public Services Network instructions. Provide support for incidents and investigations into breaches of organisations policy, relevant codes of practice and appropriate legislation, liaising with the relevant authorities and monitoring our platforms for information risk issues. Audit compliance with organisations policy, codes of practice and appropriate legislation including the Data Protection Act in all matters relating to network security. Work with Cross-directorate leads to promote and implement high security standards for all council systems. Be responsible for security event management systems, intrusion prevention systems, vulnerability scanning tools and end point security systems. What you'll need to succeed Trained and experienced in the operation at least two security vendor's software, hardware or services or holding a relevant and current professional ICT security qualification. CISCO and CISSP ISO27001 Ability to work in a high-pressure environment. Staff Management skills. Knowledge of networking principles, practices and technologiesWhat you'll get in return Hybrid - Flexible working. Good working environment What you need to do nowIf you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays EA is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Cyber Security Consultant Salary Range: £55 to £65k (based on candidate experience) + Company Benefits Hybrid Model: Remote with occasional attendance to external client sites - project dependent (clients in Southern England, travel expensed by client) Open Positions: 2 openings Security Clearance: Candidates will be required to have active DV Security Clearance ( or SC/NSV) or be eligible to become security cleared. Key Sectors: Government bodies (HMG) and Ministry of Defence (MoD) About the Client and Role: My client, a leading cyber security consultancy are seeking 2 x Cyber Security Consultants to join their quickly growing team on a permanent basis. The consultant will be expected to provide expert consultancy to agree a recommended course of action to enable the client to meet required level of security requirements. Key Deliverables: Working closely with stakeholders and external clients, the consultant will provide course of recommendation in relation to their security systems and procedures; reviewing and assessing policies, controls & assets. Production of Formal Deliverables: Security Operating Procedures (SyOPs) Governance, Risk and Compliance (GRC) Security policies and operating procedures Security Accreditations (eg ISO 27001) Carrying out reviews and assessments of security policies Articulating security requirements and recommendations at business & technical level Candidate Requirements: Background in HMG/MoD Professional experience with SyOPs Strong experience and understanding of cyber security consultancy Strong knowledge of governance and risk, frameworks, and assurance Active or ability to gain security clearance Related Cyber Security Certifications (eg CISSP, CISM, CCSP) and/or Education based in IT Security Highly desirable: Knowledge of HMG and MoD information assurance requirements (JSP440, JSP604, NCSC IA etc.), and experience using related HMG/MoD tools and standards.

Coventry building society are currently looking for a Senior Information Security Analyst to join the team on a permanent basis. This will be a hybrid role with occasional travel into the Coventry office. You will lead the day to day information security risk activities and support the Society's Security frameworks (e.g. information security policies, implementation guidance, standards) whilst undertaking security reviews relating to supplier risk management. The role will oversee the implementation of information security policy, procedures and standards across the Society and, importantly, its third parties; while engaging within the Society's business areas to provide support and guidance. We currently have an exciting opportunity for a Senior Information Security Specialist to join our Defensive Operations Team on a full time, permanent basis. As a Senior Information Security Specialist you will lead the day to day information security risk activities and support the Society's Security frameworks (e.g. information security policies, implementation guidance, standards) whilst undertaking security reviews relating to cyber security and supplier risk management. The role will oversee the implementation of information security policy, procedures and standards across the Society and, importantly, its third parties; while engaging within the Society's business areas to provide support and guidance and supporting ongoing BAU activities. As a senior member of the Information Security Team, you will be empowered to work under your own initiative and make key risk-based security decisions to help deliver proactive, pragmatic and risk-informed security. About You Are you passionate about security and want to be part of an innovative forward looking team.? Do you have experience in regulated industries and enjoy leading and sharing your knowledge to support business change?. We're looking for a self-starting person with excellent problem-solving skills to join our fast paced, experienced team. To be a successful member of our team, we need people who are experts in security technologies, governance and assurance; and who also have a drive for change and continuous improvement. Professional qualifications or essential experience required: Recognised Information Security risk experience Experience of working in a regulated environment, preferably UK Financial Services Experience of delivering risk assessments, assurance reports and reporting risk to Senior Management and Committees Demonstrable understanding of Information Security control standards and frameworks including ISO27001, NIST, GDPR, Cyber Essentials and PCI-DSS Experience assessing and managing Third Party Risk. Experience of implementing security controls in the Cloud. Excellent communication skills and able to effectively communicate through to Senior Management and the Executive, both written and verbal. Able to articulate technical risks to non-technical audiences. Proven analytical and problem-solving skills. Information Security certifications are desirable e.g. CISM, CISSP, CRISC, ISO 27001 lead implementor/ auditor. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Coventry building society are currently looking for a Senior Information Security Analyst to join the team on a permanent basis. This will be a hybrid role with occasional travel into the Coventry office. You will lead the day to day information security risk activities and support the Society's Security frameworks (eg information security policies, implementation guidance, standards) whilst undertaking security reviews relating to supplier risk management. The role will oversee the implementation of information security policy, procedures and standards across the Society and importantly, its third parties; while engaging within the Society's business areas to provide support and guidance. We currently have an exciting opportunity for a Senior Information Security Specialist to join our Defensive Operations Team on a full time, permanent basis. As a Senior Information Security Specialist you will lead the day to day information security risk activities and support the Society's Security frameworks (eg information security policies, implementation guidance, standards) whilst undertaking security reviews relating to cyber security and supplier risk management. The role will oversee the implementation of information security policy, procedures and standards across the Society and importantly, its third parties; while engaging within the Society's business areas to provide support and guidance and supporting ongoing BAU activities. As a senior member of the Information Security Team, you will be empowered to work under your own initiative and make key risk-based security decisions to help deliver proactive, pragmatic and risk-informed security. About You Are you passionate about security and want to be part of an innovative forward looking team? Do you have experience in regulated industries and enjoy leading and sharing your knowledge to support business change? We're looking for a self-starting person with excellent problem-solving skills to join our fast paced, experienced team. To be a successful member of our team, we need people who are experts in security technologies, governance and assurance; and who also have a drive for change and continuous improvement. Professional qualifications or essential experience required: Recognised Information Security risk experience Experience of working in a regulated environment, preferably UK Financial Services Experience of delivering risk assessments, assurance reports and reporting risk to Senior Management and Committees Demonstrable understanding of Information Security control standards and frameworks including ISO27001, NIST, GDPR, Cyber Essentials and PCI-DSS Experience assessing and managing Third Party Risk. Experience of implementing security controls in the Cloud. Excellent communication skills and able to effectively communicate through to Senior Management and the Executive, both written and verbal. Able to articulate technical risks to non-technical audiences. Proven analytical and problem-solving skills. Information Security certifications are desirable eg CISM, CISSP, CRISC, ISO 27001 lead implementor/auditor. Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Location(s): UK, Europe & Africa : UK : Great Baddow UK, Europe & Africa : UK : Guildford UK, Europe & Africa : UK : London BAE Systems Digital Intelligence is home to 4,800 digital, cyber and intelligence experts. We work collaboratively across 16 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments. We are growing our team to deliver value added processing upon space-based RF sensor data using signal processing, machine learning and geolocation techniques. An experimental cluster of satellites is being developed and the enhanced services team will be exploiting this as follows: Definition and development of concept demonstrators that provide a tangible illustration of transformational benefits to defence and commercial customers. Technical activities will range from R&D - research and modelling with respect to validating and specifying the concepts, through to implementation of end to end trials and demonstrator applications. Definition and development of capability that will provide a technical foundation for the concept demonstrators. In particular, specification, and implementation of development infrastructure, and exploitation of scalable cloud based ground processing and system and on-board, in-orbit processors. Participate across the wider programme, in particular subject matter expertise and requirements that influence CONOPs and architecture, and derisks integration with the core mission services. The Enhanced Services team will be addressing RF use cases using software defined radio techniques. Personnel are based out of our south east offices (Great Baddow, Guildford and London). The team will have coverage of the development skills that follow in order to deliver the R&D and Implementation aspects. In addition to these skills there will be other supporting roles for product ownership, solution architecture and project management. Role Profile We are recruiting primarily for Lead RF Software Engineer for the RF sensing activities. The lead software engineer will: Make, Record and Justify key technical decisions with regard to implementation approach Provide a key technical interface, providing subject matter expertise and reporting to the project Oversee research and software engineering activities for RF Sensing activities. Decompose requirements into modular components/functions that may be delivered from a backlog Provide technical support and direction to developers Mentor and coach developers, provide objectives and give development feedback on a regular basis Define and tailor a proportionate software development process. Ensure that software delivered is of an appropriate level of quality assurance. Escalate as required, seek more senior subject matter expertise where required All team members will: Generate and investigate ideas for concept demonstrators, down selecting based upon mathematical analysis/modelling. Develop and test software that will contribute to the concept demonstrators and trials Contribute to mission requirements and CONOPs as required Embrace effective Agile ways of working. Collaborate within a cross-functional team Work autonomously, but proactively seek review and support. Demonstrate awareness of progress and articulation of next steps Contribute to project records and backlog Have an aptitude and desire for complex problem solving. Successful applicants will have coverage of the following skills: Relevant technical background in a numerate discipline, engineering, physics, maths, computer science. RF activities Wireless Communications and Digital Signal Processing Awareness of signal analysis, demodulation, and PNT/Geolocation techniques. Python, MATLAB, C++ for modelling C++ for implementation Software Engineering Linux Desirable: embedded Linux + ARM architecture Version control e.g. Git Workflow / delivery tools - e.g. Atlassian Bitbucket, JIRA, Confluence Desirable: Cloud, Containerisation Desirable: Experience working in fields related to space and remote sensing - e.g. earth observation, satellite communications. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.

What you'll be doing: Deliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems. Identification of risk and appropriate mitigation requirements, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulations Deliver documentation to demonstrate compliance to internal and external stakeholders Assessment and provision of control effectiveness in managing information security risk Provide security architecture / technical input into the development of secure solutions Support development of strategy and continual service improvement for the assurance function Act as a subject matter expert regarding assurance activities for the wider organisation Deliver assurance services to the business, EITS, IM&T Sector and Group Functions, covering CPE (Customer Premises Equipment) and cloud-based systems Important: All applicants must have the ability to obtain Security Clearance 5 years UK residency minimum Your skills and experiences: Essential: In-depth knowledge of industry standard security policy, standards and good practice guidance and their application to a variety of IT solutions processing protectively marked information In-depth knowledge of threats, risks, vulnerabilities and risk mitigations strategies and techniques Knowledge of information security standards, such as HMG, ISO 27001/18, NIST 800 etc Desirable: Knowledge of CompTIA (A+, Network+, Security+)/CCSK/ISO27001 Practitioner (Lead Auditor etc.) - essential in one or more certifications / or on path to complete Excellent negotiation and interpersonal skills for managing relationships with stakeholders and direct reports

Pontoon is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone's chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive. Cyber Assurance Lead (Permanent) Salary: £45,000 - £61,000 (Dependent on experience) Location: Hybrid/Warwick Job Purpose To manage and lead the GT (Gas Transmission) 2nd line of assurance cyber and technology programme and the requisite benefits identified in line with the agreed delivery timeline to meet GT's Cyber Strategy and the External Obligations. As an Assurance Lead, you will plan and deliver a range of assurance activities (15-20 per year) across the various businesses and operations of GT, harnessing a deep understanding of business strategy, control frameworks and risk appetite to provide independent assurance on the design and effectiveness of processes and controls used mitigate business risk. You will provide recommendations to drive effective and efficient control frameworks and processes, employing best practices to support the business in its focus on continuous improvement. Key Accountabilities: To assist the Assurance Manager in the development of assurance strategies. Develop, agree and lead the programme of Tier 2 Assurance activities, working across a Network of Business leads to raise GT's cyber resilience to a level that meets GT's Policy and working with Digital Risk & Security to ensure it aligns us to the required standards outlined in the NIS directive Collaborate with GT to improve how we operate through undertaking ad-hoc in-depth assurance reviews / investigations of asset management processes / activities. Manage the Business Improvement Request (BIR) tracker system, recording agreed actions from assurance activities, asset health checks and HSE Inspections, and providing the timely reporting to enable line managers to monitor and progress closure of actions Review and analyse 2nd line management assurance reports and Cyber Health Checks, to identify trends / common themes, to develop and propose improvement actions. Lead on the development and execution of key ISO standards e.g. ISO27001, ISO20000 Provide assurance over 1st line managements analysis of the potential benefits of new products, materials, methods & systems. Develop and deliver a programme of Tier 2 assurance audits that provides GT with feedback on the compliance with standards associated with cyber and security. Provide controls advice and expertise to GT business managers incl support to embed 1st line assurance for cyber. Provide SME support to the development of policies and standards Facilitate implementation of assurance policies and initiatives by business managers Lead on internal audits for cyber Represent the team by attending key SHEs working groups such as the Cyber security Group ensuring information is communicated across GT as appropriate. Contribute to the continual education of colleagues across GT in relation to cyber Support GT's Cyber Risk Management capability by establishing and delivering training and communication plans Skills/Experience Required: Membership of, and/or qualification issued by a professional body (Eg, IRCA is desired) Excellent understanding of ISO (27001, 20000 and other related standards) and its application within GT, including audit and assurance experience with the ability to provide insights and expert guidance as appropriate. Good knowledge and understanding of project methodologies, assurance delivery and practices, internal control frameworks and risk management activities. Skills in applying internal auditing principles and practices Demonstrable track record of developing successful, long lasting, relationships across the business including: ability to engage, challenge and influence senior managers, deal effectively with resistance to proposals and secure their buy-in and support. Candidates will ideally show evidence of the above in their CV in order to be considered. Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

About our cultureThe Works is such a welcoming place to well work!Our atmosphere is supportive, friendly and inclusive. A second home-from-home where you can be your best and authentic you.We've built an environment that's busy, always moving, and full of energy. Yet we still make space to share must-watch TV recommendations and our favourite page-turners! We're a proactive and hardworking bunch who are dedicated to inspiring and empowering our customers to read, learn, create and play.It's the perfect place for people who know how to roll their sleeves up, get creative, and put their passion and imagination to work we're people who 'do'!If you're the kind of person who is as 'crafty', 'caring' and 'can-do' as we are, then this is the kind of culture for you. What we will give to you! 25% off colleague discount in-store and online (Often increased to 50% off for seasonal offers!) 33 days holiday (Inclusive of Bank Holidays) Holiday Purchase scheme to increase your annual leave entitlement by 5 extra days per year Access to our MyWorks reward platform which has thousands of exclusive online discounts across hundreds of well-known retailers, utilities, holidays and much more! Hybrid working - This varies by department, but typically we're working to 1 or 2 days per week in the office Save As You Earn (SAYE) scheme. Become a shareholder and buy your own piece of The Works by buying shares at an exclusive discounted rate direct-from-salary Company pension contribution Can-Do Academy - Instant access to training and development programmes when it suits you Cycle to Work scheme Employee Health, Wellbeing and Financial support through the Retail Trust and our Employee Assistance Programme (EAP) - Because you matter! Life Assurance Healthcare Cash Plan Free Car Parking when on-site at our Support Centre Optional Charity Giving schemes - Pennies from Heaven and Give as you Earn About the Role Reporting into the Head of Systems, Services & Operations you will play a crucial role in delivering outstanding infrastructure support and project delivery to your colleagues across Stores, Distribution Centre (DC) and Support Centre (SC) as well as our ecommerce website. You're a natural communicator who enjoys keeping your colleagues in the loop, ensuring they feel their issues are understood and giving them the confidence that the issues will be resolved. You thrive on seeing incidents and problems through to resolution, spotting trends and holding yourself to the highest best practice standards. You keep up to date with technology; particularly Microsoft Server, Office 365, and hybrid cloud. You are someone who wants to own delivery of improvements and projects with a focus on enterprise class service wraps and cyber security. This is an exciting opportunity for an ambitious, technically strong and solution focused Infrastructure Lead to join our evolving Technology Services team. The purpose of the role is to own the delivery of Infrastructure support, maintenance & project delivery. Responding effectively to incidents and requests restoring service or fulfilling requests as quickly as possible whilst communicating with all relevant stakeholders. Providing cover for the Head of Systems, Services & Operations as required. To provide a problem management function for Infrastructure & Networks. To drive Infrastructure standardisation, documentation, performance, and knowledge both within Technology Services and the wider business. Incident Management Acting as a technical escalation point for the Technology Service Desk. Reviewing infrastructure & network incidents, completing diagnostics, replicating issues and resolving or technically escalating incidents. Ensuring the right resolution path is followed and SLAs are continuously monitored. Flagging any knowledge management opportunities prior to closure. Problem Management Owning problem management for infrastructure & networks, prioritising, monitoring, reporting on and ultimately resolving problems. Continually utilising incident trend analysis to reduce demand on incident management via root cause analysis. Ensuring the lessons learnt from each problem are identified and documented. Knowledge Management Creating and maintaining known errors, workarounds, knowledge articles and standard operating procedures. Seeking training and documentation opportunities across Technology Services pushing knowledge towards the Technology Service Desk as well as the wider business. Capacity & Demand Management Creating capacity management reporting, assessing BAU growth and project demands, forecasting future storage and compute needs. Discovery & Design Managing technical discovery for potential projects and or service improvements. Working closely with development & projects, pitching designs to the design review group considering compatibility with the current estate and future operating model. Showing true ownership of the Infrastructure & Network spaces. Project Delivery Owning smaller projects or technical delivery of workstreams within larger programs. Engaging with all project stakeholders managing expectations, ensuring that they are kept updated with project progress and risks to agreed timelines or budgets. Cyber Security Working with the vCISO, 24/7 SOC and the Head of Systems, Services & Operations to identify & mitigate security risks. Including firewall reviews, patch management, vulnerability scanning, design reviews, GPO / OS hardening, pen test reviews, PCI compliance and responding to incidents as required. About you PASSIONATE - In everything you do - you want to learn, you want to grow and you want to develop the service we offer. STRONG COMMUNICATOR - You enjoy building and developing relationships with people, keeping everyone up to date.HIGHLY ORGANISED - You can prioritise your workload, set expectations and keep your promises.

Industrial Control Systems, Operational Technology, Manufacturing, Security Your new company we are looking for an experienced Head of Industrial Control Systems Security to join our growing Security team. As an effect of the significant increase of cyber-risk, and the ageing of our machine control system (Operational Technology) estate, we are offering a this new complex & exciting role.You will be part of a Global Manufacturing business, this role will work intimately with the key operations personnel, both at a group and site level to drive the security maturity of the Industrial Controls Systems. Your new role You will support the definition, and lead the roll-out and implementation, of the Group Defined Security policies and standards, that ensures the security of the manufacturing processes and that risks are appropriately managed.Ultimately the role will lead risk reduction and security hardening as it relates to our manufacturing processes to ensure that production is resilient to cyber threat. Lead systematic inventory of the OT estate Drive and foster behaviours and culture change required for security risk reduction Manage and be accountable for the analysis, design, and development and implementation of the OT Framework for Paper and Recycling Mange and be accountable for incident response and disaster recovery processes and policies ensuring they are effective and adhered to Lead and be accountable for the mitigation of risk, both short and long term Be a subject matter expert for specific functional knowledge of OT activities to lead and guide the design and implementation of the services and or solutions. Be accountable for and manage platform support both with internal teams (eg. IT) as well as our support partners. Lead and be accountable with gap analysis, business process redesign. Lead and be accountable ensuring the future proofing of new machines and ensuring security guidelines are maintained. Partner and collaborate with Digital Security and Digital Hub on use case development as it relates to IOT and data capabilities to ensure security threat is managed on the machines Stakeholder management on all levels across all regions globally and strong collaboration with paper and recycling operations teams at local sites, Digital Security, Digital Hub, IT team. Lead Site assessment efforts in conjunction with IT, risk and other group function team(s) What you'll need to succeed Experience in working in operational, manufacturing or processing environment (e.g. Paper & Pulp, Oil & Gas, Pharmaceuticals etc) Experience working with Operational Technology, Industrial Controls Systems, SCADA, PLCs, etc Hands on experience in IT/OT Security, Risk Management, Network Engineering, Incident Management Experienced in a Leadership Role working experience in Engineering or IT Security field Experience of leading a multinational team, that works across borders Extensive engineering expertise in the areas of tooling, prints, specifications, product maintenance, budgeting, and software products Proven success working cross-functionally and contributing to the product strategy to successfully deliver on the product roadmap Working understanding in a wide range of information security technologies including network hardening, firewall optimisation, data backup and restoration, end point security Educated to University degree level (or equivalent) in STEM subject Possession of professional certifications and membership in professional associations is highly desirable (e.g., CISSP, GICSP, CISM, CIISec, IET, BCS ISO27000 certification etc) What you'll get in return Flexible working options available. Competitive salary + Bonuses Company bonus Pension scheme Life assurance Income protection 25 days holiday plus bank holidays Annual Cycle to Work Scheme What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays EA is a trading division of Hays Specialist Recruitment Limited and acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

End Date Thursday 29 June 2023 Salary Range £81,928 - £102,410 We support agile working - click here for more information on agile working options. Agile Working Options Other Agile Working Arrangements / Open to Discussion Job Description Summary Shaping and driving the technology strategy for our Finance and Capital Markets business Job Description Location: For many of our office based colleagues, we work in hybrid ways which involves spending at least two days per week or 40% of their time at one of our office sites. You can work from any of the following locations: West Yorkshire (Leeds or Halifax), Manchester, Edinburgh, Bristol, London, Cardiff, Birmingham, Chester. Want to make a difference in an area of strategic importance and growth? This role could be the opportunity you re looking for! About the roles: Our team is growing! We have a number of roles to fill across the Business & Commercial Banking team. There s never been a better time to join our Enterprise Architecture team. Within the group there has been a reawakening of the enormous value, good Enterprise Architecture brings to our organisation. This originates with our CEO and is championed throughout the organisation, fostering an environment where decisions are based on how we leverage technology to build a future where we are robust, safe and sustainable; supporting the needs of our customers today and for tomorrow. You'll be joining a small, dynamic team of strategy setting Enterprise Architects, focused on the technology enablers that support all our colleague and customer services. We collaborate closely with business and engineering leaders across the organisation to drive strategy, deliver strategic roadmaps, provide thought leadership and inspire innovative solutions. We must view problems from many different perspectives and our architectural decisions must balance strategy with pragmatism to deliver the best outcome. You'll be aligned to Business & Commercial Banking (BCB) engaging with senior leaders, advising them on how to utilise technology to achieve outcomes and articulate options that balance the different drivers of change. The BCB business provide all the banking needs for our Commercial customers ranging from sole traders all the way up to our mid corporates. It covers a very broad range of products including traditional bank accounts, corporate cards, working capital management, loans, merchant services, asset and invoice finance etc. This is a growth business for us with significant investment over the next 5 years with an ambition of being the best digital bank for business clients! With this investment brings significant architectural change and growth in the team. We're redesigning significant portions of our estate as well as engaging on a bold programme to optimise our application portfolio. We're at the start of this journey so lots of opportunities to craft the new architecture of the future. About you: If you love to drive the strategy, find chances to create valuable contributions and turn new ideas into reality then this could be the role for you. You're a forward-looking and enthusiastic enterprise architect who can combine thought leadership, a passion for change, an ability to logically decompose complex problems and influence all levels of the organisation. You'll typically have broad architecture experience spanning a variety of traditional, modern, and emerging technologies, ideally but not critically, in a financial or regulated industry. You ll have a background in strategy setting, enterprise architecture or technology consulting roles. Ideally you'll have had experience in engineering and solution architecture during your career. You define architecture direction in the context of industry trends and understand how that can bring value to the organisation. Key accountabilities: All architecture decisions made for the area you support. Build compelling architecture strategies and roadmaps with comprehensive inputs from Business, Engineering, Operations, Industry and Vendors. Pro-actively drive forward the agenda to simplify and modernise our technology landscape. Keep pace with the latest industry direction and vendor offerings to ensure our strategies capitalise on new opportunities. Influence our investment portfolios and the direction of major change programmes to ensure strategic architecture outcomes. Build strong relationships and credibly communicate with key business and engineering collaborators across the organisation including CxOs. You're an authority for an architecture domain with deep and broad knowledge of technology, methodology and assurance techniques. Desirable technical experience: Broad EA/ IT experience covering many of the following, with a deeper knowledge of at least one or two of the below ( T shaped): Cloud platform technologies covering IaaS, PaaS, and SaaS services on Public Cloud (such as Azure or GCP) Complex systems integration including variety of integration methods and technologies including web services, REST, event based integration using Kafka. Domain and microservice based architecture with a good understanding of various microservice patterns and best practices. Client and Colleague facing solutions with good understanding of authentication and authorisation frameworks for external and internal facing users (SSO, JWT, OpenID Connect). Hybrid hosting architecture of cloud and tradition platforms including, modern container/k8s based platforms, Midrange Unix and Mainframe technologies. API architecture standards including API authentication, API gateways and role of API marketplace. Data architecture including having a clear PoV on role of relational, NoSQL databases, data warehouses, data lakes and datahouses and experience of data security, privacy & ethics Designing critically important systems to stringent service parameters across performance, resilience and availability. Additionally, Broad appreciation of cyber security (e.g., zero trust) and the architectural implications it has on application design. Knowledge of modern progressive technologies - e.g., machine learning, artificial intelligence, block chain etc. You ll bring the experience, skills and passion to lead us further along our transformation journey and we ll bring opportunities on a scale not many organisations can match. What's in it for you? Join us and be part of an inclusive, values-led culture that celebrates diversity, promotes equal opportunity, and provides opportunities for flexible working in a collaborative environment. We will provide you with a diverse, energising, and informal environment that takes a strong focus on equal opportunity and supports career progression on all levels. Enhancing your personal and professional development is something that is very important to us, and we will work with you to make a positive difference to the overall teams' mission. We want you to learn, grow & develop to become the best possible version of yourself. We'll ensure that individuals with disabilities are provided suitable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Our approach to inclusion and diversity means that we all can make a real difference, Together We Make It Possible! At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we re building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.

Location: Portsmouth Salary: £40.4k - £50.6k per annum (Dependent on skills & qualifications) Reference: REQ3078 Do you want to be a part of an innovative and supportive team, where there are great opportunities for career progression and development? Here at SGN we are looking for an Information Security Supplier Assurance & Controls Analyst providing support the security assurance function in triaging, assessing, and providing security advisory services across all programmes, projects, and steady state services. You will be responsible for providing assurance to the SGN leadership team regarding the design and operating effectiveness of the security controls within both SGN's IT and OT environments. You will work collaboratively with risk management, business analysts, projects managers, architects, and support teams to identify, evaluate, report, and mitigate risks. In addition, you will be responsible for reviewing and identifying security control gaps in steady state services, providing ongoing reports, metrics and recommendation to remediate or mitigated risks. What will you be doing day to day? Determine the security posture of SGN suppliers, performing third-party supplier assessments to identify and understand the risks posed by the Supplier to SGN Enroll identified suppliers onto the SGN Supplier Assessment tool Review supplier assessment questionnaire responses, obtaining clarity and evidences where appropriate Identify gaps and supplier security risks to SGN Identify mitigation and remediation actions to address supplier gaps and risk, engaging with the supplier to agree plans and activities to address risks Document supplier risk reports and seek business approvals Work with third parties, procurement and legal to mitigate supplier risks Work with SGN Security to mature existing supplier assurance processes and procedures What you'll need The individual should be educated to degree level in a relevant discipline. Must be CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job. Must have expertise in Cloud (IaaS, Paas, SaaS), in particular AWS and Azure Must have proven expertise in three of the following security domain areas; Vulnerability Assessment and Management, Security Risk and Compliance, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management and Security Engineering Must have 1-2 years' cyber security experience Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc. Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates for OT environment Skills that will help you in the role: Knowledge and experience on IT Auditing/Control testing, IT Information Security and IT generic computing controls Knowledge of technology risk and controls including relevant tools and techniques Knowledge of key areas in technology risk, including operations, change, security, resilience at both application and infrastructure layers The suitable candidate must be a highly motivated individual with strong managerial capabilities. A proven track record as a cyber security subject matter expertise in this or other organisations is a prerequisite requirement. The role will require a significant attention to detail and ability to work with both a strategic, Director level as well as working with subject matter experts on detailed design issues and application, integration and data modelling. The successful candidate will be required to be an excellent communicator and not averse to dealing with conflict management and decision making on a regular basis. Key skills and Behaviours: Able to coach and motivate teams to deliver results under pressure or with conflicting demands Good at challenging and support their teams on self -development and keeping up to date with technology Attention to detail Good interpersonal and communication skills. Collaborative team player. Ability to lead and take control when required to do so Assertive and driven Good at building rapport and influencing at all levels High energy and a desire to succeed If you don't have all the qualifications, we would still love to hear from you we provide our own specialised learning and development programs, providing access to learning tools to help you acquire the skills needed to excel in our environment. What's in it for you? Job security and genuine learning and development opportunities Holiday and sickness package HolidayPlus - Buy up to 10 additional days holiday, available all year round Retail & leisure discounts Cycle2work scheme Company pension scheme - with company contributions between 6 -12% (depending on length of service and personal % contribution) Gym & mobile discounts Virtual GP - Our GP Helpline is a virtual GP service which offers unlimited access to GP at a time which suits you What we do We're on a journey to transform the future of gas and we think outside the box - futuristic technologies and robotics are leading our innovation. Keeping our customers safe and warm is what we do but beyond that, we want to make the world a better place, which is why we're passionate about helping in our communities, reducing our carbon footprint and driving innovation in our industry. At SGN, we strive to sustain our world through managing the network that distributes natural and green gas across the south of England and Scotland. We have an important responsibility to keep the gas flowing to 5.9 million homes and businesses. Your work directly impacts SGNs commitments to keeping our customers' homes and businesses safe.

Cyber Security Architect (Azure SaaS) Reigate / WFH to £115k Are you a Cyber Security Architect with a strong knowledge of Azure? You could be progressing your career in a senior, influential role at a global FinTech; you'll be working on complex and interesting systems and making a real impact whilst remaining hands on with technology. As a Cyber Security Architect you'll partner with the Head of Architecture and Chief Information Security Officer to define Azure Security standards and processes, communicating these to Software Architects and Senior Engineers to ensure they are adhered to. You'll work with various technology teams across the business to assess existing Azure security architectures and define strategies that provide clear progression in improving security of the solutions and CI/CD pipelines in Azure. Providing recommendations and advice on security best practice you'll pro-actively lead and participate in security review sessions such as threat modelling, penetration testing and code reviews. WFH Policy: There's a hybrid work from model, you can work from most of the week, meeting up with colleagues in Reigate twice a week in modern, open plan offices within a five minute walk of the station; there's a smart casual dress code and a good work / life balance. Requirements: You have expertise with the Microsoft Azure platform You have experience of designing and architecting security architecture and standards on Azure You have experience of reviewing and recommending security measures for enterprise SaaS applications or web applications on Azure using industry standard frameworks and techniques, including managing Threat Modelling reviews and Penetration Testing You have strong scripting skills with PowerShell or Python You have a strong understanding of IaC / Azure DevOps environments, familiar with Docker, Kubernetes, Terraform You're a confident and pragmatic communicator, able to achieve buy-in and influence others Salary & benefits: As a Cyber Security Architect you will earn a competitive salary (to £115k) plus a substantial benefits package including: Bonus 25 days holiday (plus an extra day for your birthday and ability to buy more) Pension Health Care Life Assurance Enhanced maternity / paternity packages Apply now or call to find out more about this Cyber Security Architect (Microsoft Azure IaC) opportunity. At Client Server we believe in a diverse workplace that allows people to play to their strengths and continually learn. We're an equal opportunities employer whose people come from all walks of life and will never discriminate based on race, colour, religion, sex, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. The clients we work with share our values.

Are you a Cisco Network Architect looking for a new challenge? Our Aerospace, Defence, and Security division works on a number of projects aimed at improving people's ability to access digital information and services. We are looking for a Network Architect, specialising in network design, to join our team on a new project delivering essential support services to the UK's Armed Forces. You will assist the delivery of viable, secure, and effective Network solutions, that meet the client's requirements and are capable of being effectively managed in-service. The Network Architect will provide design and technical input to appropriate levels to supplement internal skills for the full lifecycle of a Network solution from feasibility to delivery and will ensure the solution has continuity from an architectural and design perspective. What you will be doing: Lead the creation and implementation of end-to-end solution/technical designs, ensuring alignment with the strategic technical architecture Ensure that the solution design balances client business requirements with the mitigation of cyber security risks, including such aspects as the design of security elements, and identifying potential security gaps in proposed network architecture designs Ensure that the solution/design process is adhered to during all phases of project delivery Be a thought leader in the design and technical subject matter expertise to the team, especially on issues such as the investigation of new technologies and the alignment of technology strategy with key frameworks and standards Provide input to key technical documentation and other artifacts Mentor and encourage junior technical staff What you will bring: Good knowledge of core Cisco Networking technologies covering switching, routing, Unified Communications, LAN / WAN capabilities, subnetting, VRF (and other routing encapsulations), GRE tunnels and securing Cisco networking devices Cloud experience - AWS OR Azure Knowledge of Intrusion Detection/Prevention Systems Knowledge of Firewall Configuration and Management Experience in the design of cross-domain solutions (CSD), including diodes, packet inspection, and other similar technologies Experience of building automated deployment of network configurations Would be great if you had: IT Security Solutions (Policy Based, Physical, Environment Hardening & Software) & Provisioning and Implementation Security monitoring platforms such as SEIM Endpoint Management (Device Control, Data Protection, Application Control etc.) Microsoft Infrastructure covering Windows Server 2016 / 2022 administration, Active Directory design, MECM / SCOM deployment Experience with WAN technologies such as high-grade IP encryption devices VMware-based virtual networking Familiarity with MOD and their design guidelines and policies to align delivery with MOD Joint Service Publications (JSP) 440, 604, including Joining Rules If you are interested in this role but not sure if your skills and experience are exactly what we're looking for, please do apply, we'd love to hear from you! Employment Type: Full-timeLocation: UK Hybrid - up to 50% travel - travel will be along the m4 corridorSecurity Clearance Level: Must hold security clearanceInternal Recruiter: JoshSalary: £70kBenefits: £5,400 car allowance, 25 days annual leave with the option to buy additional days, private medical, life assurance, pension, and generous flexible benefits fund Although this role is advertised as full-time, we support many ways of working and can offer a range of flexible working arrangements. So, if you're interested and need to work flexibly, we encourage you to apply and talk to us about what might be possible. Loved reading about this job and want to know more about us? Our Aerospace, Defence and Security business designs, develops and deploys digital solutions that bring clients enduring business value across the UK's Public and Private sectors. We foster a culture in which employees feel valued and supported, delivering exceptional rates of customer satisfaction in the UK's most complex safety- and security-critical markets.