Find your next tech and IT Job or contract ISO 27001

Role: Pen tester Rate: Outside IR35 Location: 1-2 days a week onsite in Croydon Duration: 6 months initially SC clearance required This role supports the strategic shift towards internal assurance, reducing reliance on external ITHC suppliers, and aligning with Secure-by-Design (SbD) principles. You will work closely with stakeholders to identify vulnerabilities early in the development lifecycle, contribute to the capability build, and help shape the future of security testing across the department. Key Responsibilities Conduct internal penetration testing across applications, infrastructure, and end user devices (EUDs), including POISE and MacBook platforms. Perform scenario-based testing aligned with SbD principles and DSA security non-functional requirements. Collaborate with development teams to integrate findings into JIRA workflows for rapid remediation. Support the testing pipeline, including planning, execution, and reporting of penetration tests. Maintain compliance with NCSC guidance and Home Office security standards. Desirable Qualifications Certifications: OSCP, CREST CRT, CTL Web/Inf, , CEH. Experience with cloud security (AWS, Azure) and containerised environments. Essential Skills & Experience Hands-on experience with penetration testing tools. Strong understanding of OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks. Familiarity with Secure-by-Design principles and CI/CD pipeline integration. Experience testing EUDs under operational constraints (e.g. no destructive tools, CSOC coordination). Ability to interpret and apply security NFRs across diverse environments. Proficiency in JIRA, SharePoint, and vulnerability management platforms. Attributes Strong stakeholder engagement and communication skills. Ability to work independently and as part of cross-functional teams. Commitment to continuous improvement and knowledge sharing. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Mission principale Piloter la stratégie de sécurité des systèmes d’information du client, garantir la conformité réglementaire (notamment RGPD), et assurer la protection des données et des actifs numériques de l’entreprise. Responsabilités clés Définir et mettre en œuvre la politique de sécurité informatique (SI, réseau, cloud, endpoints). Superviser les audits de sécurité, les tests d’intrusion et les plans de remédiation. Assurer la conformité aux réglementations en vigueur (RGPD, ISO 27001, etc.). Gérer les incidents de sécurité et piloter les plans de continuité et de reprise d’activité. Encadrer les pratiques de confidentialité, de déontologie et de gouvernance des données. Collaborer avec les équipes IT, juridiques et métiers pour intégrer la sécurité dans les projets. Sensibiliser les collaborateurs via des programmes de formation à la cybersécurité. Gérer les licences des outils de sécurité et les relations avec les prestataires.

L'ingénieur Cybersécurité OT a pour mission d'assurer la protection, la supervision et l’amélioration continue de la sécurité des environnements industriels (OT / ICS / SCADA) , en garantissant la disponibilité et l’intégrité des systèmes critiques de production. ⚙️ Responsabilités principales Mettre en œuvre et maintenir les mesures de sécurité sur les réseaux industriels (SCADA, DCS, PLC, etc.) Participer à la segmentation réseau OT/IT et à la sécurisation des architectures industrielles Réaliser des analyses de risques (EBIOS, ISO 27005, IEC 62443, etc.) et proposer des plans d’action Contribuer au déploiement de solutions de détection (IDS OT, SOC industriel) et à la gestion des incidents de cybersécurité Piloter ou accompagner les audits techniques et de conformité sur les environnements OT Rédiger et mettre à jour la documentation de sécurité (politiques, procédures, cartographies, référentiels) Sensibiliser les équipes de maintenance, production et automatisme aux bonnes pratiques cybersécurité Effectuer une veille technologique et réglementaire sur les menaces et vulnérabilités OT 🧠 Compétences techniques requises Techniques OT / Réseaux industriels Connaissance des protocoles industriels (Modbus, OPC, Profibus, DNP3, etc.) Maîtrise des architectures SCADA, DCS, IACS Compréhension des systèmes de contrôle-commande, automates, capteurs et supervision Notions sur la résilience des systèmes critiques et la sûreté de fonctionnement Cybersécurité Outils de détection et supervision OT (Nozomi, Claroty, Dragos, etc.) Sécurité réseau (firewall industriel, segmentation VLAN, DMZ) Méthodologies d’analyse de risques (EBIOS RM, IEC 62443) Bonnes pratiques ISO 27001 / NIST / ANSSI Gestion des vulnérabilités et des correctifs dans les environnements contraints 🤝 Soft Skills Rigueur, esprit d’analyse et sens du détail Bonne communication avec les équipes de terrain et IT Capacité à vulgariser la cybersécurité auprès d’opérationnels industriels Esprit d’équipe, autonomie et sens des priorités 🎓 Profil recherché Bac +3 à Bac +5 en cybersécurité, systèmes industriels, réseaux ou équivalent 2 à 5 ans d’expérience en sécurité des systèmes industriels ou en environnement OT Certifications appréciées : ISA/IEC 62443, GICSP, CEH, CISSP, ou équivalent ANSSI (PACSSI, etc.) Formation en EBIOS RM un plus 💬 Langues Anglais : courant Français : est un plus

PROPULSE IT recherche un chef de projet / Pilote d'activité Dans le cadre de la modernisation et de la rationalisation des environnements serveurs (environ 10 000 instances Linux et Windows) nous souhaitons définir et mettre en œuvre une stratégie de gestion du cycle de vie des systèmes. Cette démarche vise à fiabiliser et automatiser les processus de mise à jour et de patching, tout en assurant leur cohérence avec les contraintes de production et les exigences de sécurité (ISO 27001). Le prestataire interviendra principalement dans une logique d'accompagnement amont (AMOA) : cadrage, conception générale, participation au chiffrage et animation des parties prenantes. - Accompagner le Product Owner dans la conception générale du projet et dans la définition de la stratégie de cycle de vie des OS. - Évaluer l'écosystème d'outillage existant (Red Hat Satellite, AWX, WSUS, référentiel de configuration) et proposer, si nécessaire, l'ajout ou l'évolution de solutions complémentaires (par exemple pour le suivi du patching, le reporting ou le pilotage). - Définir les modalités de mise à jour et de déclenchement des patchs (y compris la gestion des patchs critiques en urgence), en cohérence avec les contraintes de production. - Animer les ateliers avec les parties prenantes (équipes techniques, sécurité, production, exploitation). - Produire et structurer la documentation de cadrage : comptes rendus d'ateliers, documents de conception générale, planning, éléments de chiffrage. En parallèle du projet de cadrage, le prestataire participera à des activités de pilotage autour des activités d'ingénierie et de support Linux et Windows, notamment : - La mise à jour et la structuration du catalogue de services RUN/BUILD. - La définition et le suivi d'indicateurs techniques (qualité de service, suivi d'activité, efficacité des processus). - La coordination avec les équipes de production afin de garantir la qualité de service et la cohérence des pratiques.

Déploiement et exploitation d’EDR/XDR multi-éditeurs Investigation et réponse à incident (forensics, threat hunting, MITRE ATT&CK) Pilotage de règles de détection (SIEM / EDR), création de playbooks et automatisation (XSOAR, ServiceNow) Sécurisation d’infrastructures Windows / Linux / Cloud (Azure AD, AWS) Collaboration avec les équipes SOC, CSIRT et Risk Management Outils EDR/XDR : CrowdStrike, SentinelOne, Cortex XDR, Sophos, Symantec, Defender ATP, Cybereason SIEM & SOAR : LogPoint, QRadar, Palo Alto XSOAR, ServiceNow OS & Infrastructures : Windows, Linux, Active Directory / Azure AD Cloud : AWS, Azure Méthodologies : MITRE ATT&CK, Threat Hunting, Playbooks SOC, Forensics, Analyse Malware Conformité & bonnes pratiques : ISO 27001, NIS2

Azure Infrastructure Engineer Duration: 13th October 2025 - March 2026 Location: Role can be fully remote Day rate: £400.00 to £450.00 Per Day - Outside IR35 An experienced, UK based Azure/Networking Engineer is urgently required to play a key role in supporting our client to implement solutions that provide benefits to users and clients, whilst ensuring all the existing solutions are well maintained and supported. The Contract Azure Infrastructure Engineer will support the infrastructure setup for an upcoming member calculations programme of work. The role requires strong Azure/DevOps/resource setup experience (onboarding new suppliers and resources), and the successful candidate MUST be able to start by the 13th October. Skills & Experience: Experience of Windows Server administration - IIS, Update Management, Performance troubleshooting through methods such as log analysis Experience with O365 Suite Administration, Intune & Defender for Endpoint Strong Networking experience - LAN/WAN/SDWAN/Azure networking such as routing, firewalls, network peering etc. Experience of using tools to automate regular activities (e.g. Tines, N8N, Zapier, Power Automate, Powershell) Familiarity with security and compliance standards, e.g. Experience working in an ISO 27001 certified environment Use of Azure DevOps (or similar tools) to deploy Infrastructure As Code into Azure - experience with ARM or Bicep templates and YAML pipelines Strong SharePoint experience Familiarity with mail flow and security solutions such as ProofPoint and ONDmarc Experience working in a regulated industry, e.g. telecoms, financial services, utilities Experience of Jira & Confluence for work management & documentation If you have proven experience in the above areas, please submit your application ASAP to Jackie Dean at TXP for consideration. TXP takes great pride in representing socially responsible clients who not only prioritise diversity and inclusion but also actively combat social inequality. Together, we have the power to make a profound impact on fostering a more equitable and inclusive society. By working with us, you become part of a movement dedicated to promoting a diverse and inclusive workforce.

IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: The following is a summary of the key skills that the Client would like you to bring to the company. Global Enterprise level Infrastructure Management position for the last 5 years, Buy before Build mentality and demonstrable migration of Legacy VM based estates to SaaS and Azure Cloud services platforms, Global Operational team management experience (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key 3 party operational infrastructure vendor management - i.e. management of managed service partners as a team extension globally, as well as service/solution delivery partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy Infra tech to Azure knowledge/experience, Prior to the last 5 years in Enterprise Management of a global estate/user-base, a demonstrable technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

Nous recherchons pour notre client un architecte cloud stockage pour une mission longue Concevoir, industrialiser et piloter des architectures de stockage hybrides et multi-cloud basées sur les solutions NetApp (ON-PREM & Cloud), en assurant performance, résilience, sécurité et optimisation des coûts pour des charges de travail critiques. Responsabilités principales • Architecture & Design o Définir les HLD/LLD pour Azure, AWS et Private Cloud VMware, intégrés aux solutions NetApp (Azure NetApp Files, FSx for NetApp ONTAP, Cloud Volumes ONTAP, ONTAP on-prem). o Modéliser les patterns : NAS (NFS/SMB), sauvegarde et archivage, multirégion/DR. o Dimensionner la capacité, la perf (IOPS/latence/throughput), et établir RPO/RTO, SLA/SLO. o Dimensionner la consolidation des données (SnapMirror/SVM-DR, XCP, BlueXP Copy & Sync). o Définir les HLD/LLD de l’observabilité (Active IQ Unified Manager, NetApp DII), capacity planning et QoS. • Sécurité & Conformité o Intégrer IAM/AAD/IAM AWS, chiffrement at-rest/in-flight, antivirus, durcissement, traçabilité. o Contribuer aux audits (ISO 27001, NIS2, DORA, etc.) et à la gestion des risques. • Optimisation & FinOps o Gouverner les coûts: tiering (FabricPool vers Blob/S3), classes de stockage, réservations/commitments. o Standards, catalogues de services, modèles Terraform réutilisables, guardrails. Environnement technique • NetApp: ONTAP 9.x, Cloud Volumes ONTAP, Azure NetApp Files, Amazon FSx for NetApp ONTAP, SnapMirror/SnapVault, SnapCenter, FlexVol/FlexGroup, FlexClone, FabricPool, QoS, SVM-DR, NDMP, NFSv3/v4.1, SMB 3.x, iSCSI/MPIO. • Azure: VNet/ExpressRoute, Cloud Volumes ONTAP, ANF, Managed Disks, Storage Accounts, Key Vault, Azure VMs. • AWS: VPC/Direct Connect, FSx ONTAP, KMS. • Automatisation: Terraform, Ansible (collections NetApp). • Réseau: DNS/AD, LDAP/Kerberos, SMB signing, NFS sec, routage & pare-feu. Compétences requises • 5–8 ans d’expérience en architecture stockage dont ≥3 ans sur NetApp ONTAP (cloud & on-prem). • Maîtrise d’au moins deux environnements parmi Azure, AWS, VMware, et des patterns hybrides. • Pratique avancée des migrations (SnapMirror, XCP) et de la résilience (DRP, tests de bascule). • Solides bases en sécurité (chiffrement, IAM, clés gérées, durcissement) et réseau (NFS/SMB/iSCSI). • Connaissance en Scripting/Infra as Code (Terraform/Ansible) et automatisation d’opérations. Soft skills • Leadership technique, pédagogie, sens du service. • Capacité à formaliser (HLD/LLD, DAT, runbooks) et à défendre des choix d’architecture. • Esprit FinOps: compromis coût/perf/risque, mesure & itération. Certifications appréciées (plus) • NetApp: NCDA, NCIE, NCSA (Cloud). • Azure/AWS: AZ-104/305/700, AWS SAA/SAP. • VMware: VCP-DCV, VCP-CMA. • Sécurité: AZ-500, Security Specialty. Livrables attendus • Dossiers d’architecture (HLD/LLD), matrice RACI, DAT, schémas, plans de migration & de tests DR. • Dossiers d’exploitation (sauvegarde, restauration, PRA/PCA) et rapports de performance.

Consort Group, accompagne depuis plus de 30 ans les entreprises dans la valorisation de leurs données et infrastructures. Elle s'appuie sur deux leaders, Consortis et Consortia, et place l’humain et la responsabilité sociétale au cœur de ses valeurs. Fondée en 2012, l'agence Rhône-Alpes rassemble une équipe de 120 collaborateurs. Elle accompagne près d’une vingtaine de clients, allant des grands comptes aux ETI et PME. Elle s’appuie sur un Centre de Services spécialisé dans le stockage et la sauvegarde ainsi que sur un Centre d'Expertise en sécurité. L'agence accorde une importance particulière à un recrutement fondé sur l'humain et la transparence. Administrateur système confirmé Linux H/F Descriptif de la mission : Prise en charge de la gestion technique des projets ; Mise en œuvre des nouvelles applications (cadrage, planification, conception, installation, recette , mise en production) ; Rédaction et maintient à jour de la documentation technique (architecture, guide d’exploitation, procédures de dépannage, PRA…) Suivi des normes qualités (certification des comptes, COFRAC, ISO 9001, ISO 27001, HDS…) Participation au maintien en conditions opérationnelles des applications, et en particulier le traitement les incidents techniques de niveau 2 Environnement de travail : chez le client Organisation des horaires : travail en journée Télétravail : Hybride Environnement technique : - Systèmes d’exploitation Windows, Linux (RedHat, Debian), Unix (AIX) : administration - Bases de données (SQL Server, Oracle, MySQL, PostgreSQL) : administration, requête - Serveurs d’application : IIS, Apache, Tomcat - Programmation : Shell (Linux) - Hyperviseurs : Hyper-V, VMWare, VIO - Stockage : SAN, NAS - Poste de travail : Microsoft Windows, RDS, terminaux spécialisés - EAI : Cloverleaf, Enovacom - Supervision : Centreon, SCOM (Microsoft SC Operations Manager) - Planification : VTOM Environnement logiciel : - IT Service Management : ITASM - Portail Collaboratif/Qualité : SharePoint - Suite Microsoft : Word, Excel, Visio, Outlook Date de démarrage : Octobre 2025 Localisation : Lyon Profil recherché : Vous disposez d’une expérience confirmée de 3/4 années dans le domaine de l’ administration systèmes, bases de données et infrastructures IT . Vous êtes un adepte de la gestion technique de projets et du maintien en conditions opérationnelles , vous possédez une première expérience dans le métier d’ ingénieur systèmes et réseaux , dans le secteur d’activité informatique / services aux entreprises / santé (HDS) . Afin de mener à bien cette mission, vous devez maitriser : Les technos : Linux (RedHat, Debian), Unix (AIX), SQL Server, Oracle, MySQL, PostgreSQL, IIS, Apache, Tomcat, Shell (Linux), Hyper-V, VMWare, VIO, SAN, NAS, RDS, Cloverleaf, Enovacom, Centreon, SCOM, VTOM, SharePoint Méthodologies : Gestion technique de projets (cadrage, planification, conception, installation, recette, mise en production), suivi des normes qualité (COFRAC, ISO 9001, ISO 27001, HDS…), maintien en conditions opérationnelles, gestion des incidents N2, rédaction et mise à jour de documentation technique (PRA, exploitation, dépannage) Connaissances métiers : Administration systèmes et bases de données, virtualisation, stockage, supervision, intégration applicative (EAI), IT Service Management Vous êtes : - Rigoureux et organisé , capable de gérer plusieurs projets techniques en parallèle et de respecter les délais - Analytique et orienté résolution , à l’aise avec le diagnostic et le traitement d’incidents techniques complexes - Collaboratif et adaptable , efficace en équipe et capable d’évoluer dans un environnement hybride chez le client Vous vous êtes reconnu.e dans cette annonce et pensez être le.la candidat.e idéal.e ? Alors envoyez-nous votre CV et dites-nous en plus sur vous ! Fourchette de rémunération : De 35 K€ à 40 K€ (selon expérience) Nous rejoindre c’est : Intégrer une équipe attentive à votre onboarding Profiter d’une proximité managériale Accéder à une plateforme de formations accessible 24/24 Adhérer à notre politique d’inclusion : politique Hand’In Cap, dons de jours, programme aidants Programme Move Up avec United Hereos pour promouvoir le sport et le bien être Bénéficier d’un package RH : mutuelle, prévoyance, carte TR, CSE, suivi de carrière et formations internes… (à modifier en fonction du pays) Le process de recrutement Chez Consort Group : Un premier échange téléphonique avec l’une de nos chargé.es de recrutement Un entretien RH avec la.le chargé.e de recrutement avec qui vous avez eu le premier contact ainsi qu’un ingénieur d’affaires pour vous évoquer plus en détails : la mission, la structure de l’équipe et leur quotidien, les projets internes Une rencontre avec l’un de nos ambassadeurs techniques pourra être proposée ou le passage d’un test technique Et enfin, une ultime rencontre avec le responsable opérationnel Consort et/ou de la mission présentée

SOC Analyst (Outside IR35) 12 Month Contract Full time on site in Birmingham £375 - £475 Outside IR35 (Depending on experience) Requires an active DV Clearance Role Summary Support the client's Security Operations Centre (SOC) with hands-on Splunk SIEM expertise, threat detection, incident response, and continuous improvement of security operations. Core Responsibilities * Operate and tune Splunk SIEM: detection logic, correlation rules, dashboards, playbooks * Triage alerts and manage incidents through resolution * Aggregate and correlate logs from multiple sources * Conduct threat hunting and integrate threat intelligence * Maintain documentation and contribute to SOC knowledge base * Support continuous improvement and R&D initiatives Required Skills & Experience * Strong Splunk SIEM experience (content creation, tuning, reporting) * Live SOC environment experience * Knowledge of OS (Windows, Linux, OSX), firewalls, IDS/IPS, networking * Familiarity with NIST, ISO 27001, MITRE ATT&CK, CIS frameworks * Threat analysis, detection engineering, vulnerability tools * Stakeholder engagement and incident/crisis management Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

PAM Engineer 6 Month contract initially Based: Remote/Wokingham - 2-3 days p/w onsite Rate: £475 - £500 p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a PAM Engineer to join the team for an initial 6 month contract. This role also provides an excellent opportunity to gain a Security Clearance, up to SC level. Key Responsibilities: - Design, deploy, and manage PAM solutions (e.g., CyberArk, BeyondTrust, Delinea) - Implement least privilege access models and enforce secure credential management - Monitor and audit privileged access activities across systems and applications - Integrate PAM tools with SIEM, IAM, and other security platforms - Develop and maintain policies, procedures, and documentation for PAM operations - Conduct regular access reviews, privilege audits, and risk assessments - Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration - Provide technical support and troubleshooting for PAM-related issues - Stay current with industry trends, threats, and best practices in access management Key Skills & Experience: - Experience in PAM engineering or cybersecurity roles - Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea - Strong understanding of Active Directory, LDAP, and authentication protocols - Experience with scripting (PowerShell, Python) for automation and reporting - Familiarity with compliance frameworks (ISO 27001, NIST, GDPR) - Excellent problem-solving, communication, and documentation skills Preferred Qualifications - Relevant certifications (e.g., CyberArk Defender, CISSP, CISM) - Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures - Knowledge of DevSecOps practices and CI/CD pipeline integration This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

SOC Tier 2 Analyst 6 Month contract initially Based: Remote/Reading - Hybrid. Max 3 days p/w onsite. Rate: Market rates p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We a great opportunity for a SOC Tier 2 Analyst to strengthen the Security Operations Center. Seeking a experienced SOC L2 Analyst to strengthen our Security Operations Center. As a Tier 2 CERT Analyst, Candidate will do the investigation and remediation of security incidents using tools such as Splunk and defender and other security stacks. The ideal candidate will have expertise in monitoring and analyzing security incidents in SOC. They will also do quality assurance for SOC L1 team and suggest improvement on processes followed. Key Responsibilities: 1. Incident Detection and Response: o Utilize advanced SIEM (Security Information and Event Management) tools, threat intelligence platforms, and other security technologies to analyse and correlate security alerts. 2. Threat Hunting & Analysis: o Proactively search for threats across the environment using behavioural analysis and threat intelligence data. o Analyse data from logs, network traffic, endpoint activities, and threat intelligence feeds to detect unusual or malicious activity. 3. Incident Forensics: o Perform in-depth forensic analysis to determine the scope, impact, and root cause of security incidents. o Collect, preserve, and analyse evidence related to breaches, intrusions, or malware infections while adhering to legal and regulatory requirements 4. Remediation and Recovery: o Collaborate with threat intelligence teams to identify indicators of compromise (IOCs) and ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in incident response tools and techniques, including network and system forensics, malware analysis, and memory analysis. o Expertise in analysing and responding to threats on different platforms (Windows, Linux, cloud environments, etc.). o Familiarity with scripting languages (Python, PowerShell, etc.) to automate tasks or create custom detection methods. o Strong experience in handling complex cyber incidents (e.g., APTs, ransomware, data breaches). o Hands-on experience with SIEM platforms (e.g., Splunk, ArcSight, LogRhythm) and endpoint detection/response (EDR) tools. *Certifications (Preferred ): o Certified Information Systems Security Professional (CISSP) o Certified Incident Handler (GCIH, EC-Council) o Certified Forensic Computer Examiner (CFCE) o GIAC Certified Forensic Analyst (GCFA) o GIAC Certified Intrusion Analyst (GCIA) This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Vos missions : Participer à la refonte de l'architecture logicielle (modularisation, API'sation) Développer et maintenir les fonctionnalités back-end en PHP natif (v8.3, migration vers 8.4) Optimiser les requêtes SQL (MariaDB) Collaborer avec les équipes DevOps, Front-End et AMOA Contribuer à la documentation technique (Confluence) Participer aux phases de test et de déploiement (GitLab CI/CD, Kubernetes) Environnement technique : Langages & outils : PHP natif, SQL (MariaDB), VueJS, Laravel (pour outils internes) Infrastructure : Docker, Kubernetes, GitLab CI/CD, migration vers Azure Documentation : Atlassian Confluence Tests fonctionnels (locaux, AMOA, clients), code review par le RSMSI Sécurité : ISO 27001 en cours, code reviews systématiques

CONTEXTE : Expérience : 8 ans et plus Métiers Fonctions : Etudes & Développement,Expert Spécialités technologiques : Collaboratif, Infrastructure,Sauvegarde, Cloud,Reporting Secteurs d'activités Assurance Description et livrables de la prestation Dans le cadre d’un programme de transformation Cloud visant à moderniser les infrastructures de stockage et à migrer les environnements on-premise vers des solutions hybrides ou cloud, l’équipe Storage (13 personnes) renforce ses capacités. Le poste consiste à intervenir en tant que Storage SME (Subject Matter Expert), garant du bon fonctionnement, de la modernisation et de la sécurisation des environnements de stockage stratégiques de l’entreprise. Le rôle couvre à la fois les activités Build, Run et Migration, au sein d’un environnement international, exigeant, agile et fortement collaboratif. Missions principales A. Gestion des infrastructures de stockage - Concevoir, déployer et administrer des solutions NAS, hyperconvergées ou cloud. - Configurer volumes, politiques de tiers et performances. - Assurer la haute disponibilité et l’optimisation continue (tuning, load balancing). - Participer à une organisation 24/7 avec astreintes et interventions en horaires anticipés. - Produire et maintenir la documentation technique (LLD, procédures, process). B. Protection et sauvegarde des données - Mettre en œuvre des stratégies de backup et de reprise après sinistre (DRP). - Assurer la continuité d’activité via des solutions de réplication multisites. - Supporter ou piloter les solutions de sauvegarde selon les besoins. C. Sécurité & conformité - Implémenter des mécanismes de chiffrement, contrôle d’accès et permissions RBAC. - Garantir la conformité aux normes internationales (GDPR, ISO 27001, HIPAA…). - Détecter et prévenir les menaces (ransomware, accès non autorisés). - Participer à la remédiation d’audit. D. Capacity Planning & Optimisation - Analyser l’usage des capacités et anticiper les évolutions futures. - Mettre en œuvre des optimisations (déduplication, compression, thin provisioning). - Automatiser via scripting (Python, Terraform, Ansible, Bash…). E. Support avancé & migration - Diagnostiquer et résoudre les incidents complexes (IOPS, latence, pannes disques). - Effectuer mises à jour firmware, patching et contrôles de santé. - Collaborer avec les équipes réseau, base de données et migration factory. - Comprendre les applications métiers et leurs implications sur le stockage. Expertise souhaitée - Expert technique avec vision globale infrastructure et Cloud. - Fortement orienté transformation et migration. - Capable d’accompagner des entités sur la modernisation de leurs environnements. - Disponible immédiatement ou à court terme. - Expertise NAS NetApp (administration, upgrade, refresh). - Expertise switch Broadcom. - Maîtrise des environnements de production critiques et DRP. - Compétences scripting : Python, Ansible, Terraform. - Solides connaissances Datacenter et infrastructures IT. Compétences appréciées - NetApp Cloud Volume ONTAP, AWS FSxN. - Solutions hyperconvergées : Nutanix, VSAN. - Solutions cloud NAS ou hybrides. - Automatisation avancée. - Communication claire avec parties prenantes techniques et métiers. - Capacité à rédiger des documents techniques structurés et pédagogiques. - Esprit d’équipe, sens du service et fiabilité opérationnelle. - Rigueur, autonomie, capacité à supporter un environnement exigeant et en transformation rapide. - Engagement fort dans les objectifs collectifs et les pratiques agiles.

Je recherche pour un client sur Marseille, un expert technique Billettique pour début Septembre. 3 jours de présence sur site impératif. Le vendredi étant le jour des réunions. Contexte et mission Dans le cadre de la gestion et de l’évolution des applications métiers de Billettique, nous recherchons un Tech Lead Applicatif & Sécurité expérimenté, garant de la performance, de la sécurité et de la résilience des systèmes en environnement de production (RUN). Ce poste stratégique intervient en lien étroit avec les équipes IT, le RSSI, et les sous-traitants. Responsabilités principales Assurer la maîtrise technique des applications métiers en phase RUN. Piloter l’ analyse des besoins SI , la configuration cible et le dimensionnement des solutions. Garantir la sécurité des systèmes applicatifs en collaboration avec le RSSI. Gérer les incidents de niveau 3 en lien avec éditeurs et constructeurs. Participer aux projets d’évolution applicatifs en veillant à leur conformité réglementaire (RGPD, RGS). Réaliser des audits de sécurité applicative et proposer des actions correctives. Suivre les performances applicatives et recommander des optimisations. Documenter les procédures et assurer une veille technologique continue. Veiller à la protection des données dans tous les traitements. Produire des analyses de causes racines (RCA) lors d’incidents critiques. Compétences techniques requises Expertise technique Solide compréhension des technologies informatiques (OS, bases de données, langages de programmation). Maîtrise des architectures applicatives complexes : client-serveur, SaaS, API. Bonne connaissance des environnements Cloud (Azure, AWS), gestion des accès (Keycloak). Maîtrise des protocoles de sécurisation des échanges : HTTPS, TLS, VPN. Cybersécurité Solides compétences en sécurité des applications : OWASP, détection et correction des vulnérabilités. Connaissance approfondie des normes de sécurité : RGPD, RGS, ISO 27001. Connaissance des processus de Pentest , analyse et remédiation. Diagnostic et pilotage Excellente capacité de diagnostic et de résolution de problèmes complexes . Capacité à produire de la documentation technique de qualité : rapports, notes d’analyse, expression de besoin. Maîtrise des outils de supervision et de suivi des performances (monitoring API, temps de réponse, charge serveur). Livrables attendus Documents d’architecture détaillés (API, composants, flux). Rapports techniques : Pentest, incidents complexes, performances trimestrielles. Compte-rendus des comités techniques. Notes techniques pour le DSI et analyses d’impacts. Expression de besoin pour la supervision. Analyse d’interopérabilité avant mise en production (Build2Run).

IT Operations Platforms and Security Lead In summary the Client is looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity of the estate, current transformation activities and team size, the role requires the functional capability and proficiency to technically augment the team capabilities (when required) and have a detailed knowledge of technical IT support roles/services as a requirement, across multiple technical areas. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.