Find your next tech and IT Job or contract IT security

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organization's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: • Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: • Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. • Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3rd party software. The aim of the role is to bring the MSP's (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organization based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3 party software. The aim of the role is to bring the MSP’s (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Trusted to see the whole picture If you’re ahead of the game on cyber security, systems and operations risk we can secure your career ambitions. Our Security Architects are trusted to work closely with a wide range of clients from all sectors on exciting projects with real-world purpose and impact. Whether you're a self-starter looking to test your talents, or want the opportunity to use your experience and skills, you'll find the challenges and support you need as part of one of the UK's largest cyber consultancies. Our roles are only available if you hold or fulfil the criteria to obtain the highest level of UK Security Clearance.

Job Title: Principal Engineer - Cyber Security Location: Frimley, Bristol, Weymouth, Portsmouth. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Up to £61,500 depending on skills and experience What you'll be doing: Define and implement risk-based cybersecurity requirements for systems and subsystems, providing technical expertise and guidance across all aspects of cyber security and resilience Conduct in-depth cybersecurity analysis, including development of threat taxonomies, security architectures, security baselines, and risk mitigation strategies Develop and execute cybersecurity test plans and schedules, carrying out both informal and formal security testing activities Support engineering lifecycle reviews and design assurance processes to ensure security is embedded throughout system development Produce and maintain key security artefacts, including risk registers, security assurance cases, plans, and schedules, while contributing security input to broader engineering documentation Your skills and experiences: Essential: Degree in a relevant STEM subject or maintaining recognised Industry Security Qualifications e.g., CCP, CISSP Proven experience of assessing and managing risk in line with industry good practice (NIST, ISO 27001) Significant experience with using security baselines, mitigations and controls Considerable familiarity with a life cycle phased approach Desirable: Experience in Product Security activities in a highly regulated environment Operational Technologies/ Industrial Control Systems experience Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Engineering Delivery team: The team designs, builds, integrates and provides through life support to all the Submarine Platforms in the Royal Naval fleet. You will ensure the submarine systems and products are developed to support the delivery of an appropriately secure and resilient product. Through application of your knowledge and experience, you shall identify, analyse, evaluate and manage information security risks associated with the products used on-board the submarine. Speaking knowledgably and credibly with customers, users and internal stakeholders you shall provide advice on the causes of the risks identified, their likelihood and potential operational impacts. We offer relocation support packages across all Submarines roles, subject to meeting eligibility criteria. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-AG1 #LI-Hybrid

Job Title: Security Risk Lead Salary: £53,300 - £71,300 Location: Cambridge/Hybrid with 2 days a week minimum in the office Contract: Permanent Join our organisation as a Security Risk Lead. Utilise your expertise and drive to safeguard operations in this impactful role. We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge. About the role The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework. Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights, reports Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation. Implement controls to mitigate risks and ensure effective execution. Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management. Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements. Monitor industry trends and best practices. Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions. Provide risk management training and develop a risk-aware culture. Support the development of security risk policies and frameworks. Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects. Represent the organisation in industry forums.

IT Security Manager Our Client is a large international organisation who are looking to recruit an IT Security Manager with at least 5 to 8 years proven expertise. Provide advice, support and guidance to all Company Corporate functions to assist them to maintain and improve their information security maturity. To work collaboratively with all areas of the Company Corporate and build networks and relationships to promote Information Security. Act as subject matter expert on for IT Security, including legal and regulatory compliance Advise Company Corporate functions on how to achieve the required controls and assist with solutions to support them. Eg Support in the development of standards and their application in line with Group security policies. Participate in Company BU’s Projects giving support, guidance, control validation and overall security assurance. This could also involve sitting on major project steering committees. Support and encourage the ethos and methodology of security by design. Aid GRC to build, implement and facilitate a mechanism to aid BU’s to assess and measure their security compliance to policies. Drive the development of BU/Divisional security roadmaps. Giving oversight of key non-conformities to feed into the CISO roadmap. Coach, train and educate the Company IT and Functions to up skill and increase the security maturity in BU’s. Be an active member of the Company’s IS Security community, contributing to and leveraging the experience and lessons learned from other BU’s Produce, implement and standardise protocol and guidance material to support Business unit activities – examples – Asset register templates, third party due-diligence. Facilitate and chair the security working group meetings Engage and manage third party relationships to support the Company and its affiliates Aid Procurement and the tendering process Raising the security baseline controls and standardising where it makes sense to do so. Understanding the different business requirements and aligning to their objectives Support Security operations to continuously improve information security awareness across the group, including phishing campaigns and associated reporting Experience Experience in an information security risk leadership role within a large organisation. Confident in presenting, discussing and championing ideas and concepts with senior stakeholders. Experience of running information security risk governance processes and structures Familiarity with relevant industry standards for information security (e.g. ISO27001, NIST CSF) Experience of creating, implementing and assessing against information security policies and standards Creativity Able to analyse complex, ambiguous problems and summarise clearly with a view to establishing practical solutions Able to “bridge the gap” between technologists and business-people, bringing to life information security risks to the business, while maintaining a pragmatic outlook on likelihood and impact of the risk and cost/complexity of the mitigation. Ensuring initiatives/programmes are anchored in best practice whilst still being highly practical/pragmatic. Ability to defuse situations and resolve conflict to a win-win outcome Influence others understand their views and agree ways of working that are acceptable to all parties. Business acumen to understand business risks and the information security implications Able to identify when information security risks need to be escalated to achieve the right level of management visibility. Able to prioritise security risks and controls, differentiating the essential from the “nice to have”. Able to judge how to communicate messages to people to maximise buy-in and/or understanding. Able to analyse data with rigour & reach sound conclusions Can assess when further data gathering, or analysis will bring diminishing returns. Can place appropriate weight on prevailing (sometimes conflicting) evidence. Support and manage budget Responsibility Responsibility of information security incident management Responsibility for security assessments and assurance activities (e.g. penetration testing) and when to use them. Oversee and management of security compliance management and reporting in relation to any relevant regulatory or legal requirements Operational responsibility of management of third parties Responsibility for managing change management around project and change leadership. Able to judge the political and other people aspects of a situation, and tailor messages and approach to bring people along. Able to work with others, setting challenging but realistic targets for team members, and through coaching and appropriate guidance, securing a successful outcome. A positive collegiate approach to developing relationships and networks at all levels across the Company and the gravitas to work persuasively with senior stakeholders. Is aware of different styles of stakeholders and can adjust own leadership style successfully to bridge any gaps. The Client and the role is based in Central London – and you will be required to be in the office at least 3 days week. The salary for this position will be £75K + £85K plus Benefits. Please do send your CV to us in Word format for this exciting new position along with your salary and availability.

Trusted to see the whole picture If you’re ahead of the game on cyber security, systems and operations risk we can secure your career ambitions. Our Security Architects are trusted to work closely with a wide range of clients from all sectors on exciting projects with real-world purpose and impact. Whether you're a self-starter looking to test your talents, or want the opportunity to use your experience and skills, you'll find the challenges and support you need as part of one of the UK's largest cyber consultancies. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance.

Trusted to see the whole picture If you’re ahead of the game on cyber security, systems and operations risk we can secure your career ambitions. Our Security Architects are trusted to work closely with a wide range of clients from all sectors on exciting projects with real-world purpose and impact. Whether you're a self-starter looking to test your talents, or want the opportunity to use your experience and skills, you'll find the challenges and support you need as part of one of the UK's largest cyber consultancies. Our roles are only available if you hold or fulfil the criteria to obtain a UK Security Clearance.

Role: Security tester Rate: Outside IR35 Location: 1-2 day a week onsite Croydon (maybe less) Duration: 6 months initially SC clearance required Security Tester - Job Description The Security Tester will play a key role in delivering robust application security testing aligned with Secure-by-Design (SbD) principles and compliance frameworks such as NIST, CAF, and CAT. This role supports the Home Office's strategic aim to scale enterprise security testing capabilities, reduce outsourcing reliance, and embed security into the software development lifecycle. Key Responsibilities Conduct Security Testing using SAST and DAST tools Collaborate with Cyber Security Managers and Governance teams to ensure alignment with organisational security policies and standards Mentor and upskill team testers in application security testing and automation Track and report on security metrics and KPIs, including vulnerability trends and remediation outcomes. Integrate security testing into CI/CD pipelines, supporting shift-left strategies and DevSecOps practices. Required Skills & Experience Strong understanding of security standards including OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks. Experience with SAST/DAST tools and Cloud Security platforms (AWS, Azure). Familiarity with Secure-by-Design principles and organisational security policies. Experience with penetration testing, risk assessment, and compliance testing. Proficiency in tools such as JIRA, SharePoint, and vulnerability management platforms. Desirable Attributes Ability to interpret and apply OWASP and NIST security principles across diverse project environments. Strong stakeholder engagement and communication skills. Experience in developing deployment checklists and decision trees for secure tool usage. Certifications such as CREST CRT, OSCP, CEH, or SANS are highly desirable. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Nous accompagnons un grand acteur international du secteur des semi-conducteurs , reconnu pour ses solutions technologiques innovantes. Dans le cadre du renforcement de son équipe Sécurité, nous recherchons un Security Delivery Lead en freelance pour piloter la mise en œuvre et la livraison de services de sécurité au sein de programmes stratégiques. 🎯 Missions principales : Piloter la livraison des projets de sécurité , en coordonnant les équipes internes et globales. Garantir la qualité et la cohérence des solutions déployées, en respectant les standards et la gouvernance sécurité. Réaliser des Security Risk Assessments et proposer des plans d’action adaptés. Assurer la bonne gouvernance des livrables (Security Delivery Governance, IT Governance, Cyber Risk Management). Animer des sessions de formation et de sensibilisation à la sécurité pour les équipes. Maintenir une communication fluide avec les parties prenantes et favoriser la culture sécurité au sein du client. 🧩 Profil recherché : Consultant(e) freelance confirmé(e) en cybersécurité / gouvernance IT . Solide expérience en pilotage de delivery sécurité ou en Security Program Management . Bonne maîtrise de : Security Risk Assessment (niveau intermédiaire minimum) Cybersecurity Risk Management Security Delivery Governance IT Governance Excellent relationnel, autonomie et esprit d’équipe. Français et anglais courants indispensables. 📍 Modalités : Localisation : Grenoble / Crolles Rythme : 3 jours sur site / 2 jours télétravail Démarrage : dès que possible

Mission Renforcer l’équipe sécurité réseau du client. Vous serez responsable de la configuration, du maintien et de la sécurisation de l’infrastructure réseau. Votre rôle consistera à configurer, maintenir et sécuriser les équipements réseau tout en veillant à la conformité avec les politiques de sécurité en place. Compétences requises Maîtrise des produits Fortinet : FortiGate, FortiAnalyzer, FortiManager, FortiAuthenticator Expérience sur le matériel Cisco (switches et routeurs) Solides connaissances en sécurité réseau, firewalling et troubleshooting Bonne communication et rigueur dans la documentation

Workday Security Manager (H/F) – Dans le cadre d’un projet international de mise en place d’un core model Workday, vous interviendrez sur la phase de cadrage et de design du modèle de sécurité et de contrôle. Missions principales : Définir et concevoir le modèle de sécurité Workday dans le cadre du core model global. Participer aux ateliers de cadrage et de design (« Discovery & Design »). Identifier les rôles, autorisations et règles d’accès selon les besoins métiers. Collaborer avec les équipes fonctionnelles (HCM, Finance, Time & Absence…) et techniques pour garantir la cohérence du modèle de sécurité. Mettre en place les contrôles nécessaires et contribuer à la documentation du dispositif. Accompagner la préparation des environnements pour les phases de test et de déploiement.

IT Security Manager Our Client is a large international organisation who are looking to recruit an IT Security Manager with at least 5 to 8 years proven expertise. Provide advice, support and guidance to all Company Corporate functions to assist them to maintain and improve their information security maturity. To work collaboratively with all areas of the Company Corporate and build networks and relationships to promote Information Security. Act as subject matter expert on for IT Security, including legal and regulatory compliance Advise Company Corporate functions on how to achieve the required controls and assist with solutions to support them. Eg Support in the development of standards and their application in line with Group security policies. Participate in Company BU’s Projects giving support, guidance, control validation and overall security assurance. This could also involve sitting on major project steering committees. Support and encourage the ethos and methodology of security by design. Aid GRC to build, implement and facilitate a mechanism to aid BU’s to assess and measure their security compliance to policies. Drive the development of BU/Divisional security roadmaps. Giving oversight of key non-conformities to feed into the CISO roadmap. Coach, train and educate the Company IT and Functions to up skill and increase the security maturity in BU’s. Be an active member of the Company’s IS Security community, contributing to and leveraging the experience and lessons learned from other BU’s Produce, implement and standardise protocol and guidance material to support Business unit activities – examples – Asset register templates, third party due-diligence. Facilitate and chair the security working group meetings Engage and manage third party relationships to support the Company and its affiliates Aid Procurement and the tendering process Raising the security baseline controls and standardising where it makes sense to do so. Understanding the different business requirements and aligning to their objectives Support Security operations to continuously improve information security awareness across the group, including phishing campaigns and associated reporting Experience Experience in an information security risk leadership role within a large organisation. Confident in presenting, discussing and championing ideas and concepts with senior stakeholders. Experience of running information security risk governance processes and structures Familiarity with relevant industry standards for information security (e.g. ISO27001, NIST CSF) Experience of creating, implementing and assessing against information security policies and standards Creativity Able to analyse complex, ambiguous problems and summarise clearly with a view to establishing practical solutions Able to “bridge the gap” between technologists and business-people, bringing to life information security risks to the business, while maintaining a pragmatic outlook on likelihood and impact of the risk and cost/complexity of the mitigation. Ensuring initiatives/programmes are anchored in best practice whilst still being highly practical/pragmatic. Ability to defuse situations and resolve conflict to a win-win outcome Influence others understand their views and agree ways of working that are acceptable to all parties. Business acumen to understand business risks and the information security implications Able to identify when information security risks need to be escalated to achieve the right level of management visibility. Able to prioritise security risks and controls, differentiating the essential from the “nice to have”. Able to judge how to communicate messages to people to maximise buy-in and/or understanding. Able to analyse data with rigour & reach sound conclusions Can assess when further data gathering, or analysis will bring diminishing returns. Can place appropriate weight on prevailing (sometimes conflicting) evidence. Support and manage budget Responsibility Responsibility of information security incident management Responsibility for security assessments and assurance activities (e.g. penetration testing) and when to use them. Oversee and management of security compliance management and reporting in relation to any relevant regulatory or legal requirements Operational responsibility of management of third parties Responsibility for managing change management around project and change leadership. Able to judge the political and other people aspects of a situation, and tailor messages and approach to bring people along. Able to work with others, setting challenging but realistic targets for team members, and through coaching and appropriate guidance, securing a successful outcome. A positive collegiate approach to developing relationships and networks at all levels across the Company and the gravitas to work persuasively with senior stakeholders. Is aware of different styles of stakeholders and can adjust own leadership style successfully to bridge any gaps. The Client and the role is based in Central London – and you will be required to be in the office at least 3 days week. The salary for this position will be £75K + £85K plus Benefits. Please do send your CV to us in Word format for this exciting new position along with your salary and availability.

Dans ce contexte, le GIE recherche un Expert Cybersécurité confirmé, spécialisé dans les scans de vulnérabilités et les tests d’intrusion , afin de renforcer le dispositif de défense et de résilience Missions principales Concevoir, réaliser et piloter les contrôles de sécurité réguliers pour garantir la résilience des systèmes. Implémenter et exploiter les scans de vulnérabilités Web et Infrastructures via Qualys . Réaliser ou piloter les tests d’intrusion sur les actifs du GIE et de ses entités clientes. Produire les rapports de synthèse (écrits et oraux) à destination des chefs de projets, Tech Leads, RSSI et responsables SI. Intégrer les résultats des contrôles au bouclier cyber et évaluer les risques d’exploitation associés aux vulnérabilités détectées. Accompagner les équipes projets dans la remédiation des vulnérabilités identifiées. Concevoir et maintenir les tableaux de bord de suivi des vulnérabilités . Conseiller et assister les différentes parties prenantes (RSSI, architectes, auditeurs, entités clientes) sur les risques et prescriptions de sécurité . Contribuer à la veille technologique et réglementaire et à l’évolution des règles et standards de sécurité du Groupe

CONTEXTE : Experience : 5 ans et plus Métiers Fonctions : Maintenance, Support et assistance utilisateurs, Incident Manager Spécialités technologiques : Gestion des incidents Secteurs d'activités Transport de courrier Description et livrables de la prestation Pour l'un de nos clients dans le secteur du transport, nous sommes actuellement à la recherche d'un Analyste SOC - Incident Manager. Le projet s'inscrit dans le cadre du renforcement des capacités de cybersécurité de l'organisation et de l'amélioration de la surveillance des événements de sécurité. L'objectif est de centraliser la supervision des alertes de sécurité et d'améliorer la réactivité aux incidents grâce à des processus optimisés et des outils modernes. Le SOC utilise plusieurs technologies avancées pour la détection et la réponse aux incidents, notamment : • Technologies SIEM et EDR : Splunk, Azure Sentinel, Tehtris, Trellix. • Outils de visualisation et d'analyse : Power BI, Grafana. • Méthodologie : Approche agile avec un cadre Scrum souhaitable. La prestation consiste à assurer la surveillance, la détection et la réponse aux incidents de sécurité. Elle vise également à améliorer la détection des menaces et à optimiser les processus du SOC en intégrant des solutions d’automatisation et d’analyse avancée. • Piloter la gestion des incidents cybersécurité. • Participer en cellules techniques de gestion de crise cybersécurité. • Participer à l’élaboration des indicateurs garants de l’efficience des processus. • Participer à la définition des évolutions de l’outil de gestion des incidents. • Vérifier la traçabilité des incidents et la qualité de saisie des tickets. • Suivre et analyser les indicateurs afin de remonter les alertes sur les écarts éventuels. • Demander et recueillir les rapports d’incidents. • Etablir des rapports périodiques (hebdomadaire, mensuel, annuel) sur le traitement des incidents et réaliser les analyses de causes, impacts et récurrence. • Animer des réunions périodiques des gestion des incidents • Effectuer des rapports à la demande selon les besoins du management. • Proposer des actions d’amélioration des processus à partir de l’analyse des indicateurs de performance. • Coordonner les intervenants techniques lors de la gestion des incidents majeurs Expertise souhaitée Fonctionnelles : • Expérience en gestion des incidents de cybersécurité. • Bonne compréhension des stratégies de détection des menaces et des processus de réponse aux incidents. • Expérience souhaitable en environnement Agile / Scrum. Techniques : • Maîtrise des technologies Splunk, Azure Sentinel, Tehtris, Trellix. • Expérience avec les outils de visualisation de données Power BI, Grafana. • Compétences en scripting (Python, PowerShell, Bash) pour automatiser certaines tâches SOC. • Connaissance des architectures réseau et systèmes. Séniorité : • Expérience de 5 ans ou plus en SOC, analyse de menace ou investigation sur incidents de sécurité. • Anglais technique requis.

Job title: Cyber Security Assurance Specialist Location: Various - Glascoed/Radway Green/Washington Salary: Up to £42,320 (dependent on skills and experience) What you'll be doing: Deliver cyber assurance services for the Maritime and Land Sector, covering Enterprise Systems, Operational Technologies services and Cloud Identification of risk and appropriate mitigations, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulations Deliver documentation to demonstrate compliance to internal and external stakeholders Assessment and provision of control effectiveness in managing Cyber security risk Provide security architecture / technical input into the development of secure solutions Support development of strategy and continual service improvement for the Cyber Assurance function Act as a subject matter expert regarding Cyber Assurance activities for the wider organisation Your skills and experiences: Industry knowledge of cyber security standards or knowledge of government standards Cyber Assurance / Auditing experience of IT Systems Knowledge of application, infrastructure and security technologies Benefits: As well as a competitive pension scheme, BAE Systems also offers share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The BAE Systems Maritime and Land Sector Cyber Assurance Team: This is an excellent opportunity for you to join a dynamic team and take ownership and be responsible for driving activity through the business, gaining further exposure, and developing your skill sets. You will be responsible for the delivery of Cyber Security assurance activities to ensure 'secure by design' and 'effective in operation' for systems and services in scope, as well as managing the delivery of penetration tests and vulnerability analysis in support of risk mitigation strategies and engaging with stakeholders to promote a mind-set of developing secure systems and transfer knowledge of security standards and processes Closing Date: 15 October 2025