Find your next tech and IT Job or contract IT security

A lead security architect works on services of high complexity and risk, making decisions to enable the business to achieve its needs. At this role level, you will: Work across projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organisation. Communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles and strategy for security architecture. Recommend security design across all DWP projects and technologies. Have a deep and evolving level of technical expertise, so you can act as an exemplar. Make and influence important business and architectural decisions. Research, identify, validate and adopt new technologies and methodologies. Be a recognised expert and demonstrate this expertise by solving unprecedented issues and problems. Further the profession, demonstrating and sharing best practice within and outside the organisation. Please note: As part of the role, you may be required to travel to the other digital hubs. The frequency of this will be discussed further, should you be successful.

At CGI, we deliver secure, mission-critical services that strengthen the UK’s Defence capability and drive measurable operational resilience. As a Senior Service Desk Analyst, you will play a pivotal role in ensuring the stability, performance and continual improvement of end-user technology services on a high-profile defence programme. We empower our teams to take ownership of service excellence, shape smarter support processes and contribute ideas that enhance user experience and operational outcomes. Working in a collaborative, high-trust environment, you will help us maintain reliable, secure services that enable our client to focus on what matters most — protecting national interests and delivering critical outcomes. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK ‘Best Employer’ by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, this role is based full time on client site near Chippenham and requires an existing HLC/DV clearance.

At CGI, we help organisations make confident, informed decisions about cyber resilience. As our SOC Solutions & Cyber Advisory Lead, you will sit at the heart of our intelligence-led SOC services, shaping solutions that balance technical excellence with real-world business outcomes. Working directly with clients and internal experts, you’ll influence how services are designed, sold, and delivered, ensuring they are robust, scalable, and aligned to client risk and maturity. You’ll be trusted to lead with insight, encouraged to think creatively about service evolution, and supported by a collaborative culture that enables you to make a meaningful, lasting impact. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK ‘Best Employer’ by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go. If you thrive in high-tempo environments, understand the commercial and operational realities of multi-customer SOC delivery, and want to shape the next evolution of intelligence-led security operations, this role offers the autonomy, scale, and strategic influence to do exactly that. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This is a hybrid position.

The HMCTS Security Architect plays a vital role in embedding Secure by Design principles across the technology lifecycle. Working closely with the Chief Information Security Officer, Principal and Lead Security Architects, and the wider security team, the architect ensures that cyber security activities align with HMCTS’s strategic goals, risk management framework, and evolving security roadmap. This role is responsible for maintaining compliance with key standards including PCI DSS, ISO27001, GovAssure, and the National Cyber Security Centre’s Cyber Assessment Framework. The architect promotes a strong security culture, ensuring that Secure by Design is understood and consistently applied across programmes and platforms. Operating across on-premises, cloud, and hybrid environments, the Security Architect provides expert oversight and guidance to technical teams, enabling informed decisions on security controls. They ensure the effective use of common tools and patterns to deliver secure systems, while applying proportionate controls that support business outcomes. The architect safeguards HMCTS’s data, services, and infrastructure by shaping robust security solutions and coordinating assurance activities. They play a key role in enabling secure innovation and ensuring that security is not just a compliance requirement but a strategic enabler. This role demands a strategic mindset, deep technical expertise, and strong collaboration skills. The Security Architect must influence across multidisciplinary teams, advocate for security best practices, and contribute to the continuous improvement of HMCTS’s cyber security posture. Key Responsibilities: A security architect creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies. At this role level, you will: · Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). · Recommend security controls and identify security solutions that support business objectives. · Provide specialist security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure. · Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes. · Inspire and influence others to execute security principles, communicating widely with other stakeholders. · Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office. · Advise on important security-related technologies and assess the risk associated with proposed changes · Assist, where necessary, with incident response processes to identify architectural issues and solutions. · Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions. · You will be expected to carry out any other duties that may reasonably be required in line with your main duties. · Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards. · Continue to review ongoing security architectural activities

Role Title: Security Architect Location: London Duration: 30/06/2026 Work setup: 3 days onsite/week Rate INSIDE IR35 £700 MUST BE THROUGH UMBRELLA Role Description: Strong experience as a Security Architect in large enterprise or BFSI environments Deep knowledge of: Network Security Identity & Access Management (IAM) Application Security Cloud Security Architecture Hands-on experience with security tools and platforms Cloud & DevSecOps Experience with cloud platforms (AWS / Azure preferred) Secure design for: Containers & Kubernetes CI/CD pipelines Integration of security into DevOps workflows Tools & Technologies (Good to Have) IAM: Azure AD, Okta, Ping Cloud Security: Prisma, Defender, Wiz, Lacework Vulnerability Management: Qualys, Tenable, Snyk SIEM / SOC integration knowledge (Splunk, Sentinel) Soft Skills Strong communication and stakeholder management skills Ability to challenge designs and provide pragmatic solutions Comfortable working directly with senior leadership Problem-solver with a hands-on mindset Nice to Have Prior experience working with global banks or financial institutions Security certifications (CISSP, CISM, CCSP - preferred but not mandatory) Please send latest CV LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Our client is looking for a Security Architect to work on an initial 6-12 month contract. This would be working hybrid in either London, Leeds or Edinburgh with Inside IR35 rates between £340-£470 per day depending on location. The skills and experience you'll have Minimum * Experience as a Security Architect designing products, platforms, systems and components on multiple programmes and projects * Experience of working on the end to end project lifecycle, in a multi-technology environment. * Experience of designing and managing the end-to-end delivery of multi-platform cyber security solutions. * Exceptional communication skills, able and willing to describe and negotiate complex and detailed solutions across a variety of stakeholders. * Exceptional critical thinker and problem solver, able to work with imperfect information in an environment of uncertainty whilst still maintaining high standards, evidenced designs and documentation that consider regulatory, organisational and technology change requirements, the client's divisional and enterprise strategies. Essential * Experience of designing and implementing cyber security platform solutions * Experience with delivery of significant Cyber Security projects in domains, e.g. Attack Surface Management, Threat Detection and Response, Identity Access Management, Information Integrity and Protection and/or Infrastructure Security. * Experience working with AWS technologies. * Experience of best practice security architecture across all cyber security architecture domains and key platform technologies. * Commercial awareness and hands-on experience at costing solution options, understanding procurement frameworks and promoting cost effective solutions. * Collaborative self-starter with positive, proactive, can-do attitude. * Strong experience of technical and environment interdependencies across projects and programmes. * Solid and evidenced knowledge foundation (e.g. CISSP, CISM, etc.) * Experience with formal architectural methodologies and frameworks, including TOGAF, experience in architecture modelling tools and agile methodologies. * Proficient knowledge of UML. * Evidenced continuous professional development and engagement with industry innovators and professional bodies. * Experience of innovation whilst ensuring EA adherence. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role Description This is a full-time hybrid role for an Information Security Manager with 2nd and 3rd Line IT support experience. The role involves day-to-day tasks associated with planning, implementing, and maintaining an Information Security Management System (ISMS), including managing cybersecurity risks, implementing network security measures, and ensuring compliance with industry standards. The Information Security Manager will also provide IT support to the company and will be based in the London office, with flexibility for some remote work. Your past experience must include 2nd and 3rd line infrastructure support where you are able to advise and direct the technical team. Qualifications Experience in Information Security Management and creating and implementing an ISMS Experience in Cybersecurity and Network Security Expertise in Information security best practices and standards Excellent problem-solving skills and attention to detail Strong communication and collaboration skills Bachelor's or Master's degree in Computer Science, Information Technology, or related field Certifications such as CISSP, CISM, CCNA, or equivalent are a plus Experience in IT support or Systems Administration is desirable The position is 3 days in the office per week in Central London. Salary will be negotiable - but like to be in the range £65K - £80K. Do send your CV to us in Word format along with your salary and notice period.

Level 2 SME (Internet gateway security -Netskope & ZTNA) 6 Month contract initially + Extensions Based: Onsite in Coventry Rate: £400 - £500 p/d - (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Level 2 SME (Internet gateway security -Netskope & ZTNA) to join the team. Individual responsibility (T&M) Need experience on the CASB and Internet Gateway security tools especially Netskope & ZTNA. Key Responsibilities; Public Key Infrastructure: * Work with project team and stakeholders for design and build of new Internal Public Key Infrastructure that is possibly Quantum proof * Understand the gaps identified in the existing PKI and to define solutions to address them in new PKI * Build and integrate the PKI with new Certificate Life Cycle Management solution * Understand the concept of cloud Hardware Security Module and integration of it with the Certificate Authorities * Understand and define the certificate template requirements for the internal PKI certificate consumer services Zero Trust Network Access (ZTNA): * Infrastructure requirements and Definition of rulesets for future VPN - ZTNA solution * Build necessary infrastructure to support ZTNA * Discovery of VPN dependent applications and plan for the firewall changes as needed * Collaborate with multiple stakeholders along with the application support team for the delivery of ZTNA solution Networks and Other activities: * Work with the product team to understand requirements and the discovery activities for Network Segmentation built with Kill Switch requirement for cyber security * Collaborate with the networks team for any Network change requirement/network related issues for any product within the product team * Understand requirements for the Proxy Access Control file, necessary changes to it to be raised appropriately with Networks team * Connect with the Enterprise compute team for deployment of Internet Security tool to endpoints, upgrades to the tools and maintenance of the tools * Management of the EntraID enterprise apps which are required for the Internet Security tool to function with SSO, SCIM, IDP features Key Skills & experience: Internet Gateway Security : * Work with the team to understand the product requirements to build Internet Security policies as necessary to protect the corporate user endpoints * Define, enable, review internet security policies and the traffic steering configurations in the tool sets - Secure Web Gateway, Cloud Access Security Broker * Understand data exfiltration possibilities and to build Data Loss Prevention policies as needed * To work closely with the Security Operations team to enhance security requirements, apply adhoc denies to risky sites, Exception requirements from colleagues * High knowledge on the SSL inspection concept to define SSL decryption bypass policies without compromising security features * Work closely with the end users for any website exception requirements in line with SOC requirements, to resolve DLP / SSL inspection related problems * Complete administration of the Netskope tenant This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

AI Security Engineer 6 Month contract initially Location: Hybrid - Max 2-3 days p/w onsite in Knutsford Rate: £600 - £630 p/d (via Umbrella company) We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for an AI Security Engineer to join the team. Key Responsibilities: * Drive enhancements to the AI/GenAI security platform and scanning infrastructure, ensuring alignment with strategic goals and approved budgets. * Work alongside engineers to contribute to Design, build, and optimise cloud-native Data & GenAI Security services * Support stakeholders in leveraging and adopting the latest Data & GenAI Security cloud-native application architectures. * Ensure all Data Security architecture and cloud infrastructure accommodates the latest security and software lifecycle patterns. Key Skills & Experience: Standard Technical Skills & Competencies * Experience conducting threat modelling, penetration testing, and vulnerability assessments across AI/ML ecosystems, including data pipelines, model APIs, and supporting infrastructure. * Hands on expertise with core cybersecurity technologies, such as firewalls, SIEM platforms, IDS/IPS, and related security tooling. * Proficiency in Python, with the ability to develop automation, security tooling, and data driven scripts. * Strong understanding of secure software development practices, including OWASP principles and DevSecOps methodologies integrated into CI/CD workflows. * Experience securing cloud and AI workloads on major cloud platforms such as AWS and Azure. * Working knowledge of machine learning concepts, data processing techniques, and common AI/ML frameworks (e.g., PyTorch, Scikit learn, LangChain) - considered a strong advantage. Threat Analysis & Vulnerability Assessment: * Conduct regular threat assessments to identify vulnerabilities in AI/ML systems. * Develop benchmarks, tools and scripts to automate vulnerability testing for AI/ML applications. * Perform code reviews and penetration testing of AI-related software. Research & Development: * Stay updated on emerging trends, technologies, and best practices in AI/ML security. * Execute PoCs/PoVs to evaluate emerging trends, technologies and practices in the industry. * Create high quality technical documentation and user guides * Contribute to the development of cutting-edge AI/ML security tools and techniques. This is an excellent opportunity on a great project of work, If you are looking for your next exciting opportunity, apply now for your CV to reach me directly, we will respond as soon as possible. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

2nd Line Security Analyst Bath Hybrid working - 2-3 days a week £Competitive + Progression into Leadership + A Healthy Training and Development Budget + 25 Days Annual Leave + Bank Holidays + Matched Pension (5-9%) + Hybrid Working Excellent opportunity for a 2nd Line Security Analyst/EUC Security Analyst or similar to join a company offering a career path into leadership, a great benefits package, and a very healthy training and development budget. This company have been undergoing a massive global business change and transformation project and are now turning their attention to their Cyber Security Teams and expanding these globally. In this role you will serve as an escalation point for the 1st Line Team, and dealing with Incident Response, containment, and remediation of threats like malware, phishing, and unauthorized access. You will escalate issues to third line where applicable. You will work to Cyber Essentials and CompTIA Security+ standards. The ideal candidate will hold a Cyber Essentials accreditation and have experience in a similar position. Candidates holding a CompTIA Security+ accreditation are also encouraged to apply. Candidates must be located in and around the Bath area as on-site working will be required. Candidates must have full right to work in the UK. This is a fantastic opportunity to join a business offering a very healthy training and development budget, a great benefits package, and progression all the way up to Global Team Leadership. The Role: *2nd Line Security Analytics / EUC Security Analytics *Incidence Response, Containment, and Remediation *Escalating to third line when applicable *Hybrid working - 2-3 days a week onsite The Person: *Holds a Cyber Essentials and/or CompTIA Security+ accreditation *Experience within a similar position *Looking for progression *Commutable to Bath Reference Number: BBBH265960 To apply for this role or for to be considered for further roles, please click "Apply Now" or contact Tommy Williams at Rise Technical Recruitment. Rise Technical Recruitment Ltd acts an employment agency for permanent roles and an employment business for temporary roles. The salary advertised is the bracket available for this position. The actual salary paid will be dependent on your level of experience, qualifications and skill set and will be decided by our client, the employer. Rise are not responsible or liable for any hiring decisions made by the end client. We are an equal opportunities company and welcome applications from all suitable candidates.

Our defence client is looking for a Network Security Engineer to work on an initial contract until the end of March with strong potential of further extensions. The role would be based 2-3 days per week in Corsham with work from home. Candidates would require an active DV clearance, or an SC and be willing to go through DV. Essential Knowledge, Skills and Experience * Demonstrable KSE: o Infrastructure Access control consisting of:  Ubuntu and/or Linux System administration  LDAP Design and Management  RADIUS / TACACS configuration o Significant, demonstrable, experience in providing security engineering input to the installation, configuration, maintenance, administration, and support of related or similar solutions. o Significant demonstrable experience in understanding and administration of PKI Hierarchy. o Demonstrable experience of security policy frameworks including, but not limited to, NIST CSF, ISO 27001 and MOD-specific concepts including MoD Secure by Design (SbD). o Experience in providing security engineering input to the implementation of:  Virtualisation technologies such as VMware ESXi 8 and VCentre 8.  Network infrastructure such as CISCO IOS-XE, CISCO ASA, BGP, VRF/MPLS, VPN, QoS. o Clear understanding of JSP 604/453 network security engineering compliance * Highly Desirable Qualifications: o Relevant Cyber Security qualifications such as CompTIA Security+, GIAC Security Essentials Certification, Systems Security Certified Practitioner. * Desirable: o Device automation using scripting such as Python / PHP o Delivering against high pressure timelines and in complex organisations. o Writing and analysing technical requirements. o Conducting product selections against complex requirements, specifically measuring performance, cost, and time. o Working as part of a large technical team. o Experience of Cyber Essentials/Cyber Essentials Plus. o Experience of Penetration Testing and IT System security. o In-date professional registration with organisations such as APMG or CIISec * Effective communication skills, both written and verbal. * Strong critical thinking and analytical skills to solve problems through innovative and practical solutions. * Competency in MS Office Suite. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 18 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

We are looking for an experienced engineer to design, automate, and operate our cryptographic and certificate management capabilities across a large-scale, mission-critical environment. You will play a key role in securing our hybrid infrastructure (Windows, Linux, Azure cloud-native services) by building resilient PKI, crypto services, and automation pipelines that scale. Your role Design, implement, and automate cryptographic services, PKI infrastructures, and certificate lifecycle management across cloud and on-prem platforms. Build secure automation and Infrastructure-as-Code pipelines to support our internal PKI and crypto services. Partner with internal engineering teams to advise, design, and integrate cryptographic solutions aligned with our standards. Troubleshoot and resolve production issues related to cryptography and certificate services. Participate in a Watch Duty rotation (approx. 1 day/week) to ensure operational continuity of critical crypto systems. Mandatory Technical Skills Strong experience with Azure security services, especially Key Vault, HSM integration, and secret/key lifecycle management. High proficiency in Terraform, Ansible, and automated configuration/deployment workflows. Deep understanding of PKI, certificate management, and modern cryptography (X.509, elliptic curve, key exchange, signing & encryption standards). Hands-on experience implementing or integrating cryptographic protocols: CMS, SCEP, ACME, SAML, TLS, etc. Proficiency in automation and scripting (Python required; PowerShell and Java are assets). Solid understanding of networking and security fundamentals. Experience debugging at system level on Windows/Linux (ETW, strace, tcpdump, wireshark, etc.). Nice to Have Experience with large, regulated, mission-critical environments. Knowledge of cloud-native identity and access patterns beyond PKI. Contributions to security automation frameworks or internal tooling. Soft Skills Strong communication skills in English (C1+). Ability to collaborate effectively with engineering, architecture, and security teams. Proactive problem solver with a structured approach. High level of ownership and accountability. Ability to identify risks, propose solutions, and challenge the status quo. Bachelor’s Degree in Computer Science or equivalent experience.

Cyber Security Engineer - Permanent Location: Glasgow (Hybrid - 1 day per week on‑site) Overview A leading organisation in Glasgow is seeking a Cyber Security Engineer to drive the transformation from a traditional, governance‑heavy security model to a modern engineering‑led capability. This is a hands‑on, highly technical position focused on building, automating, and scaling secure platforms across cloud‑native environments, enterprise workloads, and emerging AI systems. This role is not a people‑management post in the traditional sense-its purpose is to lead through engineering expertise, act as the technical authority across cloud and endpoint security, and champion modern, automated defences across the digital estate. Key Responsibilities Security Engineering & Automation Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads. Lead deployment of Conditional Access, Microsoft Defender for Cloud, Purview DLP, Azure Firewall, and related Microsoft security technologies. Embed security into DevOps pipelines, CI/CD workflows, IaC, and containerised environments. Automate detection and response using Microsoft Sentinel SOAR, custom playbooks, automation rules, and telemetry pipelines. Platform Security Oversight Own endpoint security through Intune, ensuring robust device compliance aligned with Zero Trust principles. Harden AKS clusters through RBAC, secrets management, and runtime protection. Secure AI/ML data pipelines and models, implementing guardrails for model integrity and protection against prompt‑injection threats. Cloud & Network Security Engineer secure configurations across Cisco Meraki infrastructure and Umbrella SWG services. Enforce network segmentation, micro‑perimeter security, and policy‑based routing for hybrid cloud/on‑prem environments. Oversee DNS, secure web access, remote access gateways, and edge protection. Security Operations & Threat Defence Act as the senior escalation point for complex threat investigations and major incident response. Lead red‑team simulations, threat hunting, and vulnerability assessments. Continuously tune detection logic, improve alert fidelity, and enhance security monitoring pipelines. Leadership & Mentorship Provide hands‑on guidance and mentoring to junior and mid‑level security engineers. Shape, communicate, and drive adoption of the security engineering roadmap. Collaborate with architects, delivery teams, and platform owners to ensure security is embedded by design. What We're Looking For Deep technical expertise in Azure, Microsoft 365 Security, Defender, Sentinel, and AKS. Strong background in cloud security engineering, automation, and IaC. Experience with Zero Trust, endpoint security, CI/CD pipeline security, and modern cloud-native controls. Ability to lead through influence and technical authority rather than traditional line management. A problem-solver who thrives in hands-on engineering roles and enjoys building scalable, resilient security capabilities. What's on Offer Permanent role with a hybrid model (1 day per week on-site in Glasgow). Opportunity to drive a major security transformation and build a modern engineering-led capability. High autonomy, impactful work, and a chance to shape security across cloud, enterprise, and AI platforms. To find out more about Huxley, please visit Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC387148 England and Wales

CGI’s Space, Defence & Intelligence business unit delivers secure, mission-critical solutions that support national defence. We are seeking an Azure Cloud Engineer to support a highly secure programme for UK Defence. You will work on an established secure project— a global electronic medical and dental records system used by the UK Armed Forces worldwide, including deployed and maritime environments. This is a hands-on role supporting a live, business-critical service. This position will require some on site work requirements in Leatherhead, as well as holding or going through UK Security Clearance.

Description: Role Title: Cyber Risk Analyst Location: Knutsford 60% office 40% home Duration: 30/10/2026 £497.40 per day INSIDE IR35 MUST BETHROUGH UMBRELLA Role Description: Role Overview: The Lead Cyber Risk Consultant will spearhead the EOL risk assessment project, providing strategic direction and oversight. In this role, you will lead a comprehensive evaluation of cybersecurity risks associated with End-of-Life technologies across the bank and apply a new cyber risk methodology to assign risk ratingsvii. You will identify opportunities to reduce residual risk in obsolete systemsviii, and guide remediation efforts through to successful transition into BAU processesix. This position requires excellent leadership, communication, and stakeholder management to coordinate between technical teams and senior managementx. Required Skills & Competencies: Cyber Risk Expertise: Deep knowledge of cyber risk management practices, including risk assessment methodologies and frameworks (e.g. NIST CSF, ISO 27005, FAIR). Ability to identify, classify, and prioritize cybersecurity risks in a large enterprise environmentxviii. Technical Understanding: Strong understanding of IT infrastructure and applications, especially the challenges posed by End-of-Life technologies (outdated operating systems, unsupported software, legacy hardware). Capable of evaluating technical dependencies and security implications of obsolete systemsxix xx. Analytical & Methodological Skills: Advanced analytical skills ("cyber analytics"xxi), including proficiency with risk analysis tools or GRC platforms for tracking risk items. Comfortable analyzing data (e.g. asset inventories, vulnerability scan results) to quantify risk levels and support data-driven decision making. Leadership & Coordination: Proven ability to lead a team or project in a cybersecurity context. Excellent organizational skills to manage multiple parallel workstreams (risk assessment phase, remediation phase, reporting, etc.), ensuring milestones are met on time. Communication & Stakeholder Management: Exceptional communication skills, both written and verbal. Able to translate technical risk issues into business terms and present findings/recommendations to stakeholders at various levels2. Strong stakeholder management and negotiation skills to drive consensus on remediation priorities and resource allocation. Problem-Solving: Adept at solving complex problems and devising risk mitigation strategies. Can balance security requirements with operational practicalities, recommending solutions that reduce risk while enabling business objectives. Adaptability: Flexibility to work with both onshore and offshore teams. If offshore, willingness to align part of your working hours to UK business hours for effective collaboration3 4. Qualifications & Certifications: Certifications: Industry-recognized certifications in cybersecurity/risk are highly desirable. Examples include CISSP, CISM (information security management), and especially CRISC (Certified in Risk and Information Systems Control) or CISA for IT risk control. These certifications demonstrate a solid foundation in managing enterprise IT risks and controls. Framework Knowledge: Familiarity with relevant security standards and regulations. Knowledge of ISO 27001 information security management and risk assessment standards, NIST cybersecurity framework, and banking industry regulations or guidelines for operational risk/cyber risk is beneficial. Other: Any certifications in cloud security or technical areas are a bonus if EOL systems span on-prem and cloud (e.g. AWS/Azure security certifications), as well as project management certifications (e.g. PRINCE2, PMP) which can aid in managing the engagement. Experience: Years of Experience: Approximately 8-10+ years of experience in cybersecurity, with a significant portion in cyber risk management or security consulting roles. Prior experience leading risk assessment projects or large-scale security consulting engagements is expected. Domain Experience: Demonstrated experience in conducting risk assessments, security audits, or vulnerability management in complex IT environments. Experience should include evaluating technology lifecycle issues, such as dealing with outdated systems or large-scale remediation programs, ideally within a financial services or highly-regulated industry. Project Leadership: Past roles should reflect the ability to manage or coordinate security projects and to work cross-functionally (e.g., working with IT infrastructure teams, application owners, and governance/Risk functions). Evidence of successfully driving risk remediation initiatives or advising on risk treatment plans is important. Please send latest CV LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance. A multiple award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over consecutive years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience. Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.

The Role We are seeking an experienced Java API Developer to join our Digital Asset development team. This is a hands on engineering role responsible for building and operating secure, resilient API services that power institutional digital asset capabilities-spanning digital custody, tokenization enablement, digital transfer agency, and digital cash/settlement workflows. You will work closely with cross-functional teams to build robust, scalable, and secure digital asset products that meet our business and technical requirements. Your responsibilities: * Design, develop, and maintain Java backend services and REST APIs that support digital asset product flows (custody, tokenization, TA, digital cash/settlement) and integrate cleanly into the broader platform. * Build API services that participate in the platform's centralized integration approach-supporting client/app onboarding and app-to-service integrations via an Integration Hub and secure gateways. * Implement APIs that align to enterprise API design/security/publishing requirements, ensuring designs are review-ready and compliant with internal standards (security, documentation, and platform requirements). * Partner with product, architecture, and security stakeholders to implement policy-aware integration patterns * Contribute to digital asset data patterns, including standardized interfaces and integration points such as Digital Data Interface and Digital Event Stream concepts where applicable for downstream reporting/analytics and operational workflows. * Build and maintain automated tests (unit/integration) and ensure strong quality gates for services supporting regulated digital asset processing. * Support production readiness: observability (logs/metrics), incident triage, performance tuning, and resilience improvements for APIs operating in a regulated, high availability environment. * Collaborate across teams to drive clear API contracts and dependencies for integrations to traditional platforms (e.g., custody/cash/fund accounting) as part of a hybrid digital + traditional operating model. Your Profile Essential skills/knowledge/experience: * Strong experience building Java backend APIs (REST) in financial services, ideally including digital assets or closely related domains (custody, cash, fund services, or regulated platforms). * Hands on expertise with Spring Boot and common Spring components used for API services (web, security, data access). * Hands-on experience deploying and operating containerized Java microservices on Kubernetes (e.g., AKS), including working knowledge of core concepts such as Deployments, Services, Secrets, resource requests/limits, and basic troubleshooting in clustered environments * Experience working with relational databases (e.g., Oracle) and ORM/data access patterns * Proven ability to design and implement API contracts with strong discipline around versioning, backward compatibility, and documentation, aligned to internal API Development Standards. * Strong understanding of security-first API engineering in regulated environments (authentication/authorization patterns, secure integration paths, least privilege mindset). * Experience delivering production-grade services with strong engineering practices (code reviews, automated testing, operational readiness). * Experience working effectively with multi-location engineering teams. Desirable skills/knowledge/experience: * Experience building services that integrate with digital asset platform components such as tokenization, wallet management, smart contract management, or custody-related workflows. * Familiarity with integration models that span traditional and digital, including standards-based messaging approaches and hybrid architectures used to connect platforms. * Exposure to event/data distribution patterns for digital assets (e.g., event streams and data interfaces that feed reporting/analytics/monitoring). * Understanding of digital asset ecosystem concepts (permissioned vs permissionless connectivity; third party DLT providers; secure key infrastructure/HSM adjacency at a platform level). * Exposure to Node.js for front end support or lightweight backend-for-frontend (BFF) services, including working with REST APIs and understanding how Node.js services integrate with enterprise Java or platform backends. LA International is an award-winning partner of choice for many of the world's most influential companies and government organisations. Holding Enhanced Government Security Accreditation, we are recognised as the European market leader in the delivery of Security Cleared talent to organisations that demand the very highest levels of security, compliance and assurance. A multiple award-winning organisation, having secured the prestigious Queens Award for Enterprise: International Trade over consecutive years. We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience. Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.