Find your next tech and IT Job or contract Zero trust

Cyber Security Engineer - Permanent Location: Glasgow (Hybrid - 1 day per week on‑site) Overview A leading organisation in Glasgow is seeking a Cyber Security Engineer to drive the transformation from a traditional, governance‑heavy security model to a modern engineering‑led capability. This is a hands‑on, highly technical position focused on building, automating, and scaling secure platforms across cloud‑native environments, enterprise workloads, and emerging AI systems. This role is not a people‑management post in the traditional sense-its purpose is to lead through engineering expertise, act as the technical authority across cloud and endpoint security, and champion modern, automated defences across the digital estate. Key Responsibilities Security Engineering & Automation Architect and implement security controls across Microsoft 365, Azure, Dynamics 365, Kubernetes (AKS), and AI/ML workloads. Lead deployment of Conditional Access, Microsoft Defender for Cloud, Purview DLP, Azure Firewall, and related Microsoft security technologies. Embed security into DevOps pipelines, CI/CD workflows, IaC, and containerised environments. Automate detection and response using Microsoft Sentinel SOAR, custom playbooks, automation rules, and telemetry pipelines. Platform Security Oversight Own endpoint security through Intune, ensuring robust device compliance aligned with Zero Trust principles. Harden AKS clusters through RBAC, secrets management, and runtime protection. Secure AI/ML data pipelines and models, implementing guardrails for model integrity and protection against prompt‑injection threats. Cloud & Network Security Engineer secure configurations across Cisco Meraki infrastructure and Umbrella SWG services. Enforce network segmentation, micro‑perimeter security, and policy‑based routing for hybrid cloud/on‑prem environments. Oversee DNS, secure web access, remote access gateways, and edge protection. Security Operations & Threat Defence Act as the senior escalation point for complex threat investigations and major incident response. Lead red‑team simulations, threat hunting, and vulnerability assessments. Continuously tune detection logic, improve alert fidelity, and enhance security monitoring pipelines. Leadership & Mentorship Provide hands‑on guidance and mentoring to junior and mid‑level security engineers. Shape, communicate, and drive adoption of the security engineering roadmap. Collaborate with architects, delivery teams, and platform owners to ensure security is embedded by design. What We're Looking For Deep technical expertise in Azure, Microsoft 365 Security, Defender, Sentinel, and AKS. Strong background in cloud security engineering, automation, and IaC. Experience with Zero Trust, endpoint security, CI/CD pipeline security, and modern cloud-native controls. Ability to lead through influence and technical authority rather than traditional line management. A problem-solver who thrives in hands-on engineering roles and enjoys building scalable, resilient security capabilities. What's on Offer Permanent role with a hybrid model (1 day per week on-site in Glasgow). Opportunity to drive a major security transformation and build a modern engineering-led capability. High autonomy, impactful work, and a chance to shape security across cloud, enterprise, and AI platforms. To find out more about Huxley, please visit Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy | Registered office | 8 Bishopsgate, London, EC2N 4BQ, United Kingdom | Partnership Number | OC387148 England and Wales

Key Responsibilities Platform Engineering & Delivery: Own the architecture and delivery of shared platform components (APIs, developer tools, cloud infrastructure, CI/CD pipelines, shared services) and production environments that enable high-quality digital services. Ensure platforms are highly available, fault-tolerant, and performant , supporting 24/7 operations and rapid recovery in the event of failure. As the range of products and platforms grows, the need for robust, high-performance, and cost-effective shared solutions for support, live monitoring, incident management, and continuous improvement of services will become increasingly critical. Drive adoption of modern engineering practices , including containerisation, microservices, and automated observability. Cyber Security: Define and implement the cyber security strategy for GDS platforms, embedding zero-trust principles and advanced threat detection. Ensure compliance with NCSC guidance, ISO standards, and relevant government security frameworks. Lead on secure-by-design architecture , encryption standards, and identity management. Critical Infrastructure Resilience: Establish and mature robust live service operations , including real-time monitoring, automated alerting, and incident response protocols. Build resilience into every layer of the stack, from network to application, ensuring continuity of service under extreme load or attack scenarios. Oversee disaster recovery planning and execution for nation-scale systems. Technical Governance and Roadmap: Own the technical roadmap for platform and infrastructure services, ensuring alignment with government priorities and emerging technologies. Set and enforce engineering standards for scalability, interoperability, and cost-efficiency. Team Leadership: Lead multidisciplinary teams of engineers, architects, and cyber specialists. Foster a culture of technical excellence, innovation, and accountability , with a strong focus on continuous improvement and knowledge sharing. Stakeholder Engagement: Work with senior leaders across government and industry to ensure platforms meet user needs and support transformation goals. Represent GDS in cross-government forums on cyber security, resilience, and digital infrastructure.

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3 party software. The aim of the role is to bring the MSP’s (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organisation based in the City of London. This is a hybrid position with 3 days in the office. Must have a Bachelor’s degree in IT or similar. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

IT Infrastructure Operation s and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: The following is a summary of the key skills that the Client would like you to bring to the company. Global Enterprise level Infrastructure Management position for the last 5 years, Buy before Build mentality and demonstrable migration of Legacy VM based estates to SaaS and Azure Cloud services platforms, Global Operational team management experience (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key 3 party operational infrastructure vendor management - i.e. management of managed service partners as a team extension globally, as well as service/solution delivery partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy Infra tech to Azure knowledge/experience, Prior to the last 5 years in Enterprise Management of a global estate/user-base, a demonstrable technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.