Find your next tech and IT Job or contract role.

**SC CLEARED ROLE, INSIDE IR35, REQUIRES 3 DAYS A WEEK ONSITE** A Compliance & Risk Support Analyst helps an organization maintain regulatory adherence and minimize potential risks by identifying / logging risks, developing mitigation strategies, and monitoring compliance. Key duties include conducting risk reviews, analyzing data, maintaining risk registers and policies, preparing for and support evidence collection for audits, and educating staff on compliance and risk management. Essential skills include strong analytical abilities, attention to detail, clear communication, and a keen understanding of industry best practices. Key Responsibilities Risk Management: Conduct risk assessments, identify potential risks, and develop strategies to mitigate them. Policy & Procedure: Assist in developing, implementing, and monitoring compliance and risk management policies and procedures. Data Analysis: Analyze data to identify trends, potential areas of concern, and support informed decision-making. Audits & Assessments: Support internal and external audits and risk assessments. Training & Guidance: Provide guidance and support on risk and compliance matters to the team. Essential Skills & Qualifications Analytical Skills: Ability to source, collate, and interrogate data to support risk analysis. Communication: Articulate complex technical and risk-related information clearly to both technical and non-technical audiences. Attention to Detail: A keen eye for detail is crucial for accuracy in data analysis and policy adherence. Proactive Mindset: A proactive approach to identifying and addressing risks before they become major issues. Technical Proficiency: Familiarity with IT system components, and Risk Management. Desirable familiarity with The NIS (Security of Network & Information Systems) Regulations 2018, and CAF (Cyber Assessment Framework) in UK LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Head of IT Infrastructure and Security In summary we are looking to recruit an all-round individual with expert knowledge and hands-on experience of IT Infrastructure coupled with Security, Compliance & Risk Management You must have upwards of 10 years hands-on expertise in IT Infrastructure combined with Security and Risk – ideally from within the banking or insurance sector. The Head of IT Infrastructure and Security Lead is responsible for overseeing the organization's IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. Some of the key points to consider for this role are: • Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. • Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. • Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). • Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. • Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Technology: • Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, • Microsoft AD (Entra), Server and SQL experience, • O365 administration and design • Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. • Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Summary: • Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. • Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. The role will involve managing a Cloud environment in a team of 4 Technical people. Managing 6 different suppliers which include Security, IT Networks, Hosting and Servers and 3rd party software. The aim of the role is to bring the MSP's (suppliers of hardware and software) to the same page for the stakeholders and the Board and ensure technology is running smoothly. The Client is a financial organization based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £95K plus Excellent Benefits. Do send your CV to us in Word format along with your salary and notice period.

Job Title: Cyber Security Cloud Assurance Specialist Location: Preston or Frimley. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role Salary: Circa £50,000 dependent on experience What you'll be doing: Delivering cloud assurance services to the business, Enterprise IT, IM&T Sector and Group Functions Analysis of cloud solutions, providing control recommendations (covering technical / physical / procedural / personnel) to ensure cloud solutions are compliant with internal / external standards and regulations Conducting security risk assessments, working alongside stakeholders / Cloud Service Providers to ensure identified risks are reduced to acceptable levels, advising appropriate mitigating requirements where necessary Delivering documentation to demonstrate compliance to internal and external stakeholders Assessment of and provision of control effectiveness in managing information security risk Supporting development of strategy and continual service improvement for the assurance function & business cloud adoption Your skills and experiences: Essential: Infrastructure, IT and / or IT Security experience associated with the management of cloud platforms, security risk and architectures Experience of cloud administration, security or auditing Working knowledge of Vulnerability Management, particularly in prioritisation and remediation Working knowledge of industry security standards such as; NCSC Cloud Principles, Cloud Security Alliance Desirable: Threats, risks, vulnerabilities and risk mitigations strategies and techniques, specifically for Cloud services Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cloud Security Assurance Team: As part of the Cloud Security Assurance team, you will act as a subject matter expert in relation to cloud security, working closely with a variety of projects throughout the organisation. You will be responsible for providing security input, technical oversight, advice and assurance, to ensure cloud services utilised by the organisation are implemented and operated securely. Progressing policies and procedures, this role has great exposure across multiple business units within BAE Systems in a tight-knit team and friendly working environment. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 29th October 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-NP1 #LI-Hybrid

We plan to be at the heart of one of the most digitally advanced medical regulators in the world and we need people who can help us deliver that ambition. D&T is a great place to build your career and we are committed to enabling our people to do the best work of their lives. The Technology & Service Operations function is responsible for managing the existing IT infrastructure including both software and hardware, databases, and other technology platforms; leading the support and maintenance of applications; development and testing of new applications and platforms; and cyber and information security for the Agency. The Network Core Engineer will play a key role in managing and delivering network projects and BAU tasks, with a particular focus on critical areas such as the network core, data centres, and related infrastructure. This role is vital in ensuring the stability, performance, and security of the core network as the MHRA undergoes a significant overhaul of its IT infrastructure, including the deployment of new equipment in these critical areas. The successful candidate will provide advanced expertise in core network technologies, working closely with both senior and junior engineers to ensure smooth operations and continuous improvement. You will act as an escalation point for more complex issues related to the network core and data centre environments, providing guidance and troubleshooting support to junior engineers when necessary. The role also involves collaborating with other teams to align core network initiatives with the overall IT strategy. Key responsibilities: This is a hands-on technical role where you will be expected to interact daily with core IT Infrastructure technologies. You are expected to be able to configure, manage and diagnose the IT Infrastructure components detailed in this advert. Technical skills and IT systems we use: We are undertaking a program of works that is focused on reducing our suppliers and vendors to ensure we can build skillsets around vendor technology stacks. This roll will require the technical skills in Cisco security systems and services. Be able to Deploy, manage and configure Cisco FTD firewalls via FMC in redundant configurations Be able to Manage and configure Cisco ISE Understand least privilege concepts and securing internet connected firewalls Running firewalls as a core and (optional) supporting micro segmentation of services from virtual platforms using FTD/FMC technologies Generally understand and be able to manage and deploy advanced FMC configuraqtions such as: OSFP, VLAN and VLSM in firewalls, NAT/PAT/S-NAT, Site to Site VPN’s, ACL’s and DACL’s Leadership and Escalation: Lead and manage the successful execution of core network projects, ensuring that they are delivered on time, within scope, and aligned with the MHRA’s IT strategy. Serve as the main escalation point for junior network engineers, providing advanced troubleshooting and technical expertise in resolving complex core network and data centre issues, ensuring high-quality resolutions that prevent future incidents. Mentor and support junior engineers, fostering a collaborative environment and encouraging skills development across the team. Core Network Stability, Security, and Performance: . Implement and maintain robust security protocols to safeguard core network infrastructure, ensuring compliance with security policies and regulatory requirements. Proactively monitor and assess core network performance, identifying potential risks or weaknesses and applying pre-emptive solutions to minimize downtime and service disruptions. Play a pivotal role in the agency’s ongoing IT infrastructure overhaul by recommending, testing, and integrating cutting-edge core network technologies. Collaboration and Stakeholder Management: Collaborate closely with the Lead Network Architect, project teams, and other IT functions to ensure that core network strategies are fully aligned with the overall IT infrastructure roadmap and broader organizational goals. Establish and maintain productive relationships with external vendors, ensuring their services and products meet the agency's performance, security, and contractual expectations. Engage with senior stakeholders and cross-functional teams to communicate project progress, core network performance, and ensure that business requirements are consistently met.

Job title: Cyber Security Assurance Specialist Location: Various - Glascoed/Radway Green/Washington Salary: Up to £42,320 (dependent on skills and experience) What you'll be doing: Deliver cyber assurance services for the Maritime and Land Sector, covering Enterprise Systems, Operational Technologies services and Cloud Identification of risk and appropriate mitigations, development & analysis of secure solutions (covering technical / physical / procedural / personnel controls) and assessment of compliance with internal and external standards and regulations Deliver documentation to demonstrate compliance to internal and external stakeholders Assessment and provision of control effectiveness in managing Cyber security risk Provide security architecture / technical input into the development of secure solutions Support development of strategy and continual service improvement for the Cyber Assurance function Act as a subject matter expert regarding Cyber Assurance activities for the wider organisation Your skills and experiences: Industry knowledge of cyber security standards or knowledge of government standards Cyber Assurance / Auditing experience of IT Systems Knowledge of application, infrastructure and security technologies Benefits: As well as a competitive pension scheme, BAE Systems also offers share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The BAE Systems Maritime and Land Sector Cyber Assurance Team: This is an excellent opportunity for you to join a dynamic team and take ownership and be responsible for driving activity through the business, gaining further exposure, and developing your skill sets. You will be responsible for the delivery of Cyber Security assurance activities to ensure 'secure by design' and 'effective in operation' for systems and services in scope, as well as managing the delivery of penetration tests and vulnerability analysis in support of risk mitigation strategies and engaging with stakeholders to promote a mind-set of developing secure systems and transfer knowledge of security standards and processes Closing Date: 15 October 2025

Role: Security tester (manual) Rate: Outside IR35 Location: Remote with occasional travel to Croydon Duration: 6 months initially SC clearance or eligible The Security Tester will play a key role in delivering robust application security testing aligned with Secure-by-Design (SbD) principles and compliance frameworks such as NIST, CAF, and CAT. This role supports strategic aim to scale enterprise security testing capabilities, reduce outsourcing reliance, and embed security into the software development lifecycle. Key Responsibilities * Conduct Security Testing using SAST and DAST tools * Collaborate with Cyber Security Managers and Governance teams to ensure alignment with organisational security policies and standards * Mentor and upskill team testers in application security testing and automation * Track and report on security metrics and KPIs, including vulnerability trends and remediation outcomes. * Integrate security testing into CI/CD pipelines, supporting shift-left strategies and DevSecOps practices. Required Skills & Experience * Strong understanding of security standards including OWASP, NIST SP 800-53, ISO 27001, and CIS Benchmarks. * Experience with SAST/DAST tools and Cloud Security platforms (AWS, Azure). * Familiarity with Secure-by-Design principles and organisational security policies. * Experience with penetration testing, risk assessment, and compliance testing. * Proficiency in tools such as JIRA, SharePoint, and vulnerability management platforms. Desirable Attributes * Ability to interpret and apply OWASP and NIST security principles across diverse project environments. * Strong stakeholder engagement and communication skills. * Experience in developing deployment checklists and decision trees for secure tool usage. * Certifications such as CREST CRT, OSCP, CEH, or SANS are highly desirable. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Technology Planning and Governance Manager Be responsible for the ongoing development and maintenance of the technology alignment roadmap for Corporate working closely with senior stakeholders, systems owners and 3 parties to deliver innovation. Lead day-to-day support and management of the core business Applications Portfolio lifecycle including but not limited to Finance, Legal, Property, Pensions, Treasury, HR, Business Development, Payroll and our Corporate Intranet ensuring that delivery of change is fit for purpose, of high quality, reliable and secure. Role Responsibilities Drive customer-centricity and stakeholder engagement, work closely with Corp functions to align application roadmaps with the combined Corp IT / SSC annual technology plans and dependencies. Work with senior stakeholders to build, document and map business capability to solution architecture across the Corp. Take ownership and develop a technology roadmap that meets the application requirements of the Corp to support the wider Company businesses. Evaluate the potential impacts of application workloads moving to cloud, notwithstanding the threats and opportunities for Corp functions. Shape, create and present business cases for high level initiatives, seek approval, funding and prioritisation with senior stakeholders. Understand the capital allocation requirement across the Corp functions plus the overall impact of application change on the operational expenditure budget. Align technology roadmaps and annual budget planning, use as the foundation for reporting on the state of the Corp Application portfolio. Provide technical leadership for Corp initiatives engaging across the Company where corporate applications service the wider businesses. Solve complex business problems with process and technology that cut across Corp group such as Identity and Access Management. Document and review IT standards, procedures and policies to ensure compliance with legal and regulatory requirements. Liaise with internal and external audit teams. Develop and adapt innovation tools and processes to drive operational excellence within Corp IT. Establish and maintain a consistent and integrated approach to information security and data protection governance in line with audit requirements. Create alignment on how to utilise governance forums such as User Experience and Architecture to improve services delivered to Corp functions. Manage solution architects, contractors, 3 Parties and business analyst in the future. Experience Required Significant and relevant progressive IT experience Experience of being in a practical solution planning and technical architecture design role is essential e.g. SaaS, Identity and Access Management Good understanding of emerging and innovative technologies, how to shape, deliver and leverage those technologies Experience of architecture business capability mapping, data management governance, technology roadmaps and project delivery lifecycle processes. Experience of ensuring compliance between corporate business application roadmaps and IT roadmaps. Experience of working within an ITIL service management environment with strong knowledge of business systems or applications within a corporate environment. Ability to deal with and manage conflicts whilst building successful business relationships across a range of stakeholder groups both internal and external to the organisation. Proven leadership skills, setting objectives and ensuring delivery of services to target Proven contract management, supplier management, procurement, and vendor selection experience Experience of systems such as Microsoft Office 365, Dynamics 365, SAP Success Factors, Treasury Openlink Findur, CMS, BACs Payment Platforms, Microsoft Power BI, Integration/ETL, Azure Active Directory Single Sign On and other bespoke applications Experience in executing business continuity planning and IT DRP Creating solution and technical application architectures, IT standards and policies Day-to-Day management of the Application Portfolio, its currency, dependencies and risk Technical lead on major system changes and upgrades Responsible for the development and management of Solution Architects, Business Analyst and contract resources Provide support to Corporate functions and wider businesses to enable them to optimise their use of corporate applications Vendor Management and selection (RFIs / RFP support) The Client is based in Central London. Please do send your CV to us in Word format along with your salary and availability.

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,500 people across our London, Southampton, Cardiff and Manchester offices. Reporting to the Head of Starling Banking Services as our Risk and Compliance Manager, you will own and manage approach and day to day activity to ensure SBS is complying with all applicable legal and regulatory obligations from a policy and operational point of view. You will lead a small team to ensure SBS financial crime and compliance policy aligns with Bank policy and our operational activities are carried out in a timely manner. This role covers financial crime including transaction monitoring, sanctions screening and fraud monitoring as well as some operational risks and compliance activity. Key Responsibilities Include: Act as the leader of the Risk and Compliance function within SBS, ensuring SBS policy fits in with Bank policy and all operational activities are carried out in a timely and compliant manner. Reporting of relevant compliance and financial crime MI to senior management and stakeholders Setting best practice in relation to transaction monitoring, sanction screening and compliance within the team and ensuring these steps are carried out by the team Representing SBS at relevant internal risk and economic crime committees Working with 2LOD to ensure best practices are being considered within the SBS team Carrying out initial and ongoing onboarding of new SBS clients Acting as a point of escalation for sales and account management colleagues on compliance matters relating to the live and prospective clients Own the RCSA process for SBS in conjunction with senior management

Global Resilience Risk Specialist Technology Risk Lead Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure the bank understands, and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to global businesses, functions and entities we operate in. This is achieved through: Completing analytical assessments and opining on the control environment of the First Line of Defence (1LOD) within Businesses Constructive challenge to the global businesses and functions on their control environment and assessment of risk Oversight of emerging risks, strategic business initiatives and local change activity and new/materially changed products Analysis of risk exposure across all bank operations and territories to inform capital management and stress testing requirements Completing thematic reviews and aggregated reporting of the Non-Financial Risk profile of the bank Responsibility for the implementation of a Risk Management Framework (RMF) that sets out governance, policies and practices to proactively identify, assess, measure and report on, mitigate and control operational risk exposures associated with the businesses and operations at all levels of the organization. The role holder will maintain close working relationships with the wider ORR team, locally, globally and globally Key Accountabilities: The role holder will have global responsibility for: Leading the deployment of deep subject matter expertise around technology risk globally Providing issues, event and incident oversight, including specialist oversight of technical controls globally Supporting country and global ORR Managers with all technology risk related queries Providing advice, guidance and challenge to senior businesses, functions and entity management, ensuring robust opinion is provided through global governance Recommending risk appetite thresholds for technology risk, and oversee risk appetite monitoring Providing guidance and support with policy writing, owning and monitoring compliance with a comprehensive set of clear and concise policies that outline the key principles and minimum requirements applicable to the management of technology risk Engaging with risk owners, control owners and risk stewards to ensure technology risks are managed in accordance to policy Overseeing compliance, for example, through the Risk and Control Assessment process, Top Risk Assessments and Incident Management process Promoting and developing technology risk awareness and risk management culture in order to ensure that the material risks are both evident and effectively managed Identifying any concerning trends and challenging the business to address these Leading on defining the risk and control library, including minimum control standards, with input from Risk Owners, Business Service and Control Owners, specifying key risks and key controls Recommending RCA scoping for technology risk controls and challenge where this is not appropriately applied in the RCA Driving appropriate governance for technology risk across key stakeholders and senior control owners Reporting on risk and control profile, including impacts of external environment changes, emerging risks and changes to the business strategy Monitoring the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them Providing technical guidance to support development and completion of ORR and regulatory reporting obligations (e.g. RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.) Ensuring any concerns with key controls and material change programmes, relevant to technology risk, are understood and escalated as required Leading regulator and audit engagement pertaining to technology risk; ensure regulatory compliance for technology risk and timely completion of audit actions and findings Support training and capability uplift across ORR to ensure robust understanding of Technology risk. Requirements: Strong leader with the ability to influence at the senior levels of the organisation Expert level of technology risk management knowledge and relevant deep experience in this field Comprehensive knowledge of the internal control environment Ability to communicate effectively, building strong relationships and influence senior internal and external stakeholders Comprehensive knowledge of the external environment (threat, regulatory, geopolitical, competitor, technological landscapes) A change agent who challenges the status quo constructively and positively, leading relevant strategies that enable safe growth of the bank An advanced degree preferable in relevant discipline (e.g. Masters, Doctorate etc.) Location: Kraków The Client will consider candidates from France, Germany UK etc… to work remotely whilst we are in a Pandemic and probably 2 days a week in Krakow after that point. Salary will be in the range of Euros 75K – Euros 95K. Do send your CV to us in Word format along with your monthly salary either in Euros or PLZ.

Job Title: Security Manager Location: Barrow in Furness. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role Salary: £57,000 + depending on experience What you'll be doing: Specific responsibilities to leading Security Production Aliance Security implementation of SbD (secure by design), nuclear security regulation, identifying and resolving issues before they impact the Programme Lead the Defence Cyber Protection Partnership (DCPP) requirements of Submarine Production Alliance and suppliers through comprehensive assurance activities. Capture, report and manage cyber security risk including delivery of mitigations Maintaining the accreditation of Submarine Production core information systems Leading and/or supporting current and future business information compliance improvement initiatives including those around information framework change projects, records management, and file plan improvements. To include classified hard-copy file/document registration and protection Be the Submarine production Alliance Subject Matter Expert/advisor on business (core and non-core) information systems Security operating Procedures (SyOps), IT Security management Plans and cyber security instructions Lead on all Submarine Production information security/cyber security education and training whilst striving to achieve and maintain first-class security culture across the business Your skills and experiences: Essential: Expert in information security policy Relevant experience in information management Excellent communication and presentation skills (written and verbal) Good analytical and problem-solving skills Ability to keep things simple and remove complexity from projects Desirable CISSP or similar IT professional qualification Membership of a professional security body Experience in Defence organisations, industry or MOD Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Submarine Production Alliance Security Team (SPA) team: As an IM&T Manager you will be joining the team of 12 security professionals in the SPA Security Team. Collectively ensuring the capability and security of relevant platforms is not compromised before entry into service. On behalf of the Senior Risk Owner, ensure that programme security risk is managed to an acceptable level with appropriate, assured, control measures, that minimise programme impact. We offer relocation support packages across all Submarines roles, subject to meeting eligibility criteria. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks.

The current responsibilities of the role include: To manage, oversee, monitor and report on overall Cyber Security risk including the Defence Board level risk and lead on the creation of appropriate response plans. Drive cyber security transformation across Defence including partnership working with the new Defensive Cyber and EM Force. Provide cyber, information, crypt key security and digital resilience policy direction across Defence and monitor compliance including delivery of specialist assurance services. Define enterprise and solution cyber security architecture and act as the crypt key design authority. Ensure all of defence is cyber security aware and educated and set functional skills standards. Define Defence wide cyber resilience strategy and act as Portfolio owner for the defensive cyber security and crypt key programme portfolio. Provide expert guidance and assurance to Defence equipment programmes to ensure they are secure and resilient by design and assure compliance against Defence policies. Ensure MOD cyber security response is integrated with, and supportive of, other cyber domain activity in Defence and government. Lead implementation of Cyber Resilience strategy. Propose and set relevant cyber security policies and architecture standards. Own the defence end to end cyber risk process and assure the effectiveness of mitigations working across Defence. Create effective interventions when the risk profile exceeds tolerance and escalate. Assure capability programmes against relevant security and resilience standards to ensure mitigating threat and risk and being secure and resilient by design. Set the behavioural and cyber awareness expectations for Defence. Set the professional standards for cyber skills.

REQUIRED: CONTRACTS MANAGER - SC SECURITY CLEARED LOCATION: LONDON - 2-3 DAYS REQUIRED ONSITE, REST REMOTE DURATION: 6 MONTH INITIAL CONTRACT IR35 STATUS: INSIDE You will assist in maximizing value for all parties through a deep understanding of legal, business, and commercial risks. You will work closely with sales and delivery teams throughout the entire contract lifecycle, providing high-quality advice and support for negotiation, drafting, and ongoing management of client contracts. Reporting into the Contracts Manager Lead, you will be responsible for handling contracts including subcontracts in accordance with company policies, procedures, applicable laws, and client business requirements, while ensuring compliance throughout the contract lifecycle. You will oversee client contracts and portfolios, managing contract lifecycle activities, supporting sales growth, protecting revenue, improving margins, and ensuring compliance, identify risks and propose mitigation strategies. You will support sales activities, including responding to RFPs and participate in negotiations. You will draft various contractual documents (e.g. statement of work, change request etc) and ensure adherence to contract management processes and policies. You will be expected to collaborate with legal teams to address complex contract issues You should have at least five years of relevant contract management experience, have knowledge of public sector contracting and be security cleared. Due to the nature and urgency of this post, candidates holding or who have held high level security clearance in the past are most welcome to apply. Please note successful applicants will be required to be security cleared prior to appointment which can take up to a minimum 10 weeks. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Job Title: Project Security Support Officer Location: Glascoed Salary: Circa £43,649 dependent on skills and experiences What you'll be doing: Assuring correct implementation of security tasks and coordinating security services based on relevant policies, standards, procedures and best practice Assessing the adequacy of the security measures within the project to ensuring that policies and procedures are up-to-date and take account of developments Provision of subject matter expertise on personnel, physical and/or information security processes and procedures Providing security advice and guidance to the project internal and external stakeholders and making recommendations to improve security solutions for the work stream Building effective relationships and coordination with key local functions and business representatives Deputising for the Project Security Lead as required Conducting musters of sensitive information/assets Occasional travel to sites may be required which would include overnight stays Your skills and experiences: Essential: Proven experience in a security or comparable role Must be able to attend Glascoed site a minimum of 3 days per week, up to 5 depending on business needs Shared ability to be on call Due diligence and attention to detail Ability to work on own and as part of a team Ability to communicate, written and orally, across the business and customers Desirable Recognised security qualification from a reputable body Experience in conducting threat assessments Knowledge of Access Control Systems Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Special Projects team: You will be appointed to a newly established project team, assuming responsibility for the delivery of security within the programme. Reporting directly to the Project Security Officer, you will be accountable for providing guidance to the team, enforcing security compliance, and developing policy. Your responsibilities will include the day-to-day management of security processes, risk identification and mitigation processes and supporting the PSO in the development of security infrastructures. The position will be based at the BAE Systems Land UK site in Glascoed, Monmouthshire on a five-day working pattern within a hybrid-working environment with occasional travel to other customer, manufacturing and test and evaluation sites. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 18th November 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-JP1 #LI-Onsite

Information Security Architect / Manager Our Client is an International company with offices in Central London. They are looking to bring on-board an Information Security Architect / Manager with at least 5 to 8 years proven expertise within Information Security. The function of the position will be as follows: Assess the current environment against industry standards and trends. Implement robust security and control measures, in line with the global IT team Streamline current processes and execute changes for a secured and optimised technology and data landscape. Subject matter expert in application and network security, with operational experience of managing security operations, SIEM solutions, incident, and response management. Collaborate to develop the Infosec strategy and associated operating model. Conduct an in-depth security risk assessment across the technology stack and provide end-to-end mitigation steps for resilience. Working closely with key stakeholders to ensure compliance with security policies, and promotion of strong information security culture. Provide weekly governance, risk and compliance reports utilising key risk and key performance indicators and metrics. Skills/Competencies Required: Experience developing information security policy, process and procedure design and implementation. Excellent troubleshooting, problem solving, and root-cause analytical (RCA) skills. Good working knowledge of Cisco Meraki and associated technologies. Practical knowledge of Continual Service Improvement (CSI) methodologies. Vulnerability management and assessment. Intrusion detection and prevention analysis / frameworks. Solid exposure to cloud based applications security and provisioning. Experience in writing policy, process, and standard playbooks. Experience in SOC and SIEM platforms Excellent communications skills in framing and messaging issues of highly technical nature, into meaningful and relevant information for a varied audience. Excellent analytical skills, with an ability to manage multiple projects under tight guidelines. Experience with common Information security frameworks such as ISO, ITIL, and COBIT. Information security professional qualifications (CISMP, CISSM, SSCP, CAP..etc) ** Occasional travel to other sites may be required. This is 6 month contract assignment based in Central London. Rate will be circa £500 per day. Please do send your CV to us in Word format along with your daily rate and availability.

IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: Global Enterprise level Infrastructure Management position for the last 5 years, Global team management (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key - 3 party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge/experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £100K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

**4 days a week onsite in Leeds, Inside IR35** Your responsibilities: Security Leadership Strategy * Define and implement the company-s security strategy across AI, blockchain, and cloud environments. * Establish policies, standards, and governance frameworks aligned with industry best practices (ISO 27001, NIST, SOC2). * Lead incident response, risk assessment, and threat modeling programs. * Build and mentor a world-class security team. AI Data Security * Protect proprietary AI models, training data, and pipelines from data poisoning, model theft, or adversarial attacks. * Secure ML infrastructure across data collection, preprocessing, model training, and deployment. * Implement privacy-preserving techniques (eg, encryption, anonymization, federated learning). Crypto Blockchain Security * Oversee smart contract security audits, testing, and deployment pipelines. * Protect user assets across wallets, custody solutions, and crypto exchange mechanisms . * Monitor on-chain activity for suspicious behavior (rug pulls, flash loan attacks, etc). * Partner with external firms for protocol audits, bug bounty programs, and penetration testing . Infrastructure Application Security * Implement best practices in cloud security (AWS, GCP, Azure) , container security, and zero-trust networks. * Harden DevSecOps pipelines to ensure secure software delivery. * Work with engineering teams to integrate security by design into products. Compliance Risk Management * Ensure regulatory compliance with GDPR, SOC2, ISO, PCI-DSS, and crypto-specific frameworks . * Lead risk assessments for third-party vendors and service providers . * Collaborate with legal and compliance teams on KYC/AML security for crypto services. Your Profile Essential skills/knowledge/experience: * 15+ years of progressive experience in Information Security, with a significant focus (minimum 7-8 years) on Cybersecurity. * Proven track record in cybersecurity strategy, team leadership, and incident management. * Deep knowledge of blockchain protocols, smart contracts (Solidity, Rust), cryptography, and custody systems. * Strong expertise in cloud security, DevSecOps, and secure software development lifecycle (SSDLC). * Understanding of AI/ML systems security, including model attacks and data integrity risks. * Certifications preferred: CISSP, CISM, CISA, CEH, OSCP, CCSK, or blockchain security certs. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.