Find your next tech and IT Job or contract role.

Are you a proactive and hands-on Security Engineer looking for something beyond the "run-of-the-mill" SOC role? We're partnering with a market leading organisation to find a dynamic Security Engineer to join their close knit security function. This is a mostly remote position (95%+), but we're looking for someone who thrives in autonomy and enjoys solving problems before they become incidents. What's different about this role? This isn't a role where you'll sit back and triage tickets. You'll be working in close knit team, actively involved in developing security strategies, responding to threats and strengthening infrastructure. You'll also occasionally lend a hand across IT when needed - so a generalist IT background is helpful too. The environment is Microsoft-focused (Azure, M365, Defender), with Exabeam as the primary SIEM, and you'll play a key part in their journey toward Cyber Essentials Plus certification. The Role Investigate, respond to, and resolve security incidents Shape and improve SIEM monitoring and response using Exabeam Guide on Azure security controls: Entra ID, Defender, NSGs, Key Vault, etc. Harden infrastructure across Microsoft 365 and Endpoint environments Collaborate with System Admins, SOC Analysts, and Network Engineers Support compliance with upcoming Cyber Essentials certification Automate tasks with scripting (PowerShell, KQL, Python a plus) Help non-technical users understand and adopt secure practices What We're Looking For 5+ years in IT Security Engineering or a related technical field Proven hands-on experience with: Microsoft 365 & Azure Security (Defender, Entra ID, Conditional Access) Networking fundamentals (Cisco Meraki, VPNs, segmentation) SIEM (ideally Exabeam) Endpoint security and EDR/XDR Background in general IT or infrastructure support Excellent communication skills, patient and clear with non-IT users Proactive and self-starting mindset, someone who "gets on with it" Desirable Certifications: AZ-500, CISSP, CCSP, CISM Experience with compliance initiatives like Cyber Essentials Any coding/scripting ability (PowerShell/KQL/Python) Working Pattern Fully remote with occasional head office visits Flexible approach to working patterns in a family friendly culture Benefits Strong training and development support Friendly, collaborative IT team of 50 across Infrastructure, Dev & Ops The chance to help shape how a major UK organisation tackles cyber security At Gleeson Recruitment Group, we embrace inclusivity and welcome applicants of all backgrounds, experiences, and abilities. We are proud to be a disability confident employer. By applying you will be registered as a candidate with Gleeson Recruitment Limited. Our Privacy Policy is available on our website and explains how we will use your data.

AWS Security Engineer Our client is looking for an AWS Security Engineer. You will have indepth experience across AWS technology focusing on security to design implement and maintain scalable security solutions. Technology includes: AWS services, including AWS WAF, AWS Shield Advanced, AWS Secrets Manager, Amazon Inspector, Amazon Macie, Amazon GuardDuty, Amazon Detective, AWS CloudTrail, and AWS Security Hub. Responsibilities: • Develop and maintain Infrastructure as Code (IaC) using AWS CloudFormation or Terraform for automated deployment and configuration management. • Configure and optimize security measures, including IAM policies, network security groups, and encryption protocols. • Monitor security alerts and incidents using AWS security tools and respond to threats in real-time. • Perform regular security assessments and audits to ensure compliance with industry standards and best practices. • Collaborate with IT and development teams to integrate security services and maintain secure production environments. The role is for 2 months initially based from home with 1 -2 days per month on site in London. To be considered for the position please send your CV over. LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Our client is looking for a number of Security Engineers to join their team on a six month initial contract, working three days onsite in London and two days remotely. This role is Inside IR35. This role will involve Cyber Security Designs, Strategies, and Security Patterns, data security and compliance by implementing GCP, Azure security best practices. Managing IAM roles and permissions, GCP, Azure environments by implementing robust security controls, encryption, and access management policies Key Skills/Experince: Developing Engineering Guardrail Template Developing Engineering Pattern Template User acceptance testing templates Test and learn of templates Upload finished templates to GSRA SharePoint LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role: 5 x Security engineer Rate: Inside IR35 Location: 3 days a week onsite in London Duration: 6-months initially Role description: Cyber Security Designs, Strategies, and Security Patterns, data security and compliance by implementing GCP, Azure security best practices, managing IAM roles and permissions, GCP, Azure environments by implementing robust security controls, encryption, and access management policies Key responsibilities: Each team that owns a security control has been responsible for creating the format they use to guide the consumers of that control 1.Engineering Guardrails that help security control users identify the strategic solution to meet their use case and map to the appropriate engineering pattern a. Depending on the type of security control, the security control users would know the use case they need to meet, the technology they are using, and the environment it's needed it. 2.Engineering Patterns tell the security control users how to use the required control on the technology/platform they are using and for each environment/datacentre. Many of the engineering patterns will be the same regardless of the technology/platform or environment/datacentre. But when those variables do impact HOW a user onboards a given security control, patterns specific to their overall use case is required. Each technology that is used to meet security use cases will have engineering patterns documented. Engineering patterns will be mapped to an engineering guardrail There will be an engineering pattern for each variation that is needed to meet known use cases. Contractor will work with relevant Product Owner and Engineering Leads to identify each unique use case that requires an engineering pattern Contractor will work with feature team's engineers to populate the engineering pattern for each unique use case Initial engineering patterns will go through user acceptance testing to ensure the intended audience is able to use the document as expected LBG GSRA and AccSec Teams will work with contractor to ensure proper governance is achieved for each engineering pattern The maintenance review cycle will be initiated from the date the document completed governance assurance. Completed engineering pattern will be added to applicable engineering guardrail and published in the Group Security Reference Architecture Key skills/knowledge/experience: • Both the Engineering Guardrails and the Engineering Patterns are needed for most, if not all, CSO controlled security technologies. The Accelerated Security Workstream and Group • Security Reference Architecture team will work with the contractor to prioritise the order the technologies are documented • Developing Engineering Guardrail Template • Developing Engineering Pattern Template • User acceptance testing templates • Test and learn of templates • Upload finished templates to GSRA SharePoint Person specification: I.e., negotiating, client facing, communication, assertive, team leading/team member skills, supportive. Excellent communication skills is a must and should be willing to stretch to fulfill any complex customer requirements. Must be proactive in guiding and helping the customer in their decision-making process LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Role: Network & Security Engineer Rate: Inside IR35 Location: Full time onsite in Harmondsworth, West Drayton Duration: 6-months initially The Role We are looking for Network L2 and L3 admins for one of the major airlines in the UK. This role is customer-facing and requires strong technical hands-on and good communication skills as outlined below. Your responsibilities: • Candidates should have a strong working knowledge of OSI layers 1-7, with the ability to apply analytical and troubleshooting skill sets to solve complex problems across all networking disciplines • Monitor the performance and capability of the network using diversified tools. Identify the malfunctioning of hardware, software, and alerts events. • Triage or troubleshoot the issues & incident, within the defined areas. Follow Standard Operating Manuals and coordinate with third party vendors, customer contacts, or other IT teams to implement solutions and resolutions. • Develop strong relationships with the customer and all other support departments. • Experience in supporting the Cisco WLAN Controllers, SSID and Access Points • Experience on Implementing and troubleshooting Firewalls Security, VPN's, NAT policy, Software Patch management • Configuring and troubleshooting routing & switching protocols: Set up and troubleshoot protocols like OSPF, BGP, EIGRP, VLANs, STPs, VRF, MC-LAG, FHRP, DMVPN, NAT Policy. • Solid understanding of LAN, WAN and SDWAN concepts (including wireless LAN) with experience in supporting enterprise class routers, switches in a global and enterprise network environment. • Experience on Implementing and troubleshooting Internal and External DNS, IPAM, DHCP for IP management. • Experience in Implementing and troubleshooting F5 LTM administration, SSL Certificate renewal, iRules creation, Software Upgrade & Patching • Proactive Analysis: Review and analyze the DATA from Network Monitoring Tools to identify the best course of action to avert potential crises. • Test & Implement software patches & firmware for the network & security devices • Vendor or Supplier coordination, Problem-solving skills and ability to meet reasonable deadlines. • Major / High Severity Incidents management & Problem, Vendor Management Your Profile Essential skills/knowledge/experience: • Routing & Switching (Cisco/Juniper - OEM's) - DC • DC-Core Network Protocol BGP/OSPF concepts • Checkpoint Firewall - Network Security & VPN concepts • Cisco Wireless & SD WAN concepts • F5 LTM • DNS/DHCP, IPAM • CCNP, CCSA, F5 Certificate • Good to Have • Cisco Meraki • AWS Networking, • Cisco ISE & Security • NMS: BIG IQ, SolarWinds, CA Spectrum, Thousand eyes, NetBrain, Firewall Monitoring Tools (Checkpoint) Desirable skills/knowledge/experience: • Client facing role so looking for the candidates with good communication, managing high pressure environments and negotiation skills LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Who we are 🩵 We're the people behind the global loyalty currency, Avios, and home to three ambitious, growing businesses; IAG Loyalty, British Airways Holidays and The Wine Flyer . Each business has its own goals and strategy, but collectively we create brilliant experiences for our global customers. We're on a truly exciting journey of growth and transformation - we're going places! This is where you come in. The Opportunity IAG Loyalty is fast becoming a Platform as a Service business. As a result, we are looking for a highly capable individual to join our security team. The candidate will have a strong technical background and experience in implementing best practice security controls within cloud and DevOps. They will be comfortable working in a cloud-native environment where high rates of technology change are the norm. We are looking for someone who can lead the delivery of a number of our security engineering objectives, be responsible for the effective operation of the tools that help keep our organisation secure and manage a small team of security engineer. This role is based out of our London office. We call our approach to hybrid working The Blend - it's about giving you the flexibility to choose where you do your best work, while staying connected with your team and the wider business. This means you will be required to spend at least two days per week in the office, with the rest of the time working from home. You may also be required to work from one of our other office or partner locations, based on your role and 'to do' list. What you'll be doing 🌠 You will lead the Platform Security practice within our security team, driving key initiatives to enhance the security of our cloud platform and software development lifecycle. This involves coordinating and contributing to continuous security improvements, developing secure-by-default patterns for engineering teams, and maintaining critical security tools such as CSPM and CNAPP. In addition, you'll write scripts and build automation tools to streamline security activities, work cross-functionally to ensure effective monitoring and incident response, and collaborate closely with product teams to provide guidance and encourage adoption of security best practices. You'll also take part in an on-call rotation to support timely and effective incident response when needed. What we're looking for 💡 Cloud engineering experience with security tooling and cloud workload protection Skilled in DevOps, AWS, Infrastructure as Code (Terraform), and scripting (Python, Bash) Knowledge of secure engineering standards (OWASP, CIS, NIST) and Agile/DevOps practices Experienced with CSPM, CNAPP, security incident response, and SIEM tools Ability to evaluate and recommend new security technologies Clear communicator focused on enhancing developer experience Calm, evidence-based decision-making under pressure Entrepreneurial, goal-oriented, and innovative Comfortable sharing best practices across the organisation We might not be right for you if: You only want to focus on your to-do list; were a small, high-performing team, we help each other to succeed. You value perfection over fast iteration and progress; IAG Loyalty moves fast, we learn and iterate as we go; our environment isnt right for everyone. Youre looking to create but not build; this is an end-to-end role, you need to be comfortable owning your space, from ideation through to delivery and review. If you think you have what it takes but don't meet every single point above, please do still apply. We'd love to chat and see if you could be a great fit. Equity, Diversity and Inclusion at IAG Loyalty Our vision, 'to create the world's most rewarding experiences,' applies not only to our customers but for our colleagues too. It's about taking belonging seriously, actively fostering a culture where everyone feels welcomed and valued by embracing diverse identities, personal histories, and perspectives. This commitment makes IAG Loyalty a rewarding place to work and enhances our ability to solve complex problems, drive innovation, and better serve our customers and communities. Please let us know if we can make any reasonable adjustments to support your interview process with us.

Who we are 🩵 We're the people behind the global loyalty currency, Avios, and home to three ambitious, growing businesses; IAG Loyalty, British Airways Holidays and The Wine Flyer . Each business has its own goals and strategy, but collectively we create brilliant experiences for our global customers. We're on a truly exciting journey of growth and transformation - we're going places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep interest in application and API security. You thrive on collaboration, enjoy helping others grow, and see security as an enabler - not a blocker. You'll be an AppSec advocate who supports our engineers in identifying and addressing security issues across the software development lifecycle. You'll be part of a small, dynamic team within the Product department that drives IAG Loyalty's digital transformation, technology strategy, and product direction. Our cloud-native platform powers the Avios currency and the digital experiences used by millions of loyalty members. This is a great opportunity to work with cutting-edge technology in a fast-paced, agile environment. This role is based out of our London office. We call our approach to hybrid working The Blend - it's about giving you the flexibility to choose where you do your best work, while staying connected with your team and the wider business. This means you will be required to spend at least two days per week in the office, with the rest of the time working from home. You may also be required to work from one of our other office or partner locations, based on your role and 'to do' list. What you'll be doing 🌠 As a Senior Application Security Engineer, you'll lead the application security practice within the IAG Loyalty security team, taking responsibility for key security KPIs in this area. You'll champion secure software development by working closely with engineers and product teams, embedding security practices into our engineering culture. You'll provide training, offer expert advice, and drive awareness of security from the earliest stages of design through to deployment. You'll help integrate automated security tooling and checks into our CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering teams with practical mitigations, and contribute to documentation that strengthens our internal standards and processes. Maintaining a strong security culture will be a key focus, and you'll also support internal and external audits where needed. What we're looking for 💡 Experience in software engineering, with a strong security mindset Deep understanding of web and API vulnerabilities, including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers and promotes secure-by-default practices We might not be right for you if: You only want to focus on your to-do list; were a small, high-performing team, we help each other to succeed. You value perfection over fast iteration and progress; IAG Loyalty moves fast, we learn and iterate as we go; our environment isnt right for everyone. Youre looking to create but not build; this is an end-to-end role, you need to be comfortable owning your space, from ideation through to delivery and review. If you think you have what it takes but don't meet every single point above, please do still apply. We'd love to chat and see if you could be a great fit. Equity, Diversity and Inclusion at IAG Loyalty Our vision, 'to create the world's most rewarding experiences,' applies not only to our customers but for our colleagues too. It's about taking belonging seriously, actively fostering a culture where everyone feels welcomed and valued by embracing diverse identities, personal histories, and perspectives. This commitment makes IAG Loyalty a rewarding place to work and enhances our ability to solve complex problems, drive innovation, and better serve our customers and communities. Please let us know if we can make any reasonable adjustments to support your interview process with us.

This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Senior Test Engineer (Non-Functional Security) with great technical skills, able to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will also offer guidance to other testers on security testing best practices. You will be part of our non-functional testing specialist team, working collaboratively with your team and overseeing the testing journey. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Senior Test Engineer focusing on security you will; Working within a delivery team, youll contribute to the coordination and execution of security testing across the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues. Support the wider test team by sharing knowledge and guidance on security testing approaches and tooling. Attend meetings and provide stakeholders with updates. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following, which will be assessed at sift, technical stage and interview. Experience in Security testing. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, OR currently working towards this OR have proven working experience. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web app vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, analysing logs, and running manual tests. AWS (or similar cloud provider) - with a focus on IAM, S3 access, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Git or other version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling approaches - e.g. STRIDE, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each risk category. Benefits Alongside your salary of £40,398, Companies House contributes £11,703 towards you being a member of the Civil Service Defined Benefit Pension scheme. We offer an excellent benefits package that includes: a generous 30 days annual leave plus 8 bank holidays and 1 privilege day enrolment into the Civil Service Pension Scheme with a contribution rate of averaging 28% a range of recognition schemes including instant awards to thank and recognise each others efforts and contributions strong ethos of equality, diversity and inclusion great work life balance with flexible and mobile working available for many roles a pro-active approach to employee wellbeing that allows our employees to flourish and be their best at work and has enabled us to become an Investors In People platinum accredited employer online financial support and advice seasonal flu jabs generous maternity, paternity, adoption and shared parental leave allowances a focus on career development and progression a number of inclusive network groups to support our colleagues and a great sports and social society cycle to work scheme staff discount scheme holiday play scheme for children 3 days paid volunteering leave Next Steps Click 'Apply Now' to be taken to our main advert Civil Service Jobs where you can see more details regarding the role, the incredible benefits we have to offer and what it's like to work in Companies House. If you have any questions about the role or process, please reach out to . This role closes on 20 July 2025.

This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager, you will provide advice, coaching and mentoring to testers on non-functional testing subjects such as security testing. Attend meetings and provide stakeholders with updates. Design and execute manual and automated security test cases using standard testing techniques. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following experience, which will be assessed at sift and at interview. Proven experience of coaching and mentoring direct reports. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, or evidence that you are working towards this or have proven working experience. Experience of non-functional testing practices with a strong focus on Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, scripting, and log analysis. AWS (or similar cloud provider) - with a focus on IAM, S3 access controls, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. Benefits Alongside your salary of £41,571, Companies House contributes £12,043 towards you being a member of the Civil Service Defined Benefit Pension scheme. We offer an excellent benefits package that includes: a generous 30 days annual leave plus 8 bank holidays and 1 privilege day enrolment into the Civil Service Pension Scheme with a contribution rate of averaging 28% a range of recognition schemes including instant awards to thank and recognise each others efforts and contributions strong ethos of equality, diversity and inclusion great work life balance with flexible and mobile working available for many roles a pro-active approach to employee wellbeing that allows our employees to flourish and be their best at work and has enabled us to become an Investors In People platinum accredited employer online financial support and advice seasonal flu jabs generous maternity, paternity, adoption and shared parental leave allowances a focus on career development and progression a number of inclusive network groups to support our colleagues and a great sports and social society cycle to work scheme staff discount scheme holiday play scheme for children 3 days paid volunteering leave Next Steps Click 'Apply Now' to be taken to our main advert Civil Service Jobs where you can see more details regarding the role, the incredible benefits we have to offer and what it's like to work in Companies House. If you have any questions about the role or process, please reach out to . This role closes on 20 July 2025.

Data Engineer (Security Clearance) Position Description The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. We are seeking an experienced and innovative Data Engineer to lead the design and development of a greenfield microservices-based cloud solution using cutting-edge technologies. This role will involve hands-on Data engineering and design, and fostering a collaborative environment using Agile methodologies (Scrum/ SaFE). The ideal candidate will have strong experience with AWS, microservices architecture, and message-driven principles, with a focus on open-source technologies. Your future duties and responsibilities • Integrate with the clients Analytics Platform services in AWS. • Lead the data development of scalable, distributed systems using Apache Kafka (Confluent), Tableau, and the ELK stack. • Security Best Practices: Understanding of secure by design principles, including OAuth2.0, OIDC, IAM. • Implement and enforce best practices for REST APIs and message-driven architecture. • Ensure solutions comply with ArchiMate standards, as required by the customer's design documents. • Work within a multi-functional team to create secure, efficient, and maintainable software. • Introduce new technologies and solutions to improve overall system design and development processes. • Utilize xAPI standards for learning-related data exchange when applicable. • Drive Agile development practices (Scrum, SAFe) and continuously improve development processes. Required qualifications to be successful in this role • AWS: Extensive experience with AWS cloud services (e.g., EC2, RDS, IAM, S3, Lambda). • Message-Driven Architecture: Experience with Apache Kafka (Confluent) and event-driven systems. • REST API Development: Expertise in developing secure, scalable, and maintainable APIs. • ELK Stack: Practical experience with Elasticsearch, Logstash, and Kibana for monitoring and log management. • ArchiMate Standards: Knowledge of ArchiMate for documenting and designing enterprise architecture. • Agile (Scrum, SAFe): Experience in Agile methodologies for software development and delivery. • xAPI Standards: Understanding of Experience API (xAPI) for learning-related data exchange. • Jira & Confluence • Good communication skills • Willingness to learn continuously and actively grow your career • Understanding of industry standards and best practice • Experience of development using open-source technologies • Scrum writing user stories and acceptance criteria. Desirable Skills • Azure: Knowledge of Azure cloud services is a plus. • Government Digital Standards (GDS) • CI/CD and DevOps: Familiarity with continuous integration and deployment pipelines. #LI-JS2 Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because... You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

C# Software Engineer (Security Clearance) Position Description The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This position will be a hybrid position, working out of our site in Leatherhead or Reading. Your future duties and responsibilities Our system is a mix of hosted and remote-deployed environments across various sites worldwide. We are transitioning to a new platform built on Azure local with Windows Server 2016, 2022 and Microsoft SQL Server 2022, supporting bespoke COTS medical software and infrastructure. Our client now wants to integrate some new (separate) capabilities with our existing platforms and services. This will require the update and improvement to a series of API interfaces to allow the client to operate an ecosystem of medical capabilities. As a C# Developer, you will play a critical role in updating our current systems and APIs to allow the movement of data between our systems and the new client systems. You will work within a DevOps environment to uplift existing software, develop new modules, and support tightly integrated COTS and infrastructure components including Microsoft Office, Adobe Reader, and peripheral hardware like printers and scanners. You will contribute to system improvement while ensuring all changes align with Quality of Service and SLA expectations. Your input into process optimisation, testing, and system configuration will be highly valued. Key Responsibilities: • Uplift and enhance the legacy medical software (including APIs) to align with modern standards. • Develop new features/modules where required to support operational requirements. • Ensure all code is placed under version control and adheres to best practices. • Write and execute unit tests; collaborate with QA to refine system testing. • Support build, configuration, and deployment of operating system images. • Collaborate with infrastructure and support teams to address system-wide enhancements. Required qualifications to be successful in this role • Strong background in C# development with Visual Studio 2019 and git. • Hands-on experience with Windows Server 2016 and above environments. • Solid experience working with Microsoft SQL Server 2017 and above. • Familiarity with COTS integration, especially Microsoft Office 2016 and Adobe products. • Configuration control experience using SVN or similar tools. • Ability to understand and navigate complex, safety-critical systems. • Exposure to Agile (SAFe) methodologies and DevOps practices. Desirable Experience: • Operating system and application security hardening techniques. • Active Directory and Group Policy Object (GPO) configuration. • Security and compliance tooling such as Nessus. • Knowledge of UPS systems and their interaction with Windows. • Experience building and deploying custom OS images (ISOs). • Familiarity with Bugzilla for issue tracking and management. • Exposure to Ansible, Jenkins and RunDeck • Exposure to Microsoft COM/COM+ based technologies #LI-SB2 Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because... You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

Infrastructure Support Engineer (Security Clearance) Position Description The Space, Defence and Intelligence business unit in CGI is a true IT Systems Integrator. We work, build, and operate bespoke, technically complex, mission-critical systems which help our clients keep us all safe and secure. We bring innovation to our clients using proven and emerging technologies, agile delivery processes and our deep expertise across the breadth of space, defence, intelligence, aerospace and maritime, all underpinned by our end-to-end cyber capability. We work collaboratively with global technology companies, cutting edge SMEs and academia to deliver the optimal solution for each client. CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named one of the 'World's Best Employers' by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go. Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This position will be based on site near Chippenham. Your future duties and responsibilities We are looking for a talented and motivated Infrastructure Support Engineer to join our team. This role involves providing hands-on support for critical infrastructure systems, ensuring their reliability and security. You will work with cutting-edge technologies and participate in an on-call rota to support business-critical systems 24/7. Key Responsibilities: -Provide technical support for VMware platform, Tanzu, Dell VxRail, and Dell Data Domain. -Troubleshoot key management systems like HashiCorp Vault and Thales HSM. -Support privileged access management solutions (BeyondTrust) and SSO systems (KeyCloak). -Have a foundational knowledge of network principles. System Maintenance: -Administer and maintain Windows Server 2022 and Hyper-V. -Monitor system performance and conduct routine maintenance. -Contribute to disaster recovery and business continuity strategies. Collaboration & Documentation: -Work with senior engineers and cross-functional teams to enhance infrastructure. -Maintain thorough documentation for systems, configurations, and processes. On-Call Support: -Participate in an on-call rota to resolve critical incidents outside of business hours. Required qualifications to be successful in this role Required Competencies: -Experience in Defence or a highly regulated environment. -Infrastructure or support engineering experience. -Relevant certifications or a willingness to pursue them (VMware, Microsoft, Security). -Strong communication and teamwork skills. -Familiarity with Hyper-converged Infrastructure. Desired Competencies: -Understanding of cross-domain technologies (Tiger Traps, Garrison, OpsWat, NiFi). -Exposure to DevOps tools (GitLab, Harbor, FluxCD, Kubernetes). -Familiarity with Elastic for monitoring and analytics. This is an exciting opportunity to work with advanced infrastructure technologies in a dynamic environment. If you have a passion for supporting and optimising critical IT systems, we'd love to hear from you! #LI-SB2 Together, as owners, let's turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because... You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.

Location Remote working (anywhere in the UK) About the job Job summary This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Senior Test Engineer (Non-Functional Security) with great technical skills, able to deliver and support security testing workstreams, including vulnerability assessments and penetration testing. You will also offer guidance to other testers on security testing best practices. You will be part of our non-functional testing specialist team, working collaboratively with your team and overseeing the testing journey. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Senior Test Engineer focusing on security you will; Working within a delivery team, youll contribute to the coordination and execution of security testing across the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, testing security related issues.?? Support the wider test team by sharing knowledge and guidance on security testing approaches and tooling.???? Attend meetings and provide stakeholders with updates.?? Design and implement pipeline solutions to support automated security testing and reporting.? For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following, which will be assessed at sift, technical stage and interview. Experience in Security testing. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing,?OR currently working towards this OR have proven working experience.??? Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web app vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, analysing logs, and running manual tests. AWS (or similar cloud provider) - with a focus on IAM, S3 access, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Git or other version control systems - for secure code handling and integration with security scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling approaches - e.g. STRIDE, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each risk category. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Technical skills We'll assess you against these technical skills during the selection process: Penetration testing / ethical hacking

Location Remote working (anywhere in the UK) About the job Job summary This is an exciting opportunity in the Digital Services team! You'll be joining our team at a time of transformation, and you will be part of shaping the future of our department. We use Agile Methodologies and promote a culture of continuous improvement. We are looking for an enthusiastic Lead Test Engineer (Security) with great technical skills able to coach and mentor other testers and lead the non-functional testing workstream focused on Security testing. You will be part of our lead tester group, working collaboratively with your team and overseeing the testing journey with management responsibilities. This provides an opportunity to make the test community thrive by exploring new and emerging tools and approaches and working out how you can help the organisation deliver better services. This is a rewarding role within the Test Team and provides an opportunity to contribute to the success of existing and future services provided by Companies House. Companies House offers a flexible and welcoming culture that promotes a healthy work life balance as well as a proactive approach to wellbeing that allows us to be our best at work. We recognise that people are the key to our success so offer a fantastic benefits package including flexible working with no core hours, 30 days annual leave, 8 bank holidays and 1 privilege day as well as enrolment into the Civil Service Pension scheme with a contribution rate averaging 28%. We're able to consider both full-time and part-time working patterns for this opportunity. For part-time, this must be a minimum of 30 hours per week, over 4 or 5 days. Please note - Companies House cannot offer Visa sponsorship to candidates through this campaign. Additionally, a Security Check (SC) is an essential requirement for this role (at least 3 out of the last 5 years in the UK). Please see 'Things you need to know' section below for more information. Job description As a Lead Test Engineer focusing on security, you will: Take ownership of security testing within the software development lifecycle. This will involve running vulnerability scans using tools such as Burp, coordinating with relevant teams, and testing security-related issues. As a manager, you will provide advice, coaching and mentoring to testers on non-functional testing subjects such as security testing. Attend meetings and provide stakeholders with updates. Design and execute manual and automated security test cases using standard testing techniques. Design and implement pipeline solutions to support automated security testing and reporting. For more information on the Test Engineering profession and skills expected of a Lead, head over to the . Person specification We are looking for the following experience, which will be assessed at sift and at interview. Proven experience of coaching and mentoring direct reports. A relevant certification in ethical hacking or penetration testing, such as such as 7Safe CSTA or GIAC Penetration testing, or evidence that you are working towards this or have proven working experience. Experience of non-functional testing practices with a strong focus on Security Testing. Working knowledge of at least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2 / OpenID Connect - for testing secure authentication and access control scenarios. Jenkins or Concourse - for integrating security testing into CI/CD pipelines. Unix/Linux-based systems - for using command-line tools, scripting, and log analysis. AWS (or similar cloud provider) - with a focus on IAM, S3 access controls, and common misconfiguration risks. SQL / MongoDB / Oracle - for testing injection flaws, access controls, and data sanitisation. Karate DSL or Rest Assured - for automating security-focused API tests. Version control systems (e.g. Git) - for secure code handling and integration with secrets scanners. Static Application Security Testing (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. Dynamic Application Security Testing (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Secrets detection tools - e.g. GitLeaks, truffleHog, detect-secrets. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with the OWASP Top 10 - and how to test for each category. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Leadership We only ask for evidence of these behaviours on your application form: Leadership Technical skills We'll assess you against these technical skills during the selection process: Penetration testing / ethical hacking