Find your next tech and IT Job or contract role.

Job Title: Security Risk Lead Salary: £53,300 - £71,300 Location: Cambridge/Hybrid with 2 days a week minimum in the office Contract: Permanent Join our organisation as a Security Risk Lead. Utilise your expertise and drive to safeguard operations in this impactful role. We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge. About the role The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework. Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights, reports Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation. Implement controls to mitigate risks and ensure effective execution. Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management. Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements. Monitor industry trends and best practices. Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions. Provide risk management training and develop a risk-aware culture. Support the development of security risk policies and frameworks. Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects. Represent the organisation in industry forums.

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,500 people across our London, Southampton, Cardiff and Manchester offices. Reporting to the Head of Starling Banking Services as our Risk and Compliance Manager, you will own and manage approach and day to day activity to ensure SBS is complying with all applicable legal and regulatory obligations from a policy and operational point of view. You will lead a small team to ensure SBS financial crime and compliance policy aligns with Bank policy and our operational activities are carried out in a timely manner. This role covers financial crime including transaction monitoring, sanctions screening and fraud monitoring as well as some operational risks and compliance activity. Key Responsibilities Include: Act as the leader of the Risk and Compliance function within SBS, ensuring SBS policy fits in with Bank policy and all operational activities are carried out in a timely and compliant manner. Reporting of relevant compliance and financial crime MI to senior management and stakeholders Setting best practice in relation to transaction monitoring, sanction screening and compliance within the team and ensuring these steps are carried out by the team Representing SBS at relevant internal risk and economic crime committees Working with 2LOD to ensure best practices are being considered within the SBS team Carrying out initial and ongoing onboarding of new SBS clients Acting as a point of escalation for sales and account management colleagues on compliance matters relating to the live and prospective clients Own the RCSA process for SBS in conjunction with senior management

The current responsibilities of the role include: To manage, oversee, monitor and report on overall Cyber Security risk including the Defence Board level risk and lead on the creation of appropriate response plans. Drive cyber security transformation across Defence including partnership working with the new Defensive Cyber and EM Force. Provide cyber, information, crypt key security and digital resilience policy direction across Defence and monitor compliance including delivery of specialist assurance services. Define enterprise and solution cyber security architecture and act as the crypt key design authority. Ensure all of defence is cyber security aware and educated and set functional skills standards. Define Defence wide cyber resilience strategy and act as Portfolio owner for the defensive cyber security and crypt key programme portfolio. Provide expert guidance and assurance to Defence equipment programmes to ensure they are secure and resilient by design and assure compliance against Defence policies. Ensure MOD cyber security response is integrated with, and supportive of, other cyber domain activity in Defence and government. Lead implementation of Cyber Resilience strategy. Propose and set relevant cyber security policies and architecture standards. Own the defence end to end cyber risk process and assure the effectiveness of mitigations working across Defence. Create effective interventions when the risk profile exceeds tolerance and escalate. Assure capability programmes against relevant security and resilience standards to ensure mitigating threat and risk and being secure and resilient by design. Set the behavioural and cyber awareness expectations for Defence. Set the professional standards for cyber skills.

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the Security Risk Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The Security Risk Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the Security Risk Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Job Title: Cyber Security Assurance Practitioner Location: Preston. We offer a range of hybrid and flexible working arrangements - please speak to your recruiter about the options for this particular role. Salary: Circa £39,000 dependent on experience What you'll be doing: Conduct Cyber Security risk assessment of systems and services Deliver documentation to demonstrate compliance to internal and external stakeholders. Conduct assessment and provision of control effectiveness in managing information security risk Perform health checks of controls and their effectiveness aligned with NIST (DFARS), DEFCON and HMG Secure by Design requirements to highlight key issues Support and implement service improvement for the assurance function Work with EIT Business Operation Teams to ensure findings/recommendations stemming from Operational Assurance are highlighted, tracked, and remediated Your skills and experiences: Educated to degree level (or equivalent) preferably in a related technical discipline Understanding of cyber security technologies, their implementation and secure configuration CompTIA (A+, Network+, Security+)/ NSCP Practitioner /CCSK/ISO27001 Practitioner (Lead Auditor etc.), CISM-P Cyber Security qualification - Desirable one or more certifications Capable of a high standard of written communication including experience of writing complex reports and giving formal presentations to senior business peers Ability to work autonomously and manage workload and priorities based on demand from multiple projects. Good team working ethic and strives to meet personal and team objectives Benefits: As well as a competitive pension scheme, BAE Systems also offers employee share plans, an extensive range of flexible discounted health, wellbeing and lifestyle benefits, including a green car scheme, private health plans and shopping discounts - you may also be eligible for an annual incentive. The Cyber Security Assurance team: The Cyber Security Assurance Team with Shared Services are part of Enterprise IT (EIT) with responsibility for assuring all enterprise managed systems and services, spanning UK/RoW. The team ensure systems / services are built and configured in-line with applicable Cyber Security Standards. Why BAE Systems? This is a place where you'll be able to make a real difference. You'll be part of an inclusive culture that values diversity of thought, rewards integrity, and merit, and where you'll be empowered to fulfil your potential. We welcome people from all backgrounds and want to make sure that our recruitment processes are as inclusive as possible. If you have a disability or health condition (for example dyslexia, autism, an anxiety disorder etc.) that may affect your performance in certain assessment types, please speak to your recruiter about potential reasonable adjustments. Please be aware that many roles at BAE Systems are subject to both security and export control restrictions. These restrictions mean that factors such as your nationality, any nationalities you may have previously held, and your place of birth can restrict the roles you are eligible to perform within the organisation. All applicants must as a minimum achieve Baseline Personnel Security Standard. Many roles also require higher levels of National Security Vetting where applicants must typically have 5 to 10 years of continuous residency in the UK depending on the vetting level required for the role, to allow for meaningful security vetting checks. Closing Date: 2nd October 2025 We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible. #LI-SH1 #LI-Hybrid

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,500 people across our London, Southampton, Cardiff and Manchester offices. We're looking for a strategic leader to join our Customer & Banking team as the solution owner for our payments capabilities. In this pivotal role, you'll take full ownership of our key payment services, including FPS, BACS, CHAPS, and cheques, ensuring regulatory compliance, operational excellence, and outstanding customer outcomes. You'll steer the end to end journey for payments, define strategy, and lead on regulatory engagement, particulary around important Business Services (IBS). If you're passionate about shaping the future of payments in a fast-moving environment, this is your chance to make a real impact. Key Responsibilities Include: Payments ownership Act as the central owner for our payment services, in particular our Important Business Services (IBS) Help design and implement the Bank's payment strategy. Continually evaluate the regulatory and competitive landscapes to understand where potential risks / challenges are, as well as where the key opportunities for growth and development are. Ensure all payment journeys are mapped end to end, including system and manual risks and controls. Alongside the MD, define the payment limits and configurations for our key services, balancing our customers' needs for security, convenience and inclusivity Alongside the COO team, work with the Bank's Payment and Reconciliation Operations team to ensure that regulatory expectations are met and that we are delivering good outcomes for customers. Agree, set and manage SLAs for the COO payments operations team Represent Starling at key industry events and forums. Risk and control Lead on risk identification and regulatory mapping, ensuring that payment RCSAs are effectively maintained. Ongoing oversight of payment control effectiveness. Ensure that all payment incidents which arise are managed in a timely and effective manner, consistent with regulatory expectations Own and react to operational reporting, covering Transaction Processing KRIs and MI. Maintain live view of current and future regulatory

Main duties consist of but are not limited to: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT. Manage the security architecture compliance roadmap, ensuring activities are organised and planned in with relevant teams in an efficient manner, ensuring it aligns closely with the IPO Secure Team’s strategic direction and any recommendations from audits. Continuously keep up to date with changing compliance legislation and initiatives to assess new opportunities for educating colleagues on relevant security standards. Recommend security controls and identify security solutions that support business objectives. Provide expert security guidance and direction during the design, implementation and use phases of systems, applications and infrastructure. Provide specialist advice and recommendations regarding approaches and technologies across teams and various stakeholders, assessing the risk associated with proposed changes. Inspire and influence others to execute security principles, communicating widely with other stakeholders. Support the GovAssure process by coordinating the collection of evidence, and the submission of GovAssure returns to Cabinet Office. Assist, where necessary, with incident response processes to identify architectural issues and solutions. Proactively engage with internal and external partners, stakeholders and peers to develop your knowledge and inform your decisions. You will be expected to carry out any other duties that may reasonably be required in line with your main duties.

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the GRC Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The GRC Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the GRC Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Technology Planning and Governance Manager Be responsible for the ongoing development and maintenance of the technology alignment roadmap for Corporate working closely with senior stakeholders, systems owners and 3 parties to deliver innovation. Lead day-to-day support and management of the core business Applications Portfolio lifecycle including but not limited to Finance, Legal, Property, Pensions, Treasury, HR, Business Development, Payroll and our Corporate Intranet ensuring that delivery of change is fit for purpose, of high quality, reliable and secure. Role Responsibilities Drive customer-centricity and stakeholder engagement, work closely with Corp functions to align application roadmaps with the combined Corp IT / SSC annual technology plans and dependencies. Work with senior stakeholders to build, document and map business capability to solution architecture across the Corp. Take ownership and develop a technology roadmap that meets the application requirements of the Corp to support the wider Company businesses. Evaluate the potential impacts of application workloads moving to cloud, notwithstanding the threats and opportunities for Corp functions. Shape, create and present business cases for high level initiatives, seek approval, funding and prioritisation with senior stakeholders. Understand the capital allocation requirement across the Corp functions plus the overall impact of application change on the operational expenditure budget. Align technology roadmaps and annual budget planning, use as the foundation for reporting on the state of the Corp Application portfolio. Provide technical leadership for Corp initiatives engaging across the Company where corporate applications service the wider businesses. Solve complex business problems with process and technology that cut across Corp group such as Identity and Access Management. Document and review IT standards, procedures and policies to ensure compliance with legal and regulatory requirements. Liaise with internal and external audit teams. Develop and adapt innovation tools and processes to drive operational excellence within Corp IT. Establish and maintain a consistent and integrated approach to information security and data protection governance in line with audit requirements. Create alignment on how to utilise governance forums such as User Experience and Architecture to improve services delivered to Corp functions. Manage solution architects, contractors, 3 Parties and business analyst in the future. Experience Required Significant and relevant progressive IT experience Experience of being in a practical solution planning and technical architecture design role is essential e.g. SaaS, Identity and Access Management Good understanding of emerging and innovative technologies, how to shape, deliver and leverage those technologies Experience of architecture business capability mapping, data management governance, technology roadmaps and project delivery lifecycle processes. Experience of ensuring compliance between corporate business application roadmaps and IT roadmaps. Experience of working within an ITIL service management environment with strong knowledge of business systems or applications within a corporate environment. Ability to deal with and manage conflicts whilst building successful business relationships across a range of stakeholder groups both internal and external to the organisation. Proven leadership skills, setting objectives and ensuring delivery of services to target Proven contract management, supplier management, procurement, and vendor selection experience Experience of systems such as Microsoft Office 365, Dynamics 365, SAP Success Factors, Treasury Openlink Findur, CMS, BACs Payment Platforms, Microsoft Power BI, Integration/ETL, Azure Active Directory Single Sign On and other bespoke applications Experience in executing business continuity planning and IT DRP Creating solution and technical application architectures, IT standards and policies Day-to-Day management of the Application Portfolio, its currency, dependencies and risk Technical lead on major system changes and upgrades Responsible for the development and management of Solution Architects, Business Analyst and contract resources Provide support to Corporate functions and wider businesses to enable them to optimise their use of corporate applications Vendor Management and selection (RFIs / RFP support) The Client is based in Central London. Please do send your CV to us in Word format along with your salary and availability.

Our client is looking for Corporate Risk and Assurance lead to come and join their team. Primary/general responsibilities: * Ensuring the appropriate plans, standards and practices for managing corporate risk and conducting corporate assurance and internal audit activities. Corporate Risk Management: * Coordinate a programme of regular assurance reviews with key Corporate and Portfolio stakeholders in accordance with the Integrated Assurance Map Support maintenance of and champion the Policy, Framework and Appetite Statement in accordance with best practice and Departmental policy. * Provision of advice to risk practitioners in using standards and processes through Risk Champion Working Groups. * Support risk management maturity using the Government Internal Audit Agency (GIAA) risk maturity model * Support the maintenance of the risk system/log, with the support of a technical development team * Develop and coordinate a programme of regular risk and issue reviews with key stakeholders * Analysing trends and performance to provide insightful recommendations to senior leaders to improve risk management Corporate Assurance & Compliance * Supporting the maintenance of, and championing, the Agency's Assurance Strategy and Assurance Framework * Maintaining the Integrated Assurance Map * Provision of advice to those involved in assurance on using standards and * Preparing reports highlighting insight from assurance interventions for senior leaders, including the Audit, Risk and Assurance Committee * Contributing the Governance Statement in the Agency's Annual Report and Accounts, summarising the processes, plans and findings of assurance activities * Collating, assessing and challenging information from the relevant leads within the Agency including oversight of the DAASIC process (Director's Annual Assurance Statements of Internal Control) and assurance of achievement of Functional Standards * Coordinating compliance activities across each delivery support function, who are to set internal controls and monitor their effectiveness. * Engage upwards and outwards with stakeholders in DSIT and across government to ensure alignment to assurance and compliance requirements. Internal Audit: * Oversee internal and external audit exercises. * Create a central repository for all audit actions, coordinating their enactment with relevant teams. Primary/general responsibilities: * Ensuring that the client has appropriate plans, standards and practices for managing corporate risk and conducting corporate assurance and internal audit activities. Corporate Risk Management: * Coordinate a programme of regular assurance reviews with key Corporate and Portfolio stakeholders in accordance with the Integrated Assurance Map Support maintenance of and champion the Policy, Framework and Appetite Statement in accordance with best practice and Departmental policy. * Provision of advice to risk practitioners in using standards and processes through Risk Champion Working Groups. * Support the maintenance of the risk system/log, with the support of a technical development team * Develop and coordinate a programme of regular risk and issue reviews with key stakeholders * Analysing trends and performance to provide insightful recommendations to senior leaders to improve risk management Corporate Assurance & Compliance: * Supporting the maintenance of, and championing, the clients Assurance Strategy and Assurance Framework * Maintaining the Integrated Assurance Map * Provision of advice to those involved in assurance on using standards and * Preparing reports highlighting insight from assurance interventions for senior leaders. * Coordinating compliance activities across each delivery support function, who are to set internal controls and monitor their effectiveness. * Engage upwards and outwards with stakeholders in DSIT and across government to ensure alignment to assurance and compliance requirements. Daily rate: £380pd IR35: outside IR35 Duration: March 26 Travel: Hybrid. Travel to London or Oxford once a month Start: ASAP LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

Intro At RSA, we believe insurance is about people, not things. We provide our inspiring colleagues the support and opportunity to grow together, shape the future, and win as a team. We are going through a transformation journey, providing our people with opportunity to be integral to improving our service and delivering better products to brokers and customers. We are a proud member of the Intact family, we feel part of something bigger, with a presence in North America, the UK and Europe. We have a bold ambition to become the best Commercial Lines business in the UK, demonstrated by our recent acquisition of NIG and Farmweb, allowing us to scale by leveraging our combined financial strength and importantly ensure our people feel the benefits of our joint capabilities. We are currently recruiting for a Head of Finance Data Transformation to join our established and experienced UK&I Finance Transformation team on a hybrid basis. This opportunity will be a 24-month fixed term contract. Your Role As the Head of Finance Data Transformation, you will lead the data workstream within the UK&I Finance Transformation (FT) programme, a strategic initiative to modernise and future-proof RSA's finance function.This role is pivotal in delivering a trusted, integrated, and insight-driven data environment that supports efficient operations, strategic decision-making, and regulatory compliance in alignment with global finance guidelines from parent group.You will define and drive the data strategy for the Finance Transformation programme, aligned with RSA UK&I's strategic roadmap and Intact's group-level architecture. Acting as the senior data authority within the FT programme, ensuring data is treated as a strategic asset. You will Lead the design and implementation of a single source of truth for finance data, ensuring completeness, reliability, and accessibility. Oversee the migration from legacy SAP systems to modern platforms, mitigating technology and data risks. Ensuring data architecture supports integration with parent group processes and systems. Establishing robust data governance frameworks, including data ownership, stewardship, quality controls, and compliance with regulatory standards will be an integral part of what you do. Collaborating with Risk, Audit, and Compliance teams to ensure data integrity and auditability

Description At Engine by Starling , we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of our offices so that we're able to interact and collaborate in person. Role Purpose This role is part of the Risk & Compliance team. The purpose of this role is to be a key player in the delivery of Engine's Risk Management Framework, to ensure that Engine: Is effectively identifying and managing risk across all its activities (both in the UK and internationally) Operates within the agreed risk appetite(s) Continues to meet the Group risk standards, Engine's risk standards, relevant industry standards and that our clients can be confident in our ability to identify and mitigate risk in a clear and timely manner. The role works with the Compliance Director, the Risk & Compliance Team and our Information Security and Legal colleagues to ensure that Engine is identifying and managing risk in the jurisdictions in which we are currently or in which we are planning to operate, in a clear, transparent and repeatable manner within our own and Group Policies and Risk Appetites. Key Accountabilities or Responsibilities: Embed and then mature the operation of Engine's Risk Management Framework, including Engine's Risk Appetite Framework, capturing and mitigating Enterprise risks, and ongoing Operational Risk Management. Facilitate the implementation of a risk management tool to enable more effective tracking, Management Information and aggregated Group reporting as appropriate. Build out Engine's RCSA process, and run it (including tracking actions to completion and reporting on progress). As part of this, support wider business areas with identifying, understanding and documenting risks across all current and planned activities. Work with the wider team to carry out Risk Assessments relating to business change, global expansion etc. Contribute to risk assessments and risk reporting to the Engine Management Team, Committees and Board as required. Work closely with the Starling Group and Engine Risk functions, Engine's management team, Information Security team, legal team and other key stakeholders to achieve all of the above.

Information Security Architect / Manager Our Client is an International company with offices in Central London. They are looking to bring on-board an Information Security Architect / Manager with at least 5 to 8 years proven expertise within Information Security. The function of the position will be as follows: Assess the current environment against industry standards and trends. Implement robust security and control measures, in line with the global IT team Streamline current processes and execute changes for a secured and optimised technology and data landscape. Subject matter expert in application and network security, with operational experience of managing security operations, SIEM solutions, incident, and response management. Collaborate to develop the Infosec strategy and associated operating model. Conduct an in-depth security risk assessment across the technology stack and provide end-to-end mitigation steps for resilience. Working closely with key stakeholders to ensure compliance with security policies, and promotion of strong information security culture. Provide weekly governance, risk and compliance reports utilising key risk and key performance indicators and metrics. Skills/Competencies Required: Experience developing information security policy, process and procedure design and implementation. Excellent troubleshooting, problem solving, and root-cause analytical (RCA) skills. Good working knowledge of Cisco Meraki and associated technologies. Practical knowledge of Continual Service Improvement (CSI) methodologies. Vulnerability management and assessment. Intrusion detection and prevention analysis / frameworks. Solid exposure to cloud based applications security and provisioning. Experience in writing policy, process, and standard playbooks. Experience in SOC and SIEM platforms Excellent communications skills in framing and messaging issues of highly technical nature, into meaningful and relevant information for a varied audience. Excellent analytical skills, with an ability to manage multiple projects under tight guidelines. Experience with common Information security frameworks such as ISO, ITIL, and COBIT. Information security professional qualifications (CISMP, CISSM, SSCP, CAP..etc) ** Occasional travel to other sites may be required. This is 6 month contract assignment based in Central London. Rate will be circa £500 per day. Please do send your CV to us in Word format along with your daily rate and availability.

IT Operation s Platforms and Security Lead This role requires excellent management of a small team in IT along with managing stakeholders and vendors. You must be hands-on technically in IT Infrastructure. The IT Operational Platform and Security Lead is responsible for overseeing the organisation’s IT operations, ensuring the stability, continuity, security, and efficiency of its technology platforms within a global commercial insurance environment. While Microsoft technologies (Microsoft 365, Azure, Exchange Online) form a core part of the infrastructure, the role also encompasses broader enterprise IT systems, multi layered networking, security, data management, and third-party platforms that support global business operations and the associated applications estate. The role requires a proactive leader who can drive IT operational excellence, manage security risks, focus on continual service improvement, drive transformational delivery projects, and work effectively with internal stakeholders and third-party vendors to deliver a high-quality Global IT services. Working in line with the Architecture defined IT principle of a "buy before build" environment, the individual will need to ensure that outsourced and cloud-based services are robust, cost-effective, and aligned with business needs and the Strategic IT vision. They will also play a key role in enhancing cybersecurity, protecting data and systems, driving transformative operational change, enhancing IT processes and ensuring compliance with governance bodies and industry regulations. Due to the nature of the role, complexity Security, Compliance & Risk Management Define and enforce cloud security policies, identity management, and access controls to protect systems, networks, and data. Oversee the adoption of zero-trust security principles to enhance protection across cloud platforms. Manage identity and access management (IAM) in a cloud-first environment, including Azure AD, MFA, Conditional Access, SSO, and Privileged Access Management (PAM). Lead threat monitoring, detection, and response using cloud-native security solutions such as Microsoft Defender, Sentinel, and SIEM platforms. Ensure compliance with cloud security frameworks and regulatory requirements (ISO 27001, NIST, GDPR, SOC2, FCA). Conduct regular security risk assessments, penetration tests, and vulnerability management across cloud services. Oversee endpoint security, cloud network and API security for robust protection across all assets Define, manage and maintain accurate DR and BCP plans for the infrastructure area with biannual tests. Technical Experience Microsoft Azure Infrastructure design and administration, including topology, Azure networking, services, and component knowledge, Microsoft AD (Entra), Server and SQL experience, O365 administration and design Global Software Patching and estate management via Intune Firewall (Azure, CheckPoint and Cloudflare), DNS, VPN, WIFI and Local Area Network design & administration experience Software Defined Networking (Cisco, Meraki, Versa) Key Skills Microsoft 365 & Azure: Strong experience managing Microsoft 365 (Exchange, SharePoint, Teams), Azure cloud infrastructure, and security tools such as Microsoft Defender and Sentinel. Security & Compliance: Deep knowledge of security frameworks (ISO 27001, NIST, CIS), compliance requirements (GDPR, SOC2), and risk management best practices. Identity & Access Management (IAM): Expertise in Azure AD, MFA, Conditional Access, Single Sign-On (SSO), and Privileged Access Management (PAM). Threat Management & Incident Response: Ability to detect, respond to, and mitigate cyber threats using SIEM, endpoint security, and vulnerability management tools. Networking & Infrastructure Security: Understanding of firewalls, VPNs, SD-WAN, DNS security, endpoint protection, and cloud security controls. IT Service Management & Automation: Experience implementing ITIL-based service management, automating operational tasks, and optimising service delivery. Operational & Leadership Skills: IT Operations & Service Continuity: Ability to ensure IT systems are highly available, resilient, and fit for purpose, with a strong focus on business continuity and disaster recovery. Supplier & Vendor Management: Experience managing third-party IT vendors, MSPs, and SaaS providers, ensuring service levels, performance, and cost-effectiveness. Project Leadership & Change Management: Ability to lead technology projects, system upgrades, and platform migrations, ensuring smooth execution and minimal business disruption. Process Improvement & Automation: Strong analytical mindset to identify inefficiencies, automate workflows, and enhance security controls. Soft Skills & Mindset: Problem-Solving & Decision-Making: Capable of making informed decisions and resolving complex IT issues in a fast-paced environment. Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, including senior leadership and business users. Resilience & Adaptability: Comfortable working in an evolving technology landscape, with a proactive and security-first approach. Summary of Skills Required: Global Enterprise level Infrastructure Management position for the last 5 years, Global team management (human resources, strategic delivery, operational service, audit lead for Infra, budget..) Key - 3 party operational infrastructure vendor management - i.e management of managed service partners, Migration of Legacy VM based estates to SaaS and Cloud services platforms, Legacy tech to Azure knowledge/experience, Prior to the last 5 years, a technical infrastructure engineering level background, working on Windows Server, AD , SQL environments, Firewalls/SDWAN, and Networks (WAN &/or LAN). The Client is based in the City of London. This is a hybrid position with 3 days in the office. The salary for this role will be in the range £85K - £100K plus Benefits. Do send your CV to us in Word format along with your salary and notice period.

IT Technology Planning & Governance Manager with Enterprise Architect Solutions Our Client is a leading company in the UK who are looking to recruit a candidate with at least 10 years expertise in IT technology and governance planning with Enterprise Architect Solutions experience. The role is Technology Planning Manager where you be responsible for the ongoing development and maintenance of the technology alignment roadmap for Corporate working closely with senior stakeholders, systems owners and 3 parties to deliver innovation. Lead day-to-day support and management of the core business Applications Portfolio lifecycle including but not limited to Finance, Legal, Property, Pensions, Treasury, HR, Business Development, Payroll and our Corporate Intranet ensuring that delivery of change is fit for purpose, of high quality, reliable and secure. Role Responsibilities Drive customer-centricity and stakeholder engagement, work closely with Corp functions to align application roadmaps with the combined Corp IT / SSC annual technology plans and dependencies. Work with senior stakeholders to build, document and map business capability to solution architecture across the Corp. Take ownership and develop a technology roadmap that meets the application requirements of the Corp to support the wider Company businesses. Evaluate the potential impacts of application workloads moving to cloud, notwithstanding the threats and opportunities for Corp functions. Shape, create and present business cases for high level initiatives, seek approval, funding and prioritisation with senior stakeholders. Understand the capital allocation requirement across the Corp functions plus the overall impact of application change on the operational expenditure budget. Align technology roadmaps and annual budget planning, use as the foundation for reporting on the state of the Corp Application portfolio. Provide technical leadership for Corp initiatives engaging across the Company where corporate applications service the wider businesses. Solve complex business problems with process and technology that cut across Corp group such as Identity and Access Management. Document and review IT standards, procedures and policies to ensure compliance with legal and regulatory requirements. Liaise with internal and external audit teams. Develop and adapt innovation tools and processes to drive operational excellence within Corp IT. Establish and maintain a consistent and integrated approach to information security and data protection governance in line with audit requirements. Create alignment on how to utilise governance forums such as User Experience and Architecture to improve services delivered to Corp functions. Manage solution architects, contractors, 3 Parties and business analyst in the future. Experience Required Significant and relevant progressive IT experience Experience of being in a practical solution planning and technical architecture design role is essential e.g. SaaS, Identity and Access Management Good understanding of emerging and innovative technologies, how to shape, deliver and leverage those technologies Experience of architecture business capability mapping, data management governance, technology roadmaps and project delivery lifecycle processes. Experience of ensuring compliance between corporate business application roadmaps and IT roadmaps. Experience of working within an ITIL service management environment with strong knowledge of business systems or applications within a corporate environment. Ability to deal with and manage conflicts whilst building successful business relationships across a range of stakeholder groups both internal and external to the organisation. Proven leadership skills, setting objectives and ensuring delivery of services to target Proven contract management, supplier management, procurement, and vendor selection experience Experience of systems such as Microsoft Office 365, Dynamics 365, SAP Success Factors, Treasury Openlink Findur, CMS, BACs Payment Platforms, Microsoft Power BI, Integration/ETL, Azure Active Directory Single Sign On and other bespoke applications Experience in executing business continuity planning and IT DRP Creating solution and technical application architectures, IT standards and policies Day-to-Day management of the Application Portfolio, its currency, dependencies and risk Technical lead on major system changes and upgrades Responsible for the development and management of Solution Architects, Business Analyst and contract resources Provide support to Corporate functions and wider businesses to enable them to optimise their use of corporate applications Vendor Management and selection (RFIs / RFP support) The Client is based in Central London. The salary for this role will be in the range of £90K - £110K + Benefits. Please do send your CV to us in Word format along with your salary and availability.

Security Engineer Kent, Hybrid Competitive Salary VIQU have partnered with a leading automotive organisation in Kent to search for an experineced Security Engineer . This role is all about protecting and improving cloud and infrastructure environments, driving security automation, and helping shape DevSecOps practices. You'll work across AWS and modern platforms, supporting both day-to-day security operations and longer-term strategic projects. Key Responsibilities: Maintain strong security posture across cloud infrastructure Manage vulnerabilities and support regular system maintenance Design, implement, and manage security tooling in cloud environments ( AWS focus ) Support threat detection, incident response, and risk mitigation activities Contribute to compliance initiatives (ISO 27001, CIS benchmarks ) Collaborate with infrastructure and platform teams to embed security controls Apply secure DevOps practices (code scanning, container security, IaC) Support governance, reporting, and vulnerability management processes Participate in security reviews, threat assessments, and architecture decisions Key Requirements: 3+ years' hands-on experience with AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub) Strong knowledge of cloud governance and security best practices