41 jobs found

DevSecOps Engineer Poole / Hybrid My client is looking for an experienced DevSecOps Engineer leading to Cloud Architect to join a growing UK technology business delivering secure cloud and software solutions into the national defence sector. This is an opportunity to work on high-impact programmes supporting some of the UKs most complex and interesting security challenges click apply for full job details

A leading home improvement retailer based in Paddington, London, is seeking an Application Security Specialist to enhance its digital platforms. In this senior role, you will ensure web, mobile, and API applications are kept secure from evolving threats, while promoting security within development processes. The ideal candidate will have experience in application security, strong knowledge of SAST and DAST, and familiarity with OWASP Top 10 guidelines. This position includes flexible working options and a comprehensive benefits package.

Location: Linthouse Glasgow, United KingdomIn fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.Together we offer fantastic opportunities for committed employees to learn and develop their career with us. At Thales UK, we research, develop, and supply technology and services that impact the lives of millions of people each day to make life better, and keep us safer. We innovate across the major industries of Aerospace, Defence, Security and Space. Your health and well-being matters to us and that's why we offer you the flexibility to do what's important to you; whether that's part time hours, job sharing, home working, or the ability to flex your start and finish times. Where possible, we support a working pattern that suits your lifestyle and helps you reach your ambitions.# Factory Software Engineer Site Location: Bristol/Crawley/Glasgow (with Hybrid working) Travel Percentage: 10 - 30 % nationally and > 5% International Role Reports To: Customer Enterprise Data Architect Level (HQ): SC - DV capable (desirable) Primary Purpose of the Role: To drive the evolution and deployment of Data and AI capabilities within the businesses and to our customers in order to increase growth in orders and increased customer satisfaction.As part of a newly established software development team, the Factory Software Engineer will work with stakeholders throughout the Thales UK businesses, to implement technology solutions that support an integrated approach to data integration/curation deployed across Thales UK. Supporting the Thales UK Digital and Data strategy the Factory Software Engineer will; develop, test, deploy and support software offerings into an internal catalogue of reusable/re-deployable capabilities focused around data integration and curation, helping deliver continuous evolution of our capabilities.The role will interact with other data solutions architects and engineers across the business working in Data and Digital: delivering data solutions that make up new or enhanced market offers; provide technical feedback of solutions; delivering Proofs of Concept and acting as a technical expert in DevOps solutions used transversally throughout the business.The role will be part of the Thales UK Data and Digital Competence Centre team to ensure that the technology strategy, human capabilities and opportunity pipeline is enabling the business strategy and growth. The role will connect with stakeholders across engineering, Thales UK and Group Digital Competence Centres thinking. Key Responsibilities and Tasks: Deliver solutions that meet the needs of the strategy and design, collaborate with teams to deliver on those designs. Support solutions both developed by the team and from other teams throughout their lifecycles enabling multi-deployment of those solutions through a catalogue strategy Create and maintain CI/CD Pipelines to enable efficient deployment of code by automating development and deployment processes Identify solution opportunities that focus on Reuse, maximising the return on development costs by reducing other programme development costs. Collaborate with development teams to enable the delivery of high-quality, secure, and scalable applications on the cloud with automated tools and scripts Recommend best practices and ensure the products developed within the organization are robust, secure and scalable Work with the product owner to address user needs Develop secure and high-quality production code, perform code reviews and able to debug issues Participate in agile threat modelling and vulnerability managementEnsure compliance with security and regulatory requirements for MOD and high Design assurance softwares Develop solutions for where data can bring value to our offers and our customer Support the Customer Enterprise/Solution Data Architects in coordinating the data landscaping and cataloguing for Thales UK Support the Customer Enterprise and Solution Data Architects in the creation and influence of UK MoD standards for Data Management and solutions that support data management and integration Work to implement 3rd party data integrations to support internal and external use cases Working collaboratively with the various squads and technical roles to identify common issues and opportunities to improve operational and strategic delivery. Accountable for the creation of the technology software solution deliverables Horizon scan for major disruptive technology trends (trend spotting) that affect business. Provide practical advice and best practices to overcome these challenges and successfully deliver the expected business outcomes.SkillsTechnical Logical Analysis of technical solutions and problem solving Experience working on Linux or Windows based infrastructure Excellent understanding of modern programming languages such as Ruby, Python, Perl, and Java Configuration and managing databases such as MySQL, Mongo Excellent troubleshooting Working knowledge of various tools, open-source technologies, and cloud services Awareness of critical concepts in DevOps and Agile principles Knowledge of business ecosystems, SaaS, infrastructure as a service (IaaS), platform as a service (PaaS), SOA, APIs, open data, microservices, event-driven IT, predictive analytics, machine learning and artificial intelligence General IT Knowledge (applications, storage, networks, IT infrastructure, Infrastructure, service level agreements, Asset management etc) Familiarity with information management practices, system development life cycle management, IT services management, infrastructure and operations, and EA and ITIL frameworks Technical IT (security, transaction processing, user interface, data management, Operating Systems Services)to design innovative solutions whilst adhering to strong security constraints. Experience of the latest technology trends and their application within Data - including but not limited to AI, machine learning containerisation, IOT, big data and cloud.Interpersonal Skills Ability to engage and influence a diverse set of stakeholders (Product Engineering Leaders, Customer, Design Authorities, Project Management, IS/IT) Ability to work in complex multi-stakeholder environment to create clear and achievable goals. Able to influence a wide range of people to get things done - needs to be highly effective in a matrix based organisation - a good team player. Excellent communication skills and interpersonal skills - encourages an open environment where information and ideas are shared and innovative thinking is stimulated. Will be adept at effectively building stakeholder relationships and working collaboratively with customer, supplier and internal teams. Capable of effectively engaging with technical staff, suppliers and stakeholders to define the best architectural design to achieve business/user objectives. Detailed technical expertise is not always essential, but the ability to understand and support technical discussion to conclusion with confidence is essential Team player with a sharp intellect, challenging approach and a "can do attitude". Experience of multi-stakeholder change management activities Experience:Essential In excess of 5 years' experience in the defence Industry or Aviation/Medical in related software/DevOps/DevSecOps roles CI/CD deployment Software development and deployment in complex programmes Strong Data and Application understanding with underpinning Infrastructure solution development Technical Documentation production to a high standardDesirable Governance of architecture or detailed

Your Impact Are you ready to take the next step in your engineering career and lead the delivery of critical platforms that protect national security? At Leonardo, our Senior Platform Engineers combine technical expertise with leadership, driving the design, integration, and support of complex systems that underpin our customers' missions. Your work at Leonardo UK will see you take the lead in solving customer problems in an agile, innovative and team centric manner. The role may involve a blended hybrid working model, with a mixture of working from home and working on site at one of our Leonardo offices to ensure close collaboration with the wider team and with our customers. What you will do as a Senior Platform Engineer Lead the design, build, and support of secure platforms across on premise, hybrid, and cloud environments. Take ownership of engineering delivery for one or more work packages, including planning, estimation, execution, and reporting. Develop and review system architectures, low level designs, and technical documentation. Integrate and test platform components, ensuring compliance with security and performance requirements. Provide mentoring, guidance, and technical leadership to Platform Engineers and Technicians. Collaborate with stakeholders, project teams, and customers to ensure solutions meet requirements. Drive continuous improvement initiatives and contribute to internal engineering standards. What you'll bring Strong technical ability with experience of delivering and supporting complex platforms. Ability to balance hands on engineering with technical leadership and mentoring responsibilities. Confidence to take ownership of solutions and represent engineering in technical discussions. Core areas (must have) Windows and Linux operating systems Experience with cloud platforms (AWS, Google) and containerisation (Kubernetes, Docker) Networking concepts (TCP/IP, DNS, DHCP, routing, firewalls) Experience with automation or scripting (e.g. PowerShell, Bash, Python, Ansible, Terraform) Familiarity with cyber security tools and system hardening practices Understanding of ITIL and service management frameworks Desirable Virtualisation platforms (VMware, Hyper V) Strong knowledge of enterprise services such as Active Directory, PKI, SQL, or Exchange Exposure to CI/CD pipelines and DevSecOps practices Hands on use of monitoring, endpoint security, and patch management tools Industry certifications (Microsoft, VMware, AWS, or equivalent) This is not an exhaustive list, and we are keen to hear from you even if you might not have experience in all the above. The most important skill is a good attitude and willingness to learn. Security Clearance This role is subject to pre employment screening in line with the UK Government's Baseline Personnel Security Standard (BPSS). An additional range of Personnel Security Controls referred to as National Security Vetting (NSV) may apply, this could include meeting the eligibility requirements for The Security Check (SC) or Developed Vetting (DV). For more information and guidance please visit Location This role can be based at one of our UK sites, Bristol, with hybrid/custom working options where appropriate. Why join us At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company funded benefits package that supports your wellbeing, career development, and work-life balance. Time to Recharge: Generous leave with the opportunity to accrue up to 12 additional flexi days each year. Secure your Future: Award winning pension scheme with up to 15% employer contribution. Your Wellbeing Matters: Free access to mental health support, financial advice, and employee led networks. Never Stop Learning: Free access to 4,000+ online courses via Coursera and LinkedIn Learning. Tailored Perks: Spend up to £500 annually on flexible benefits such as private healthcare, lifestyle discounts, and gym memberships. Flexible Working: Flexible hours with hybrid working options. For a full list of our company benefits please visit our website. Leonardo is a global leader in Aerospace, Defence, and Security. Headquartered in Italy, we employ over 53,000 people worldwide including 8,500 across 9 sites in the UK. Our employees are not just part of a team-they are key contributors to shaping innovation, advancing technology, and enhancing global safety. At Leonardo we are committed to building an inclusive, accessible, and welcoming workplace. We believe that a diverse workforce sparks creativity, drives innovation, and leads to better outcomes for our people and our customers. If you have any accessibility requirements to support you during the recruitment process, just let us know. Be part of something bigger - apply now! Primary Location: GB - Bristol - Coldharbour Lane Contract Type: Permanent Hybrid Working: Hybrid

Dive into a world where technology meets innovation. At Kerv Digital, we're not just another tech company. We're the problem solvers, the magicians who transform complex challenges into seamless digital experiences. Utilising a powerful blend of Power Platform, DevSecOps, Data experiences, and Software Engineering, we create business solutions that truly resonate with our clients driving extreme value! With our roots planted in Birmingham and branches spreading across the globe from London to Bangalore, we're a proud member of the Kerv Group - a dynamic £112m revenue technology consultancy leader with a dedicated team of over 700 professionals, partnering with 800+ sector leaders. People come first always we are incredibly proud of our unparalleled work culture. Not just words on paper, we wear our "Great Place to Work" certifications from the UK and India like badges of honour. Dive into an ocean of opportunities in an atmosphere that celebrates collaboration. Sharpen your prowess with a global multi-discipline team and be guided by the industry's most forward-thinking architects. Who we are looking for: Required Experience: Dynamics 365 CE implementation and developing custom plugins, workflow and actions Strong C# dev. to support bespoke plugin/workflow development Strong JS/HTML/CSS dev. to support bespoke interface development Strong general .power automate background Insightful entity architecture, grounded in Fetch XML Excellent communicator, capable of engaging at all levels with customers Distributed team dev. inc source control appreciation, esp. GIT and CI Windows certifications, e.g. multiple MCPs or an MCSE Experience with Field Service customisation We are also looking for people that fit how we work, which is something like: happiest working under their own direction, but fully supported when needed an obvious attention to detail, we want you to obsess about the little things! an escalation handler, able to achieve win-win outcomes by utilising the skills across the team ability to work effectively with remote teams in India ability to work flexibly to deliver on-time to tight timescales What we can do for you: We're a transparent, honest and fiercely equal employer that believes completely in providing the best possible work experience for our employees: Real Flexibility - we're a family first organisation, and if the work gets done, you can work when and wherever you want. A healthy approach for most of our teams seems to be splitting three ways between home, customer sites and the office. Awesome Environment - all of our employees will tell you that we foster an easy going environment, are experts at what we do and care deeply about what we work on, and the company was started specifically to find a way for people to take more enjoyment from their work. Interesting Work - these days most of our customers are household names and many of our projects have an important impact on the world around us. The kind of things we do regularly include working with not for profits to transform how they leverage technology, working with public bodies to shape digital services and working with top tier private entities to bring genuinely new and meaningful products and services to market. Great Benefits - all the usual suspects and then some. Some highlights include our choose your own tech approach to end user devices, well stocked cupboards with tasty goodies (we're a food first company too), excellent professional development support including frequent in house training for tech. you can't get trained on anywhere else and private healthcare. Full disclosure; some benefits can only be provided after probation. Recognition & Growth - Recognized as a 'Great Place to Work' in both the UK and India, our commitment to excellence goes beyond our products and services. Our culture is a testament to the dedicated technologists who work tirelessly to drive our vision forward. Being a part of Kerv Digital means embracing a culture of innovation, collaboration, and mutual respect. Our teams in the UK and India thrive in an atmosphere that promotes continuous learning and growth. Join us at Kerv Digital, where we don't just build groundbreaking technology - we build future. Don't take our word for it though, check out our impartial Glass Door reviews More on equality: At Kerv, we're building something special and we're building it to last. We want everybody to feel valued, included and love working together. With an uncompromising pursuit of amazing employee experience, we always strive to do the right thing. We believe and will relentlessly promote and support the power of diversity, equality and belonging, through collaboration and creating exceptional solutions together.

Overview We're Kingfisher, a team of over 74,000 passionate people who bring Kingfisher-and all our other brands: B&Q, Screwfix, Brico Depot, Castorama and Koctas-to life. That's right, we're big, but we have ambitions to become even bigger and even better. We want to become the leading home improvement company and grow the largest community of home improvers in the world. And that's where you come in. At Kingfisher, our customers come from all walks of life, and so do we. We want to ensure that all colleagues, future colleagues, and applicants to Kingfisher are treated equally regardless of age, gender, marital or civil partnership status, colour, ethnic or national origin, culture, religious belief, philosophical belief, political opinion, disability, gender identity, gender expression or sexual orientation. We are open to flexible and agile working, both of hours and location. Therefore, we offer colleagues a blend of working from home and our offices, located in London, Southampton & Yeovil. Talk to us about how we can best support you! We have a brand new opportunity for an Application Security Specialist to join our Security Operations team. This senior position will play a key role in driving improvements to and safeguarding Kingfisher's digital platforms, by embedding security into every stage of development. This role ensures our web, mobile, and API applications remain resilient against evolving threats, supporting Kingfisher's purpose of making home improvement accessible and secure for everyone. This role will be based at our Kingfisher Head Office in Paddington, with an expectation of 12 days a month in the office. Responsibilities Own and optimise Kingfisher's application security tools and services to maximise value. Lead operational oversight of application security testing across web, mobile, and API platforms. Drive the bug bounty programme and manage relationships with vendors and researchers. Coordinate penetration testing activities and partner with application owners to remediate findings. Integrate security into CI/CD pipelines and champion automation of security testing. Provide actionable metrics, KPIs, and insights to improve application security posture. Stay ahead of emerging threats and lead continuous improvement initiatives for application security. Qualifications Proven experience in application security or software development within complex technology environments. Strong knowledge of secure coding practices and hands on experience with SAST, DAST, and related tooling. Practical experience integrating security into CI/CD pipelines in DevSecOps settings. Familiarity with common attack vectors (e.g., OWASP Top 10) and mitigation techniques. Experience with threat modelling and API security. Be Customer Focused - constantly improving our customers' experience We encourage you to apply for one of our roles even if you do not feel you meet 100% of the requirements. Be Human - acting with humanity and care I do the right thing. Be Curious - thrive on learning, thinking beyond the obvious I build and share new ideas. I try new things and share my learnings. Be Agile - working with trust, pace and agility I have courage to be creative. Done is better than perfect; I aim for 80/20. Be Inclusive - acting inclusively in diverse teams to work together I embrace allyship. I have self awareness and a desire to learn. Be Accountable - championing the plan to deliver results and growth I own my actions. I understand the Kingfisher plan and how it relates to my role. Our Benefits In return, we offer an inclusive environment, where what you can achieve is limited only by your imagination! We encourage new ideas, actively support experimentation, and strive to build an environment where everyone can be their best self. Find out more about Diversity & Inclusion at Kingfisher. We also offer a competitive benefits package and plenty of opportunities to stretch and grow your career. What We Offer. Private Health Care Opportunity to receive up to family level cover with AXA. Join within three months of starting or at annual renewal in April. (This benefit is subject to Benefit In Kind taxation). Kingfisher Pension Scheme Immediate eligibility through auto enrolment. Contribute 8% to receive a max 14% from the Company. 25 Days' Holiday 25 days per annum plus bank holidays as stated in your contract (pro rated for part time colleagues). Staff Discount 20% discount at B&Q and Screwfix. Eligible after 3 months service. Kingfisher Share Incentive Plan (SIP) Share ownership in a tax efficient way. Save between £10 to £150 per month. Join at any time once three months service is reached. Life Assurance x4 Salary plus benefit equal to value of your Retirement Account (if an active member of KPS MP) or x1 Salary if not active member. Bonus Competitive bonus scheme that aligns to work level of role. Kingfisher Share Save Save with the option to buy Kingfisher plc shares at the end of a 3 or 5 year period. Offered annually. Three months service is required at the annual invitation date, normally in October. Our Behaviours Constantly improving our customer experience Acting with humanity and care Be curious-thriving on learning, thinking beyond the obvious Be inclusive-acting inclusively in diverse teams to achieve together Be agile-working with trust, pace and agility Be accountable-championing the plan to deliver results and growth Training & Development There are so many ways you can grow, learn, and develop here at Kingfisher. At whatever pace suits you. Conversations with senior leaders Resources and tools to help you grow Improving without instruments to help you learn is near impossible. That's why we make sure you have everything at your fingertips to find exactly what you need to keep growing. Initiatives that measure development With plans that ask you what you want to achieve and when you want to achieve them by, tracking progress and keeping development at the forefront of conversation is easy. Find your path The scale of group functions within Kingfisher is huge. That means you have the chance to build different career paths within multiple areas of the organisation. Sharing is caring We aren't selfish here at Kingfisher. Whatever your level of experience, you'll work with colleagues who are always welcoming and ready to share their knowledge whenever you need it. Reach for the stars So your ambitions are high? Good thing we have opportunities to find experiences in line with more senior roles and responsibilities. Here, you can evolve your career, no matter your level. Why Kingfisher We're an innovative, international retailer on a journey to actively make a difference. Always striving to take that next step. You can be part of the difference. From bottom to top you can progress in a collaborative environment. So, why not Kingfisher? Application Process What to expect from our application process Step 1: Application Send in your application via our Kingfisher Careers website. Step 2: Review A member of the Talent Acquisition team will then review your application and let you know if you have progressed to the next stage of the process. Step 3: Interview 1 You'll then have a telephone interview/one to one conversation with a recruiter. Step 4: Interview 2 As you progress, you'll be invited to attend a face to face or virtual interview. Step 5: Feedback Your recruiter will be in contact with feedback and, if successful, the details of your job offer!

At Kroo Bank, we are charting the future of banking with our groundbreaking technological innovations and unique digital services. The rapid advancements in the fintech sector necessitate ongoing evolution in the roles and responsibilities of our bank to effectively tackle new business opportunities and challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management. Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in mind. Cloud security and secure infrastructure: Assist teams in diagnosing and addressing gaps in infrastructure security, aligning the organisation with industry security posture standards. Cybersecurity Collaboration: Work closely with stakeholders across the organisation to align security measures with our overarching cybersecurity strategy and protect the bank's technology infrastructure. Regulatory Compliance: Support teams in meeting compliance requirements for internal audits and external regulators, safeguarding against potential fines and reputational damage. To be successful in this role you should have skills and experience in multiple domains, such as application security, network security or security operations. You need to have programming experience and the ability to proactively seek out efficient and repetitive solutions to security challenges. At a minimum, you should have at least 3 years of experience in system, network or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of cryptography including encryption, signing and digital certificates, Principles of securing mobile applications and web services, Docker or kubernetes and infrastructure as code, Event driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification such as CISSP, CCP, SANS, GAIC, Ethical Hacker, Experience in working in regulated company, preferably with a FinTech/ banking background and experience in DevOps, Excellent oral, written communication and presentation skills. What we offer: At our cutting-edge fintech company, we know that attracting and retaining the best talent means offering top-notch benefits that help our employees thrive both in and outside of work. Check out what we currently offer: Generous holiday time: 25 days annual leave, 8 bank holidays, 1 Kroo bank holiday (June 24th), and 1 day off during the week of your birthday. Personal days: We know that life can be unpredictable, so we offer 3 personal days to use as needed. Employer-sponsored volunteer program: We're passionate about giving back to our community, and we support our employees in doing the same with up to 4 hours per month of employer-sponsored volunteer time. Mental health support: We care about the mental health of our team members and offer access to Spill, our mental health support partner. Workplace pension: We want you to feel secure about your future, so we offer a workplace pension with a 5% employee contribution and a 3% employer top-up. Learning and development: After 1 year of service, you'll have access to £500 from the Kroo Learning Fund to invest in your career development. Top-notch equipment: We provide top-of-the-line equipment necessary for smooth hybrid work, including a MacBook laptop. Additionally, we also offer support in establishing your home office by contributing towards your setup if required. Modern office: When you're in the office, you'll enjoy access to our modern, bustling workspace in Farringdon, Central London. Cycle to Work scheme: We encourage sustainable transportation with our Cycle to Work scheme. Electric Car scheme: We're committed to reducing our carbon footprint, and our Electric Car scheme makes it easy for our employees to do the same. Enhanced parental leave: We know that family comes first, and we offer an enhanced parental leave policy to support our employees in starting and growing their families. You get full healthcare for you and your nuclear family via Vitality. Hybrid Working: At Kroo Bank, we have a hybrid policy that gives both individuals and teams a lot of freedom when it comes to using the office space to boost productivity. Our London office is a great resource when used effectively. So, employees who can occasionally come to the office are a good fit for how we work right now. Keep in mind that this job involves working from Monday to Friday, with a mix of remote and office work, so you won't need to be on-site all the time. Diversity and Inclusion: We wholeheartedly uphold our commitment to fostering a diverse and inclusive workplace. Every employee is highly regarded, respected, and supported without any form of judgement or prejudice. We consider Diversity, Equality, and Inclusion as fundamental pillars guiding our path in all aspects of our bank. We also ensure that reasonable adjustments are made available to all candidates throughout the recruitment process. To all Recruitment Agencies: At Kroo Bank, agency resumes are strictly prohibited. Do not submit agency resumes or forward them to our job advertisements or Kroo Bank employees. Be aware that Kroo Bank will not assume any responsibility for fees incurred due to unsolicited resumes. To ensure a fair and efficient application process, all candidates are kindly requested to submit their applications directly through the advertised platform. We kindly ask that you refrain from reaching out to the company or its employees via email, LinkedIn, or any other communication channels for inquiries or updates. Please note that any attempts to contact us through these channels will not receive a response. Thank you for your understanding and cooperation.

About Citi Citi, the world leading global bank, has approximately 200 million customer accounts and a presence in more than 160 countries and jurisdictions worldwide. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. Citi enables clients to achieve their strategic financial objectives by providing them with cutting edge ideas, best in class products and solutions, and unparalleled access to capital and liquidity. The Team Cloud Technology Services (CTS) is responsible for looking after Citi's Cloud programme across Public and Private Cloud. It has several new and exciting programmes utilising cutting edge cloud and container technologies, with a view to ensuring that our offerings are best in class and enable our wider business lines and clients alike. The Job This role sits within the newly formed GenAI Security team, which is responsible for ensuring, maintaining, and improving the security of our GenAi Prompt security capabilities within the firm. You will be responsible for engineering solutions that strengthen and broaden our security capabilities in an environment that is changing daily whilst also working with vendor products to achieve the same aims. You will have the opportunity to partner with key Engineering teams, alongside Operations and Site Reliability Engineering. Effective capabilities that combine security and engineering excellence are key to success. What the Role Covers Designing, developing, optimizing, and enhancing a GenAI prompt security platform to protect firm AI/LLM based applications from adversarial attacks and prompt injections. Building and automating a security testing framework to validate protection mechanisms for various LLM use cases. Owning solutions that are expected to operate and perform at scale across the organisation. Collaboration with multiple stakeholders and partners across Engineering and Operations as well as partner teams within the wider Citi organisation, across different time zones. Job Skills / Qualifications Highly motivated self starter with excellent interpersonal and problem solving skills. Bachelor's degree or equivalent work experience. Good oral and written communication skills. Significant relevant industry work experience. Experience of the full lifecycle of design, implementation and running of enterprise software solutions involving cross functional team collaboration. Expertise in a major programming language such as Python and/or Go, and associated tooling (Git, Maven, IDEs, Jenkins, Bitbucket etc). Expertise in designing and implementing secure APIs and libraries. Experience in Generative AI, LLM frameworks, LLM prompt engineering and/or adversarial testing is a bonus. Experience with Cyber engineering and Operations, which could include DevSecOps or MLOps. Experience contributing to the architecture and design (architecture, design patterns, reliability, scaling) of new and current systems. Experience in containerized deployment (Kubernetes, OpenShift etc). Expertise with DevOps, CI/CD and agile methodology. What We Can Offer You By joining Citi, you will not only be part of a business casual workplace with a hybrid working model (up to 2 days working at home per week), but also receive a competitive base salary (which is annually reviewed), and enjoy a whole host of additional benefits such as: 27 days annual leave (plus bank holidays) Discretional annual performance related bonus Private Medical Care & Life Insurance Employee Assistance Program Pension Plan Paid Parental Leave Special discounts for employees, family, and friends Access to an array of learning and development resources Visit our Global Benefits page to learn more. Alongside these benefits Citi is committed to ensuring our workplace is where everyone feels comfortable coming to work as their whole self, every day. We want the best talent around the world to be energized to join us, motivated to stay and empowered to thrive. Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law. If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi. View Citi's EEO Policy Statement and the Know Your Rights poster.

At Kroo Bank, we're building a better bank from the ground up. One that puts customers first, treats money responsibly, and uses technology to make everyday banking simpler, fairer and more transparent. We're a fully regulated UK bank, backed by long term investors, with a growing customer base and big ambitions. We move fast, think carefully, and hold ourselves to the highest standards, whether that's how we engage with our customers, build products, manage risk, or look after our people. Job Overview Drive our IT security strategy and implementation forward whilst protecting the business from security threats against unauthorised, disruption or destruction of digital data. Direct strategy, operations and product development for the protection of the enterprise information assets and manage the program of delivery. The scope of responsibility will encompass security awareness, security operations and applications and infrastructure, including the policies and procedures which apply. Responsibilities Managing the daily operation and implementation of the information security strategy Developing and maintaining a forward looking security roadmap covering cloud, mobile, AI, and software platforms. Collaborating with the technology leadership to deliver new security technology approaches and implementing next generation solutions and controls Ensuring secure configuration and continuous compliance across IaaS, PaaS, and SaaS environments. Conducting a continuous assessment of current security practices and systems and identifying areas for improvement Performing security audits and risk assessments and reporting on ways to minimise threats and security exposure Owning the Information Security Management System (ISMS) and maintain ISO 27001 certification maintenance Ensuring compliance and governance with applicable regulations Collaborating with operational teams to develop, implement and test business continuity plans to ensure service is continuous when a change programme is introduced, or a security breach occurs or in the event that the disaster recovery plan needs to be triggered Protecting the intellectual property of the organisation at all times Monitoring security vulnerabilities and hacking threats in network and host systems Leading security operations (including Managed SOC), threat intelligence, detection, and response capabilities Defining KPIs and KRIs to measure security maturity and providing regular security reporting to Executive and Board level stakeholders. Managing and developing the information security team Championing and educating the organisation about the latest security strategies and technologies Managing the IT security budget and communicating this with the appropriate parties Qualifications Significant senior leadership experience in information security within a FCA and PRA regulated UK bank, fintech, or other regulated financial services organisation, with demonstrated engagement on CBEST matters (including oversight of threat led penetration testing) at Board Risk Committee level. Demonstrable experience achieving and maintaining ISO/IEC 27001 certification. Strong background in software application security and mobile security. Experience implementing and improving DevSecOps processes in cloud native (AWS or GCP) environments. Knowledge of AI/ML security risks and governance frameworks like ISO 42001 or NIST AI RMF. Experience leading security operations, incident response, and threat management. Ability to work collaboratively with the 2nd line of defence to ensure the Bank remains within risk appetite Ability to work with team members at all levels from Software Engineers & IT through to board level. What we offer Generous holiday time: 25 days annual leave, 8 bank holidays, 1 Kroo bank holiday (June 24th), and 1 day off during the week of your birthday. Personal days: We know that life can be unpredictable, so we offer 3 personal days to use as needed. Employer-sponsored volunteer program: We're passionate about giving back to our community, and we support our employees in doing the same with up to 4 hours per month of employer-sponsored volunteer time. Mental health support: We care about the mental health of our team members and offer access to Spill, our mental health support partner. Workplace pension: We want you to feel secure about your future, so we offer a workplace pension with a 5% employee contribution and a 3% employer top up. Top notch equipment: We provide top of the line equipment necessary for smooth hybrid work, including a MacBook laptop. Additionally, we also offer support in establishing your home office by contributing towards your setup if required. Modern office: When you're in the office, you'll enjoy access to our modern, bustling workspace in Farringdon (Central London). Cycle to Work scheme: We encourage sustainable transportation with our Cycle to Work scheme. Electric Car scheme: We're committed to reducing our carbon footprint, and our Electric Car scheme makes it easy for our employees to do the same. Enhanced parental leave: We know that family comes first, and we offer an enhanced parental leave policy to support our employees in starting and growing their families. Room for growth: As a fast paced, high growth start up, we're dedicated to providing our employees with room to grow and excel. You get full healthcare for you and your nuclear family via Vitality. Hybrid Working At Kroo Bank, we have a hybrid policy that gives both individuals and teams a lot of freedom when it comes to using the office space to boost productivity. Our London office is a great resource when used effectively. So, employees who can occasionally come to the office are a good fit for how we work right now. Keep in mind that this job involves working from Monday to Friday, with a mix of remote and office work, so you won't need to be on site all the time. Diversity and Inclusion We wholeheartedly uphold our commitment to fostering a diverse and inclusive workplace. Every employee is highly regarded, respected, and supported without any form of judgement or prejudice. We consider Diversity, Equality, and Inclusion as fundamental pillars guiding our path in all aspects of our bank. We also ensure that reasonable adjustments are made available to all candidates throughout the recruitment process. To all Recruitment Agencies At Kroo Bank, agency resumes are strictly prohibited. Do not submit agency resumes or forward them to our job advertisements or Kroo Bank employees. Be aware that Kroo Bank will not assume any responsibility for fees incurred due to unsolicited resumes. To ensure a fair and efficient application process, all candidates are kindly requested to submit their applications directly through the advertised platform. We kindly ask that you refrain from reaching out to the company or its employees via email, LinkedIn, or any other communication channels for inquiries or updates. Please note that any attempts to contact us through these channels will not receive a response. Thank you for your understanding and cooperation.

Insight Investment is looking for Security Architect to join the Data Platform team in Manchester. The role will focus on designing, implementing, and continuously enhancing the security of our Snowflake-based data platform hosted on Microsoft Azure. This role has been created to strengthen security-by-design principles throughout the platform's development and delivery processes. Working collaboratively within the team, you will partner closely with engineers and fellow architects to proactively identify cyber threats, devise proportionate security controls, and see these measures through to practical implementation. Your efforts will be instrumental in ensuring our platform remains secure and compliant, while supporting efficient and frictionless delivery. This is a hands-on, delivery-oriented position, embedded within the wider Data Platform team. You will play a key part in shaping our secure system development practices, championing robust governance and regulatory compliance, and enabling trusted access to data for users across the organisation. Role Responsibilities Design and implement security architecture for the Snowflake data platform on Microsoft Azure, encompassing data, identity, network, and platform controls, while embedding security into Snowflake workspaces and GitHub-backed repositories (secure branching, code reviews, pipelines, secrets management, and deployment patterns) Secure integrations with Sigma, Collibra, on-premises systems, other clouds/SaaS, and third-party vendors by ensuring connectivity, authentication, data exchange, and auditability Lead threat modelling and hands-on security assessments for systems, data flows, integrations, and vendors; translate findings into actionable controls, prioritise remediation, and track closure Implement and refine controls across IAM (Entra ID/Azure AD, Snowflake roles/RBAC), networking (private endpoints, firewall rules), encryption and key management (customer-managed keys, Key Vault), secrets management, monitoring, and logging, ensuring operability and observability (logs, alerts, dashboards), incident response, and post-incident learning Define and embed reusable, automatable security patterns, guardrails, and reference architectures in CI/CD; enforce secure data lifecycle controls (ingestion, storage, processing, sharing, retention/deletion), including classification, masking, and least-privilege access Work closely with the platform team and Internal Security to align on standards and enable secure delivery, contribute to Architecture Review Boards and technical risk management, and ensure compliance with legal, regulatory, industry, and enterprise standards, focusing on real risk reduction. Elevate the platform team's security maturity and mindset in the process Experience Required Snowflake on Azure security: role/warehouse design, RBAC, masking/row level controls, network policies, private connectivity, secure data sharing patterns Azure security: identity (Entra ID), network isolation (VNets, Private Link), Key Vault / customer managed keys, policy/blueprints, logging/monitoring GitHub security & DevSecOps: protected branches, code owners, signed commits, secrets management, GitHub Actions hardening, SAST/secret scanning, supply chain hygiene Infrastructure as Code (e.g., Terraform) and pipeline embedded controls (policy as code, automated checks, drift detection) Threat modelling & risk assessment skills; ability to turn threats into concrete, testable mitigations and track them to done Zero Trust and principal of least privilege mindset; strong grasp of enforcing role entitlement over data security (classification, tokenisation/masking, lineage, audit) Security observability: designing for logs, metrics and alerts that support detection, response and auditability Working familiarity with industry frameworks (e.g., NIST CSF, CSA Cloud Controls) to communicate design rationale in governance forums Clear, pragmatic communication to brief engineers, product, architects and ARB succinctly; documents decisions and residual risk Behaviours: collaborative, embedded, outcome focused, balances speed and safety, takes ownership, learns from incidents, influences through expertise, consultative stakeholder style, curiosity, continuous improvement mindset, transparent about trade offs and residual risk Insight is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation. If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at About Insight Investment Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability-driven investment, risk management, full-spectrum fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at:

A leading asset management firm based in Manchester seeks a Security Architect to enhance the security of its Snowflake-based data platform on Microsoft Azure. The role focuses on designing security architectures, implementing security measures, and ensuring compliance while collaborating with engineers. With a strong emphasis on developing and maintaining secure practices, the ideal candidate will have expertise in Snowflake on Azure security as well as familiarity with DevSecOps principles. This position offers a hands-on approach in a collaborative team environment, striving for frictionless and compliant delivery.

Wood Mackenzie is the global leader in analytics, insights and proprietary data across the entire energy and natural resources landscape.For over 50 years our work has guided the decisions of the world's most influential energy producers, utilities companies, financial institutions and governments.Now, with the world's energy system more complex and interconnected than ever before, sector-specific views are no longer enough. That's why we've redefined what's possible with Intelligence Connected.By fusing our unparalleled proprietary data with the sharpest analytical minds, all supercharged by Synoptic AI, we deliver a clear, interconnected view of the entire value chain. Our trusted team of 2,700 experts across 30 countries breaks siloes and connects industries, markets and regions across the globe.This empowers our customers to identify risk sooner, spot opportunities faster and recalibrate strategy with confidence - whether planning days, weeks, months or decades ahead.Wood Mackenzie Intelligence Connected Wood Mackenzie Values Position Overview We are seeking an experienced Cyber Security Lead Analyst to join our cyber security team. The ideal candidate will have a minimum of 5 years cyber security experience and 3+ years in cloud security and/or application security. The candidate will be able to demonstrate a proven track record of protecting enterprise environments against evolving cyber threats. This role requires a technically proficient lead analyst who can lead security initiatives and ensure our cloud and application infrastructure maintains the highest security standards, whilst maintaining business partnerships across the group. Key Responsibilities Monitor and analyze security events across cloud and on-premises environments using SIEM and security analytics tools Conduct thorough investigations of security incidents and provide detailed incident reports Develop and maintain incident response playbooks and procedures Experience with threat intelligence platforms and threat hunting Experience with security orchestration, automation and response (SOAR) platforms Understanding of data protection and encryption technologies Experience in regulated industries (financial services, healthcare, energy) Background in offensive security or penetration testing Design, implement, and maintain security controls across cloud platforms (AWS, Azure, GCP) Conduct cloud security assessments and architecture reviews Ensure compliance with cloud security best practices and frameworks (CIS Benchmarks, CSA CCM, NIST) Manage cloud-native security tools including CSPM, CWPP, and cloud WAF solutions Implement and maintain identity and access management (IAM) policies and controls Lead cyber security programs and coordinate remediation efforts Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps) Stay current with emerging threats, vulnerabilities, and security technologies Contribute to security awareness training and documentation Facilitate Supplier Management and security input into bids Support compliance initiatives (SOC 2, ISO 27001, PCI-DSS, GDPR, etc.) Develop and enforce security policies, standards, and procedures Conduct security audits and risk assessments Maintain security documentation and metrics reporting Required Qualifications 5+ years of experience in cybersecurity roles 3+ years of hands-on experience with cloud security (AWS, Azure, or GCP) Proven experience leading security incidents and coordinating response efforts Experience with security frameworks such as NIST CSF, MITRE ATT&CK, or Zero Trust architecture Technical Skills Strong expertise in cloud security services and tools (AWS & Azure) Experience working with SIEM platforms (Splunk, Sentinel) Understanding of network security, firewalls, IDS/IPS, and VPN technologies Familiarity with security testing tools (vulnerability scanners, SAST/DAST, penetration testing tools) Experience with endpoint detection and response (EDR) solutions Certifications (one or more preferred) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate Soft Skills Strong analytical and problem-solving abilities Excellent written and verbal communication skills Ability to explain complex security concepts to technical and non-technical audiences Leadership capabilities and experience mentoring team members Strong attention to detail and ability to work under pressure Collaborative mindset with cross-functional teams Business Partnering experience Education Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience) Working Conditions Some flexibility for remote work - 2 days minimum in office (Edinburgh preferred) Equal Opportunities We are an equal opportunities employer. This means we are committed to recruiting the best people regardless of their race, colour, religion, age, sex, national origin, disability or protected veteran status. You can find out more about your rights under the law at If you are applying for a role and have a physical or mental disability, we will support you with your application or through the hiring process. Inclusive - we succeed together Trusting - we choose to trust each other Customer committed - we put customers at the heart of our decisions Future Focused - we accelerate change Curious - we turn knowledge into action

We're proud to be trusted by some of the largest companies in the world to handle their Salesforce DevOps. Underpinning that trust is a commitment to protect their data through our modern approach to security and compliance, and this is only getting more important as we grow our customer base in increasingly regulated sectors. This is a fantastic opportunity to progress your career in security and compliance within the tech sector. This role will provide you with exposure to several key areas including information security, data protection, general compliance, audits and relevant project work. There'll be lots of opportunity to progress within the role and specialise within a certain area of the business in the future. What's the opportunity at Gearset? Own our security and compliance documentation accurate and up to date, such as policies, procedures, and support documentation across our information security and compliance programs. Support our commercial teams in complex information security and compliance negotiations, while making sure we respond accurately and within given timescales. Take ownership of maintaining our current ISO 27001 compliance and certification through continuous improvement activities, as well as supporting preparation for internal and external audits. Own our internal Data Protection compliance program and make sure we comply with various regulations globally including UK GDPR, EU GDPR, and CCPA. Gain experience in the implementation and ownership of additional compliance based projects as we increase the international regulation and standards we comply with. Help us work efficiently by identifying common deal blockers and standardising documentation and processes. What you'll achieve You'll build on your prior experience from a GRC or an information security role, within a technology company, to support our ambitious company growth plans. You'll become a technical expert on the company and our products to streamline customer onboarding, and security and compliance reviews. You'll own reviewing and responding to our complex customer security and compliance requests. You'll have ownership of compliance and reporting to the international information security standard ISO 27001, to ensure Gearset retains our certification and continues to provide the highest level of protection to our customers' data. You'll own our internal Data Protection compliance program and make sure we comply with various regulations globally including UK GDPR, EU GDPR, CCPA. You'll manage out third party supplier risk program. You'll work as part of the compliance project team when implementing new regulations or standards such as NIST, fedRAMP etc. You'll have the opportunity to get certified to international standards on Information Security, Compliance, Risk, Data Protection or Cyber Security. About you Have been in an information security or GRC role, within a technology company and hold either a ISO 27001 Lead Implementer or Lead Auditor certificate. Have in-depth knowledge of ISO 27001 standards & proven experience in implementing ISO 27001 and maintaining the certification. Along with knowledge of general compliance requirements such as Modern Slavery, AML, Bribery etc. Have a track record of owning internal compliance with global data protection laws including GDPR and CCPA. Have an understanding of AWS Cloud infrastructure, and application security. Possess a technical predisposition, the desire to learn and ability to react to the needs of a rapidly growing company eg comfortable working in an ever changing environment. Are an excellent communicator, with attention to detail and a passion for always delivering a great customer experience. Great to haves A degree in Computer Science, Information Security, Cybersecurity, or a closely related discipline such as Data Protection, Information Governance or Risk. A recognised Information Security qualification such as CISSP, CompTIA Security+ etc. Past exposure to other regulations or frameworks such as NIST, HIPAA, fedRAMP, DORA. Knowledge of DevOps and DevSecOps. Benefits (the stuff you'd expect!) This role is based in our Cambridge office but with the flexibility to work from home when you need to. Opportunity to join our Long Term Incentive scheme. Generous personal development budget for courses, conferences, or whatever is useful to your professional development in the role of up to £1500 per year. Top end hardware provided. Free lunch any day you are in the office. BUPA health care. Life Insurance & critical illness cover. Discounted gym membership, as well as a range of health and wellness benefits.