About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud environments. You will work closely with the Cyber Security Operations team, outsourced managed security service provider, and internal stakeholders to maintain and enhance our security posture. You will play a key role in our organisation. Security transformation programme to help improve our security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender for Endpoint, Office 365, and Cloud, while supporting the Security Operations Lead to keep our environment secure. Your day-to-day will involve analysing security alerts, collaborating with SOC and MSSP partners to strengthen detection and response, conducting regular assessments, and shaping security policies and best practices. We operate a hybrid working policy that requires a minimum of 2 days per week in the office. About You We're seeking a cybersecurity professional with experience in Microsoft-centric environments, ideally within large or multi-region organizations. You should be a clear communicator and strong leader who sets direction, aligns teams, and focuses on priorities. Adaptability is key - you can manage change, make decisions with incomplete information, and handle uncertainty confidently. The ability to identify critical tasks, remove obstacles, and keep teams focused on results is essential. To be successful in this role, you will ideally have/be: Essential: Demonstrated hands on experience in Azure, Entra and Microsoft 365 Cloud Security Engineering Demonstrated hands on experience of writing complex PowerShell scripts Experience of managing security of IAAS, PAAS and SAAS platforms Strong understanding of threat detection, prevention, and response methodologies. Hands-on experience with EDR, email security, and web security solutions. Microsoft certifications such as SC-200 MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC environment. Benefits We care about work/life balance here. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of a discretionary annual payment.
Mar 05, 2026
Full time
About the Role The Cyber Security and Resilience Engineer will support our Cyber Security Operations strategy with the management and optimisation of the clients Threat protection and detection tooling. This role's focus will be on ensuring there are robust security controls across web, email, endpoints and cloud environments. You will work closely with the Cyber Security Operations team, outsourced managed security service provider, and internal stakeholders to maintain and enhance our security posture. You will play a key role in our organisation. Security transformation programme to help improve our security posture by securing our cloud and enterprise environments by implementing best practices. In this role, you'll take ownership of managing and maintaining threat protection and detection tools, including web and email security solutions, EDR platforms, and cloud security technologies. You'll configure and monitor Microsoft Defender for Endpoint, Office 365, and Cloud, while supporting the Security Operations Lead to keep our environment secure. Your day-to-day will involve analysing security alerts, collaborating with SOC and MSSP partners to strengthen detection and response, conducting regular assessments, and shaping security policies and best practices. We operate a hybrid working policy that requires a minimum of 2 days per week in the office. About You We're seeking a cybersecurity professional with experience in Microsoft-centric environments, ideally within large or multi-region organizations. You should be a clear communicator and strong leader who sets direction, aligns teams, and focuses on priorities. Adaptability is key - you can manage change, make decisions with incomplete information, and handle uncertainty confidently. The ability to identify critical tasks, remove obstacles, and keep teams focused on results is essential. To be successful in this role, you will ideally have/be: Essential: Demonstrated hands on experience in Azure, Entra and Microsoft 365 Cloud Security Engineering Demonstrated hands on experience of writing complex PowerShell scripts Experience of managing security of IAAS, PAAS and SAAS platforms Strong understanding of threat detection, prevention, and response methodologies. Hands-on experience with EDR, email security, and web security solutions. Microsoft certifications such as SC-200 MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC environment. Benefits We care about work/life balance here. With this in mind we offer 25 days' holiday that rises with service, plus bank holidays and Christmas closure (3-days) and a 35-hour working week. We are open to discussing flexibility in respect to working patterns, dependent on role. We also have a great variety of active employee networks and societies. We help make your money go further by contributing to your pension up to 12%, offering loans and savings schemes through our partnership with Salary Finance, in addition to travel to work schemes and access to a wide range of local discounts. This role comes with the added benefit of a discretionary annual payment.
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
Mar 04, 2026
Full time
Cyber Security Manager Permanent Tameside, Greater Manchester (Hybrid) Salary: £56,000 per annum + car allowance A leading housing association is seeking an experienced Cyber Security Manager to lead their network and security functions. This is a fantastic opportunity to shape cybersecurity strategy and governance in a purpose-driven organisation that manages over 37,000 homes and prioritises resident wellbeing, community sustainability, and innovation. About the role Reporting to the Assistant Director of Technology Services, you will provide tactical and operational leadership to a small, capable team (including Senior/Junior Security Analysts, Senior Security Engineer, and network engineers). The focus is approximately 80% cyber security and 20% network-related responsibilities. You will take a proactive, strategic approach to safeguarding information assets, managing cyber risks, leading incident response, and driving continual improvement in our security and network posture. Key responsibilities include: Developing and maintaining security strategies, policies, standards, and procedures in alignment with frameworks such as ISO27001 , NIST CSF , CIS Controls , and Cyber Essentials Plus . Providing senior leadership with insightful reports, dashboards, and actionable recommendations on security posture, risks, and incidents. Leading cyber risk assessments, third-party risk management, vulnerability remediation, patch management (soon transitioning to a third-party provider-opportunity to put your stamp on processes), and supplier compliance. Overseeing incident management, coordinating audits, penetration testing (third-party delivered, but you will shape scoping and remediation), and contributing to disaster recovery/business continuity. Mentoring and developing the team to high performance, aligned with SFIA framework. Building strong relationships with stakeholders, executive leaders, SOC partners, vendors, and auditors. Championing security awareness across the organisation. This is a leadership role where you can influence IT strategy, investment decisions, and compliance maturity. We are looking for someone ready to take ownership. About you We are particularly interested in candidates with proven managerial experience in cybersecurity (line managing teams, even small ones), strong compliance and governance expertise, and the ability to operate strategically. Essential : 5+ years hands-on technical experience in network/security, plus 2+ years in a senior/lead cybersecurity role. Leadership of teams and delivery of security strategies/policies. Deep knowledge of key frameworks (ISO27001, NIST CSF, CIS Controls, Cyber Essentials Plus). Experience in risk management, incident response, vulnerability management/remediation, third-party security, and stakeholder engagement. Relevant certifications (e.g., CISSP, CISM, CCNP Security, CEH, ISO27001 Lead Implementer/Auditor-or equivalent experience). Degree in Cyber Security, IT, Computer Science (or equivalent experience). Desirable : Background in housing, public sector, or regulated environments. Hands-on experience with firewalls, hybrid infrastructure security, SOC collaboration, and pen testing oversight. Experience and leadership ability outweigh formal qualifications-we value a strategic mindset and the drive to build robust governance. Benefits: Excellent work-life balance: 24 days annual leave + 3 days Christmas closure + bank holidays (rising with service). Flexible working: Compressed hours/4-day week possible, hybrid (50% home working after probation). Strong benefits: Competitive pension (Social Housing Pension Scheme), occupational sick pay, BHSF health membership, enhanced parental leave, training/development opportunities, on-site gyms. Progression: Clear opportunities for advancement (including into higher management over 5-10 years) in a pro-promotion culture. Purpose: Contribute to a respected organisation tackling housing challenges, building sustainable communities, and innovating digitally. If you're a hands-on leader with a track record in cybersecurity governance, compliance, and team management, and you're ready to lead in a supportive, outcome-focused environment, we'd love to hear from you.
Cookie Notice Chief Information Security Officer Title: Chief Information Security Officer Company: Ipsen Pharma (SAS) About Ipsen: Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology, Rare Disease and Neuroscience. Supported by nearly 100 years of development experience, with global hubs in the U.S., France and the U.K, we tackle areas of high unmet medical need through research and innovation. Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration, excellence and impact. At Ipsen, every individual is empowered to be their true selves, grow and thrive alongside the company's success. Join us on our journey towards sustainable growth, creating real impact on patients and society!For more information, visit us at and follow our latest news on and . Job Description: The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company's physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements. WHAT - Main Responsibilities & Technical Competencies Strategic Leadership Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends. Advise executive leadership and the board on risk posture, threat landscape, and investment priorities. Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence. Establish KPIs and performance metrics to measure and improve security effectiveness. Cybersecurity & IT Security Oversee the design and implementation of cybersecurity architecture and controls. Ensure protection of IT infrastructure, cloud environments, and sensitive data. Lead incident response, threat intelligence, and vulnerability management programs. Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Governance, Risk & Compliance Develop and enforce enterprise-wide security policies and procedures. In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP). Conduct risk assessments, internal audits, and third-party security evaluations. Report regularly to senior leadership on risk mitigation and compliance status. Investigations & Incident Management Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations. Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination. Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions. Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards. Fraud Management Develop and implement a fraud prevention and detection framework across the organization. Lead investigations into suspected fraud, misconduct, and financial irregularities. Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases. Maintain a whistleblower program and ensure confidentiality and integrity in handling reports. Monitor fraud trends and proactively adjust controls and training programs. Team Management & Development Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management). Define roles, responsibilities, and career development paths for team members. Foster a culture of accountability, agility, and continuous learning. Manage vendor relationships and external consultants as needed. Physical & Operational Security Oversee facility security, access control, and surveillance systems. Coordinate with facilities and operations on emergency preparedness and response. Develop and test business continuity and disaster recovery plans. Stakeholder Engagement Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs. Lead security awareness and training programs across the organization. Represent the company in external forums, industry groups, and regulatory engagements. HOW - Knowledge & Experience Skills: Technical depth in cybersecurity and investigations Leadership and team development Fraud detection and prevention expertise Regulatory and compliance acumen Communication and stakeholder management Crisis and incident responseKnowledge & Experience: 15+ years of experience in security leadership, preferably in pharma or life sciences. Proven track record in strategic planning, investigations, fraud management, and team leadership. Certifications such as CISSP, CISM, CISA, CRISC, or CFE (Certified Fraud Examiner) are highly desirable. Strong understanding of regulatory environments and risk management frameworks.Education / Certifications : Bachelor's or Master's degree in Information Security, Computer Science, or related field.Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.Nous nous engageons à créer un lieu de travail où chacun se sent écouté, valorisé et soutenu, où nous incarnons " The Real Us ". La valeur que nous accordons aux différentes perspectives et expériences motive notre engagement en faveur de l'inclusion et de l'égalité des chances. Lorsque nous intégrons des modes de pensée diversifiés, nous prenons des décisions plus réfléchies et découvrons des solutions plus innovantes. Ensemble, nous nous efforçons de mieux comprendre les communautés que nous servons. Cela signifie que nous voulons également vous aider à donner le meilleur de vous-même lorsque vous postulez à un poste chez nous. Si vous avez besoin d'aménagements ou d'aide pendant le processus de candidature, veuillez en informer l'équipe de recrutement. Ces informations seront traitées avec soin et n'auront aucune incidence sur le résultat de votre candidature. Soyons nous-même Get In TouchIntroduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match.
Mar 01, 2026
Full time
Cookie Notice Chief Information Security Officer Title: Chief Information Security Officer Company: Ipsen Pharma (SAS) About Ipsen: Ipsen is a mid-sized global biopharmaceutical company with a focus on transformative medicines in three therapeutic areas: Oncology, Rare Disease and Neuroscience. Supported by nearly 100 years of development experience, with global hubs in the U.S., France and the U.K, we tackle areas of high unmet medical need through research and innovation. Our passionate teams in more than 40 countries are focused on what matters and endeavor every day to bring medicines to patients in 88 countries. We build a workplace that champions human-centric leadership and fosters a culture of collaboration, excellence and impact. At Ipsen, every individual is empowered to be their true selves, grow and thrive alongside the company's success. Join us on our journey towards sustainable growth, creating real impact on patients and society!For more information, visit us at and follow our latest news on and . Job Description: The Chief Information Security Officer (CISO) is a strategic executive responsible for protecting the company's physical, digital, and intellectual assets. In a pharmaceutical context, this includes safeguarding sensitive R&D data, clinical trial information, patient privacy, and proprietary technologies. The CISO leads the development and execution of a comprehensive security strategy encompassing cybersecurity, regulatory compliance, physical security, and internal investigations. This role includes building and managing a multidisciplinary security and investigations team, ensuring alignment with business goals and regulatory requirements. WHAT - Main Responsibilities & Technical Competencies Strategic Leadership Develop and execute a forward-looking security strategy aligned with corporate objectives and industry trends. Advise executive leadership and the board on risk posture, threat landscape, and investment priorities. Lead cross-functional initiatives to embed security into digital transformation, innovation, and operational excellence. Establish KPIs and performance metrics to measure and improve security effectiveness. Cybersecurity & IT Security Oversee the design and implementation of cybersecurity architecture and controls. Ensure protection of IT infrastructure, cloud environments, and sensitive data. Lead incident response, threat intelligence, and vulnerability management programs. Maintain compliance with global standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Governance, Risk & Compliance Develop and enforce enterprise-wide security policies and procedures. In alignment with the business ethics team, ensure compliance with pharmaceutical regulations (e.g., FDA, EMA, GxP). Conduct risk assessments, internal audits, and third-party security evaluations. Report regularly to senior leadership on risk mitigation and compliance status. Investigations & Incident Management Establish and lead an internal investigations function to address security breaches, misconduct, and regulatory violations. Build and manage a team of investigators and analysts with expertise in digital forensics, compliance, and legal coordination. Collaborate with HR, Legal, and external agencies on sensitive investigations and disciplinary actions. Ensure thorough documentation, reporting, and resolution of incidents in line with legal and regulatory standards. Fraud Management Develop and implement a fraud prevention and detection framework across the organization. Lead investigations into suspected fraud, misconduct, and financial irregularities. Collaborate with Finance, Legal, and Compliance to ensure timely resolution and reporting of fraud cases. Maintain a whistleblower program and ensure confidentiality and integrity in handling reports. Monitor fraud trends and proactively adjust controls and training programs. Team Management & Development Build and lead a multidisciplinary security team (cybersecurity, physical security, investigations, risk management). Define roles, responsibilities, and career development paths for team members. Foster a culture of accountability, agility, and continuous learning. Manage vendor relationships and external consultants as needed. Physical & Operational Security Oversee facility security, access control, and surveillance systems. Coordinate with facilities and operations on emergency preparedness and response. Develop and test business continuity and disaster recovery plans. Stakeholder Engagement Partner with various functions & business leaders including Legal, Regulatory Affairs, R&D, and Medical Affairs to align security with business needs. Lead security awareness and training programs across the organization. Represent the company in external forums, industry groups, and regulatory engagements. HOW - Knowledge & Experience Skills: Technical depth in cybersecurity and investigations Leadership and team development Fraud detection and prevention expertise Regulatory and compliance acumen Communication and stakeholder management Crisis and incident responseKnowledge & Experience: 15+ years of experience in security leadership, preferably in pharma or life sciences. Proven track record in strategic planning, investigations, fraud management, and team leadership. Certifications such as CISSP, CISM, CISA, CRISC, or CFE (Certified Fraud Examiner) are highly desirable. Strong understanding of regulatory environments and risk management frameworks.Education / Certifications : Bachelor's or Master's degree in Information Security, Computer Science, or related field.Language(s) : Fluency in English. Knowledge of European language is a plus for global roles.Nous nous engageons à créer un lieu de travail où chacun se sent écouté, valorisé et soutenu, où nous incarnons " The Real Us ". La valeur que nous accordons aux différentes perspectives et expériences motive notre engagement en faveur de l'inclusion et de l'égalité des chances. Lorsque nous intégrons des modes de pensée diversifiés, nous prenons des décisions plus réfléchies et découvrons des solutions plus innovantes. Ensemble, nous nous efforçons de mieux comprendre les communautés que nous servons. Cela signifie que nous voulons également vous aider à donner le meilleur de vous-même lorsque vous postulez à un poste chez nous. Si vous avez besoin d'aménagements ou d'aide pendant le processus de candidature, veuillez en informer l'équipe de recrutement. Ces informations seront traitées avec soin et n'auront aucune incidence sur le résultat de votre candidature. Soyons nous-même Get In TouchIntroduce yourself to our recruiters and we'll get in touch if there's a role that seems like a good match.
Introduction Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 600 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. What you will be part of: Explore a wealth of possibilities. Take on challenges, create smart inventions, and grow beyond. This is a place for curious minds, brave pioneers, and everyone in between. Together, we achieve the extraordinary, each bringing our unique perspectives. Your part matters. Saab is a leading defence and security company with an enduring mission, to help nations keep their people and society safe. Empowered by its 26,000 talented people, Saab constantly pushes the boundaries of technology to create a safer and more sustainable world. Saab designs, manufactures and maintains advanced systems in aeronautics, weapons, command and control, sensors and underwater systems. Saab is headquartered in Sweden. It has major operations all over the world and is part of the domestic defence capability of several nations. The Role: This is an initial 6 month contract role within our UK IT Business Unit. The IT Solution Architect will be responsible for designing and implementing technology solutions that align with business objectives and technical requirements. This role bridges the gap between business needs and IT capabilities, ensuring that solutions are scalable, secure, and cost-effective. The Solution Architect works closely with stakeholders, developers, and project managers to deliver robust architectures that support organisational goals. Key Responsibilities: Solution Design & Architecture to a high standard. Develop high-level and detailed solution architectures for IT systems and applications. Ensure solutions comply with enterprise architecture standards, security policies, and regulatory requirements. Create architectural diagrams, models, and documentation for proposed solutions. Stakeholder Engagement Collaborate with business analysts, project managers, and technical teams to understand requirements. Present architectural solutions to stakeholders and obtain buy-in. Technology Evaluation Assess emerging technologies and recommend adoption where appropriate. Conduct feasibility studies and cost-benefit analyses for proposed solutions. Governance & Standards Define and enforce architectural principles, guidelines, and best practices. Ensure consistency and integration across systems and platforms. Implementation Support Provide technical leadership during solution implementation. Troubleshoot architectural issues and guide development teams. Perform Risk Management. Identify potential risks in solution design and propose mitigation strategies. Ensure compliance with data protection and cybersecurity standards. Qualifications and Skills: Bachelor's degree in Computer Science, Information Technology, or related field. 7+ years in IT roles, with at least 3 years in solution architecture. Experience in large-scale system design and implementation. Certifications (Preferred). TOGAF, AWS/Azure Solution Architect, ITIL. Knowledge of enterprise architecture frameworks (e.g., TOGAF, Zachman). Proficiency in cloud platforms (AWS, Azure, GCP) and hybrid architectures. Experience with APIs, microservices, and integration patterns. Understanding of networking, security, and infrastructure principles. Analytical & Problem-Solving. Ability to translate business requirements into technical solutions. Strong analytical skills for evaluating complex systems. Communication & Leadership. Excellent verbal and written communication skills. Ability to influence and negotiate with stakeholders at all levels. Self-motivated, resilient and able to work under pressure. Excellent communication and presentation skills. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.
Feb 27, 2026
Contractor
Introduction Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 600 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. What you will be part of: Explore a wealth of possibilities. Take on challenges, create smart inventions, and grow beyond. This is a place for curious minds, brave pioneers, and everyone in between. Together, we achieve the extraordinary, each bringing our unique perspectives. Your part matters. Saab is a leading defence and security company with an enduring mission, to help nations keep their people and society safe. Empowered by its 26,000 talented people, Saab constantly pushes the boundaries of technology to create a safer and more sustainable world. Saab designs, manufactures and maintains advanced systems in aeronautics, weapons, command and control, sensors and underwater systems. Saab is headquartered in Sweden. It has major operations all over the world and is part of the domestic defence capability of several nations. The Role: This is an initial 6 month contract role within our UK IT Business Unit. The IT Solution Architect will be responsible for designing and implementing technology solutions that align with business objectives and technical requirements. This role bridges the gap between business needs and IT capabilities, ensuring that solutions are scalable, secure, and cost-effective. The Solution Architect works closely with stakeholders, developers, and project managers to deliver robust architectures that support organisational goals. Key Responsibilities: Solution Design & Architecture to a high standard. Develop high-level and detailed solution architectures for IT systems and applications. Ensure solutions comply with enterprise architecture standards, security policies, and regulatory requirements. Create architectural diagrams, models, and documentation for proposed solutions. Stakeholder Engagement Collaborate with business analysts, project managers, and technical teams to understand requirements. Present architectural solutions to stakeholders and obtain buy-in. Technology Evaluation Assess emerging technologies and recommend adoption where appropriate. Conduct feasibility studies and cost-benefit analyses for proposed solutions. Governance & Standards Define and enforce architectural principles, guidelines, and best practices. Ensure consistency and integration across systems and platforms. Implementation Support Provide technical leadership during solution implementation. Troubleshoot architectural issues and guide development teams. Perform Risk Management. Identify potential risks in solution design and propose mitigation strategies. Ensure compliance with data protection and cybersecurity standards. Qualifications and Skills: Bachelor's degree in Computer Science, Information Technology, or related field. 7+ years in IT roles, with at least 3 years in solution architecture. Experience in large-scale system design and implementation. Certifications (Preferred). TOGAF, AWS/Azure Solution Architect, ITIL. Knowledge of enterprise architecture frameworks (e.g., TOGAF, Zachman). Proficiency in cloud platforms (AWS, Azure, GCP) and hybrid architectures. Experience with APIs, microservices, and integration patterns. Understanding of networking, security, and infrastructure principles. Analytical & Problem-Solving. Ability to translate business requirements into technical solutions. Strong analytical skills for evaluating complex systems. Communication & Leadership. Excellent verbal and written communication skills. Ability to influence and negotiate with stakeholders at all levels. Self-motivated, resilient and able to work under pressure. Excellent communication and presentation skills. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.
Network Security Analyst Wigton, Cumbria Up to 35,500 per year Adecco Workington are delighted to be recruiting for our fantastic client, a well established international manufacturing organisation, to join their IT team as a Network Security Analyst. The role will involve: Monitoring network and user activity and managing security incidents Supporting security impact assessments and change management Maintaining IT controls and supporting audit activity Ensuring compliance with global cybersecurity standards Contributing to security policies and governance frameworks We are looking for: Experience in IT operations with exposure to cybersecurity or governance Knowledge of ISO 27001, GDPR and risk management frameworks Familiarity with vulnerability management, SIEM or EDR tools Strong understanding of Windows Server, Active Directory and Microsoft 365 security Strong analytical and communication skills What is on offer: Salary up to 35,500 depending on experience Performance related pay and annual bonus 25 days holiday plus bank holidays Flexible working options Competitive pension and healthcare benefits This is an excellent opportunity to develop your career within a global organisation committed to security and continuous improvement. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.
Feb 27, 2026
Full time
Network Security Analyst Wigton, Cumbria Up to 35,500 per year Adecco Workington are delighted to be recruiting for our fantastic client, a well established international manufacturing organisation, to join their IT team as a Network Security Analyst. The role will involve: Monitoring network and user activity and managing security incidents Supporting security impact assessments and change management Maintaining IT controls and supporting audit activity Ensuring compliance with global cybersecurity standards Contributing to security policies and governance frameworks We are looking for: Experience in IT operations with exposure to cybersecurity or governance Knowledge of ISO 27001, GDPR and risk management frameworks Familiarity with vulnerability management, SIEM or EDR tools Strong understanding of Windows Server, Active Directory and Microsoft 365 security Strong analytical and communication skills What is on offer: Salary up to 35,500 depending on experience Performance related pay and annual bonus 25 days holiday plus bank holidays Flexible working options Competitive pension and healthcare benefits This is an excellent opportunity to develop your career within a global organisation committed to security and continuous improvement. Adecco acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Adecco Group UK & Ireland is an Equal Opportunities Employer. By applying for this role your details will be submitted to Adecco. Our Candidate Privacy Information Statement explaining how we will use your information is available on our website.
We are looking for a business analyst with strong data analytical skills to work across our programme, with an initial focus on Purview. Experience in data classification and MS Purview product set is desirable. Initial focus - Data Classification and Data Loss Protection Work with key stakeholders across the organisation who are relevant to data classification and data loss prevention (eg Data Protection Team, HR, Legal, Cyber Security, business owners). Take the findings from the business interviews and survey results on data classification and labelling, compile these into a relevant format, and use these to plan and execute the next phases of the workstream. Draft or update business rules for M365 applications (Outlook, Word, Excel, PowerPoint). Plan workshops (including topics, participants, timelines) to get stakeholder input for the business rules to be implemented for data protection and data loss prevention within the M365 environment. Prepare workshop materials for stakeholder input on business rules. Develop a communications plan for the business to adopt the next stage of data loss protection controls and work with relevant internal stakeholders and internal comms team to execute this. Develop a training plan for the business to adopt the next stage of data loss protection controls and work with relevant internal stakeholders and internal training team to execute this. Input into the development of training materials for data governance and data loss protection topics for business users. Assist with general education of business users on data governance, data classification, and data loss protection. Review and update any relevant data governance and data loss protection documentation where required. Principal accountabilities (general BA skill set) Requirements gathering (functional and non-functional) working with our colleagues across the business and IT to ensure we fully document their wants, aligning to project deliverables. Responsible for gathering, compiling, and synthesizing information regarding business processes or systems (As Is) including process and data modelling where appropriate Responsible for articulating technical and non-technical solutions (To Be) Translating technical requirements and information into non-technical and vice versa Responsible for contributing to the selection of appropriate analysis tools and practices to design and describe systems, software, and business processes. Update and maintain documentation of processes and create re-usable and shareable assets and artifacts Assures analysis deliverables are in line with agreed standards Develops functional specifications, produces deliverables related to the project(s) assigned and assists in post implementation support Supports establishment of best practice business analysis. Support the production of project mandates and business cases. GCS is acting as an Employment Business in relation to this vacancy.
Feb 27, 2026
Contractor
We are looking for a business analyst with strong data analytical skills to work across our programme, with an initial focus on Purview. Experience in data classification and MS Purview product set is desirable. Initial focus - Data Classification and Data Loss Protection Work with key stakeholders across the organisation who are relevant to data classification and data loss prevention (eg Data Protection Team, HR, Legal, Cyber Security, business owners). Take the findings from the business interviews and survey results on data classification and labelling, compile these into a relevant format, and use these to plan and execute the next phases of the workstream. Draft or update business rules for M365 applications (Outlook, Word, Excel, PowerPoint). Plan workshops (including topics, participants, timelines) to get stakeholder input for the business rules to be implemented for data protection and data loss prevention within the M365 environment. Prepare workshop materials for stakeholder input on business rules. Develop a communications plan for the business to adopt the next stage of data loss protection controls and work with relevant internal stakeholders and internal comms team to execute this. Develop a training plan for the business to adopt the next stage of data loss protection controls and work with relevant internal stakeholders and internal training team to execute this. Input into the development of training materials for data governance and data loss protection topics for business users. Assist with general education of business users on data governance, data classification, and data loss protection. Review and update any relevant data governance and data loss protection documentation where required. Principal accountabilities (general BA skill set) Requirements gathering (functional and non-functional) working with our colleagues across the business and IT to ensure we fully document their wants, aligning to project deliverables. Responsible for gathering, compiling, and synthesizing information regarding business processes or systems (As Is) including process and data modelling where appropriate Responsible for articulating technical and non-technical solutions (To Be) Translating technical requirements and information into non-technical and vice versa Responsible for contributing to the selection of appropriate analysis tools and practices to design and describe systems, software, and business processes. Update and maintain documentation of processes and create re-usable and shareable assets and artifacts Assures analysis deliverables are in line with agreed standards Develops functional specifications, produces deliverables related to the project(s) assigned and assists in post implementation support Supports establishment of best practice business analysis. Support the production of project mandates and business cases. GCS is acting as an Employment Business in relation to this vacancy.
Information Security Analyst - Staffordshire Cyber Analyst to join the Information Security Team. Someone who can take those outputs from projects / tools and drive improvements. Looking for an experienced, proactive Security Analyst to ensure the correct level of security integrity to protect systems, information, personal data and people from cyber-attacks and unauthorised access. Working with other departments to ensure security systems are secure, fit for purpose and protected to an optimal level. You will be responsible for driving the security scrutiny, culture, awareness, and adoption across the business. Security Toolsets and a Technical Mindset, you re not expected or required to be an expert in all areas but expected to have a solid understanding and grounding in security principals to adapt to the varied requirements Experienced in a wide variety of security software, systems, services and toolsets such as E-mail Security, EDR, NAC, IT/OT Segmentation, 365 etc along with an understanding of malware prevention, emerging threats, attacks and vulnerability management Understanding of Information Security best practice for elements including workstations, servers, cloud, networking, architecture, common protocols, and application security Can confidently perform security audits, both internal and external (e.g., third party and supplier assurance) and ensure recommendations are followed for continuous improvement Strong Incident Response Management skills including threat and vulnerability analysis Understanding of security frameworks such as NIST, and Cyber Essentials As the analyst you will work with the security manager and engineer the day-to-day running and monitoring of Information Security systems. Analyse and interpret outputs to identify security weaknesses and recommend continuous improvements and be involved in - Respond to Security Incidents, reports and alerts ensuring prompt containment and recovery. Plan and oversee regular security penetration testing against new and existing services to identify weaknesses and formulate plans and processes to minimise current and future risk Conduct regular security risk reviews and manage security remediation activity, internally on new IT/Business projects and with third parties This is working for an excellent client who offer progression and development. This is an office-based role in Staffordshire and you will join a small, dedicated security team.
Feb 27, 2026
Full time
Information Security Analyst - Staffordshire Cyber Analyst to join the Information Security Team. Someone who can take those outputs from projects / tools and drive improvements. Looking for an experienced, proactive Security Analyst to ensure the correct level of security integrity to protect systems, information, personal data and people from cyber-attacks and unauthorised access. Working with other departments to ensure security systems are secure, fit for purpose and protected to an optimal level. You will be responsible for driving the security scrutiny, culture, awareness, and adoption across the business. Security Toolsets and a Technical Mindset, you re not expected or required to be an expert in all areas but expected to have a solid understanding and grounding in security principals to adapt to the varied requirements Experienced in a wide variety of security software, systems, services and toolsets such as E-mail Security, EDR, NAC, IT/OT Segmentation, 365 etc along with an understanding of malware prevention, emerging threats, attacks and vulnerability management Understanding of Information Security best practice for elements including workstations, servers, cloud, networking, architecture, common protocols, and application security Can confidently perform security audits, both internal and external (e.g., third party and supplier assurance) and ensure recommendations are followed for continuous improvement Strong Incident Response Management skills including threat and vulnerability analysis Understanding of security frameworks such as NIST, and Cyber Essentials As the analyst you will work with the security manager and engineer the day-to-day running and monitoring of Information Security systems. Analyse and interpret outputs to identify security weaknesses and recommend continuous improvements and be involved in - Respond to Security Incidents, reports and alerts ensuring prompt containment and recovery. Plan and oversee regular security penetration testing against new and existing services to identify weaknesses and formulate plans and processes to minimise current and future risk Conduct regular security risk reviews and manage security remediation activity, internally on new IT/Business projects and with third parties This is working for an excellent client who offer progression and development. This is an office-based role in Staffordshire and you will join a small, dedicated security team.
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
Feb 24, 2026
Contractor
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
Innovation is in our DNA - we thrive on pushing boundaries and adapting to new challenges with a flexible approach. Proud to be a global leader, our fast-paced growth provides exciting opportunities for our team and the community. Committed to maintaining trains and trams, our mission is to enhance vehicle safety and reliability. Our ultimate goal is to deliver a comfortable, dependable, and sustainable commuting experience for all passengers. Based out of multiple locations across the UK, our 24/7 operation means we're always on hand to deliver reliable technical support. Utilising the latest digital technology, we strive to enhance dependability, helping people to get to where they need to be! We wouldn't be where we are without our people. Working together as a team, we strive to achieve great things while supporting each other to thrive along the way. We're going places, so apply today and become part of our exciting journey. What can you expect from CAF Positive Work Environment: You will work in a positive environment, based on mutual respect and team spirit. Professional Development: Our projects are often measured in years, sometimes decades, giving you and the organisation a future. Learning and Autonomy: We will encourage you to work autonomously, being able to propose and decide 'what' and 'how'. Security and Reliability: CAF has been working for over 100 years on a path that stretches into the future, giving you the security you need. Cutting-edge technology: You will work with the latest technologies, facing the challenge of devising innovative approaches and solutions every day. What will be your role in the company? In this pivotal leadership role, you will define, lead, and deliver the digital transformation strategy for CAF's UK business. You'll oversee our IT department, digital services function, and the security of all on train IT systems. Acting as the senior advocate for digital innovation, you will collaborate closely with colleagues across the UK and in our Spanish headquarters to influence group wide digital direction. You'll provide strategic leadership across cyber security, data protection, and ISO 27001 compliance, ensuring our digital platforms, systems, and customer facing technologies are secure, reliable, and fully aligned with UK regulatory requirements. As the principal technical contact for Train Operating Companies, you will drive excellence in on train software, digital services, and operational performance. What will make you successful in this position? Academic & Professional Qualifications: • Bachelor's degree in a relevant discipline (e.g. Information Technology/Systems, Cyber Security, Software/Data/Electrical Engineering). • Ideally holds one or more relevant certifications related to ISO 27001, cyber security, or on train IT security such as: • CISSP - Certified Information Systems Security Professional • CISM - Certified Information Security Manager • ISO 27001 Lead Implementer or Lead Auditor • CompTIA Security+ or Cybersecurity Analyst (CySA+) • Proven experience leading IT, digital, cyber security, or transformation functions in a complex, regulated, or technical environment. • Strong understanding of cybersecurity frameworks and hands on experience maintaining ISO 27001 accreditation. • Experience working with operational technology (OT) or transport related digital systems. • Ability to translate strategic objectives into practical implementation plans with measurable outcomes. • Excellent stakeholder management skills, including influencing at executive and international levels. • Demonstrated ability to lead multidisciplinary teams and drive organisational change. • Experience within rail, transport, or manufacturing sectors. • Understanding of UK rail regulatory frameworks and standards for on train systems. ABOUT WHAT WE OFFER A Real Living Wage employer and proud signatory of the Armed Forces Covenant, RSSB Mental Health Charter and Women in Rail EDI Charter, we've a lot to shout about at CAF. Creating a culture of inclusivity and belonging is really important to us and we're proud to offer our people a range of benefits to support wellbeing including 25 days annual leave, an excellent workplace pension scheme (with up to 10% contribution from us), not forgetting to mention our generous health care cash plan and Bike2Work scheme just to name a few! Looking for career development? Our Professional Sponsorship scheme will help you to achieve your goals while our Flexible Working policy and Family Friendly culture mean everyone is supported to thrive at CAF. As a socially responsible business, we offer paid volunteering days and promote a variety of social value initiatives, including tree-planting, company-wide donation drives, and providing support to the homeless community and refugees. We're creating waves of positive change through delivering meaningful social value impact on and off the tracks!
Feb 17, 2026
Full time
Innovation is in our DNA - we thrive on pushing boundaries and adapting to new challenges with a flexible approach. Proud to be a global leader, our fast-paced growth provides exciting opportunities for our team and the community. Committed to maintaining trains and trams, our mission is to enhance vehicle safety and reliability. Our ultimate goal is to deliver a comfortable, dependable, and sustainable commuting experience for all passengers. Based out of multiple locations across the UK, our 24/7 operation means we're always on hand to deliver reliable technical support. Utilising the latest digital technology, we strive to enhance dependability, helping people to get to where they need to be! We wouldn't be where we are without our people. Working together as a team, we strive to achieve great things while supporting each other to thrive along the way. We're going places, so apply today and become part of our exciting journey. What can you expect from CAF Positive Work Environment: You will work in a positive environment, based on mutual respect and team spirit. Professional Development: Our projects are often measured in years, sometimes decades, giving you and the organisation a future. Learning and Autonomy: We will encourage you to work autonomously, being able to propose and decide 'what' and 'how'. Security and Reliability: CAF has been working for over 100 years on a path that stretches into the future, giving you the security you need. Cutting-edge technology: You will work with the latest technologies, facing the challenge of devising innovative approaches and solutions every day. What will be your role in the company? In this pivotal leadership role, you will define, lead, and deliver the digital transformation strategy for CAF's UK business. You'll oversee our IT department, digital services function, and the security of all on train IT systems. Acting as the senior advocate for digital innovation, you will collaborate closely with colleagues across the UK and in our Spanish headquarters to influence group wide digital direction. You'll provide strategic leadership across cyber security, data protection, and ISO 27001 compliance, ensuring our digital platforms, systems, and customer facing technologies are secure, reliable, and fully aligned with UK regulatory requirements. As the principal technical contact for Train Operating Companies, you will drive excellence in on train software, digital services, and operational performance. What will make you successful in this position? Academic & Professional Qualifications: • Bachelor's degree in a relevant discipline (e.g. Information Technology/Systems, Cyber Security, Software/Data/Electrical Engineering). • Ideally holds one or more relevant certifications related to ISO 27001, cyber security, or on train IT security such as: • CISSP - Certified Information Systems Security Professional • CISM - Certified Information Security Manager • ISO 27001 Lead Implementer or Lead Auditor • CompTIA Security+ or Cybersecurity Analyst (CySA+) • Proven experience leading IT, digital, cyber security, or transformation functions in a complex, regulated, or technical environment. • Strong understanding of cybersecurity frameworks and hands on experience maintaining ISO 27001 accreditation. • Experience working with operational technology (OT) or transport related digital systems. • Ability to translate strategic objectives into practical implementation plans with measurable outcomes. • Excellent stakeholder management skills, including influencing at executive and international levels. • Demonstrated ability to lead multidisciplinary teams and drive organisational change. • Experience within rail, transport, or manufacturing sectors. • Understanding of UK rail regulatory frameworks and standards for on train systems. ABOUT WHAT WE OFFER A Real Living Wage employer and proud signatory of the Armed Forces Covenant, RSSB Mental Health Charter and Women in Rail EDI Charter, we've a lot to shout about at CAF. Creating a culture of inclusivity and belonging is really important to us and we're proud to offer our people a range of benefits to support wellbeing including 25 days annual leave, an excellent workplace pension scheme (with up to 10% contribution from us), not forgetting to mention our generous health care cash plan and Bike2Work scheme just to name a few! Looking for career development? Our Professional Sponsorship scheme will help you to achieve your goals while our Flexible Working policy and Family Friendly culture mean everyone is supported to thrive at CAF. As a socially responsible business, we offer paid volunteering days and promote a variety of social value initiatives, including tree-planting, company-wide donation drives, and providing support to the homeless community and refugees. We're creating waves of positive change through delivering meaningful social value impact on and off the tracks!
Choose a partner with intimate knowledge of your industry and first-hand experience of defining its future.Select your locationSelect your locationIndustriesChoose a partner with intimate knowledge of your industry and first-hand experience of defining its future.London, Manchester, Glasgow, Newcastle# Service Designer (SC Eligible) - Consultant/Senior Consultant - Digital Excellence# Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. YOUR ROLE You will champion inclusive design practices throughout our project lifecycles, ensuring solutions are accessible to as many users as possible. This includes engaging with diverse user research, applying accessibility guidelines and legislation, and advocating for inclusive design principles in your deliverables.Working at Capgemini Invent would give you opportunities to develop and grow, working with major clients in both public and private sector. Our offices are in a variety of locations including London, Manchester and Glasgow. We offer hybrid working, however depending on your project you may have to travel to client locations. As a Service Designer you will: Maximise the value we deliver for our clients right from the inception to real life application of Service Design. Support our clients through the end-to-end service design process to design and develop innovative products and services. This process will be all the way from ideation and inception through to solution build and testing. Champion user-centricity - with a set of tools and methods you can draw upon to embed design thinking / user-centricity Work on new ideas and work alongside solution team to design and develop innovative products and services Use current and emerging trends to identify and lead improvements to existing services as well as introduce innovative and industry first service experiences influencing service managers, user researchers, UI/UX designers and programme directors to understand the value as a result of user focused transformation As part of your role you will also have the opportunity to contribute to the business and your own personal growth, through activities that form part of the following categories: Business Development - Leading/contributing to proposals, RFPs, bids, proposition development, client pitch contribution, client hosting at events. Internal contribution - Campaign development, internal think-tanks, whitepapers, practice development (operations, recruitment, team events & activities), offering development. Learning & development - Training to support your career development and the skills demand within the company, certifications etc. YOUR PROFILE You will bring below skills and experience: Proven experience working across a service design process, autonomously with minimal support Experience working with Government Digital Service ( GDS ) service standards, applying GDS design principles Ability to create service design artefacts and outputs , such as current and future-state user journeys, personas, service concepts, service blueprints and other artefacts Ability to identify potential accessibility barriers for complex user groups Client readiness', with experience facilitating workshops, design sprints, ideation sessions or similar Ability to visualise complex services in an easy-to-understand format for varying audiences Ability to adopt a curious and inquisitive mindset - with a passion for asking 'why' Ability to critically break down complex problems in a fast-paced environment, with a knack for storytelling Strong understanding and experience of working in an agile (scrum) environment in a cross-functional team including but not limited to user researchers, UX/UI designers, business analysts, product owners, delivery managers and developers Ability to manage competing priorities in a tight timeframe with a proactive mindset Strong stakeholder management skills, with the ability to balance competing views as part of the design process Aptitude for being an advocate for user-centricity , with the ability to develop and translate user stories and propose design approaches or services to meet these needs and engage in meaningful interactions and relationships with users SC (Security Check) Clearance or being eligible for this level of clearance (by being a UK resident for at least 5 years and not having left the country for more than 28 consecutive days during this period) You'll gain exposure to high-profile transformations and gain hands-on exposure to leading technologies. Our consultants are formally trained by industry experts in consulting and client delivery. Consultants have access to a vast array for different training and certifications in a variety of areas: cloud technologies (AWS, Azure, GCP), programming (Java, Kotlin, NodeJS, Spring Boot), DevOps (Terraform, Kubernetes, Docker), Cybersecurity (CISSP, CISM) and Agile delivery (Scrum Master, Product Owner, Scaled Agile Framework). Capgemini Invent offers you the flexibility to develop various areas of knowledge in technical domains aligned both to your interests and our client's outcomes. Les Fontaines : Capgemini Invent has a unique training environment just outside of Paris, where we can immerse ourselves in thought-leadership, share knowledge and build capabilities that will help us and our clients to succeed. We hold monthly showcases of our digital transformation initiatives, sharing knowledge and showing off how the power of technology is impacting our clients. There are monthly team drinks, and it's a chance to connect face-to-face with the wider team over a few drinks in the city. The monthly team breakfasts give you a different, more relaxed setting to meet up in the office to hear from the leadership, meet colleagues and discuss the trends and insights within the market. Team away days are always a chance to connect with the team, have fun and learn something new.Whilst you will have London , Manchester or Glasgow as an office base location, you must be fully flexible in terms of assignment location, as these roles may involve periods of time away from home at short notice. We offer a remuneration package which includes flexible benefits options for you to choose to suit your own personal circumstances and a variable element dependent grade and on company and personal performance. In order to commence a role with Capgemini UK plc you will be required to provide documentary proof prior to joining the Company that you are entitled to live and work in the UK. More information is at available at: levelExperienced ProfessionalsLocationLondon, Manchester, Glasgow, Newcastle
Feb 17, 2026
Full time
Choose a partner with intimate knowledge of your industry and first-hand experience of defining its future.Select your locationSelect your locationIndustriesChoose a partner with intimate knowledge of your industry and first-hand experience of defining its future.London, Manchester, Glasgow, Newcastle# Service Designer (SC Eligible) - Consultant/Senior Consultant - Digital Excellence# Capgemini Invent, we believe difference drives change. As inventive transformation consultants, we blend our strategic, creative and scientific capabilities, collaborating closely with clients to deliver cutting-edge solutions. Join us to drive transformation tailored to our client's challenges of today and tomorrow. Informed and validated by science and data. Superpowered by creativity and design. All underpinned by technology created with purpose. YOUR ROLE You will champion inclusive design practices throughout our project lifecycles, ensuring solutions are accessible to as many users as possible. This includes engaging with diverse user research, applying accessibility guidelines and legislation, and advocating for inclusive design principles in your deliverables.Working at Capgemini Invent would give you opportunities to develop and grow, working with major clients in both public and private sector. Our offices are in a variety of locations including London, Manchester and Glasgow. We offer hybrid working, however depending on your project you may have to travel to client locations. As a Service Designer you will: Maximise the value we deliver for our clients right from the inception to real life application of Service Design. Support our clients through the end-to-end service design process to design and develop innovative products and services. This process will be all the way from ideation and inception through to solution build and testing. Champion user-centricity - with a set of tools and methods you can draw upon to embed design thinking / user-centricity Work on new ideas and work alongside solution team to design and develop innovative products and services Use current and emerging trends to identify and lead improvements to existing services as well as introduce innovative and industry first service experiences influencing service managers, user researchers, UI/UX designers and programme directors to understand the value as a result of user focused transformation As part of your role you will also have the opportunity to contribute to the business and your own personal growth, through activities that form part of the following categories: Business Development - Leading/contributing to proposals, RFPs, bids, proposition development, client pitch contribution, client hosting at events. Internal contribution - Campaign development, internal think-tanks, whitepapers, practice development (operations, recruitment, team events & activities), offering development. Learning & development - Training to support your career development and the skills demand within the company, certifications etc. YOUR PROFILE You will bring below skills and experience: Proven experience working across a service design process, autonomously with minimal support Experience working with Government Digital Service ( GDS ) service standards, applying GDS design principles Ability to create service design artefacts and outputs , such as current and future-state user journeys, personas, service concepts, service blueprints and other artefacts Ability to identify potential accessibility barriers for complex user groups Client readiness', with experience facilitating workshops, design sprints, ideation sessions or similar Ability to visualise complex services in an easy-to-understand format for varying audiences Ability to adopt a curious and inquisitive mindset - with a passion for asking 'why' Ability to critically break down complex problems in a fast-paced environment, with a knack for storytelling Strong understanding and experience of working in an agile (scrum) environment in a cross-functional team including but not limited to user researchers, UX/UI designers, business analysts, product owners, delivery managers and developers Ability to manage competing priorities in a tight timeframe with a proactive mindset Strong stakeholder management skills, with the ability to balance competing views as part of the design process Aptitude for being an advocate for user-centricity , with the ability to develop and translate user stories and propose design approaches or services to meet these needs and engage in meaningful interactions and relationships with users SC (Security Check) Clearance or being eligible for this level of clearance (by being a UK resident for at least 5 years and not having left the country for more than 28 consecutive days during this period) You'll gain exposure to high-profile transformations and gain hands-on exposure to leading technologies. Our consultants are formally trained by industry experts in consulting and client delivery. Consultants have access to a vast array for different training and certifications in a variety of areas: cloud technologies (AWS, Azure, GCP), programming (Java, Kotlin, NodeJS, Spring Boot), DevOps (Terraform, Kubernetes, Docker), Cybersecurity (CISSP, CISM) and Agile delivery (Scrum Master, Product Owner, Scaled Agile Framework). Capgemini Invent offers you the flexibility to develop various areas of knowledge in technical domains aligned both to your interests and our client's outcomes. Les Fontaines : Capgemini Invent has a unique training environment just outside of Paris, where we can immerse ourselves in thought-leadership, share knowledge and build capabilities that will help us and our clients to succeed. We hold monthly showcases of our digital transformation initiatives, sharing knowledge and showing off how the power of technology is impacting our clients. There are monthly team drinks, and it's a chance to connect face-to-face with the wider team over a few drinks in the city. The monthly team breakfasts give you a different, more relaxed setting to meet up in the office to hear from the leadership, meet colleagues and discuss the trends and insights within the market. Team away days are always a chance to connect with the team, have fun and learn something new.Whilst you will have London , Manchester or Glasgow as an office base location, you must be fully flexible in terms of assignment location, as these roles may involve periods of time away from home at short notice. We offer a remuneration package which includes flexible benefits options for you to choose to suit your own personal circumstances and a variable element dependent grade and on company and personal performance. In order to commence a role with Capgemini UK plc you will be required to provide documentary proof prior to joining the Company that you are entitled to live and work in the UK. More information is at available at: levelExperienced ProfessionalsLocationLondon, Manchester, Glasgow, Newcastle
Type: PermanentLocation: Hybrid Overview: We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others. Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of 3 years experience. Skills Required: Proven experience in information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. What We Offer: Competitive salary and benefits package Flexible hybrid working model Opportunities for professional development, certification & scope to grow. Collaborative and inclusive work environment If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Nov 03, 2025
Full time
Type: PermanentLocation: Hybrid Overview: We are looking for a detail-oriented and proactive Information Security Compliance Analyst to join our team on a permanent basis. This role is pivotal in supporting the development and continuous improvement of our global information security compliance program.You will be responsible for ensuring that all corporate and subsidiary operations comply with internal security policies, regulatory requirements, and internationally recognised frameworks such as ISO27001, NIST, SOX, GDPR, CMMC, amongst others. Key Responsibilities: Support the execution and enhancement of the global information security compliance program. Conduct internal audits, third-party risk assessments, and due diligence reviews. Ensure alignment with regulatory and industry standards including ISO27001, NIST, SOX, GDPR, SOC 2, HIPAA, CCPA, LGPD. Collaborate with cross-functional teams across multiple jurisdictions to drive compliance initiatives. Identify gaps in security controls and recommend corrective actions. Maintain and update security policies, procedures, and documentation. Monitor changes in global regulations and assess their impact on business operations. Minimum of 3 years experience. Skills Required: Proven experience in information security compliance, risk management, and audit. Strong understanding of international regulatory frameworks and standards. Hands-on experience with: ISO27001 audits and implementation GDPR compliance NIST cybersecurity framework SOX, SOC 2, HIPAA, CCPA, LGPD Ability to interpret complex regulatory requirements and translate them into actionable controls. Excellent communication and stakeholder engagement skills. Strong analytical and problem-solving capabilities. What We Offer: Competitive salary and benefits package Flexible hybrid working model Opportunities for professional development, certification & scope to grow. Collaborative and inclusive work environment If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
