YTL UK
Bath, Somerset
In this new and exciting role, reporting to the Cyber Security Engineering Team Leader, you will implement, configure, and maintain security controls across the YTL UK Group's on-premises and cloud technology environments. The role supports the delivery of a secure baseline through recognised security engineering practices, contributing to secure build processes and optimisation activities. You will need strong technical capability in Microsoft Azure and on-premises Active Directory environments, with the ability to implement and maintain secure configurations in alignment with defined standards and architectural guidance. What you'll do You will: work with project, IT and Security teams to ensure security requirements are embedded within new deployments in accordance with agreed standards implement and maintain system configurations across supported operating systems in alignment with build standards and baselines perform configuration hardening activities and remediation of non compliant systems to support adherence to security standards assist in maintaining visibility of compliance against secure build baselines through validation and reporting activities design, develop and maintain automation scripts and configurations to support security controls, configuration baselines and compliance validation activities implement automation and orchestration capabilities to improve consistency, repeatability and efficiency of security engineering tasks, and contribute to the continual improvement of automated security controls implement and maintain cloud security configurations in alignment with defined baselines and architectural standards, enforcing secure configuration practices across Azure and related platforms collaborate with the IdAM and IT teams to support secure identity configuration within Azure/Entra ID environments conduct cloud security configuration reviews and assessments, identifying misconfigurations and control gaps, and execute remediation activities in coordination with relevant teams review security configurations for on premises virtual machines and hypervisor platforms in alignment with secure build standards, performing configuration reviews to address identified gaps contribute to the continual improvement of on premises security controls by identifying optimisation opportunities and escalating issues where appropriate configure, integrate and maintain enterprise security platforms and tooling, including endpoint protection, SIEM, EDR/XDR, CASB and related monitoring technologies optimise tool configurations, policies and telemetry collection support Security Operations by analysing platform performance, tuning configurations and resolving issues impacting detection capability provide technical input to security architecture and infrastructure teams by identifying practical security enhancements and configuration improvements advise and support secure configuration of technologies, including Active Directory, Azure/Entra ID, PKI, PAM/PIM, authentication services and application platforms support the secure deployment and configuration of new services to ensure alignment with established baselines contribute technical input to asset discovery and inventory tooling to improve visibility across the estate, integrating and configuring security tooling to ensure accurate asset identification and telemetry coverage utilise defined asset management processes to support accurate tracking of systems and security control coverage, identifying visibility gaps and escalating as required provide technical engineering support to Security Operations during incident response activities, including implementing mitigating controls, configuration changes and defensive enhancements be willing to participate in an out of hours technical support rota for high severity incidents, supporting post incident analysis by ensuring relevant configuration and telemetry information is available support threat hunting and detection improvement initiatives by implementing control adjustments, configuration updates or blocking mechanisms in response to IOCs assist with compliance activities and audit requests by providing technical evidence, configuration details and remediation updates collaborate with Security Operations, IdAM, Purple Team and infrastructure colleagues to provide practical guidance on configuration and control implementation contribute engineering insight to projects and operational activities to ensure security requirements are implemented effectively support colleagues in understanding secure configuration standards and applied controls within their respective technology domains. What you'll need We are looking for: demonstrable knowledge of security engineering standards, practices and secure configuration principles solid understanding of core security concepts, including defence in depth, least privilege, segmentation and identity centric security models proven hands on experience deploying, configuring and maintaining enterprise security technologies and platforms experience contributing to IT and cyber security projects involving the implementation of new controls or security enhancements practical understanding of identity and access control principles and their role in maintaining confidentiality, integrity and availability strong written communication skills for producing technical documentation, configuration standards and implementation guidance clear verbal communication skills, able to explain configuration requirements to technical and non technical stakeholders ability to collaborate effectively across infrastructure, cloud and operational teams experience supporting security investigations, including troubleshooting, remediation implementation and control adjustment practical awareness of common cyber threats and experience implementing configuration based mitigations working knowledge of cloud platforms (e.g., Azure) and cloud security principles, including identity, configuration management and monitoring controls hands on experience with Microsoft Windows (desktop and server) environments, with working knowledge of Unix and Linux systems. What you'll receive A combined pension contribution of up to 20%. Career progression and professional development opportunities. 25 days' holiday rising to 28 with length of service. The opportunity to sell up to five days of holiday every year. The opportunity to buy up to ten days of holiday each year (subject to conditions). A healthcare package that allows you to claim back healthcare costs. Life assurance of up to eight times your salary. The opportunity to lease a new electric car through salary sacrifice (subject to conditions). Cashback and discounts from more than 3,000 retailers. One paid volunteering day each year. Enhanced family leave and pay arrangements. Access toan interactive health and wellbeing platform. Support from trainedmental health first aiders. A £1,000 referral fee if you recommend someone who is successfully recruited by us. Who we are YTL UK is part of the international YTL Group based in Kuala Lumpur. The UK companies include: Wessex Water - one of the top-performing water and sewerage companies in England and Wales, serving 2.9 million people across the South West YTL Developments - a major UK developer currently redeveloping a 350-acre former airfield into an award winning, exciting mix of houses, apartments, schools, commercial space, restaurants and hotels, to make a truly sustainable new community YTL Construction UK - a top 20 UK contractor providing fully integrated services to infrastructure, residential, commercial, industry, energy and environmental sectors YTL Live - the development and operation of an entertainment complex that includes a 20,000 capacity arena, conferencing and exhibition space plus a number of other retail,environmental and specialist businesses. Our people tell us that YTL UK is a great place to work, which is why so many of them stay with us! You will have a unique opportunity to develop and progress your career within such a diverse group. We are passionate about diversity and inclusion - with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer. If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.
In this new and exciting role, reporting to the Cyber Security Engineering Team Leader, you will implement, configure, and maintain security controls across the YTL UK Group's on-premises and cloud technology environments. The role supports the delivery of a secure baseline through recognised security engineering practices, contributing to secure build processes and optimisation activities. You will need strong technical capability in Microsoft Azure and on-premises Active Directory environments, with the ability to implement and maintain secure configurations in alignment with defined standards and architectural guidance. What you'll do You will: work with project, IT and Security teams to ensure security requirements are embedded within new deployments in accordance with agreed standards implement and maintain system configurations across supported operating systems in alignment with build standards and baselines perform configuration hardening activities and remediation of non compliant systems to support adherence to security standards assist in maintaining visibility of compliance against secure build baselines through validation and reporting activities design, develop and maintain automation scripts and configurations to support security controls, configuration baselines and compliance validation activities implement automation and orchestration capabilities to improve consistency, repeatability and efficiency of security engineering tasks, and contribute to the continual improvement of automated security controls implement and maintain cloud security configurations in alignment with defined baselines and architectural standards, enforcing secure configuration practices across Azure and related platforms collaborate with the IdAM and IT teams to support secure identity configuration within Azure/Entra ID environments conduct cloud security configuration reviews and assessments, identifying misconfigurations and control gaps, and execute remediation activities in coordination with relevant teams review security configurations for on premises virtual machines and hypervisor platforms in alignment with secure build standards, performing configuration reviews to address identified gaps contribute to the continual improvement of on premises security controls by identifying optimisation opportunities and escalating issues where appropriate configure, integrate and maintain enterprise security platforms and tooling, including endpoint protection, SIEM, EDR/XDR, CASB and related monitoring technologies optimise tool configurations, policies and telemetry collection support Security Operations by analysing platform performance, tuning configurations and resolving issues impacting detection capability provide technical input to security architecture and infrastructure teams by identifying practical security enhancements and configuration improvements advise and support secure configuration of technologies, including Active Directory, Azure/Entra ID, PKI, PAM/PIM, authentication services and application platforms support the secure deployment and configuration of new services to ensure alignment with established baselines contribute technical input to asset discovery and inventory tooling to improve visibility across the estate, integrating and configuring security tooling to ensure accurate asset identification and telemetry coverage utilise defined asset management processes to support accurate tracking of systems and security control coverage, identifying visibility gaps and escalating as required provide technical engineering support to Security Operations during incident response activities, including implementing mitigating controls, configuration changes and defensive enhancements be willing to participate in an out of hours technical support rota for high severity incidents, supporting post incident analysis by ensuring relevant configuration and telemetry information is available support threat hunting and detection improvement initiatives by implementing control adjustments, configuration updates or blocking mechanisms in response to IOCs assist with compliance activities and audit requests by providing technical evidence, configuration details and remediation updates collaborate with Security Operations, IdAM, Purple Team and infrastructure colleagues to provide practical guidance on configuration and control implementation contribute engineering insight to projects and operational activities to ensure security requirements are implemented effectively support colleagues in understanding secure configuration standards and applied controls within their respective technology domains. What you'll need We are looking for: demonstrable knowledge of security engineering standards, practices and secure configuration principles solid understanding of core security concepts, including defence in depth, least privilege, segmentation and identity centric security models proven hands on experience deploying, configuring and maintaining enterprise security technologies and platforms experience contributing to IT and cyber security projects involving the implementation of new controls or security enhancements practical understanding of identity and access control principles and their role in maintaining confidentiality, integrity and availability strong written communication skills for producing technical documentation, configuration standards and implementation guidance clear verbal communication skills, able to explain configuration requirements to technical and non technical stakeholders ability to collaborate effectively across infrastructure, cloud and operational teams experience supporting security investigations, including troubleshooting, remediation implementation and control adjustment practical awareness of common cyber threats and experience implementing configuration based mitigations working knowledge of cloud platforms (e.g., Azure) and cloud security principles, including identity, configuration management and monitoring controls hands on experience with Microsoft Windows (desktop and server) environments, with working knowledge of Unix and Linux systems. What you'll receive A combined pension contribution of up to 20%. Career progression and professional development opportunities. 25 days' holiday rising to 28 with length of service. The opportunity to sell up to five days of holiday every year. The opportunity to buy up to ten days of holiday each year (subject to conditions). A healthcare package that allows you to claim back healthcare costs. Life assurance of up to eight times your salary. The opportunity to lease a new electric car through salary sacrifice (subject to conditions). Cashback and discounts from more than 3,000 retailers. One paid volunteering day each year. Enhanced family leave and pay arrangements. Access toan interactive health and wellbeing platform. Support from trainedmental health first aiders. A £1,000 referral fee if you recommend someone who is successfully recruited by us. Who we are YTL UK is part of the international YTL Group based in Kuala Lumpur. The UK companies include: Wessex Water - one of the top-performing water and sewerage companies in England and Wales, serving 2.9 million people across the South West YTL Developments - a major UK developer currently redeveloping a 350-acre former airfield into an award winning, exciting mix of houses, apartments, schools, commercial space, restaurants and hotels, to make a truly sustainable new community YTL Construction UK - a top 20 UK contractor providing fully integrated services to infrastructure, residential, commercial, industry, energy and environmental sectors YTL Live - the development and operation of an entertainment complex that includes a 20,000 capacity arena, conferencing and exhibition space plus a number of other retail,environmental and specialist businesses. Our people tell us that YTL UK is a great place to work, which is why so many of them stay with us! You will have a unique opportunity to develop and progress your career within such a diverse group. We are passionate about diversity and inclusion - with that in mind, all applicants are welcome. We are delighted to have signed the Armed Forces Covenant and are a Disability Confident Employer. If you require reasonable adjustments to be made during the recruitment process, please inform a member of our Recruitment team.
Cyderes
We help the world Be Everyday Ready Today's threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools - all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way. About the Role: The Principal Consultant, PAM at Cyderes serves as a technical authority for the IAM and PAM technology stack. Recognized as an industry expert, this role is responsible for designing and leading complex PAM solution deployments. Acting as a technical lead, the Principal Consultant advises clients on best practices and ensures excellence throughout project delivery. This role also involves mentoring other consultants, guiding implementation teams, and serving as a trusted advisor to customers. The ideal candidate will bring deep hands on experience in deploying large scale PAM solutions, paired with strong communication skills and the ability to operate across multiple projects simultaneously. Responsibilities: Serve as the domain expert in Privileged Access Management (PAM) solutions Lead large enterprise PAM deployments through the full delivery lifecycle Conduct strategic PAM assessments and workshops using the Cyderes framework Design and architect solutions to meet customer PAM requirements Provide expert guidance on PAM best practices and emerging trends Define and promote standard methodologies for PAM delivery and privileged account security Build and maintain strong, productive client relationships Act as the communication bridge between customers and internal teams (implementation, sales, success, and marketing) Manage and resolve customer issues and escalations promptly Support pre sales efforts, including presentations, demonstrations, RFP responses, and proposal scoping Contribute subject matter expertise to enhance Cyderes's PAM Managed Services Requirements: 5+ years of direct experience delivering large, complex PAM implementations Engineer-level certification with CyberArk, BeyondTrust, Delinea, or similar PAM platforms 6+ years in consulting and systems integration roles Excellent problem solving, communication, and presentation skills Proven ability to manage multiple concurrent projects Proficiency in XML, SPML, Web Services (SOAP/REST), and web/application servers Experience across Windows and UNIX/Linux environments Strong knowledge of databases (Oracle, Sybase, MSSQL, MySQL) and directories (LDAP, AD) Familiarity with identity management solutions Willingness to travel up to 40% annually Bachelor's degree or diploma in Computer Science, Computer Engineering, or related field Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status. Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
We help the world Be Everyday Ready Today's threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools - all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way. About the Role: The Principal Consultant, PAM at Cyderes serves as a technical authority for the IAM and PAM technology stack. Recognized as an industry expert, this role is responsible for designing and leading complex PAM solution deployments. Acting as a technical lead, the Principal Consultant advises clients on best practices and ensures excellence throughout project delivery. This role also involves mentoring other consultants, guiding implementation teams, and serving as a trusted advisor to customers. The ideal candidate will bring deep hands on experience in deploying large scale PAM solutions, paired with strong communication skills and the ability to operate across multiple projects simultaneously. Responsibilities: Serve as the domain expert in Privileged Access Management (PAM) solutions Lead large enterprise PAM deployments through the full delivery lifecycle Conduct strategic PAM assessments and workshops using the Cyderes framework Design and architect solutions to meet customer PAM requirements Provide expert guidance on PAM best practices and emerging trends Define and promote standard methodologies for PAM delivery and privileged account security Build and maintain strong, productive client relationships Act as the communication bridge between customers and internal teams (implementation, sales, success, and marketing) Manage and resolve customer issues and escalations promptly Support pre sales efforts, including presentations, demonstrations, RFP responses, and proposal scoping Contribute subject matter expertise to enhance Cyderes's PAM Managed Services Requirements: 5+ years of direct experience delivering large, complex PAM implementations Engineer-level certification with CyberArk, BeyondTrust, Delinea, or similar PAM platforms 6+ years in consulting and systems integration roles Excellent problem solving, communication, and presentation skills Proven ability to manage multiple concurrent projects Proficiency in XML, SPML, Web Services (SOAP/REST), and web/application servers Experience across Windows and UNIX/Linux environments Strong knowledge of databases (Oracle, Sybase, MSSQL, MySQL) and directories (LDAP, AD) Familiarity with identity management solutions Willingness to travel up to 40% annually Bachelor's degree or diploma in Computer Science, Computer Engineering, or related field Cyderes is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to race, religion, color, sex, age, disability, sexual orientation, genetic information, national origin, or veteran status. Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.
