Security Solution Engineer
On site
London, United Kingdom
Freelance
19-03-2025
Job Specifications
Job Title: Technical ITVM Security Engineer (Contract)
Day Rate: £450-£475
Contract Duration: 3-Month Rolling
Location: Remote with occasional office visits in London
A leading consultancy is searching for a Security Engineer to join their team on a contract basis. The role focuses on enhancing security measures and managing vulnerabilities. This is ideal for professionals with strong technical skills and experience in security tool integration.
Key Responsibilities
Implement Technical Designs: Execute high- and low-level designs, including data flow diagrams and workflows, for vulnerability management. Configure security architectures for monitoring and remediation.
Tool Integration and Configuration: Integrate and configure security tools like ServiceNow and Defender to manage vulnerabilities across cloud and on-prem systems.
Vulnerability Scanning and Remediation: Conduct assessments and scans using Microsoft Defender VM and other platforms.
Maintain Security Baselines:Monitor systems to ensure they meet industry standards (e.g., CIS benchmarks), updating baselines as needed.
Security Monitoring and Incident Response: Continuously monitor systems, respond to incidents, and document security events.
Automation: Develop scripts using PowerShell and Azure DevOps to automate scanning and patch management.
Compliance Reporting and Dashboards: Maintain dashboards in ServiceNow, providing regular reports on vulnerabilities and compliance gaps.
Security Patch Management: Oversee patching processes with SCCM and Intune, ensuring timely updates.
Training:Train staff on ITVM resources related to vulnerability management.
If you you have the relevant experience and feel like this role would make an ideal fit for you, please feel free to apply, or email me directly on anthony.towey@opusrs.com
About the Company
When it comes to technology talent, Opus Recruitment Solutions are the specialists. We provide the skills needed most to markets at the forefront of change, evolving with the ever-changing needs of our clients to propel their people strategy and build world-class teams to power the future. With a global reach, diverse networks and an established market reputation, we are the partner of choice for organisations looking for flexible and trusted technology talent solutions to achieve long-term success. Our clients work acros... Know more
Related Jobs
- Company Name
- John Lewis Partnership
- Job Title
- Information Security Engineering Lead
- Job Description
- About The Role Join the John Lewis Partnership’s Information Security Engineering team and play a crucial role in protecting our customers, Partners and business from evolving cyber threats. The John Lewis Partnership’s Information Security strategy is bold and ambitious. We provide a collection of security services, delivered through people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day. A key component of this is the Threat Defence team. A group of Partners (employees) who play a vital role in the defence of our systems and data from cyber attacks. This is a team with a very broad set of responsibilities, including the monitoring of threats and vulnerabilities and the engineering and testing of key security defences. We’re looking for an experienced Information Security Engineering Lead to take on a lead role within our Security Engineering service. In this role you’ll be overseeing the delivery of new security capabilities and ensuring that our Security Operations Centre remains equipped to defend against the latest cyber security threats. This is a fantastic opportunity to get hands-on with market leading next-generation cyber security tools where you'll be empowered to lead and innovate within an agile, supportive and collaborative team environment. At a glance Expected Salary - £65,000 - £85,000 depending on experience Contract type - Permanent Working pattern/flexible working - This role is based at the Bracknell Head Office, with an opportunity for hybrid working. Your time will primarily be split between Bracknell (current normal expectation 1 day per week) and working from home. There will also be an expectation to infrequently visit other locations as the need arises. Our Infosec team currently works from the office every Tuesday to connect and on a more ad-hoc basis to attend key meetings, but again the frequency is dependent on the business needs. There will be a need for on-call support as part of a callout rota, where you will be expected to be available for out of hours support approximately one week in 5. Specific rota requirements can be planned around leave and other personal commitments. What you’ll be doing: In this highly technical role, you’ll be responsible for developing and maintaining our security operations platforms and using your technical expertise and experience with security tooling to inform our overall Information Security strategy. You’ll bring your technical leadership to projects, leading the delivery of new security tooling as a respected Information Security expert and working with technology teams to ensure that new technologies are sufficiently secure and protected. You’ll oversee a range of continuous improvement activities for our existing platforms and will work closely with other members of the Security Engineering service in an agile way to ensure we continue to drive value out of our investments. You’ll be a technical leader in the Information Security team and will use your experience and knowledge to guide, inspire and support other members of the team. You’ll develop positive relationships with colleagues and senior leaders from technology teams outside of Information Security and will work closely with vendors to ensure a secure Partnership. What you’ll have (Essential Skills): Hands-on experience in a senior Security Engineering role, overseeing and leading a group of Security Engineers. Demonstrable experience in delivering and/or maintaining EDR tooling. Specific experience leading the deployment or engineering of SentinelOne would be of particular benefit. A proven track record working as part of an agile delivery team, following agile best practices such as Scrum or Kanban. Experience collaborating with development, operations and infrastructure teams, preferably in a security context A working knowledge of security best practice, including frameworks such as Mitre ATT&CK and NIST. What else you could bring (Desirable Skills): Proficiency in working with or developing SIEM tooling and SIEM detections/alerts. Proficiency in Google SecOps (Google Chronicle) would be particularly beneficial. In-depth knowledge of network security, including principles such as zero trust and network security tooling such as zScaler. Experience securing cloud platforms and applications using tooling such as CASB, CSPM, SSPM or similar. Specific knowledge of GCP and Google Security Command Center would be beneficial. Formal accreditation in Information Security such as a related degree, ISC2 CISSP or similar. Additional Information The application form consists of a CV upload, followed by application questions. Please save the application questions to a Google docs before entering on Workday for future reference. Internal applicants please copy paste this link on to the browser for job outline - https://bit.ly/InfosecEnggLead ' About The Partnership We’re the largest employee owned business in the UK and home of our cherished brands, John Lewis and Waitrose. We’re not just employees, we’re Partners, driven by our purpose to build a happier world. As we look to our future, there’s never been a more exciting time to join us. We’re ruthlessly focused on being brilliant at retail. We continue to innovate, adapt and diversify. Never Knowingly Undersold on price, quality and service in John Lewis and passionately serving food-lovers in Waitrose. As Partners we all share the responsibility of ownership and in its rewards. We use our voices to contribute to our success, working together through the good and challenging times, holding true to our behaviours and treating everyone with kindness and respect. We all own making the Partnership somewhere we belong. Embracing our differences and creating an environment where we’re free to be ourselves and can THRIVE. Growing ourselves individually, and as a collective. As Partners, we make all the difference. And, we all own it. Important points to note: It’s important to note that some of our roles are subject to pre-employment vetting. If required, you’ll find out more about vetting throughout the recruitment process and we encourage you to complete any vetting documents quickly to avoid delays. We also recommend that you apply as soon as possible as vacancies can close early if we see a high number of applicants. We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where possible. Please discuss this further with the hiring manager during your interview.
Bracknell, United Kingdom
Hybrid
Freelance
20-03-2025
- Company Name
- Public Sector Resourcing
- Job Title
- Security Architect
- Job Description
- On behalf of DWP we are looking for a Security Architect for a 6 month (Inside IR35) contract. Hybrid working with 2 days per week required in Manchester, Leeds, Sheffield, Birmingham, Newcastle or Blackpool. The Department for Work and Pensions (DWP) is responsible for welfare, pensions, and child maintenance policy. As the UK’s biggest public service department, it administers the State Pension and a range of working age, disability and ill health benefits to around 20 million claimants and customers. As such, we operate on a scale that is almost unmatched anywhere in Europe and most people in Britain come into contact with us at some point in their lives. Working with DWP, you will be helping us to drive our priorities to: * Help people to move into work and support those already in work to progress, with the aim of increasing overall workforce participation * Help people to plan and save for later life, while providing a safety net for those who need it now * Provide effective, efficient, and innovative services to the millions of claimants who rely on us every day, including the most vulnerable in society * Improve experience of our services while maximising value for money for the taxpayer. As a Security Architect your main responsibilities will be to: * Conceptionally develop and agree design proposals with the supplier to meet business (DWP and AP) needs. * Validate and assure design solutions. * Support the business in determining priority based on understanding of the drivers for change and the deliverability of change. * Undertake impacting of policy and business change proposals to determine the IT impacts and strategic fit of change. * Production of enterprise and reference architecture documentation as a model to informing business, security and strategy change. * Analysis and presentation of risk in relation to the IT environment supporting Health Assessments and making recommendations for risk reduction. Essential: * Security Architecture experience within a large government department. * Risk identification and security management skills. * Previous experience of presenting technical solutions for Architecture Governance at Design Authorities. * Ability to produce detailed Architecture design artifacts like Solution Overview documents. * CISSP Qualification. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, DWP guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. Armed Forces Covenant DWP guarantees to interview veterans or spouses / partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates / military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".
England, United Kingdom
Hybrid
Freelance
19-03-2025
- Company Name
- Membership Bespoke
- Job Title
- Data Security Compliance Advisor
- Job Description
- Data Security Compliance Advisor 12 Month FTC, Full Time Hybrid – WFH and 1-2 Days in the East Grinstead Office Basic Salary £47,000-£50,000 with excellent benefits including 25 Days holiday, Pension Scheme, Life Assurance, Private Health Scheme and family (AXA), Discounts on insurance products, are a wide range of retailers and service providers via the ‘SMILE’ portal. Savings on fuel with My Esso Card Wellbeing allowance (£150 a year). There is further assistance for work related training available. Eye Care Voucher Scheme, Employee Advisory Service Reason for Vacancy – Workload Key Tasks / Accountabilities: Be primarily responsible for the end-to-end process of fulfilling data subject requests made under the UK General Data Protection Regulation (UK GDPR), such as subject access requests and erasure requests, as well as requests for information from other organisations, such as law firms, law enforcement or government departments Build on existing internal documentation and communications regarding the data subject request process so that: Other departments are clear about their responsibilities, and The Data Security Compliance Team handles requests in the most structured, efficient and cost-effective manner possible, while complying with UK data protection legislation and meeting legal deadlines Work with members of the team on the development and integration of tools involved in the data subject request process, such as the OneTrust Privacy Rights Automation module and other internal platforms Share the responsibility to conduct reviews of existing assessment and accountability processes and work with business stakeholders to create new ones where required. Assist with the recommendation of improvements to achieve compliance and reduce risk and help to ensure the delivery of agreed recommendations. Examples of processes are: Data Protection Impact Assessments (DPIAs) Legitimate Interest Assessments (LIAs) Legal Basis for Processing Checklists Records of Processing Activities (ROPA) Assist with the optimisation of the above record, list and assessment processes and the continual improvement of associated documentation Contribute to the application of organisation wide processes such as Data Protection by Default and by Design, working with business teams and the IS department as necessary Assist in the refresh and communication of the organisation's Data Security Policy set Contribute to the development and execution of data protection and data security training, awareness campaigns and eLearning training rollouts Support the Data Protection Officer in ensuring the importance of data security compliance is appropriately communicated across the organisation by assisting with the production of communications as well as articles and guidance for the team’s intranet presence Assist with the production of well written and carefully considered advice and guidance in response to data protection and data security enquiries, both internal and external Be willing to take on ad hoc challenges and find solutions for implementation Represent the team in meetings and for projects and initiatives, where required Attend industry events, conferences and seminars to keep up to date with the threat landscape and any upcoming legislative change Essential Skills & Experience Required: Strong knowledge and experience of current and upcoming UK data protection law, e.g. the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, Privacy and Electronic Communication Regulations (PECR) and familiarity with guidance published by the Information Commissioner’s Office One or more recognised data protection qualifications, e.g. UK GDPR Practitioner, CIPP/E, CIPM Extensive experience of fulfilling data subject requests made under the UK GDPR Experience of working in a team where providing guidance and advice about UK data protection law to internal and external stakeholders is a primary focus Proven experience in handling confidential and sensitive information First rate planning and organisation skills with the ability to manage conflicting priorities while meeting tight deadlines Must have the ability to work well under pressure while maintaining discretion Ability to work with minimum supervision, as well as collaboratively and flexibly with others to achieve team objectives Excellent written English coupled with clear and articulate verbal communication skills Methodical, with a high attention to detail and accuracy Highly motivated and focused with a desire to help, use initiative and add value Confident general IT skills, ideally primarily with use of Google Workspace and Adobe Acrobat Pro (see below) but as a minimum, with Microsoft Office / O365 software suites Desirable Skills & Experience Required: Highly proficient use of Google Workspace (Gmail, Drive etc), Microsoft Office (Outlook, Word and Excel in particular) and use of the redaction tools and other key features in Adobe Acrobat Pro Familiar with information security best practice, e.g. ISO 27001, Cyber Essentials Awareness of payment card industry standards and requirements, i.e. Payment Card Data Security Standard (PCI DSS) To apply to this role of Data Security Compliance Advisor please send your CV. Closing date for applications is Wednesday 26th March. Due to the volume of applications we are only able to contact successful applicants. Therefore if you have not heard from us within 10 working days please deem your application as unsuccessful on this occasion. Membership Bespoke is acting as a recruitment business in relation to this role. Membership Bespoke positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. Membership Bespoke is the most experienced membership-focused recruitment firm in the UK, with 10+ years of experience delivering tailored permanent, temporary, interim, and Executive Search recruitment solutions to Trade Associations, Regulatory Bodies, Political Parties, and Professional Bodies.
West Sussex, United Kingdom
Hybrid
Freelance
20-03-2025
- Company Name
- Insight International (UK) Ltd.
- Job Title
- Cybersecurity Policy Specialist
- Job Description
- Role: Cybersecurity Policy Specialist Location: London, UK Job Type: Contract Key Responsibilities Include: Develop and maintain security policies, procedures, and guidelines. Ensure alignment with NIST and CIS standards. Collaborate with teams to gather requirements and ensure policies meet organizational needs. Review and update policies regularly to ensure compliance with industry standards and regulatory requirements. Provide guidance on policy implementation and adherence. Conduct training sessions and workshops to educate employees on security policies and best practices. Monitor policy effectiveness and recommend improvements. Stay updated on cybersecurity standards and best practices. Develop policies for Cloud Technical Security Standards, ensuring secure cloud environments. Create guidelines for cryptographic algorithms to protect data. Implement Zero Trust security principles, including least privilege access and continuous verification. Establish network security policies, including firewalls, VPNs, and intrusion detection systems. Develop Identity and Access Management (IAM) policies, including SSO, MFA, and role-based access control. Formulate data security measures, including encryption, data masking, and data loss prevention. Maintain a risk register to document, prioritize, and manage risks effectively. Skills and Qualifications Proven experience as a Security Policy Writer on Cloud Technical Security Standards. Excellent writing and communication skills. Ability to translate technical concepts into clear policies. Strong understanding of cybersecurity principles. Expertise in Zero Trust security principles. Proficiency in network security. Experience with Identity and Access Management (IAM). Good understanding of NIST and CIS standards. Familiarity with regulatory requirements (e.g., GDPR, PCI-DSS, ISO 27001). Understanding of cryptographic algorithms. Knowledge of data security measures. Experience in maintaining a risk register. Ability to work independently and collaboratively. Analytical and problem-solving skills. Experience with risk assessment and management. Proficiency in policy management tools. Strong attention to detail and organizational skills. Ability to handle multiple projects and meet deadlines. Bachelor’s degree in information security, Computer Science, or related field. Other Desirable Skills The Open Group Architecture Framework certification. Certification – CISSP, CISM or ISACA
London, United Kingdom
Hybrid
Freelance
20-03-2025