Cyber Security Engineer - 6 Month Contract
Hybrid
London, United Kingdom
Freelance
10-04-2025
Job Specifications
About us:
SSP Group plc (LSE:SSPG) is a global leading operator of food and beverage outlets in travel locations employing around 49,000 colleagues in over 3,000 units across 37 countries. We specialise in designing, creating and operating a diverse range of food and drink outlets in airports, train stations and other travel hubs across six formats: sit-down and quick service restaurants, bars, cafés, lounges, and food-led convenience stores. Our extensive portfolio of brands features a mix of international, national, and local brands, tailored to meet the diverse needs of our clients and customers.
Our purpose is to be the best part of the journey, and we are committed to delivering leading brands and innovative concepts to our clients and customers around the world, focusing on exceptional taste, value, quality and service. Sustainability is crucial for our long-term success, and we aim to deliver positive impact for our business while uniting stakeholders to promote a sustainable food travel sector. www.foodtravelexperts.com
About the role:
SSP require a Cyber Security Engineer for a 6 month contract to manage and maintain security processes, solutions and support strategic initiatives. This role is essential in building and maintain key security technologies and services, whilst also supporting the wider Cyber Security function as a 2nd line operational capability.
The Cyber Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the organization's information systems from cyber threats. This role involves collaborating with various teams to ensure robust security architectures, conducting vulnerability assessments, and supporting incident response activities.
This role also provides support for the cyber security programme and works with the wider teams to ensure high risk areas are remediated.
What you’ll be doing:
Manage and main security tooling and infrastructure, including health, licence, capacity, performance and support roadmap and upgrade decisions.
Act as 2nd line team within Cyber Security, supporting 1st line with incidents and any change to tooling and processes.
Recommend and drive effective changes to enhance defence and response procedures
Investigate and resolve issues with key security platforms and services
Engage with wider D&T teams and act as SME for projects/changes
Support and lead platform changes and transition process changes into 1st line Cyber
Provide guidance and training for wider cyber security team when onboarding new technologies and processes.
Partner with SOC and IR teams in the event of a security incident to ensure timely mitigation and remediation efforts are completed
Promote a culture of security awareness and good practice
Maintains good understanding of wider industry threats and security engineering best practices
To be successful in this role you will need:
Experience working in a dynamic, fast paced environment
Security tooling experience across protection, detection and response platforms
Experience with EDR, SIEM, vulnerability management solutions and threat intelligence platforms
Hands-on experience in implementing and testing new security features, planning security tooling upgrades, troubleshooting, and responding to security incidents.
Strong communications skills and experience in presenting and communicating to both technical and non-technical stakeholders
Proven experience in managing security tooling and solutions.
Belong at SSP:
Great food and drink are diverse by nature. It’s authentic, creates great experiences and brings people together. The same goes for our Belong strategy at SSP. By empowering our colleagues and celebrating our differences, we create great experiences for our people, enabling them to thrive as one global team.
Spanning 6 continents, we’re very diverse when it comes to our backgrounds. But it’s so much more than that, it’s listening with humility, taking conscious action, and having the determination to do the right thing. True diversity, equity and inclusion can only happen when everyone feels able to bring their full self to work. We encourage and welcome applications from a diverse range of candidates regardless of background, gender, race, religious beliefs, disability, sexual identity and orientation or age.
About the Company
SSP is a a global leading operator of food and beverage outlets in travel locations employing around 49,000 colleagues in over 3,000 units across nearly 40 countries. We specialise in designing, creating and operating a diverse range of food and drink outlets in airports, train stations and other travel hubs across six formats: sit-down and quick service restaurants, bars, cafés, lounges, and food-led convenience stores. Our extensive portfolio of brands features a mix of international, national, and local brands, tailored ... Know more
Related Jobs
- Company Name
- Stott and May
- Job Title
- Azure AD Consultant (Security Cleared)
- Job Description
- Azure Active Directory Consultant (Azure AD) *candidates must hold an ACTIVE and transferable SC* Start: 2nd June Duration: initial 9-weeks Pay: negotiable, inside IR35 Location: ad hoc travel (minimal, must be commutable to central London) We're looking for a specialist engineer to lead a key identity and access management project for a client. You'll be responsible for designing and deploying a secure, best-practice solution to separate high-privilege user accounts across a hybrid On-Prem Active Directory (AD) and Microsoft Entra environment. What you'll be doing - Investigate the current hybrid AD/Entra setup and user provisioning process using Microsoft tools. - Identify all existing privileged users and roles across On-Prem and cloud environments. - Design and test a secure, compliant solution for privileged account separation in line with NCSC and Microsoft guidance. - Conduct user group testing and ensure minimal disruption during rollout to 30-150 users. - Support deployment, produce high-quality technical documentation, and create clear summary reports for client approval. What you'll need - Strong expertise in Active Directory (OU design, GPOs, Tier-0 models). - Advanced knowledge of Azure AD/Microsoft Entra ID, including role and identity management. - Hands-on experience with Azure AD Connect, including filtering, sync issues, and admin disentanglement. - Familiarity with Privileged Identity Management (PIM), JIT access, and PAW deployment. - Solid understanding of zero-trust security, least privilege, and change management principles. - Experience writing technical documentation, test plans, and client-facing reports. - Excellent communication and interpersonal skills, with the ability to manage multiple priorities and stakeholders.
- Company Name
- Public Sector Resourcing
- Job Title
- Security Architect
- Job Description
- On behalf of the Met Office, we are looking for a Security Architect (Inside IR35) for a 6 month contract based in Exeter office once per month. As the Security Architect within the Security Operations team of the Met Office’s Cyber Security Department, you will design and implement security solutions that protect Met Office digital services. You'll advise on enterprise security initiatives to further enhance our cyber security posture, safeguarding systems that are essential to public safety and national security. This role requires close collaboration with our Security Operations Center and Vulnerability Management teams to continuously improve our security services. This role will specifically support the deployment of our Network Detection and Response solution. As a Security Architect, your main responsibilities will be: * Design and implement enterprise security solutions for on-premises and cloud-based systems by applying technical architecture, risk management, and threat analysis to create solutions that are resilient from attack * Assess and improve security postures to address evolving cyber threats, keeping our operational defences proactive and effective by identifying risks and closing gaps * Develop security solutions that enhance our ability to protect, detect and respond to, and recover from cyber incidents * Lead and coach teams on cyber security practices, technical excellence, while fostering a culture of collaboration and personal development * Assess risks related to proposed changes and recommend security controls that support business objectives Essential: * Experience in designing and successfully delivering technical designs from concept to completion using standardised control frameworks (such as 27001/2) appropriately * Ability to develop and communicate security concepts (vision, principles, and strategy) that manage security risks to information, systems, and processes that support the delivery of balanced and cost-effective risk management decisions * Experience communicating security and risk effectively, apply security principles to business requirements to provide confidence * Ability to lead and coach personnel across departments on cyber security best practice to ensure common tools and patterns are used effectively to deliver secure solutions with proportionate controls to enable business outcomes. * Knowledge of industry security solutions including network detection and response, security information and event management, extended detection and response, threat intelligence and vulnerability management. Please be aware that this role can only be worked within the UK and not Overseas. Disability Confident As a member of the Disability Confident Scheme, the Met Office guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply. In exceptional circumstances, we may also need to apply the desirable criteria in our shortlisting process which may include holding active security clearance. In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".
- Company Name
- Searchability NS&D
- Job Title
- Security Architect
- Job Description
- SECURITY ARCHITECT – OUTSIDE IR35 NEW OUTSIDE IR35 CONTRACT OPPORTUNITY AVAILABLE FOR A SECURITY ARCHITECT IN FARNBOROUGH Searchability NS&D has a permanent opportunity for an Security Architect to work across an exciting range of projects Must have active MOD DV Clearance Day rate up to £675 Outside IR35 Role is based in Farnborough – 3/4 days on site per week For more details please call me on 07842 002 256 or email shaun.varley@searchability.com WHAT WILL THE SECURITY ARCHITECT BE DOING? Risk Management within a Defence and Security Sector; Security / Cyber architectures are proportionate to the GSC of the systems; Security architectures are delivered in conjunction with other IT Architects and SMEs; Apply security design specifics to develop the security architecture; Strategic direction of Security projects; Producing evidence to meet various MOD regulations; Designing options and solutions to mitigate vulnerabilities; Working with various teams across the business including Software Engineering, DevSecOps Engineering, Infrastructure Engineering, Agile and Cyber Security; and Either holds or has recently held government security clearance already, or is suitable for and willing to go through the vetting process (suitability would include an absence of a serious criminal record, a right to work and live in UK and, preferably, a record of 5 years’ UK residency), SKILLS & EXPERIENCE DESIRED: Able to perform Risk management using industry approved methodologies (such as NIST 800-53). Identification of suitable risk management activities (technical, physical, or procedural) to treat /mitigate the identified risks; Support development in a secure by design methodology; Be able to work at a technical level with teams; Identification / design / selection of appropriate security components to provide security enforcing functions (e.g. network, endpoints, cryptography, authentication, authorisation, data inspection etc) for a variety of infrastructures including cloud environments; Legal and regulatory topics that merit consideration when conducting various activities in the field of cyber security; Creation of security documentation to support the development of a system, these could include: security Aspects, Risk Assessment, Risk Management, Security Policies, Security Test Plans/Results, Evaluation documents; Knowledge of JSP 604 / 453 and creation if assurance artefacts; and High standards in written report and design documentation. DESIRABLE: Knowledge and experience of Agile, DevSecOps, CI/CD principles and their application in secure environments Appreciation of the constraints and requirements imposed on development within secure, safety critical environments Concepts and technologies that are used to engineer systems which inherently protect systems; Understanding of MOD and other departmental IT in defence and security Experience of working with MOD Accreditors; and Knowledge of Onsite / project tech stack includes but is not limited to Azure, AWS, Docker, Kubernetes, Apache (NiFi, Kafka), NodeJS, Typescript, MongoDB, AI, Machine Learning etc. TO BE CONSIDERED…. Please either apply by clicking online or emailing me directly to shaun.varley@searchability.com - I can make myself available outside of normal working hours to suit from 7am until 10pm. If unavailable, please leave a message and either myself or one of my colleagues will respond. By applying for this role, you express consent for us to process & submit (subject to required skills) your application to our client in conjunction with this vacancy only. Also feel free to connect with me on LinkedIn, just search Shaun Varley. I look forward to hearing from you. SECURITY ARCHITECT KEY SKILLS: SECURITY / ARCHITECT / DEFENCE / GOVERNMENT / SECURITY CLEARED / SECURITY CLEARANCE / SECURITY CHECK / DEVELOPED VETTING / DEVELOPED VETTED / DV CLEARED / DV CLEARANCE / DEEP VETTED / DEEP VETTING
- Company Name
- Harvey Nash
- Job Title
- Network Field Engineer
- Job Description
- Network Engineer| 12 Month Contract (TBC) | (Outside IR35) | Hybrid (Edinburgh) | Starting ASAP Market Rates You will be a Network Engineer with extensive practical day to day and some strategic Cisco switching and routing experience with a CCNA certificate at minimum. Though experience in Palo Alto, F5, Collaboration, VPN, Windows and Linux is advantageous. You need to be technically skilled and have the drive and the ability to be proactive to deliver results as part of the overall change programme. You will need to be able and experienced in travelling to all parts of Scotland, this includes some days at the weekend and at nights will be required to deploy our SD-WAN solution as well a nationwide LAN upgrade program. Promoting best practice in network management you will ensure that policy and procedures maintain quality assurance levels of a high standard. Main Duties: The key focus for this role at the start is to focus on the following projects: Deployment of SD-WAN solution to 50+ sites in Scotland, upgrade of estates wide LAN hardware/software (Triage of site failures over 50+ sites), Wi-Fi system upgrade (New controllers, AP's, expansion of coverage etc). More projects are in the works so there is scope for more works around F5, Data centre movement, management systems, VPN change to come. Programme Delivery Consult in the delivery of a design and strategy around managing a large multi-site network including SDWAN, WiFi and LAN active projects leading to you implementing said designs. Provide effective, timely and accurate advice and sound professional judgement to colleagues on networking/infrastructure design ensuring design principles are adhered to, Represent Change and Digital Innovation (Networks team) at meetings both internal and external in relation to the change programme. Consult on the overall network roadmap based on the 3 year and 5 year business plan. Provide technical design consultation to DDIA and network security. Policy and governance Ensure design compliance within PSN networks and the appropriate policies and procedures Advise best practice to Coordinate, maintain and develop existing systems to meet the needs of the business and supported Justice Partners as part of the change programme Communication Consult with operational colleagues to identify improvements to service provision to meet the ongoing and future needs of the client Attend meetings and network events as required and identify and share best practice methods Attend CAB (Change Authority Board) meetings when required to further explain submitted/proposed Network changes in line with the change programme. Ensure all collateral required by Project Managers is provided within agreed timescales. Service Development Consult with others within the business and outside agencies to continuously improve service provision and make suggestions for improvements to systems and processes based on the network roadmap. Keep current with market trends and new products in area of your specialism. Essential Skills & Experience: Proven up to date experience of Cisco equipment (2960X/XR, 4500, 9000 series as well as Nexus Switches), ideally supported by a recognised network certification. Knowledge of troubleshooting physical network site infrastructure Experience of building, managing and maintaining high availability networks with Cisco devices Working knowledge or experience in some or all of the following subjects: Cisco Networking, Unified Communications, WLC, F5 VPN, F5 Silverline/XC, IPsec tunnel and Palo Alto Firewalls. Experience of running, using and implementation of network monitoring solutions Experience of designing load balancing services Ability to work in partnership with IT colleagues and operational colleagues This role has been deemed Outside IR35 by the client. Applicants must hold, or be happy to apply for, a valid Basic Disclosure Scotland. Please click the link to apply.