Cybersecurity Engineer
On site
Newport, United Kingdom
Full Time
24-04-2025
Job Specifications
Company Overview
The SPTS division of KLA, designs, manufactures and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry leading etch and deposition process technologies on a range of single wafer handling platforms. End-market applications include micro-electromechanical systems (MEMS), advanced packaging, LED, high speed RF device IC’s and power semiconductors. SPTS is part of KLA Corporation which develops industry-leading equipment and services that enable innovation throughout the electronics industry. We provide advanced process control and process-enabling solutions for manufacturing wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. In close collaboration with leading customers across the globe, our expert teams of physicists, engineers, data scientists and problem-solvers design solutions that move the world forward.
Job Description/Preferred Qualifications
We are seeking a Cybersecurity Engineer with shown experience to join our team. This role focuses on representing the cybersecurity body within the organisation and supporting IT and cybersecurity teams in implementing and defining policies to meet organizational standards and harden systems to reduce the attack surface. The ideal candidate will be responsible for maintaining and improving existing cybersecurity systems, ensuring compliance with standards and regulations, and providing hands-on technical expertise.
Your day to day responsibilities will include:
Represent the cybersecurity organization within the KLA corporate.
Support IT and cyber teams in implementing and defining policies to meet organizational standards.
Harden systems to reduce the attack surface.
Support IT teams in adapting sophisticated IAM solutions and Active Directory and Azure Active Directory (ENTRA ID) systems.
Develop and implement policies and procedures for identity and access management.
Conduct assessments and provide solutions to improve information security gaps.
Collaborate closely with IT and cybersecurity teams to ensure compliance.
Provide technical training and support to internal teams.
Leading identity lifecycle and access management (IDM) and Identity Governance and Administration (IGA) policies working with IT teams
Maintain existing systems and ensure their accurate functioning.
Review the configuration of different systems to evaluate security controls.
Handle daily requests through the corporate IT ticketing system.
Conduct vulnerability assessments and security evaluations of complex systems.
Develop and maintain comprehensive security testing plans.
Automate security testing processes for networks, systems, and applications where possible.
Consult with platform managers and systems administrators on security review results and remediation strategies, producing actionable, threat-based reports
Install, operate, and maintain various cybersecurity products.
Implement routine security reviewing processes.
KLA is proud to be an equal opportunity employer!
For this role we are looking for someone with:
Familiarity with SCIM, CASB, and additional Azure services with demonstrated ability in identity and access management within IT or a similar role in cybersecurity.
Practical experience with Active Directory and Azure Active Directory (ENTRA ID).
Understanding of security protocols and compliance standards.
Ability to analyze complex problems and provide creative solutions.
Good interpersonal skills and ability to work in a team.
Bachelor's degree in a relevant technological field would be an advantage.
Relevant certifications in IT or cybersecurity, such as CISSP, CISM.
Experience with IAM tools like Okta, SailPoint, or Ping Identity - an advantage.
Understanding of MSA, GMSA, and equivalent technologies.
Knowledge of PAM (Privileged Access Management) and Vault solutions.
Enjoying working in a dynamic and exciting environment.
Hands-on experience working with operating systems.
Knowledge of security testing frameworks, such as OWASP.
Proficient knowledge of Unix/Linux systems and Mac OS.
Knowledge of at least one scripting language (Python, PowerShell, etc.).
Experience with Windows client/server environments, VMware/Citrix, and cloud environments and technologies (e.g., AWS, Azure).
Certifications such as CCNA, NCSA, Linux Essentials, CompTIA-Security+, (ISC)2-SSCP.
What we will offer you!
Our benefits package includes:
Annual leave starting at 25 days (plus bank holidays), contributory pension scheme, cash health plan, cycle to work scheme, global bonus plan, share scheme, rewards scheme, life assurance, and overtime premiums.
Minimum Qualifications
We offer a competitive, family friendly total rewards package. We design our programs to reflect our commitment to an inclusive environment, while ensuring we provide benefits that meet the diverse needs of our employees.
KLA is proud to be an equal opportunity employer
Be aware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as KLA employees. KLA never asks for any financial compensation to be considered for an interview, to become an employee, or for equipment. Further, KLA does not work with any recruiters or third parties who charge such fees either directly or on behalf of KLA. Please ensure that you have searched KLA’s Careers website for legitimate job postings. KLA follows a recruiting process that involves multiple interviews in person or on video conferencing with our hiring managers. If you are concerned that a communication, an interview, an offer of employment, or that an employee is not legitimate, please send an email to talent.acquisition@kla.com to confirm the person you are communicating with is an employee. We take your privacy very seriously and confidentially handle your information.
About the Company
KLA develops industry-leading equipment and services that enable innovation throughout the electronics industry. We provide advanced process control and process-enabling solutions for manufacturing wafers and reticles, integrated circuits, packaging and printed circuit boards. In close collaboration with leading customers across the globe, our expert teams of physicists, engineers, data scientists and problem-solvers design solutions that move the world forward. Visit us at: www.kla.com Statements made on LinkedIn may cons... Know more
Related Jobs
- Company Name
- Flint Technology Services
- Job Title
- (IT) Project Manager - Air 2 Ground Network
- Job Description
- Job Details Project Manager - Air 2 Ground Network (Contract) Project Manager - Air 2 Ground Network (Contract) Location: Bristol, United Kingdom Country: UK Rate: Negotiable Role Overview We are seeking an experienced and proactive Project Manager to oversee and coordinate critical service operations projects with a strong focus on Air-to-Ground (A2G) network service management. The ideal candidate will have a robust background in telecom service operations, supplier coordination (Ericsson and Nokia), and a good understanding of service management systems and financials. This role also encompasses elements of estates management and requires regular interaction with external authorities and internal stakeholders. Key Responsibilities Work closely with Service Operations teams and strategic suppliers (Ericsson and Nokia) to ensure timely and efficient delivery of services. Manage and support Service Management activities, ensuring alignment with relevant processes and systems (including OSS, NetAct, DCAP, etc.). Act as a key point of contact with external Authorities to define, negotiate, and manage operational interfaces and interaction models for the A2G Network. Oversee project financials related to A2G Service Management, ensuring transparency, compliance, and cost-effectiveness. Contribute to Estates Management, ensuring that infrastructure requirements are aligned with service and operational needs. Drive project timelines, risks, and resource planning while maintaining alignment with strategic objectives. Provide regular status reporting to leadership and stakeholders, escalating issues when necessary. Required Skills & Experience Proven experience in telecom service operations project management, especially working with vendors such as Ericsson (E///) and Nokia. Strong understanding of Service Management principles and tools (OSS, NetAct, DCAP). Demonstrated experience engaging with regulatory or governmental authorities. Familiarity with financial management in the context of service delivery and operations. Exposure to or experience in Estates Management or infrastructure coordination is a plus. Excellent communication, stakeholder management, and negotiation skills. Ability to work independently in a complex, fast-paced environment. Posted Date: 08 May 2025 Reference: JSPMA2G Employment Business: Flint UK Technology Services Contact: Adele Cecere hide
- Company Name
- TechShack
- Job Title
- Security Compliance Analyst
- Job Description
- Security Compliance Analyst We're partnering with a leading cybersecurity company on the hunt for a senior-level Compliance & Assurance Specialist ready to step into a high-impact role. This is more than just a box-ticking compliance job. It’s a strategic position at the intersection of security, risk, and commercial enablement. You’ll be the go-to voice on compliance across internal and external touchpoints, helping to shape how the company scales securely and transparently. Why This Role? Influence at Scale: Engage directly with leadership, clients, legal teams, and auditors. You’ll be a critical enabler of trust for some of the world’s most high-profile organisations. Room to Grow: As the company continues to expand globally, there’s significant scope to evolve this role into a leadership or specialist path. Real Autonomy: Drive the roadmap for frameworks like SOC 2 and FedRAMP. Lead audits. Own the processes — not just maintain them. High-Caliber Team: You’ll be joining a mission-led organisation with deep expertise in cybercrime disruption and a reputation for punching far above its weight. Core Responsibilities: Architect, manage, and continuously evolve compliance frameworks (e.g., SOC 2, Cyber Essentials, FedRAMP). Lead the end-to-end audit lifecycle — from evidence gathering to external walkthroughs. Work closely with legal to interpret and operationalise regulations and standards. Act as the internal subject matter expert for risk, policy development, and governance. Guide commercial and procurement teams through client assurance processes. Contribute to contract reviews and support strategic deal negotiations with compliance insight. What You’ll Bring: A background in cybersecurity, tech, or SaaS, ideally in a regulated or enterprise-driven environment. Hands-on experience with security standards, audits, and client/vendor assurance. Confidence in communicating with both technical teams and executive stakeholders. A forward-thinking mindset that goes beyond compliance — you think about risk, business alignment, and long-term scale. Security Compliance Analyst
- Company Name
- Seagate Technology
- Job Title
- Cloud Security Architect
- Job Description
- About Our Group Are you passionate about cybersecurity and cloud computing? We are seeking a dedicated Security Engineer to join our team and protect our cloud data centers. LYVE is an edge-to-cloud mass storage platform from Seagate – built for the distributed enterprise to capture the unstructured data explosion. Cloud Storage-as-a-Service platform is an S3-compatible storage-only cloud that enables always-on mass capacity data storage and activation. It is designed as a simple, trusted, and efficient service allowing enterprises to unlock the value of their massive unstructured datasets. LYVE is a natural extension of Seagate’s leadership in mass data solutions, combining our mass capacity HDD innovation with deep storage industry knowledge to help customers activate more of their valuable data. About The Role - You Will This position is a critical role inside the LYVE Cloud Information Security team. Information Security is a strategic imperative for LYVE Cloud and ensuring the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies is critical to our mission. Work closely with your colleagues in the Information Security organization and stakeholders across the LYVE Cloud function to ensure appropriate architectual objectives are in place and that security policies are effectively implemented. Participate in all aspects of Security Operations Architecture to identify, protect, detect and respond to Cyber threats with the objective of avoiding business disruption, breach of customer information and reputational damage to Seagate. Key Responsibilities Architect and Implement Security-as-Code: Embed security controls directly into CI/CD pipelines and infrastructure-as-code (IaC) tools such as Terraform, CloudFormation, or Pulumi. Security Automation & Tooling: Lead the development of automation tools for vulnerability scanning, static/dynamic code analysis, container security, and policy enforcement. Threat Modeling & Risk Management: Conduct advanced threat modeling and provide risk assessments for infrastructure, applications, and cloud platforms. Incident Response Engineering: Build and enhance security monitoring, alerting, and response capabilities across cloud-native and hybrid environments. Cross-Functional Collaboration: Act as the security SME (subject matter expert) working closely with engineering, DevOps, product, and compliance teams to ensure security is baked in from design to production. Mentorship & Leadership: Provide mentorship to junior engineers and help shape security culture and practices across teams. Compliance & Governance: Ensure alignment with security best practices and regulatory requirements (e.g., SOC 2, HIPAA, ISO 27001, FedRAMP). About You You are humble and empathetic and recognize the worth of Seagate’s values of Inclusion, Innovation and Integrity You have a strong work ethic and are outcomes-focused You believe in life-long learning in this dynamic and fast-moving field You are self-driven and change energizes you You strive for excellence You recognize that our colleagues and our relationships are the most valuable assets we have Your Experience Includes 8+ years in security engineering, DevOps, or cloud infrastructure roles, with 3+ years in a SecDevOps or DevSecOps capacity. Deep Expertise In CI/CD platforms (e.g., GitHub Actions, GitLab, Jenkins, CircleCI) IaC tools (e.g., Terraform, CloudFormation) Container and orchestration platforms (e.g., Docker, Kubernetes) Security tools (e.g., Snyk, Checkov, Aqua, Twistlock, Trivy) Proficiency in at least one programming/scripting language (Python, Go, Bash, etc.). Strong understanding of security frameworks and best practices (e.g., NIST, CIS Benchmarks, MITRE ATT&CK). Experience implementing scalable logging, monitoring, and incident response in distributed systems. Excellent communication and presentation capabilities combined with ability to clearly articulate complex information security proposals and to influence stakeholders at all levels up to and including executive management Clear understanding of security processes and technologies including: Access control, Incident response, Threat Hunting, Vulnerability Assessment, Security Monitoring and Compliance Being well-versed in digital forensics, malware analysis, operating systems, encryption schemas & algorithms, IAM, authorization and authentication mechanisms and PKI Strong knowledge of Cyberattack Kill Chain, Cybersecurity Defense, Attack Monitoring (SIEM / Elk stacks) including documentation and ticketing fundamentals and security technology architectures Desirable certifications such as CISSP or CGIH, CGFE, CGFA Location: Remote - UK/London Travel - 10% Location: Remote United Kingdom, Amsterdam, Netherlands, Dubai United Arab Emirates, Dublin, Ireland, Marlow United Kingdom, Remote Belgium, Remote Germany, Remote Italy, Remote Northern Ireland, Remote Scotland Travel: Up to 10%
- Company Name
- Ventula Consulting
- Job Title
- GRC Analyst – Information Security - FTSE 100 Market Leader
- Job Description
- GRC Analyst – Information Security - FTSE 100 Market Leader GRC Analyst with a focus on infosec governance, risk and compliance required by a market leading brand. The information security analyst will assist in establishing and monitoring the corporate information security policy, standards, procedures, guidelines, internal controls and business continuity to ensure critical Information is protected, in alignment to Cyber Security best practice and data protection regulation. This role requires a particular knowledge around PCI DSS, and ideally my client is looking for an individual who has worked to help an organisation achieve PCI DSS compliance working with 3rd party experts. The focus of this role will be to represent information security being able to interpret technical design and how information security best practices should be applied. Also be able to lead with incident management investigations and conduct risk and vulnerability assessments where appropriate. Key Accountabilities & Responsibilities Role Accountabilities Conduct risk and vulnerability assessments to identify and mitigate security risks Represent information security within projects ensure best practice is adhered to. Coordinate across departments to ensure risk is managed through compressive security measures and polices Incident response and management – lead and participate in complex incident investigations Develop and maintain cyber incident response plans and playbooks. Conduct post-incident reviews and implement lessons learnt to improve the organisation’s security posture Requirements: Either Technical Operations Security experience with an interest to work within a governance role or experience working in a Security Governance role Ability to assess system controls based on a documented standard Will be able to demonstrate ability in problem analysis and resolution Strong communication skills to be able to influence best practice at all levels of the organisation, with the ability to explain technical problems to non-technical business stakeholders at all levels Ability to build effective relationships to influence and negotiate business outcomes Experience of working with and presenting findings to Senior Stakeholders Hold recognised Cyber Security qualification (CISA, CISMP, CISM or equivalent). Knowledge of industry related frameworks such as ISO27001, PCI DSS This role is based in Northampton and is a hybrid position with on average 2 days a week on-site. The salary is between £50-£60k + Bonus + Package.