Job Title: SOC Manager Role Overview: As a SOC Manager, you will lead and manage the Security Operations Center to enhance incident response, threat detection, and overall security posture. Collaborating with your team, you will improve processes, establish response protocols, and act as the primary escalation point for critical incidents. You will also coordinate with internal and external stakeholders to ensure seamless operations and compliance with security standards. Key Responsibilities: Oversee SOC operations, incident response, and threat detection capabilities. Lead process improvements, audit SOC incidents, and develop new use cases and automation. Serve as a POC for SOC engineering, threat intelligence, and threat exposure management teams. Mentor security analysts in risk management, incident response, and operational procedures. Develop and present reports, dashboards, and metrics to senior management. Act as the primary Incident Manager and coordinate responses to emergencies. Ensure security tools and policies adhere to industry standards and best practices. Collaborate with IT teams on escalations, tracking, and performance improvements. Key Skills and Experience: Strong knowledge of authentication, endpoint security, firewalls, PKI, DLP, IAM, EDR, and SOAR. Proficiency in SIEM technologies like Splunk ES, QRadar, or Google Chronicle. Expertise in SOC automation, cloud operations (AWS), and building security operations centers. Experience in incident management, threat modeling, and developing security use cases. Excellent communication and presentation skills, including reporting to senior management. Ability to lead under pressure and drive process improvements effectively.

Excellent people skills, able to positively influence up to board level. Previous experience and background in Information Security at a management level Background and previous experience of IT security control. Significant experience of working and influencing cross-functionally and managing external agencies. Experience of relationship management of senior stakeholders. Experience in manufacturing Industries and OT. Experience in IoT technologies & connected car. Agile code development toolsets. Specialist skillsets in Network Security. Specialist skillset in Cloud Security. Knowledge and experience in Information Security Auditing Techniques.

Knowledge on the CSMS process and Overview on the UN-R155 and UN-R156 regulations, and awareness about the ISO21434. Awareness on the different Cyber Security Mitigations (Cyber Hygiene, Secure Boot, Signed SW, SecOC, Secure Diagnostics, Secure Debug, etc.,) for the ECUs and the Network and knowledge of the Security Controls found in SOTA, Mobile Communications and Cloud) for the offboard aspects. Knowledge on the CSMS process with awareness on ISO21434 is a must. Experience in DIA/CIA, Cyber Security Plan, Item Definition, TARA is the least expectation. An awareness on the Network architecture, Communication Protocols, ECU hardware, HSMs. Strong documentation and communication skills Self-Driven and flexibility to learn Team Player Vehicle Security must

Key skills/knowledge/experience: Significant prior experience as a subject matter expert within Identity and Access Management, in particular deep technical knowledge of identity management within a Microsoft Environment (Windows Operating Systems & Active Directory), Linux based operating systems (desktop & server), Core infrastructure (network, databases). Significant knowledge of Identity and Access Management governance principles and best practices. Experience in managing information security risk relating to identity. Knowledge of SAML/OAUTH protocols. Experience of working and influencing cross-functionally and managing external agencies Good working knowledge of industry IT compliance standards, particularly in design and implementation. Experience of relationship management of senior stakeholders. Strong IT skills, able to analyse data for reporting purposes and follow work instruction. Relevant degree or equivalent experience preferred. Desirable skills/knowledge/experience Knowledge of identity and access management within a DevOps environment, including API Management platforms, containerisation and cloud platforms (Google/Azure/AWS). Knowledge and experience in Information Security Auditing Techniques. Knowledge and experience in Managing Information Security for operational technology (eg PLCs, Embedded systems in plant machinery). Knowledge and experience in Managing Information Security within a manufacturing organisation. Have an understanding of the business areas such as Suppliers and Retailers and how their systems work.

Proven hands on Penetration Testing experience and track record of delivery in a field relevant to the role, eg In-Vehicle Network, (CAN, FLexray, Automotive Ethernet etc.), Embedded systems security, threats and attacks within Infotainment, Telematics, Power Train etc. Experience of Security Assessment and Penetration Testing Tools within Vehicle Electrical Architecture and external interfaces such as Bluetooth, WiFi, Mobile Communications, etc. Experience in developing user-friendly and automated Penetration Testing Methodologies, Tools and Frameworks. Proven experience of Vehicle Diagnostics debug interfaces knowledge (ie UDS ISO 14229, ASM XCP). Experience working with JTAG via multiple types of debuggers eg Jlink. Low-level Embedded Systems and Electronics experience strongly desirable. Ability to plan and execute ECU level & vehicle level Penetration Tests. Technical understanding of Automotive cyber security controls at both ECU and Vehicle level. An ability to think analytically, rigorously and creatively with a commitment to quality and outstanding results.

Key skills/knowledge/experience: Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field; advanced degree preferred. Experience in project management, preferably within information security, cryptography, or cybersecurity. Strong understanding of cryptographic principles, algorithms, and protocols (eg, RSA, AES, ECC, SHA). Experience with project management methodologies (Agile, Scrum, Waterfall) and project management tools (eg, Jira, Asana, MS Project). Knowledge of data protection standards, including FIPS, NIST, GDPR, HIPAA, and other relevant regulations. Familiarity with public key infrastructure (PKI), key management systems (KMS), HSM & digital signatures, and related security tools. Excellent organisational, communication, and interpersonal skills. Desirable skills/knowledge/experience: Project Management Professional (PMP) or Certified Information Systems Security Professional (CISSP) certification. Familiarity with programming languages such as Python, Java, or C++. Experience in conducting security audits, vulnerability assessments, and cryptographic compliance assessments. Hands-on experience with cloud security, especially with AWS or Azure cryptographic services.

Job Description : We are looking for an OCI Platform Admin Engineer to be part of the Programme Management team of the Finance Modernisation Programme to build and manage cloud-based infrastructure, working alongside a fantastic programme team and reporting into the Technology ERP Platform Lead. The Finance Modernisation Programme is a major programme that offers unique learning opportunities due to its scale and complexity and use of Cloud applications and services. Job description Skilled and experienced in a wide variety of Tech Oracle Cloud solutions, you will support a broad range of services, which will include: OCI Management: Manage cloud-based infrastructure, including virtual machines, storage solutions and networking components. Work as part of a team to implement and manage OCI PaaS and SaaS services. Ensure these are optimized for OCI and that they meet Bank’s requirements. Know how to proficiently use and supervise the use of container deployment and orchestration platforms (e.g. Kubernetes). Manage backup and DR strategies using Oracle Managed Automatic Backups as well as Object Storage and Autonomous Data Guard OCI Monitoring: Configure, manage, audit and alert on the availability and performance of the OCI environment. Manage the performance of OCI resources, diagnosing and troubleshooting issues. Make changes to optimize system/platform performance. Automate: Develop and implement automation processes to simplify the management of cloud-based infrastructure. Control costs: Understand and optimize costs by looking at the main cost drivers and working with all stakeholders involved to ensure best use of resources, for example: Understand data egress and API requests and how these components factor into cloud billing. Learn how pricing differs from Cloud VMs and serverless functions and how to right-size a VM instance to reduce costs. Learn about Oracle price models around storage and know how to utilize them to design and run cost effective cloud workloads. Collaborate with other IT teams: Work closely with other teams in IT, including application developers and devops (e.g. ACS) as well as Cyber or IT Infra engineers to ensure OCI meets Bank’s requirements and can support its goals Act as a single point of contact for external partners looking to interact with the OCI platform (e.g. system integrators, auditors, consultants etc)

Key skills/knowledge/experience: Experience in technical strategy and owning projects from end-to-end. Expertise with data management: structured and unstructured DBs, SQL and RDBMS technologies, SOA design principles. Experience in understanding large code bases, including API design techniques. Knowledge in UI/UX, which can be reflected in your work. Extensive experience and proficiency in Salesforce platform, including knowledge of Health Cloud, Lightning Platform, and other relevant products. Proficiency in Apex, Visualforce, Lightning Components, and other Salesforce-specific technologies for development and solution building. Experience designing and implementing integrations with third-party systems, utilizing APIs, Middleware, and other integration tools. Strong knowledge of data architecture, data modelling, and data migration strategies, ensuring data quality and integrity. In-depth understanding of Salesforce security best practices, authentication mechanisms, and compliance with industry regulations. Skill in identifying and resolving performance bottlenecks, optimizing system responsiveness, and enhancing user experience. Technical Documentation: Ability to create comprehensive technical documentation, including solution designs, architectural diagrams, and configuration details. Problem-Solving: Strong analytical and problem-solving abilities to address complex technical challenges and provide innovative solutions. Adaptability: Willingness to stay current with the latest Salesforce releases, features, and industry trends, and adapt strategies accordingly. Business Acumen: Understanding of business processes and the ability to translate business requirements into technical solutions that drive value. Strategic Thinking: Capability to align technical solutions with long-term business goals and develop a cohesive Salesforce architecture roadmap.

Role Name : IAM Consultant Role Location : Edinburgh, Scotland Role Type : FTE Job Description : • Strong experience in IT & Cybersecurity • Perform access recertifications, conducting audits and supporting internal and external supports audits • Manage access right and privileges and gathering Evidence – e.g., Joiners, movers abd Leavers (JML) processes • Support compliance, including SOX 1 and SOX 2 compliance • Conduct 800 separate cycles of recerts of recertification • Access and deploy any new vendor for identity governance management tooling • Apply a risk-based certification • Carry out access management support on tools used internally and externally by customers • Provide IAM Governance support on recertification projects Assess date integrity to ensure that information is correct. Determine and issue access and privileges based on role & responsibility • Gather intelligence, evidence from business areas, and produce relevant reports • Performing user administration in a Windows Active Directory environment. • Performing user administration task for various in-house and third-party applications • Creating and maintaining mailboxes, distribution list, contacts and public folders • Adhere to SSAE16 and SOX audit requirements pertaining to identity and access management job requirements, access governance, obtaining and documenting approvals etc. • Interact with business users to explain the details of the unstructured data projects and work with them closely and help them understand the initiative.