1 to 25 of 53 Permanent Secrets Management Jobs in England

Acadian Asset Management LLC is a Boston-headquartered investment management firm with wholly owned affiliates located in Singapore, London, and Sydney. As of March 31, 2025, the firm managed approximately US$122 billion on behalf of major pension funds, endowments, foundations, governments and other investors based in the U.S. and abroad.Position Overview:The Senior Security Engineer, reporting to … and consistently governing our AWS Platform-as-a-Service (PaaS) infrastructure. We are looking for candidates with deep experience and understanding of continuous delivery, container security, SAST/DAST, secrets management, Identity and Access Management (IAM) governance, privilege management, encryption and key management, threat detection, logging, cloud infrastructure security and policy-as-code.What You'll … Utilizing tools like AWS Config, Security Hub, Inspector, Guardduty, and Crowdstrike Falcon, assess monitor and prioritize remediation of Cloud security vulnerabilities. Develop and maintain tools to detect and remove secrets from code check-ins. Establish development best practices for working with code libraries such as docker, pypi and others, ensuring that libraries are only obtained from trusted sources, e.g. More ❯

the successful candidate. You can expect: Design and manage scalable, secure cloud environments using Azure Bicep, ARM, or Terraform Lead the implementation of DevSecOps practices including CI/CD, secrets management, zero-trust security, and vulnerability management Develop secure cloud-native architectures including microservices, containers, and serverless patterns Ensure compliance with industry security and privacy standards ( e.g. … need to succeed in this role Deep experience in Azure infrastructure (with IaC using Bicep, ARM, or Terraform) Hands-on knowledge of DevSecOps tooling and techniques (CI/CD, secrets management, threat modelling) Experience implementing security standards across cloud and hybrid environments Familiarity with container security ( e.g. Docker, Kubernetes) A strong understanding of compliance frameworks such as ISO More ❯

with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response in MOD environments. Security compliance and regulatory frameworks (e.g., NIST, CIS Benchmarks). Experience working with … and security teams. Ability to advocate for security best practices in a DevOps culture. Desirable Skills Containerisation Security Expertise in Kubernetes security (e.g., RBAC, network policies, pod security standards, secrets management). Knowledge of container runtime security (e.g., container escapes, rootless containers, sandboxing). Image security best practices, including scanning, signing, and provenance verification. Secure deployment patterns using … CI/CD Security Secure CI/CD pipeline design with security testing using like Git and SonarQube. Implementation of Infrastructure as Code (IaC) security (e.g., Terraform, Ansible). Secrets management in CI/CD pipelines using Vault or Kubernetes Secrets. Security automation and policy enforcement using tools like GitHub Actions, GitLab CI and Jenkins. Cloud & Infrastructure Security More ❯

with technical and business teams to address security flaws and implement remediation plans. • Oversee application security tasks, ensuring alignment with audit requirements and internal policies. • Support change and incident management processes, with a focus on high-priority incidents (P1 & P2). • Provide guidance to development and support teams on security-related ticket requirements and process expectations, ensuring SLA compliance. … functions, including audit preparation and policy development. • Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics. Required Key Skills (Functional/Technical) Application Security & Vulnerability Management • Familiarity with Common Vulnerability Scoring System (CVSS) • Experience with tools like OWASP ZAP, Veracode, Rapid7 (on-prem), and Wiz.IO (cloud vulnerability management and CSPM) • Track and assist in … of network security principles and firewall configurations • Familiarity with SSO and MFA using OKTA, and directory services such as MS Active Directory • Experience with CyberArk PAM for privileged access management Security Information and Event Management (SIEM) • Use of Splunk SIEM for real-time threat detection and log analysis • Review and optimise SIEM use cases to enhance threat detection More ❯

support secure, reliable, and efficient access to compute resources in an on-premise datacenter environment. You will work closely with engineers and researchers to implement solutions around deployment, configuration management, and system security. Essential functions Implement and maintain infrastructure-as-code using tools like Terraform and Ansible Develop and manage secure access and identity controls, particularly using AWS IAM … and related services Support deployment of internal services with HTTPS, secrets management, and authentication tooling Contribute to the configuration and monitoring of HPC systems and related services Design and support centralized log collection and syslog forwarding for the compute cluster Collaborate with software and infrastructure teams to ensure reliable compute access for researchers Qualifications Strong understanding of infrastructure … automation tools such as Terraform and Ansible Experience working with AWS, including VPCs, EC2, IAM, and related services Familiarity with secure service deployment practices including TLS/HTTPS and secrets management (e.g., Vault) Experience with centralized logging (e.g., syslog, journald, log forwarders, ELK, or Loki/Promtail) Comfort working in Linux environments and automating common administrative tasks Knowledge More ❯

ensure high availability, security, and performance Managing service observability and reliability, including logging, metrics and alerting (we use Prometheus and Grafana) Handling database and service upgrades (e.g. MySQL, Kubernetes), secrets management and security best practices Taking ownership of platform-level concerns such as deployment pipelines, configuration management, and cost awareness Helping drive pragmatic AI utilisation across our … including deploying to production Strong fundamentals of Java or Kotlin development practices A good grasp of principles behind building reliable and scalable systems, including redundancy, time complexity, and memory management Hands-on experience with cloud infrastructure and container orchestration, ideally with Kubernetes on GCP, and a strong understanding of platform reliability, cost awareness, and secure configuration Solid understanding of … security best practices across infrastructure and applications, including secrets management and credential rotation. Familiarity with infrastructure-as-code or automation tools is a plus Experience with observability tools (such as Prometheus and Grafana), service monitoring, and debugging in production environments A demonstrated interest in staying up-to-date with new technology, new frameworks, new languages and other developments More ❯

and discoverability. Build end-to-end monitoring and observability for your pipelines: owning data quality, latency, completeness, and lineage at every stage. Champion secure, governed data practices : access controls, secrets management, encrypted data-in-transit/at-rest, and compliance with frameworks like GDPR. Collaborate closely with AI, Platform, and Product teams , provisioning data sets, feature tables, and … code at scale. Modern Data Pipelines: Experience with batch and streaming frameworks (e.g., Apache Spark, Flink, Kafka Streams, Beam), including orchestration via Airflow, Prefect or Dagster. Data Modeling & Schema Management: Demonstrated expertise in designing, evolving, and documenting schemas (OLAP/OLTP, dimensional, star/snowflake, CDC), data contracts, and data cataloguing. API & Integration Fluency: Building data ingestion from REST … warehouse paradigms. Observability & Quality: Deep familiarity with metrics, logging, tracing, and data quality tools (e.g., Great Expectations, Monte Carlo, custom validation/test suites). Security & Governance: Data encryption, secrets management, RBAC/ABAC, and compliance awareness (GDPR, CCPA). CI/CD for Data Systems: Comfort with automation, infrastructure as code (Terraform), version control, and release workflows. More ❯

platforms Strong containerisation knowledge (e.g. Docker, Kubernetes) Nice to have: Experience with Kafka in production (including multi-datacentre setup) Familiarity with service discovery (e.g. Consul, Istio, Linkerd) Knowledge of secrets management tools (Vault, AWS Secrets Manager) Good grasp of networking fundamentals (OSI model) We're expanding! From September 2025, Zopa will be opening a brand-new office More ❯

of experience as a software engineer Object-oriented/scripting languages (e.g. Python, Groovy, C#, Java, or Ruby) Implement CI/CD pipelines (e.g. Jenkins, GitLab CI) Source control management tools (e.g. Perforce, Git) Configuration management tools (e.g. Chef, Ansible, Terraform, Packer) Secrets management tools (e.g Vault) Virtualization environments and tools (e.g. VMs, vSphere) Data and More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

OpenShift), CI/CD pipelines, and infrastructure as code (Terraform) Security integration experience across the DevSecOps lifecycle, including: SAST, DAST, SCA, and IAST tools (e.g., Checkmarx, Veracode, OWASP ZAP) Secrets management tools like HashiCorp Vault Vulnerability management solutions such as Prisma Cloud Testing frameworks like Selenium Familiarity with JIRA, Confluence, and GitLab/Jenkins-based CI/ More ❯

pipelines using CloudBees and GitLab Build out observability with Prometheus, Grafana, OpenTelemetry, and Dynatrace Automate cloud deployments (AWS-first) using Terraform and platform tooling Improve security posture across IAM, secrets, and networking Help the team ship faster and safer by mentoring on DevOps and SRE practices We're solving for reliability, compliance, performance, and speed - at once. You'll … and data stack. Observability tooling, e.g. custom metrics pipelines, OpenTelemetry tracing, or integrations across telemetry stacks. Security engineering and practical understanding of IAM hardening, zero-trust network principles, and secrets management in data-heavy systems. Passion for building reliable, secure, and user-friendly platforms and products. "Nice To Have": Exposure to Azure or GCP environments. Experience migrating to More ❯

it, which means we have a lot of work ahead of us. What you'll work on Initial projects: Blue/green deployment implementation - Set up zero-downtime releases Secrets management consolidation - We're split between AWS Secrets Manager and Pulumi secrets; need to audit and consolidate Sentry configuration audit - Upgrade our error monitoring to improve More ❯

End Security solutions and controls. Your work will directly impact our global user base Focusing on Automation. Developing automated, scalable security solutions. Efficiency is key Administering HashiCorp Vault for secrets management Performing threat modeling and analysis to identify and mitigate security risks Managing PKI, TLS, and GPG infrastructure Applying cryptography and security design principles to cloud environments Documenting … playbooks, procedures, and architecture Providing subject matter expertise to software development groups to assist in cryptography and key management/authentication API. We are excited if you have Passion for cybersecurity with an effective and passionate drive to protect digital assets. Experience implementing custom, cloud-agnostic IAM at scale Navigate the complexities of working with consumer products, web apps … operating infrastructure in at least one public cloud provider (AWS, GCP, or Azure) Experience managing PKI/X.509 certificate infrastructure. Extensive experience supporting and implementing TLS/SSL certificate management systems Proficient with Token-based authentication services, Perfect Forward Security (PFS), Apache, Nginx, HAProxy Solid knowledge of Linux security and system operations. Benefits Roku is committed to offering a More ❯

services that matter Preferred Tech Stack Expertise Cloud Infrastructure: AWS (EKS, RDS, Aurora, ElastiCache, Kafka, IAM) Secure Hosting: Experience working with air-gapped or government-secure environments Container & Cluster Management: Docker, Kubernetes, Rancher, Jenkins, Helm Monitoring & Observability: Prometheus, Grafana, ELK Stack, Dynatrace Secrets & Identity Management: HashiCorp Vault, Keycloak CI/CD & DevOps Tooling: Jenkins, Git, ServiceNow, Trivy … all services are compliant with security standards and support the change and release governance model. Build and maintain infrastructure components like event streaming (Kafka), databases (Aurora, RDS, Redis), identity management (Keycloak), and caching layers. Enhance and maintain CI/CD tooling and self-service developer pipelines for tenant teams. Proactively manage and resolve tech debt by working with central … roadmap, collaborating with internal/external platform and infrastructure teams to support scalable and resilient services. Support critical national infrastructure tasks including platform deployments, incident/problem/change management, and continual service improvement (ITIL-aligned). Use and integrate ServiceNow (or its successor) to track and manage changes, incidents, requests, and problem records. Support replication services, match engines More ❯

services that matter Preferred Tech Stack Expertise Cloud Infrastructure: AWS (EKS, RDS, Aurora, ElastiCache, Kafka, IAM) Secure Hosting: Experience working with air-gapped or government-secure environments Container & Cluster Management: Docker, Kubernetes, Rancher, Jenkins, Helm Monitoring & Observability: Prometheus, Grafana, ELK Stack, Dynatrace Secrets & Identity Management: HashiCorp Vault, Keycloak CI/CD & DevOps Tooling: Jenkins, Git, ServiceNow, Trivy … all services are compliant with security standards and support the change and release governance model. Build and maintain infrastructure components like event streaming (Kafka), databases (Aurora, RDS, Redis), identity management (Keycloak), and caching layers. Enhance and maintain CI/CD tooling and self-service developer pipelines for tenant teams. Proactively manage and resolve tech debt by working with central … roadmap, collaborating with internal/external platform and infrastructure teams to support scalable and resilient services. Support critical national infrastructure tasks including platform deployments, incident/problem/change management, and continual service improvement (ITIL-aligned). Use and integrate ServiceNow (or its successor) to track and manage changes, incidents, requests, and problem records. Support replication services, match engines More ❯