nine out of ten days auditing. You'll need to be comfortable with interacting and speaking to different people in all capacities. To ensure you have a good work / life balance, we like to minimise the travel requirements on our Auditors wherever possible, which may also include some remote auditing. That means for this role, we're looking … audits for Qualified Trust Service Providers (QTSPs) under the eIDAS Regulation. Evaluating systems, policies, and processes for adherence to standards such as ETSI EN 319 401, 319 411-1 / -2, EN 319 421 and other relevant specifications. Producing and reviewing detailed audit reports with actionable recommendations. Staying updated on legislative changes and technical standards within the trust services … Required Skills & Experience Proven experience in digital trust services or information security. In-depth knowledge of eIDAS Regulation and related ETSI standards. Certifications such as CISA, ISO/IEC27001 Lead Auditor, or equivalent (preferred). Strong understanding of cryptographic principles and Public Key Infrastructure (PKI). Excellent analytical skills and attention to More ❯
is a hands-on role with significant influence: you will design systems, implement tooling, measure productivity gaps, and drive adoption of better practices across the engineering organisation. Requirements CI / CD Infrastructure & Tooling Own and operate CI / CD systems (GitHub Actions, runners, caching, artifact storage). Maintain stability, scalability, and cost-effectiveness of pipelines. Build and maintain … systems for our monorepo. Ensure CI / CD observability, with metrics flowing into Datadog / Slack. Pipeline Instrumentation & Optimisation Analyse pipelines for inefficiencies (e.g., flaky tests, redundant steps, lack of caching). Recommend and implement optimisations (parallelisation, test selection, caching strategies). Define benchmarks and KPIs (e.g., build times, flakiness %, cost per run). Measure and report on … productivity gaps (e.g., time lost to flaky tests, slow builds, manual release steps). Onboarding & Documentation Maintain up-to-date documentation on SDLC processes, CI / CD, release flows, and GitHub usage. Provide templates, playbooks, and starter kits. Automate repetitive onboarding processes. GitHub & SDLC Guardrails Own GitHub governance (branch protections, repo standards, integrations). Implement base SDLC guardrails (PR More ❯
security architecture function and contribute to the development of a multi-year Cyber Security Strategy. Key Responsibilities Define and embed Security Architecture Principles across all projects and changes. Develop ISO27001-compliant Security Policies and an ISMS. Create Reference Architecture and models for Identity Management and Privileged Account Management. Contribute to the redevelopment and testing of the Security Incident Response Plan More ❯
newport, wales, united kingdom Hybrid/Remote Options
Hays
and mentor a team of Infrastructure Engineers and DevOps specialists. You'll define and implement infrastructure and DevOps roadmaps, oversee cloud environments (AWS & Azure), and drive automation through CI / CD pipelines and Infrastructure as Code. Your responsibilities include: Leading improvements in AWS & Azure environments (EKS … VPC, IAM, RDS, Azure Firewall, Azure AD, Defender for Cloud). Managing container orchestration (Kubernetes) and serverless functions. Ensuring high availability, disaster recovery, and cost optimisation. Driving security compliance (ISO27001, GDPR) and risk mitigation. Collaborating with service delivery, development, product, and security teams. What you'll need to succeed Proven leadership experience in infrastructure and DevOps (2+ years). Strong … expertise in AWS architecture and Infrastructure as Code (Terraform / CloudFormation). Hands-on experience with CI / CD, containerisation (Docker / Kubernetes), and automation. Advanced understanding of networking, security, and cloud operations. Familiarity with monitoring tools (CloudWatch, Prometheus, ELK). Excellent problem-solving and stakeholder management skills. Relevant IT qualification or equivalent experience. Desirable: AWS certifications More ❯
etc.) Security Controls: Implement and maintain security controls, continuously improving detection, prevention, and remediation. Vendor Risk & Audit: Conduct vendor risk assessments, support internal and external audits (e.g. Cyber Essentials, ISO27001), and manage remediation actions. Cyber Security Program: Support the execution of the UK Cyber Security Program, contributing to the implementation of key security initiatives and enhancements aligned with UK business … security operations, engineering, or cyber threat management. Strong knowledge of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials … ISO27001, NIST CSF, and GDPR. Ability to support internal / external audits and drive remediation efforts. UK Permanent Residency or Citizenship Required More ❯
