configuration and real-time threat visibility Oversee firewall, VPN, and intrusion prevention configurations to maintain secure network boundaries Support certificate and key management following encryption and PKI best practices Vulnerability, Threat, and Risk Management Automate vulnerabilityscanning and penetration testing using tools (Qualys, Nessus, OpenVAS) and custom scripts Coordinate third-party penetration tests and track remediation actions … cloud and on-premise environments Strong knowledge of network security, endpoint protection, and cloud security principles Hands-on experience with security tools such as SIEM, EDR/XDR, and vulnerability scanners Understanding of regulatory frameworks including GDPR, ISO 27001, and FCA requirements Experience with scripting and automation (Python, PowerShell, or similar) Ability to analyze security incidents and recommend appropriate More ❯
for the MSP's own security posture ensuring tools, processes, and teams meet the same standards we deliver to clients. They monitor measurable posture metrics (e.g., Microsoft Secure Score, Vulnerability etc.), ensure continuous improvement, and keep the MSP's security practice relevant through ongoing training, certifications, and emerging threat awareness. While day-to-day execution is delegated to Security … the Security Lead owns security end-to-end: identifying risks, embedding controls, and ensuring compliance is demonstrable. Key Responsibilities Client-Facing Lead Quarterly Security Reviews (QSRs), presenting patch/vulnerability posture, incidents, compliance status, and risk register updates. Translate technical security risks into clear business impact and outcomes. Own the client exception process, ensuring risks are documented, communicated, and … escalation point for clients when risks require senior involvement. Internal MSP Security Own the MSP's internal security frameworks and certifications (e.g., CE+, ISO, SOC 2). Oversee patching, vulnerability, and risk management of MSP-owned infrastructure and tools. Ensure MSP's technology stack (RMM, XDR, PSA, backup, etc.) is securely deployed and monitored. Drive staff security awareness, training More ❯
Oxfordshire, England, United Kingdom Hybrid / WFH Options
F5 Consultants
as designing and overseeing phishing simulations. Required Skills 2+ years' experience in an information security role Strong understanding of information security and cyber threat defence Hands-on experience with vulnerabilityscanning Ability to explain threats, vulnerabilities, and risks in a business context Experience delivering security training and running phishing simulations Experience with Microsoft Defender and/or third More ❯
oxford district, south east england, united kingdom Hybrid / WFH Options
F5 Consultants
as designing and overseeing phishing simulations. Required Skills 2+ years' experience in an information security role Strong understanding of information security and cyber threat defence Hands-on experience with vulnerabilityscanning Ability to explain threats, vulnerabilities, and risks in a business context Experience delivering security training and running phishing simulations Experience with Microsoft Defender and/or third More ❯
teams and shaping best practice. Essential Skills & Experience 5+ years in IT security or MSP environments . Strong understanding of Cyber Essentials, ISO27001, or NIST frameworks. Experience managing patching, vulnerability, and risk governance . Skilled communicator with the ability to explain risks to non-technical audiences. Proven experience leading client-facing security reviews . Desirable CISSP, CISM , or equivalent … certifications. Experience auditing or delivering compliance frameworks. Familiarity with RMM/XDR/EDR , SIEM, and vulnerabilityscanning platforms. Background in mentoring or managing small teams. Exposure to incident response and tabletop exercises. Reasonable Adjustments: Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome More ❯
Includes Collaborate with stakeholders from IT, Security, Risk, and Compliance teams to gather requirements and deliver effective, scalable solutions Implement integrations between ServiceNow and external systems such as SIEM, vulnerability scanners, threat intelligence feeds, and identity platforms Build automation and workflow solutions using Flow Designer and IntegrationHub Support platform upgrades, security patches, and maintain technical documentation Participate in agile More ❯
following the green book five case model would be a plus and certifications such as: CCP, CISMP, CISSP, CREST. Identity management and federation, public key infrastructure, SIEM, cryptography, firewalls, vulnerability scanning. A varied background, diverse programme exposure and a security-based master’s degree or alternatively STEM degree are needed with an ability to demonstrate your capability as a More ❯
and OpenShift Implement Infrastructure as Code using Terraform, CloudFormation, and Ansible Create and optimise secure CI/CD pipelines with GitLab CI/CD, Jenkins, and ArgoCD Embed security scanning and compliance tools (Snyk, Trivy, Checkov, SonarQube) into automated workflows Manage authentication, access control, and secrets using Vault, AWS Secrets Manager, OAuth2.0, and Zero Trust principles Monitor environments with … OpenShift experience advantageous) Proven expertise in IaC, automation, and modern CI/CD practices Deep knowledge of application security, access management, and Zero Trust Networking Hands-on experience with vulnerabilityscanning, policy-as-code, and automated compliance tooling Proficiency in building secure, reliable, and scalable pipelines and platforms Excellent collaboration skills across cross-functional teams in secure environments More ❯
experience building & enforcing technology standards, risk frameworks, & software asset policies. Control the adoption, contribution, and distribution of OSS across all engineering teams. Full OSS lifecycle selection, license review, onboarding, vulnerabilityscanning, and decommissioning. Comfortable working alongside Legal, Risk, Security, and Procurement. Translating license terms into enforceable technical and legal policies. Managing obligations that can lead to OSS license More ❯
