Implement security hardening for critical Azure applications and access controls. Redesign Azure network security architecture with tools like Azure Firewall and NSGs. Implement Microsoft Purview for data governance, DLP, and compliance policies. Conduct security assessments to address vulnerabilities and misconfigurations. Oversee Azure IAM, including Azure AD and Conditional Access. Automate security tasks using IaC tools and scripting. Provide training More ❯
information security policies, procedures, and best practices. Work with the MSP to implement security-first IT practices. Monitor and respond to security threats, incidents, and vulnerabilities. Improve endpoint protection, data encryption, and backup systems to safeguard sensitive company and customer information. Conduct regular security audits and risk assessments to ensure compliance with regulatory standards. Lead employee training and awareness … Strong understanding of network infrastructure, including firewalls, VPNs, and cloud-based networking solutions. Experience with IAM systems (e.g., Azure AD/Microsoft Entra) and security tools (e.g., endpoint protection, DLP, SIEM). Hands-on expertise with troubleshooting hardware, software, and SaaS issues. Security Knowledge: Familiarity with security frameworks and standards such as SOC 2, ISO 27001, GDPR, or NIST. Experience More ❯
Intune for endpoint security, compliance, and mobile device management (MDM). 2. Cloud & SaaS Security Secure Microsoft 365, SharePoint, Teams, and OneDrive, ensuring DataLossPrevention (DLP) and encryption. Implement Microsoft Defender Suite (Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps) for advanced threat protection. Strengthen cloud security posture by managing security configurations across … and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. Network Security & Infrastructure Protection (Plus Skills) Experience with Layer 7 firewalls (Cisco, Fortinet, Palo Alto, Sophos), VPNs More ❯
in real life environments: Identity and Access Management Capabilities and Solutions.? Infrastructure Security including Endpoints, Operating Systems, Network Security architectures, technologies and the OSI Model. Knowledge of Application and Data Security Solutions and modern practices of deployment. Cryptography including symmetric & asymmetric encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface … Models, AzureAD, MIM, FIM, and modern authentication protocols (SAML, OIDC). Network Security: Proficient in designing segmentation, securing WLAN, LAN, WAN, SDWAN, SaaS proxies, VPNs, firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat … modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, datalossprevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security More ❯
in real life environments: Identity and Access Management Capabilities and Solutions.? Infrastructure Security including Endpoints, Operating Systems, Network Security architectures, technologies and the OSI Model. Knowledge of Application and Data Security Solutions and modern practices of deployment. Cryptography including symmetric & asymmetric encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface … Models, AzureAD, MIM, FIM, and modern authentication protocols (SAML, OIDC). Network Security: Proficient in designing segmentation, securing WLAN, LAN, WAN, SDWAN, SaaS proxies, VPNs, firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat … modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, datalossprevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security More ❯
Newcastle Upon Tyne, Tyne and Wear, North East, United Kingdom
HMRC
in real life environments: Identity and Access Management Capabilities and Solutions.? Infrastructure Security including Endpoints, Operating Systems, Network Security architectures, technologies and the OSI Model. Knowledge of Application and Data Security Solutions and modern practices of deployment. Cryptography including symmetric & asymmetric encryption systems, infrastructure, risks, weaknesses and mitigations. Knowledge and Experience of Modernised Security Operations Centre including Attack Surface … Models, AzureAD, MIM, FIM, and modern authentication protocols (SAML, OIDC). Network Security: Proficient in designing segmentation, securing WLAN, LAN, WAN, SDWAN, SaaS proxies, VPNs, firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust. Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat … modelling, and containerization security. Data Security: Skilled in implementing information protection tools, key and secrets management, datalossprevention, and protective marking and classification capabilities. Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modeling, threat hunting, intelligence, data analytics, and anti-phishing methodologies. Infrastructure and Endpoint Security: Experience with endpoint security More ❯
European Union. You will be responsible for establishing and maintaining a robust security posture, ensuring compliance with local and EU regulations (particularly ACPR and GDPR), and safeguarding our assets, data, and reputation in a dynamic and rapidly evolving fintech landscape. Key Responsibilities: Strategic Leadership: Develop, implement, and monitor a comprehensive information security and risk management strategy and program specifically … Regulatory Compliance: Serve as the primary point of contact for all cybersecurity matters related to French and EU regulations. Ensure full compliance with ACPR requirements, GDPR, and other relevant data protection and cybersecurity directives (e.g., DORA, NIS2 if applicable). Liaise with regulatory bodies and auditors as required. Risk Management: Identify, evaluate, and mitigate information security risks across French … security, cloud security (AWS, Azure, GCP), cryptography, identity and access management, incident response, and disaster recovery. Experience with security technologies such as SIEM, IDS/IPS, WAF, endpoint protection, DLP, and vulnerability scanning tools. Certifications: Professional security certifications such as CISSP, CISM, CISA, CRISC, or equivalent are highly desirable. Languages: Fluency in French and English (both written and spoken) is More ❯
Somerset, United Kingdom Req PURPOSE To work with multidisciplinary teams across Clarks Technology and business areas to identify, design, and build security controls to protect Clarks' applications, networks, and data from security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks … required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host firewall settings, endpoint applications, regulatory requirements, audit issues, endpoint security tools such as DLP, AV, EDR, patching etc. Development of monitoring processes and relevant measures/KPIs/metrics to support ongoing assessment of Clarks' security posture Support business continuity and disaster recovery processes … environments Good understanding of security controls and best practices across a number of the following areas/domains: Network and infrastructure (networking protocol knowledge is an advantage Endpoint (e.g. DLP, Endpoint Detection and Response, File Integrity, SIEM) Database technologies (SQL, Oracle) General cryptography practices (e.g. PKI) Cloud environments (Azure, AWS) Fundamental understanding of privacy and data protection laws and More ❯
systems, ensuring an acceptable risk posture. The Senior Information Security Analyst is highly engaged in risk management, including evaluating vendor risk, examining vendor contracts, understanding third-party risk, and data privacy issues. This individual serves as an expert on cybersecurity protection, detection, response, and recovery, coordinating penetration testing and managing cybersecurity analysts to detect, mitigate, and analyze threats. Works … closely with other teams to develop controls such as firewalls, data leakage prevention, patching, encryption, vulnerability scanning, and configuration of security tools. Prior experience in an international enterprise environment is essential. Responsibilities Collaborate with IT teams to design and implement the company's cybersecurity strategy. Identify and address security gaps through ongoing monitoring and enhancements. Manage access to … required; advanced degree highly desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are highly desirable. Ability to analyze More ❯
environments for financial services clients leveraging GCP security services and best practices. Design and implement Zero Trust Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects …/CD pipelines. Hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python … strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C-suite executives. Experience in defining data classification, governance, and retention policies for financial services. More ❯
environments for financial services clients leveraging GCP security services and best practices. Design and implement Zero Trust Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects …/CD pipelines. Hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python … strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C-suite executives. Experience in defining data classification, governance, and retention policies for financial services. More ❯
environments for financial services clients leveraging GCP security services and best practices. Design and implement Zero Trust Architecture, identity and access management strategies, and secure networking models. Advise on data protection, encryption strategies, regulatory compliance (e.g., FCA, GDPR), and risk mitigation frameworks. Perform security assessments and threat modeling for cloud-native applications and hybrid environments. Collaborate with enterprise architects …/CD pipelines. Hands-on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python … strategies. Knowledge of DevSecOps practices and security integration into CI/CD pipelines. Strong communication and stakeholder engagement skills with experience presenting to C-suite executives. Experience in defining data classification, governance, and retention policies for financial services. More ❯
supporting the engineering lead in configuring, implementing, and maintaining the tools that support all SOC functions. You will assess, implement, configure, and optimise our technical security controls, tools, and data feeds to maintain and continuously improve the visibility across our environments. You will also lead initiatives to improve the security posture and respond to incidents, problems and change requests … a cyber security focused role - Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Desirable skills Ideally you will come from an Infrastructure engineering background. More ❯
Birmingham, Staffordshire, United Kingdom Hybrid / WFH Options
CET Structures Limited
networks, MFA, SSO, Identity management and subscription governance. In-depth experience administering Exchange Online, SharePoint, Teams, Intune and OneDrive for Business. Strong hands-on knowledge of Information Protection and DLP, eDiscovery and Purview, Insider Risk Management, Defender for Cloud, Defender for Endpoint, Defender Vulnerability Management, Microsoft Sentinel, Azure Log Analytics, Azure Backup and Recovery, Azure VMs Knowledge of DNS, DHCP … VPNs, firewalls, and IP routing in cloud environments. Hands-on knowledge with secure data exchange using SFTP and other technologies Understanding of ISO27001 and GDPR; familiar with enforcing security policies and performing vulnerability assessments. Skilled in maintaining and creating accurate technical documentation and working within a change-managed environment. Excellent communicator, both verbally and written Desirable Skills Hands-on More ❯
teams, making the most of a SecOps approach. Mentoring: You'll provide guidance and support to less experienced team members, helping them grow. DataLossPrevention (DLP): You'll monitor, maintain, and enhance our DLP controls across email, endpoints, and cloud services. Data-Centric Security: You'll champion a data-centric security approach, making sure … data classification, handling, and protection are embedded from design to deployment. Zero Trust: You'll promote and support Zero Trust Architecture principles, continuously verifying identities, devices, and access requests. Security Awareness: You'll develop and maintain internal security awareness materials to educate our staff on evolving threats. Attack Simulation: You'll contribute to planning and delivering attack simulation training More ❯
teams, making the most of a SecOps approach. Mentoring: You'll provide guidance and support to less experienced team members, helping them grow. DataLossPrevention (DLP): You'll monitor, maintain, and enhance our DLP controls across email, endpoints, and cloud services. Data-Centric Security: You'll champion a data-centric security approach, making sure … data classification, handling, and protection are embedded from design to deployment. Zero Trust: You'll promote and support Zero Trust Architecture principles, continuously verifying identities, devices, and access requests. Security Awareness: You'll develop and maintain internal security awareness materials to educate our staff on evolving threats. Attack Simulation: You'll contribute to planning and delivering attack simulation training More ❯
security products such as cloud-delivered security services, SASE/SSE, CASB, zero trust access, next-generation firewalls, web security, SSL/TLS protocols, DNS security, anti-malware, DDOS, DLP, NAC, and zero-day attack Experience with deployment and management of Firewall/IDS/IPS including Cisco, Palo Alto, Fortinet, Juniper, and Checkpoint Experience with deployment and management of More ❯
in threat detection and behavioral analytics with strategic collaboration across security, HR, legal, and compliance teams. The ideal candidate will have a strong background in SIEM/EDR tools, datalossprevention, and insider threat frameworks, and will contribute to the continuous improvement of our Insider Threat Program. Key Responsibilities Monitor and analyze user activity for anomalous … privileged account misuse. Lead or support investigations into insider threat incidents, collaborating with HR, legal, and SOC teams to ensure due process and policy alignment. Integrate endpoint telemetry and DLP controls to reduce unauthorized data transfers and improve visibility across cloud and on-prem environments. Conduct behavioral analysis and threat hunting using IOCs, TTPs, and threat intelligence feeds. Perform … in cybersecurity operations, with at least 2 years focused on insider threat detection or behavioral analytics. Proficiency with SIEM tools (e.g., Splunk, Sentinel), EDR platforms (e.g., CrowdStrike, SentinelOne), and DLP solutions. Experience with insider threat tools (e.g., Code42, DTEX, UEBA platforms). Familiarity with NIST, DFARS, CMMC, and insider threat program frameworks (e.g., NISPOM, EO 13587). Strong understanding of More ❯
Security Analyst will support the Department of Education to ensure that the organization's networks, as well as information, are secure while employing continuous monitoring of intrusion detection/prevention for all systems and applications. Responsibilities Ensure that the organization's networks, as well as information, are secure. Employ continuous monitoring of intrusion detection/prevention for all … systems and applications. Ensure appropriate data encryption (in transit and at rest) levels based on the protection needs of targeted data, administer host intrusion protection, datalossprevention, antivirus, vulnerability management, and security information event management. Create and update Information Assurance artifacts, create and manage Plans of Action and Milestones, and perform all duties within … framework and support policy and procedures preparation and implementation. Provide technical and thought-leadership responsibilities for multiple information security disciplines such as incident response, vulnerability management, intrusion detection and prevention, threat hunting, security operations, security policy, and awareness/education. Support, maintain, monitor, troubleshoot, and enhance security infrastructure tools, methodologies, software, and hardware. Drafts and reviews information security policies More ❯
Nottingham, Nottinghamshire, East Midlands, United Kingdom Hybrid / WFH Options
Experian Ltd
Company Description Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people … common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry recommendations to prevent and respond to threats such as phishing, malware, network attacks, suspicious activity, data security incidents. Exposure to technical elements of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, NetFlow), Cloud Infrastructure (AWS, Azure, GCP), and Security Technologies (Anti-Virus, Intrusion … knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and improve these skills Security monitoring technologies, such as SIEM, IPS/IDS, UEBA, DLP, among others Scripting and automation Additional Information Benefits package includes: Flexible work environment, working hybrid or in the office if you prefer. Great compensation package and discretionary bonus plan Core More ❯
data. The ideal candidate will have a deep understanding of cybersecurity threats, risk management frameworks, regulatory compliance, and modern security technologies. This role also includes responsibilities typical of a Data Protection Officer, ensuring that data privacy and governance meet the high regulatory standards of the financial sector. Responsibilities: Strategic Management and Security Operations Develop, implement, and maintain information … with business objectives. Lead risk assessments and threat modelling exercises for internal systems and third-party services. Manage the deployment and maintenance of security solutions (SIEM, firewalls, endpoint protection, DLP, etc.). Oversee the organization's incident response and business continuity plans, including simulations and real-time responses. Conduct regular security audits and work with internal/external auditors to … secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable data protection laws (e.g., GDPR, CCPA, GLBA). Guide Data Protection Impact Assessments (DPIAs) for high-risk financial data processing activities. Work closely with Legal, Risk, and Compliance More ❯
the team you will help to design, develop, and mature the company's cybersecurity capability, including the selection, implementation, and management of security tools/technologies, focused on detection, prevention, and analysis of security threats. This role offers a great opportunity to help define and shape the security function within a collaborative IT department, ensuring the protection of customer … knowledge of deploying, maintaining, and configuring a wide range of security technologies within a large and complex environment (anti-malware/EDR, SIEM solutions, vulnerability scanners, patch management, CASB, DLP, penetration testing tools, etc.) Knowledge of TCP/IP and related network protocols: knowledge of standard network protocols like TCP, ARP, ICMP, DHCP, DNS, HTTP, SNMP, VPN etc., and accompanying More ❯
Microsoft and RHEL • Familiarity with network troubleshooting tools (e.g., Wireshark) and government-approved monitoring systems. PREFERRED QUALIFICATIONS: • Ability to implement and secure EntraID, Exchange, and SharePoint Online. • Experience implementing DLP solutions. • Experience implementing and supporting EDR solutions such as Defender and/or CrowdStrike. • Experience with implementation of Intune including all aspects of support including compliance policies, device configuration profiles … to align efforts to outcomes • Flexibility and ability to swiftly adapt to a customer environment and positively integrate oneself • Strong analytical, problem-solving, and decision-making capabilities, with a data-driven mindset • Team player with the ability to work in a fast-paced environment with a continuous process improvement culture • Demonstrated outstanding level of professionalism in providing project review More ❯
Workplace, IT Compliance, Information Security, Business Resilience, Procurement, Finance and other cross-functions What you bring Required Hands-on experience implementing, managing, and improving security platforms, such as SIEM, DLP, IPS/IDS, WAF, EDR, etc., experience with the Microsoft Security Suite is ideal Deep technical expertise and relevant experience in security operations (threat intelligence, security monitoring, incident/crisis More ❯
