Contributing to the development and operation of IS governance, standards, and procedures
Assisting with security incident handling and investigations
Supporting risk, vulnerability, and business impact assessments
Engaging in patch monitoring, vulnerability scanning, and penetration testing coordination
Maintaining security registers and reporting findings
Communicating threats and vulnerabilities to stakeholders
Supporting governance forums and committees with management information
Staying updated on security technologies and trends to recommend improvements
Training:Why choose our Cyber Security Engineer Level 4 apprenticeship?
The Cyber Security Engineer apprentice can help to design, build and test secure networks, security products or systems to help protect your organisation against cyber threats.
QA is a market leader in cyber security training, with a state-of-the-art immersive cyber gamified learning, giving apprentices a hands-on learning experience in simulating a real cyber threat.
QA's exclusive partnership with Circadence Corporation, the pioneer of the hands-on gamified learning platform Project Ares®, allows us to uniquely incorporate hands-on scenario training into our cyber security apprenticeships. The Project Ares platform offers a totally immersive experience, using automated features to support skills adoption with an in-game advisor, Athena, who advises our players through scenario-based challenges. The platform scenarios replicate the unpredictability and escalating levels of complexity that cyberattacks can present. It drives high levels of engagement through leaderboards and badges; elements used widely in the gaming world.
QA’s Cyber Security Engineer Level 4 apprenticeship programme enables the apprentice to:
Develop problem-solving and critical thinking skills in a safe, but realistic environment
Apply all of the acquired skills throughout the programme, with added scoring of players and opponent actions with replay for object assessment
Take part in hands-on training and active-learning models that increase retention rates by 75% so that cyber apprentices can prepare for real-world challenges
Tools and technologies learned:
Apprentices will learn to use Project Ares, Python, Microsoft Azure, Microsoft PowerShell, Linux and AWS.Training Outcome:The apprenticeship offers exposure to advanced security practices and governance, preparing candidates for roles such as Information Security Analyst, Security Operations Specialist, or Governance and Risk Consultant. Long-term prospects include progression within the university’s Digital IT team or broader cybersecurity roles in the industry.Employer Description:The University of Salford’s Digital IT function focuses on digital strategy and information security (IS). IS is essential for protecting the confidentiality, integrity, and availability of the university’s IT systems and data. The team works across technologies to ensure security compliance and proactively improves the security posture of the organisation. Equality, diversity, and inclusion (EDI) are core to the university’s culture, aiming to create a collaborative and innovative environment that adapts to changing needs.Working Hours :Days and shifts to be confirmed.Skills: Communication skills,IT skills,Attention to detail,Problem solving skills,Analytical skills,Team working....Read more...
Apply core cyber security concepts to AWS-based cloud environments, including identity, network, workload, and data security
Advise on protection against common cloud and AWS threats, such as misconfigurations, excessive permissions, exposed services, and insecure workloads
Identify, assess, and help remediate common cloud misconfigurations across AWS accounts and services
Identify and support the resolution of vulnerabilities on cloud-based workloads, including virtual machines and containerised applications
Monitor and respond to security alerts generated by security tooling, escalating and investigating issues with support from senior engineers
Administer and support security tooling, including native AWS security services and third-party platforms
Produce security insight and posture reports that help customers understand their current risk and improvement areas
Assist in developing remediation plans for security findings, vulnerabilities, and configuration issues
Support the implementation of cyber security tools and services within customer cloud environments
Advise on compliance and regulatory alignment, helping customers understand how security controls map to frameworks and standards (e.g. ISO, CIS, NIST, etc.)
Maintain clear documentation of findings, actions taken, and recommendations
Training:Why choose our Cyber Security Engineer Level 4 Apprenticeship?
The Cyber Security Engineer apprentice can help to design, build and test secure networks, security products or systems to help protect your organisation against cyber threats.
QA is a market leader in cyber security training, with a state-of-the-art immersive cyber gamified learning, giving apprentices a hands-on learning experience in simulating a real cyber threat.
QA's exclusive partnership with Circadence Corporation, the pioneer of the hands-on gamified learning platform Project Ares®, allows us to uniquely incorporate hands-on scenario training into our cyber security apprenticeships. The Project Ares platform offers a totally immersive experience, using automated features to support skills adoption with an in-game advisor, Athena, who advises our players through scenario-based challenges. The platform scenarios replicate the unpredictability and escalating levels of complexity that cyberattacks can present. It drives high levels of engagement through leaderboards and badges, elements used widely in the gaming world.
QA’s Cyber Security Engineer Level 4 apprenticeship programme enables the apprentice to:
Develop problem-solving and critical thinking skills in a safe, but realistic environment
Apply all of the acquired skills throughout the programme, with added scoring of players and opponent actions with replay for object assessment
Take part in hands-on training and active-learning models that increase retention rates by 75% so that cyber apprentices can prepare for real-world challenges
Tools and technologies learned:
Apprentices will learn to use Project Ares, Python, Microsoft Azure, Microsoft PowerShell, Linux and AWS
Training Outcome:
90% of QA apprentices secure permanent employment after completing: this is 20% higher than the national average
Employer Description:As an all-in Premier Amazon Web Services (AWS) partner, we empower you to optimise, modernise, and drive growth for your businesses through their use of the world’s largest cloud computing platform. We do this by providing bold advice, clear guidance, and smart solutions that make AWS work for you. Learn from master-of-one architects who know AWS better than the people inside it. And get more for your investment as we leverage our status with AWS to navigate funding programmes, share resources, and pinpoint cost-savings in your spend.Working Hours :Days and shifts to be confirmed.Skills: Communication skills,IT skills,Problem solving skills....Read more...
The Cyber Security Risk Analyst required to join an internal IT Cyber Governance group.
help drive the Cyber Risk Management program through collaborating with different stakeholders and Risk Owners to actively identify and report Cyber and IT Risks in the IRM Platform, and to ensure effective Risk Treatment plans are defined and implemented to control and reduce risk.
This position requires a self-driven individual, with sound knowledge of business processes, a good knowledge of security or IT technologies and good communication skills. This position offers an opportunity to make a strong impact across a company Participating and driving a key Risk Management program.
Key skills:
Over five years??? experience integrating security into the business, security risk management, information processes, product security or business architecture positions.
Professional security management certification:
Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar.
Role responsibilities:
Correlate and analyze the information received from internal threat intelligence and from the incident management teams, to identify leadings threats, key gaps, and any untreated risk to report.
Review HARC reports, Audit reports, Cyber exemptions, business impact analysis, non-compliance problems, etc. use this as input to feed risk identification and risk assessment.
Work with digital and IT teams to accurately carry out business impact analysis, as well as risk assessment activities.
Ensure IRM requests and tickets are processed and resolved in a timely manner.
Work with Cyber Risk Manager to successfully design, implement, test, and deploy any platform improvements and expansions.
Ensure actions included in the CSRM Program are duly updated by owners and keep the program on track and aligned to forecast.....Read more...
The Cyber Security Risk Analyst required to join an internal IT Cyber Governance group.
help drive the Cyber Risk Management program through collaborating with different stakeholders and Risk Owners to actively identify and report Cyber and IT Risks in the IRM Platform, and to ensure effective Risk Treatment plans are defined and implemented to control and reduce risk.
This position requires a self-driven individual, with sound knowledge of business processes, a good knowledge of security or IT technologies and good communication skills. This position offers an opportunity to make a strong impact across a company Participating and driving a key Risk Management program.
Key skills:
Over five years??? experience integrating security into the business, security risk management, information processes, product security or business architecture positions.
Professional security management certification:
Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar.
Role responsibilities:
Correlate and analyze the information received from internal threat intelligence and from the incident management teams, to identify leadings threats, key gaps, and any untreated risk to report.
Review HARC reports, Audit reports, Cyber exemptions, business impact analysis, non-compliance problems, etc. use this as input to feed risk identification and risk assessment.
Work with digital and IT teams to accurately carry out business impact analysis, as well as risk assessment activities.
Ensure IRM requests and tickets are processed and resolved in a timely manner.
Work with Cyber Risk Manager to successfully design, implement, test, and deploy any platform improvements and expansions.
Ensure actions included in the CSRM Program are duly updated by owners and keep the program on track and aligned to forecast.....Read more...
C Software Engineer – Defence Sector – Cambridge
A growing Defence and Security company, based in Cambridge, is currently seeking an experienced C Software Engineer to contribute to the development of breakthrough technologies that will enhance the UK’s security against external threats.
You will have the opportunity to work on cutting-edge systems architecture, ideally utilizing past firmware and embedded software tools. The projects you will be involved in will truly mind-blowing, challenging you on a daily basis.
It would also be ideally, though not essential, if you have previous knowledge and experience in Software-Defined Radio (SDR) and Real-Time Operating Systems (RTOS). There will also be a significant amount of algorithm development, so a strong mathematical background would be advantageous in this role.
The company has recently revamped cutting-edge labs, enabling development at the forefront of the sector. This means you will be working on brand-new developments using the latest technologies available.
Knowledge of other programming languages such as C++, MATLAB, or Python will also be required.
As this role involves working in the defence and security sectors, you will need to be able to obtain (or already hold) security clearance. If you have previous experience in the defence and security field and hold security clearance, this would be highly advantageous.
In addition to working within a growing company on some of the most fascinating projects, you will also be rewarded with an excellent starting salary (based on level of experience), bonuses, enhanced pensions, healthcare, gym membership, free lunches, and other excellent benefits you would expect from a larger organisation.
If you believe you are well-suited for this role, I suggest submitting an application now to avoid missing out on this career opportunity.
For more information, please feel free to call Andrew Welsh, Director of Medical Devices Recruitment and Scientific Recruitment Specialists Newton Colmore, on +44 121 268 2240, or submit an application, and one of our team members at Newton Colmore will contact you.
....Read more...
Information Security Manager - ISO27001
Location: London, Hybrid
Salary: Up to 80,000
Reports to: Head of Cyber Security
***Opportunity for significant training as a vCISO if this experience has not already been gained***
A well regarded Managed Service Provider is seeking an experienced Information Security Manager to join its team on a permanent basis. This role offers the opportunity to lead and deliver strategic security initiatives across a varied client base, with a strong focus on governance, risk, and compliance.
The successful candidate will have a proven background within an MSP or MSSP environment, ideally hold a CISSP certification and demonstrate deep expertise in GRC frameworks, particularly ISO27001. Either experience of, or a strong desire to be trained up (by one of the best in the business), to act as a virtual Chief Information Security Officer (vCISO) is essential.
This business has made significant investment into its Cyber Security Practice (most recently adding a SOC-as-a-Service), positioning itself at the forefront of managed security solutions and enabling clients to benefit from cutting-edge threat detection and response capabilities.
Key Responsibilities:
Lead the development and implementation of security policies, procedures, and controls
Manage ISO27001 compliance, including internal and external audits
Conduct risk assessments and oversee incident response planning
Collaborate with technical teams to ensure security is embedded across services
Advise on regulatory requirements and emerging threats
Ultimately serve as a vCISO for clients, providing strategic guidance on security posture and compliance
Candidate Profile:
Extensive experience in information security within an MSP or MSSP
Extremely strong working knowledge of GRC frameworks, including ISO27001:2022 (implementation experience)
Experience in a vCISO capacity or highly motivated to train to become a vCISO
Ideally CISSP certified
Excellent stakeholder engagement and communication skills
Ability to lead complex security programmes across multiple environments
This role offers flexible working arrangements (hybrid), exposure to a wide range of industries and technologies, and the chance to join a collaborative team within a forward-thinking MSP committed to professional development.
Only candidates with the right to work in the UK will be considered.
London – Hybrid
Paying up to £80,000, depending on experience....Read more...
Senior IT Security Architect – Financial Services – Lugano / Hybrid
(Key skills: IT Security Architecture, Cybersecurity, Security Frameworks, Cloud Security, Network & System Security, Identity & Access Management, Secure Design, Threat Modelling, Security Standards (ISO 27001, NIST), Risk Management, Architecture Governance, Stakeholder Advisory)
Are you an experienced security architect with a passion for designing robust, scalable and compliant security solutions in complex environments? Do you want to work at the forefront of protecting critical financial services platforms and customer data? If so, we have an exciting opportunity for you to influence security strategy and shape secure architectures at scale.
Our client, a highly reputable financial services organisation, is seeking a Senior IT Security Architect to lead the design and implementation of enterprise-level security architectures across business-critical systems. You will play a strategic role in shaping how secure digital services are delivered across the organisation, advising on security standards, controls and optimisations that protect both customers and internal operations.
As Senior IT Security Architect, you will partner with cross-functional teams including cloud engineering, software development, infrastructure, risk and compliance. You will define secure architecture patterns for both on-premise and cloud services, review designs and implementations, and ensure alignment with regulatory and internal security requirements. You’ll be instrumental in developing threat models, conducting security risk assessments and embedding secure design principles into project lifecycles.
In this role, you will develop security reference architectures, recommend security controls, and guide technical teams on secure implementation practices. You will be a trusted advisor to senior stakeholders, providing insight on emerging threats, vulnerability mitigations and compliance obligations. You’ll help maintain and enhance the organisation’s security frameworks and contribute to continuous improvement of security governance and monitoring capabilities.
The ideal candidate will bring extensive experience in security architecture — particularly within financial services, banking or other regulated sectors — and a strong understanding of security frameworks such as ISO 27001, NIST, OWASP and CIS Controls. You’ll be comfortable working with cloud platforms (e.g., Azure, AWS), identity and access management solutions, encryption technologies and enterprise networking/security stacks. Your ability to communicate complex security concepts to both technical and non-technical stakeholders will be key to your success.
This is a rare opportunity to own security architecture for an organisation where digital innovation, data protection and security best practices are integral to the business strategy. You’ll join a collaborative team that values experience, initiative and leadership — and you’ll have significant influence over the future of secure technology delivery.
Location: Lugano, Switzerland / Hybrid working
Salary: CHF 100,000 – CHF 120,000 + Bonus + Pension + Benefits
Applicants must have the right to work in Switzerland.
NOIRSWITZERLANDREC
NOIREUROPEREC....Read more...
The Apprentice Business Support Officer is a key part of the business support team and will undertake a range of duties to support senior managers within the Directorate as well, as the Directorate as a whole.
The post holder will be responsible for:
Providing a comprehensive, efficient and confidential administrative service.
Assisting with the collation of data, and supporting the production of reports.
Contributing to the broader administrative support arrangements for the Directorate of Emergency Preparedness, Resilience and Response (EPRR) and Response Operations.
Working flexibly as part of a multi-disciplinary team. This may involve working with colleagues who are based across the country at different sites and/or who work remotely.
Training:
You will attain a Level 3 qualification in Business Administration and learn skills to demonstrate a variety of knowledge skills and behaviours.
Training will take place in the workplace and online with our provider and you will have a dedicated 20% of your paid time towards your learning.
Training Outcome:Career progression will be supported.Employer Description:The UK Health Security Agency (UKHSA) is responsible for planning, preventing and responding to external health threats, and providing intellectual, scientific and operational leadership at national and local level, as well as on the global stage.Working Hours :Monday - Friday, 9.00am - 5.00pmSkills: Communication skills,IT skills,Attention to detail,Organisation skills,Customer care skills,Administrative skills,Team working,Creative,Initiative,Non judgemental,Patience....Read more...
We are searching for an experienced Network Security Engineer to be responsible for ensuring the Group’s IT Networks and Communications are well designed, secure, optimal and function consistently across all internal and external operations.
IT and Cyber Security is extremely important and is key to all our client’s operations and you will play an extremely vital role in developing and maintaining security services throughout the business.
The role is offered on a hybrid-working basis with up to 2-days per week working from home. The role requires you in the office at least 3-days per week so you MUST live within a commutable distance of Exeter to be considered for the position or you will be looking to relocate to the area. The role comes with excellent benefits!
In this role you will be responsible for the following:
Reviewing and managing network security services in line with Group security objectives and policies.
Monitoring and administrating the security of both internal and external corporate network communications, including, routers, switches, firewalls, DMZ, servers, Wi-Fi, OT, telephony and LAN/WAN/VPN communication services.
Constantly reviewing the IP space across the organisation ensuring that the TCP/IP stack, VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure and optimised.
You will ensure best practices are used for delivering network security. Continually monitoring, maintaining and testing the threat landscape and security posture.
Provide regular service status updates to line management and agree and monitor service availability targets.
Manage all SSL and external web server security functions to ensure data protection, systems integrity and user confidence at all times.
Manage NIS2 and GDPR privacy policies and operational practice.
Perform regular reviews of security solutions and processes, identifying opportunities for optimisation to over two hundred office, home and field-based employees.
Provide day-to-day cyber security guidance and support to relevant technical & business stakeholders.
Deliver annual penetration testing and implement recommended improvements.
Research latest network cyber threat developments and recommend any actions that will improve network performance and security.
Work closely with NIBE SOC teams and internal security engineers to ensure all preventative security measures are implemented and Zero Day / critical threats are extinguished in line with internal resolution targets. Collaborate with other business teams to ensure the proper use of systems.
Coordinate investigations and reporting of security incidents related to Network, Systems and Applications. Diagnose root causes of system failures and implement appropriate corrective actions.
Assist with OT process and system change management, overseeing testing and approval of changes using an approved methodology.
Ensure all network hardware assets are identifiable and updated in the asset management system.
Provide technical expertise to support the maintenance of our hardware infrastructure systems and services.
Work closely with NIBE IT teams to ensure Group IT policies are continually checked and in place.
Required Experience
A computer related degree or relevant professional certification and accreditation is preferred.
Extensive commercial experience in an IT security role maintaining secure networks in a MS-Windows and Linux environment.
Expert knowledge of and experience in LAN/WAN/VLAN communications, VPN configuration and enterprise wireless networking. Experience of Dell core and edge switches with fibre is preferable.
CCNA/CCNP equivalent accreditation is advantageous but is not essential.
Experience and excellent working knowledge of GNS3 (or similar) is really beneficial.
Firewall configuration, management and monitoring experience is essential. Experience of FortiGate products preferable.
TCP/IP networking stack, DNS, DHCP, RADIUS/AAA, Active Directory, SSL, 2FA, OT skills are essential for this position.
Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis.
Knowledge of Linux OS and Windows Server and desktop operating systems configuration & troubleshooting and SCCM/MECM skills are preferrable.
Knowledge of and experience in virtual network technologies, specifically ESXi and VMware configuration and administration is advantageous.
Knowledge of MDM products, CrowdStrike and Cortex XDR configuration and administration would be advantageous.
Experienced user of Office 365, Teams, OneDrive, SharePoint etc. – any MS E3 subscription services.
Excellent troubleshooting, diagnostic, problem-solving and communication skills.
Flexibility to work on planned, out of hours systems projects if required.
Training is available for the right candidate to ensure complementary skills are acquired.
Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position. No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010.
Bowerford Associates Ltd is acting as an Employment Agency in relation to this vacancy.....Read more...
Physicist – Defence Sector Engineering – Cambridge
A growing Defence company, based in Cambridge, offers an exciting opportunity for a Physicist to work on a wide range of cutting-edge technologies that will enhance the UK’s defence against external threats, with a focus on defensive technologies rather than offensive ones.
You will be involved in a variety of physics projects, including (but not limited to) thermal, optics, electromagnetics, acoustics, fluidics, chemical, and other scientific technologies. If you have experience with complex projects in these fields, I recommend providing as much detail as possible on your CV.
We are open to candidates from various sectors; however, it will be highly advantageous if you already have experience in the Defence sector.
As you will be working in the Defence sector, you will need to be able to obtain security clearance or already hold security clearance.
Given the increasing importance of Artificial Intelligence and Machine Learning in various sectors, a keen interest in these areas would be welcomed, as many of your projects will involve work in this field.
In addition to working on complex and cutting-edge technologies, you will also be rewarded with an excellent starting salary, dependant on experience. The compensation package includes a bonus, enhanced pension, dental care, gym access, free lunch, and other excellent benefits.
The level of experience sought can range from a PhD holder who has worked in a post-doc role to someone with years of industry experience. We are looking to recruit several individuals for this team, so if you are in the early stages of your career, you will receive development opportunities, and if you are further along in your career, you will have the chance to mentor junior team members.
This company places a strong emphasis on collaboration, both within the team, with other teams, and with external parties.
Given the anticipated high level of interest in this role, and the company’s desire to recruit quickly, I recommend applying immediately if you are interested in this position to avoid missing out.
For more general information, please feel free to call Andrew Welsh, Director of Medical Devices Recruitment, and Scientific Recruitment Specialists Newton Colmore, on 0121 268 2240, or submit an application, and one of our team members at Newton Colmore will contact you. Please note we will not be able to discuss the role specifics until we have a copy of your CV.....Read more...
Network infrastructure development: We've laid the groundwork for new leisure developments, ensuring seamless connectivity and state-of-the-art facilities
Microsoft Dynamics implementations: Our expertise in deploying comprehensive business solutions has transformed the way companies operate and interact with their customers
Pioneering work with Microsoft Fabric: We're at the cutting edge, utilising Microsoft Fabric to build robust, scalable applications that set new standards in performance and usability
Advanced security solutions: Our work with tools like Azure Sentinel places us at the vanguard of cybersecurity, safeguarding our clients' digital assets against evolving threats
Training:Why choose our Network Engineer Level 4 apprenticeship?
Our Network Engineer Level 4 apprenticeship is perfect for learners that are fresh out of an IT education or already employed in the tech sector and looking to take the next step. The Network Engineer Level 4 apprenticeship programme concentrates on modern network infrastructure, advanced connectivity and advanced security. This enables learners to develop and enhance technical skills, and ensure that they have the technical grounding needed to become a skilled Network Designer, Systems Engineer or Network Administrator.
QA’s Network Engineer Level 4 apprenticeship programme enables the apprentice to:
Get equipped with the advanced technical skills needed for the role
Learn the core networking and server administration skills required to support a traditional on-premise, cloud or hybrid network
Dive deep into the management of networks, exploring network hardware and software, network services and routing protocols
Get immersed in technical content designed around real skills, aligning to and relevant to employers and the market
Combine online learning live event training and on-the-job experience to develop real world skills using cutting-edge technology
Training Outcome:90% of QA apprentices secure permanent employment after completing: this is 20% higher than the national average.Employer Description:Joining ES Systems is more than just a career move; it's an opportunity to be at the forefront of technological innovation. Our team is dedicated to exploring and implementing cutting-edge technologies that drive industry advancements and enhance our service offerings.
At ES Systems, we pride ourselves on our expertise and the quality of our work, but we also recognise that there is always room for growth and improvement. We understand that the landscape of technology is ever evolving, and with it, our knowledge must evolve too. We are committed to continuous learning and development, ensuring that we stay at the cutting edge of technological innovation.Working Hours :Days and shifts to be confirmed.Skills: IT skills,Attention to detail....Read more...
