3,595 Information Security jobs in the United Kingdom

We believe in better. And we make it happen.

Better content. Better products. And better careers.

Working in Tech, Product or Data at Sky is about building the next and the new. From broadband to broadcast, streaming to mobile, SkyQ to Sky Glass, we never stand still. We optimise and innovate.

We turn big ideas into the products, content and services millions of people love.

And we do it all right here at Sky.

A Senior Technical Vulnerability Analyst is responsible for identifying, evaluating, and assisting in fixing security vulnerabilities and misconfigurations in a system or network.

You will have a strong understanding of vulnerability management processes and tools for performing assessments and remediation activities.

You will also work closely with business and technology stakeholders and product owners in other IT and security teams to ensure that systems are secure and compliant with relevant regulations and standards.

What you'll do

• Work with internal and external resources to coordinate the remediation of identified vulnerabilities and misconfigurations across various platforms and environments.
• Develop and implement effective remediation strategies and solutions.
• Work as part of a vulnerability scanning team to identify, prioritise and address high-risk vulnerabilities and misconfigurations
• Collaborate extensively with IT operations, development teams, and security architects to ensure effective vulnerability and misconfiguration mitigation.
• Collaborate with different business units, security leads, and Business Information Security Officers (BISOs) to align remediation efforts with broader business objectives and security policies.
• Develop and maintain documentation, including remediation guides and playbooks.
• Manage and track remediation efforts, ensuring timely closure and compliance with security policies and standards.
• Communicate effectively with senior stakeholders regarding the status of remediation efforts - including the development, maintenance and continuous improvement of regular, accurate and clear metrics.
• Support incident response activities related to vulnerabilities when required.
• Stay updated on emerging threats and adapt remediation strategies accordingly.

What you'll bring:

• Experience in vulnerability remediation and mitigation in complex IT environments.
• Experience of secure configuration scanning and mitigation/remediation in line with industry standard hardening benchmarks (e.g. CIS)
• Experience in broader Application & Infrastructure Security domains.
• Strong understanding of various operating systems, applications, and network infrastructures.
• Solid understanding on Vulnerability scanning tools (preferably Tenable) as well as opensource discovery tooling e.g. Nmap.
• Experience in scripting and automation to streamline remediation processes.
• Experience of consistently producing accurate and clear remediation compliance metrics for senior stakeholders.
• Excellent collaboration and communication skills, with the ability to work across various teams and organizational levels.
• Evidence of Cyber Security relevant qualifications, training or accreditations (e.g. CISSP, CISM, CompTIA Security+) and/or experience with common Cyber Security benchmarks and frameworks (e.g. ISO 27001, NIST 800-53, Center for Information Security (CIS) Benchmarks)

Team overview

Cyber Security

Our products, platforms and technologies are constantly evolving that's why keeping Sky safe from cyber-attacks is one of our top priorities. Our Cyber Security team helps the business grow while protecting our customers, colleagues and partners from increasingly sophisticated cyber threats. Our team includes Cyber Fusion Centre, Security Services, Risk and Compliance, Programme Delivery and Business Security, and we work across the UK, Italy and Germany. Join us and you'll get involved in tackling challenges and future threats in an ever-changing cyber landscape.

The rewards

There's one thing people can't stop talking about when it comes to #LifeAtSky : the perks. Here's a taster:

• "Access to free NOW, for streaming all your favourite shows
• A generous pension package
• Private healthcare
• Discounted mobile and broadband

Inclusion & how you'll work

Recognised by The Times and Stonewall, we take pride in our approach to diversity and inclusion. Investing in society, fighting racial injustice and setting ambitious targets for representation at Sky.

We've embraced hybrid working and split our time between unique office spaces and the convenience of working from home. You'll find out more about what hybrid working looks like for your role later on in the recruitment process.

Your office space

Osterley

Our Osterley Campus is a 10-minute walk from Syon Lane train station. Or you can hop on one of our free shuttle buses that run to and from Osterley, Gunnersbury, Ealing Broadway and South Ealing tube stations. There are also plenty of bike shelters and showers.

On campus, you'll find 13 subsidised restaurants, cafes, and a Waitrose. You can keep in shape at our subsidised gym, catch the latest shows and movies at our cinema, get your car washed, and even get pampered at our beauty salon.

We'd love to hear from you

Inventive, forward-thinking minds come together to work in Tech, Product and Data at Sky. It's a place where you can explore what if, how far, and what next.

But better doesn't stop at what we do, it's how we do it, too. We embrace each other's differences. We support our community and contribute to a sustainable future for our business and the planet.

If you believe in better, we'll back you all the way.

Just so you know: if your application is successful, we'll ask you to complete a criminal record check. And depending on the role you have applied for and the nature of any convictions you may have, we might have to withdraw the offer.

Introduction

Indulge your passion for problem-solving and embrace the thrill of addressing risk head-on at Gallagher's global brokerage team. Join a family of diverse minds, united by a relentless pursuit of excellence. As part of our team, you'll be the architect of protection, safeguarding businesses and empowering their ambitions. Together, we'll build a legacy of trust and triumph in the dynamic world of risk management.

We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.

Overview

We're seeking a dynamic Penetration Tester to join our growing team within a large organisation. This is a client-facing, fully remote role with exciting travel opportunities for internal engagements, wireless assessments, and red teaming.

This opportunity sits withing our Cyber Risk Management Division and will part of a team of Penertration Testing experts.

How you'll make an impact

• Conduct external, internal, web application, WiFi, cloud, and red team penetration tests.
• Engage in OSINT, phishing campaigns, Cyber Essentials audits, and governance projects.
• Provide cyber awareness training and network hardening consultations for clients.

About You

• Experience as a Penetration tester with proven expertise in web application testing, internal blackbox testing, cloud, and WiFi assessments.
• Previous experience in an IT (Helpdesk/IT Support) with a solid understanding of networking, Windows Active Directory, and Windows/Linux systems.
• Knowledge of OWASP vulnerabilities and experience in webapp and infrastructure pentesting.
• Must have or be working towards OSCP/CRT or equivalent.
• Enthusiastic about cybersecurity, excellent communication skills, and a willingness to learn and develop.
• Certifications like CPSA, Sec+, CEH, Pentest+, PPNT.
• Industry cybersecurity experience.
• Experience with vulnerability scanning technologies.
• Eligible to work in the UK.

Compensation and benefits

On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve:

• Minimum of 25 days holiday, plus bank holidays, and the option to ‘buy’ extra days
• Defined contribution pension scheme, which Gallagher will also contribute to
• Life insurance, which will pay 4x your basic annual salary, which you can top-up to 10x
• Income protection, we’ll cover up to 50% of your annual income, with options to top up
• Health cash plan or Private medical insurance

Other benefits include:

• Three fully paid volunteering days per year
• Employee Stock Purchase plan, offering company shares at a discount
• Share incentive plan, HMRC approved, tax effective, stock purchase plan
• Critical illness cover
• Discounted gym membership, with over 3,000 gyms nationally
• Season ticket loan
• Access to a discounted voucher portal to save money on your weekly shop or next big purchase
• Emergency back-up family care
• And many more…

We value inclusion and diversity

Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organisation. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher is Disability Confident Committed. We have pledged to make sure our recruitment process is inclusive and accessible, in addition to supporting our existing employees with any long-term health conditions or disabilities.

We understand that applicants may have disabilities, if you do, you may find some parts of the recruitment process more challenging than others. Don’t worry, we’re here to help, however, we can only do this if you let us know.

Should you require reasonable adjustments to your application, please get in touch with . If you’d prefer to speak on the phone, please request a call back, leaving details, so we get in touch.

Our employing entity, Arthur J. Gallagher Services (UK) Limited, is proud to be accredited as a Living Wage employer with the Living Wage Foundation. We are committed to diversity and opportunity for all and are opposed to any form of less favourable treatment on the grounds of gender or gender identity, marital status, civil partnership status, parental status, race, ethnicity, colour, nationality, disability, sexual orientation, religion/ belief, age and those with caring responsibilities.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.

Enterprise Security Architect (Principal Cyber Security Professional) - Bristol About the job

Job summary

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC.

Visit our YouTube channel to watch the full series and come and discover your potential.

Are you passionate about Cyber Security and Enterprise Architecture?

Do you have senior-level experience as a Cyber Security Professional?

Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work/life balance while making a significant impact.

HMRC are now one of the most digitally advanced tax authorities in the world and are continuing to spend the next five years modernising our IT Landscape across Multi-Hybrid Cloud Platform. Working in one of the most complex infrastructures across Europe with significant investment and over 1000 changes monthly impacting over 600 services. Security Modernisation is critical to this initiative and our collective success. Now is a great time to join us as we establish a team of outstanding people in the fields of Security Architecture, Risk Assessment and Testing who will create and run these new and improved technology services.

This is a chance to work on services that matter and affect the lives of millions of citizens as well as delivering Government Security services directly across circa 400 Government Departments and Arms-Length Bodies (ALBs).

Job description

Join HMRC Security, part of the Chief Digital Information Office (CDIO), supporting one of Europe's largest IT estates. Within Cyber Security Technical Services (CSTS) and the Government Security Centre for Cyber (Cyber GSeC), we build capability across HMRC to detect, prevent, and respond to evolving cyber threats.

Our vision is to be a recognised centre of excellence, delivering customer-centric cyber services and consultancy that adapt to emerging technologies and risks.

As an Enterprise Security and Principal Cyber Security Professional, you will work in a multidisciplined team in Cyber Security Technical Services (CSTS). You'll be part of vibrant Cyber Security and Architecture communities across HMRC and wider government.

In this strategic role, you'll lead engagement with senior business and technical stakeholders, providing risk-based security advice to enable secure delivery of government services. You'll influence policy, setting direction for technical and business change, and develop capability through coaching and mentoring.

You'll shape consistent security architecture across HMRC's multi-billion-pound transformation portfolio, creating and evolving roadmaps, design patterns, and reference architectures that support modern, strategic platforms.

You may also take online management responsibilities and lead the development of CSTS capabilities and services.

Person specification

We're looking for a strategic leader in technical security - someone who can shape, deliver, and evolve security controls and services across complex environments.

You will bring:

• Proven leadership in selecting, developing, and delivering security technologies and controls.
• Deep expertise in one or more security domains, with the ability to align tooling to capability needs.
• Strong stakeholder management across senior technical, business, vendor, and government landscapes.
• A track record of delivering high-value outcomes in complex, high-pressure environments.
• Confidence and credibility to represent HMRC in UK-wide security and architecture communities.
• Clear, honest communication, transparently sharing knowledge to build consistency and excellence.
• A collaborative mindset, championing our "one team" ethos through technical reviews, mentoring, and practice development.
• A commitment to continuous personal growth and adding value in every engagement.

Key Responsibilities

As an Enterprise Security Architect, your visionary leadership will drive the strategic development of HMRC's security technology landscape, influencing best practice across government and driving innovation.

Your role will include:

• Strategic Leadership : Define and lead enterprise security strategies aligned with Zero Trust and architectural standards.
• Technology Direction : Develop and implement security principles, tooling strategies, and architectural guidance to address business risks and support policy applied to products, platforms and services.
• Capability Development : Build technical expertise across CSTS and Cyber GSeC, driving learning and development. You will support the Head of Capability in driving and delivering Enterprise-wide security technology change, engaging at a strategic level and working through the lifecycle to governing the technical implementation of security services and solutions.
• Effective Communication : Translate technical impacts into clear, actionable advice for stakeholders.
• Framework & Methodology : Enhance enterprise security architecture using TOGAF, SABSA, and NIST 2.0 frameworks.
• Tooling Roadmaps : Create and communicate security tooling roadmaps, incorporating vendor insights and threat landscape analysis.
• Design Patterns & Baselines : Establish technology baselines and design patterns to guide secure solution development.
• Strategic Engagement : Support the Head of Capability in delivering enterprise-wide security change, from strategy to implementation.
• Cross-Government Collaboration : Provide subject matter expertise and lead cyber service delivery across HMG.
• Innovation & Adoption : Research and integrate emerging technologies and methodologies into HMRC's security strategy.
• Governance, Mentorship, and Stakeholder Management: Provide representation at governance boards, along with peer reviews and including mentoring. Build strong relationships with stakeholders across the civil service, departments, suppliers, vendors, and programmes.

Essential Criteria

We're looking for a candidate with significant experience and expertise across the following areas:

Core Skills & Knowledge

• Communication Skills : Proficient in managing stakeholder relationships across business and technical domains through active engagement and clear communication.
• Team Engagement and Leadership: Effective in engaging teams, sharing knowledge, guiding, and training colleagues, and managing change.
• Security Fundamentals : Deep understanding of confidentiality, integrity, availability, non-repudiation, resilience and privacy risks.
• Architectural Methodologies : Practical experience with TOGAF and SABSA.
• Security Frameworks : Familiarity with industry-standard frameworks (e.g., NIST, ISO) 27001, 27002, 27005, , 27018, 22301 and NIST CSF 2.0.
• Technical Output Creation : Proven ability to develop reference architectures, roadmaps, design patterns, principles, standards, policies, and guidance.
• Security Control Design : Experience designing controls from non-functional requirements and associated guidance.
• Knowledge of Cryptography including symmetric & asymmetric encryption systems, infrastructure, risks, weaknesses and mitigations.
• Knowledge and Experience of Modernised Security Operations including Attack Surface Management.

Technical Proficiency

• Expertise across at least two of the following security domains, with real-world experience applying technical security in complex environments and major projects.

Domains

• Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid Cloud Models, AzureAD, MIM, FIM, and modern authentication protocols (SAML, OIDC).
• Network Security: Proficient in designing segmentation, securing WLAN, LAN, WAN, SDWAN, SaaS proxies, VPNs, firewalls, IPS, DDoS, WAF, DLP, DNS, NAC, NSPM, and architectures like SASE and Zero Trust.
• Application Security: Experience with SAST, DAST, RAST, IAST tools, integrating security into SDLC processes, OWASP, API security design, robust threat modelling, and containerization security.
• Data Security: Skilled in implementing information protection tools, key and secrets management, data loss prevention, and protective marking and classification capabilities.
• Cyber Security Operations: Proficient in incident response, vulnerability management, SIEM, SOAR, threat modelling, threat hunting, intelligence, data analytics, and anti-phishing methodologies.
• Infrastructure and Endpoint Security: Experience with endpoint security control technologies (EDR, EPP, UEBA, baseline configurations) including the Microsoft stack for workstations, servers, IoT, mobiles, VDI, DCAAS, and DAAS.
• Cloud Security : Expertise in developing reference architectures for cross-hybrid cloud platforms (AWS, Azure - IaaS, PaaS, SaaS, FaaS) and new platform tools like CASB, CSPM, CWPP, and containerization security.

Desirable Criteria

Certifications and memberships that would strengthen your application:

Professional Certifications :

• CCSP (Certified Cloud Security Professional)
• CISSP (Certified Information Systems Security Professional)
• CRISC (Certified in Risk and Information Systems Control)
• NCSP Practitioner (NIST Cybersecurity Professional)
• ISO27001 Lead Implementer or Auditor

Vendor-Specific Qualifications :

• Microsoft Cybersecurity Expert (M365, Azure Security, IAM, SecOps)
• AWS Security
• Cisco, VMware, Fortinet, Checkpoint

Professional Memberships :

• Chartered status in recognised security bodies

The Desirable Criteria will not be included in the routine sifting/assessment of your application but could be used in the event of a tie break.

Additional Security Information

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

Transitional Sites

For more information on where you might be working, review this information on our locations.

If your location preference is the one below, it's important to note that this is not a long-term site for HMRC and we will require you to move to a new building in the future, subject to our location strategy and the applicable employee policies at that time.

This site is:

• Telford Plaza, Telford - moving to Parkside Court, Telford

You will be given more information about what this means at the job offer stage.

Technical skills

We'll assess you against these technical skills during the selection process:

• Scenario - technical security knowledge

Benefits

Alongside your salary of £71,725, HM Revenue and Customs contributes £20,778 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs.

We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.

• Pension - We make contributions to our colleagues' Alpha pension equal to at least 28.97% of their salary.
• Family friendly policies.
• Personal support.
• Coaching and development.

To find out more about HMRC benefits and find out what it's really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service

Things you need to know

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Experience and Technical skills.

How to Apply

As part of the application process, you will be asked to provide the following:

• A name-blind CV including your job history to demonstrate your last 3 roles, previous skills and experiences relating to your technical security, key responsibilities and achievements.
• A 500-word Personal Statement. Your Personal Statement should be used to describe how your skills and experience would be suitable for the advertised role, making reference to the Essential Criteria and Person Specification outlined in the advert.

Please complete a separate statement (Max 250 words) for the Desirable Criteria where applicable. This is not essential for the role but may be considered by the vacancy-holder where candidates have the same scores at sift or interview.

Further details around what this will entail are listed on the application form.

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Sift

In the event of a large number of applications being received, an initial sift may be held on your CV.

At full sift your CV and your Personal Statement will be assessed, with the successful candidates being invited to interview.

We may also raise the score required at any stage of the process if we receive a high number of applications.

Interview

During the panel interview, you will be assessed on experience-based and technical skill-based questions. Both will be scenario based to test your aptitude on technical security knowledge held. Details of this technical skill scenario will be given prior to the Interview.

Interviews will take place via video link. Sift and interview dates to be confirmed.

Eligibility

Please take extra care to tick the correct boxes in the eligibility sections of your application form. We understand mistakes sometimes happen but if you contact us later than two working days(Monday-Friday) before the vacancy closes, we will not be able to reopen your application for you. If you do make a mistake with your eligibility form, please contact us via: - Use the subject line to insert appropriate wording for example - 'Please re-open my application - (insert vacancy ref) & vacancy closing date (insert date)'.

To check that you are eligible to apply for this role, please review the eligibility information before submitting your application.

Reserve List
A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles - if this applies to you, we'll let you know via your Civil Service Jobs account.

Merit List

After interview, a single merit list will be created, and you will only be considered for posts in locations you have expressed a preference for. Appointments will be made in strict merit order in line with the set number of roles in each location.

Criminal Record Check
Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.

Reasonable Adjustments

We want to make sure no one is put at a disadvantage during our recruitment process. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate.

If you need a change to be made so that you can make your application, you should:

• Contact the UBS Recruitment team via as soon as possible before the closing date to discuss your needs.

Complete the "Assistance required" section in the "Additional requirements" page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a Language Service Professional.

Additional Security Information

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

Important information for existing HMRC contractual homeworkers

This role may be suitable for existing HMRC employees who are contractual homeworkers. Occasional attendance to the office will be required where there is a business need. Please consider the advertised office locations for this role when applying and only select locations from the 'location preferences' section that you can travel to.

Terms and Conditions

Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process.

HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.

Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application(s) will be withdrawn from the process.

Recording of interviews is prohibited unless explicit agreement is sought in line with the UK General Data Protection Regulations.

Questions relating to an individual application must be emailed as detailed later in this advert.

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant's details held on the IFD will be refused employment.

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

New entrants will join on the minimum of the pay band.

Please note that, if you are applying for roles on a part-time basis, the salary agreed will be pro-rata, reflective of the working hours agreed within your contract.

If you experience accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For more Information for people applying for, or thinking of applying for, roles at HM Revenue and Customs, please see link: Working for HMRC: information for applicants - GOV.UK.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

Open to UK nationals only.

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Principal Security and Information Professional - Bristol About the job

Job summary

Discover a career in your hands at HMRC. Whether you're seeking purpose, growth, or a workplace that gives you a true sense of belonging, hear from some of our employees as they share their story about what it's really like to work at HMRC.

Visit our YouTube channel to watch the full series and come and discover your potential.

HMRC Security is part of HMRC's Chief Digital Information Office (CDIO) and plays a vital role in assessing business and reputational risks across one of the largest IT estates in Europe. Within HMRC Security, Cyber Security Technical Services (CSTS) and the Government Security Centre for Cyber (Cyber GSeC) are integral teams responsible for ensuring that all colleagues have the capability to fulfil their security responsibilities and develop the skills needed to detect, prevent, and respond to evolving security risks and threats.

Our vision is to be recognised as a centre of expertise and excellence, working collaboratively across government to deliver holistic, customer-centric cyber security services. This includes consultancy support that adapts to emerging technologies and the ever-changing threat and risk landscape.

As a Principal Security and Information Professional within CSTS, you will be part of a multidisciplined team and a supportive security community both within HMRC and across government. You will play a leading role in enabling HMRC to manage security, data protection, and information risks effectively across business areas. Working in partnership with senior stakeholders, you may provide strategic insight and advisory support on a wide range of topics including cyber, physical and personnel security, data protection, and information management.

At HMRC, we are committed to creating a great place to work for all our colleagues - an inclusive and respectful environment that reflects the diversity of the society we serve. We aim to maximise the potential of everyone who chooses to work with us, offering a range of flexible working patterns and support to help you build a fulfilling career.

Diverse perspectives and experiences are critical to our success, and we welcome applications from people of all backgrounds who bring the experience and skills needed to thrive in this role.

Job description

• Providing strategic advisory support to senior stakeholders on cyber, physical, personnel, data protection and information management risks, enabling informed decision-making and embedding proportionate controls.
• Leading as a security and information professional, championing and sharing best practice and embedding government security culture and directing a team with responsibility for setting direction, coaching, quality assurance and performance management.
• Promoting a culture of continuous improvement by driving high performance, encouraging shared ownership of outcomes and influencing others to work corporately in support of broader HMRC objectives.
• Acting as a key representative within senior leadership teams across lines of business, contributing to strategic planning, business alignment, risk governance and regulatory compliance.
• Translating security and information policy into practice, supporting implementation of policies and controls tailored to business priorities and risk appetite.
• Promoting a strong organisational culture around security, data protection and information management through stakeholder engagement and leadership.
• Bringing business insight back into central teams, shaping service improvement, policy development and transformation.
• Acting as an escalation point for complex or high-risk issues, including incidents, assurance matters, or strategic challenges.
• Contributing to CSTS leadership, including potential involvement in the CSTS Senior Leadership Team (SLT), and supporting identification of capability needs across the wider function.
• Representing HMRC in cross-government or cross-departmental forums, helping influence broader policy and delivery approaches.

Additional Security Information

Please note this post requires the successful candidate to hold or be willing to hold Security Check(SC) vetting.

Person specification

Essential Criteria

• Demonstrated ability to influence and advise senior stakeholders at board level

• Proven experience in shaping or translating security and/or information management policy and risk into business-aligned action.

• Strong leadership experience with strategic direction setting capabilities

• Exceptional integrity and judgement in handling sensitive information

• Clear and confident communicator with experience producing high-quality written and verbal outputs tailored to senior audiences.

• Significant experience advising on security and/or data protection and information risks within large, complex, and high-risk environments. This may include providing strategic and operational guidance, influencing senior stakeholders and shaping organisational approaches to managing cyber, physical, personnel, and information security risks.

Desirable Criteria

• Familiarity with relevant frameworks such as NIST, CAF, ISO 27001 or the ICO Accountability Framework.
• Knowledge of legislative requirements as UK GDPR, DPA 2018, Public Records Act, CRCA.
• Knowledge of risk and assurance methodologies, including threat identification, risk assessment, and control design.
• Experience working across organisational or departmental boundaries to support shared risk, policy, or governance goals.
• Applied understanding of Secure by Design principles, incident response processes, or regulatory compliance requirements.
• Background in leading or contributing to policy development, governance models or service improvement initiatives in the security or data/information domain.
• Working knowledge of HMRC's operating environment, business areas or technical estate (or a similar large public sector organisation).

Qualifications

To hold or be willing to work towards a relevant security or data/information certification for example CISMP, CISM, ISO27001 Lead Auditor, CDMP (Practitioner or above), CIPP/E, ISO 27701 Lead Implementer or equivalent qualifications (if applying with equivalent qualifications, state what these are on application)

Benefits

Alongside your salary of £71,725, HM Revenue and Customs contributes £20,778 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.

HMRC operates both Flexible and Hybrid Working policies, allowing you to balance your work and personal commitments. We welcome applications from those who need to work a more flexible arrangement and will agree to requests where possible, considering our operational and customer service needs.

We offer a generous leave allowance, starting at 25 days and increasing by a day for every year of qualifying service up to a maximum of 30 days.

• Pension - We make contributions to our colleagues' Alpha pension equal to at least 28.97% of their salary.
• Family friendly policies.
• Personal support.
• Coaching and development.

To find out more about HMRC benefits and find out what it's really like to work for HMRC hear from our insiders or visit Thinking of joining the Civil Service

Things you need to know

Selection process details

How to Apply

As part of the application process, you will be asked to provide the following:

• A name-blind CV including your job history, qualifications and previous experiences. Your previous experience should highlight how you meet the job specification and essential criteria.

Please complete a separate statement (Max 250 words) for the Desirable Criteria where applicable. This is not essential for the role but may be considered by the vacancy-holder where candidates have the same scores at sift or interview.

Further details around what this will entail are listed on the application form.

Artificial Intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance for more information on appropriate and inappropriate use.

Sift

At full sift your CV will be assessed, with the successful candidates being invited to interview.

We may also raise the score required at any stage of the process if we receive a high number of applications.

Interview

During the panel interview, you will be assessed on experience based questions and an experience based presentation. Successful candidates will be advised of the presentation prior to the interview.

Interviews will take place via video link.

Sift and interview dates to be confirmed.

Eligibility

Please take extra care to tick the correct boxes in the eligibility sections of your application form. We understand mistakes sometimes happen but if you contact us later than two working days(Monday-Friday) before the vacancy closes, we will not be able to reopen your application for you. If you do make a mistake with your eligibility form, please contact us via: - Use the subject line to insert appropriate wording for example - 'Please re-open my application - (insert vacancy ref) & vacancy closing date (insert date)'.

To check that you are eligible to apply for this role, please review the eligibility information before submitting your application.

Reserve List

A reserve list may be held for up to 12 months from which further appointments may be made for the same or similar roles - if this applies to you, we'll let you know via your Civil Service Jobs account.

Criminal Record Check

Applications received from candidates with a criminal record are considered fairly in accordance with the DBS Code of Practice and the Recruitment of ex-offenders Policy.

Merit List

After interview, a single merit list will be created, and you will only be considered for posts in locations you have expressed a preference for. Appointments will be made in strict merit order in line with the set number of roles in each location.

Reasonable Adjustments

We want to make sure no one is put at a disadvantage during our recruitment process. To assist you with this, we will reduce or remove any barriers where possible and provide additional support where appropriate.

If you need a change to be made so that you can make your application, you should:

• Contact the UBS Recruitment team via as soon as possible before the closing date to discuss your needs.

Complete the "Assistance required" section in the "Additional requirements" page of your application form to tell us what changes or help you might need further on in the recruitment process. For instance, you may need wheelchair access at interview, or if you're deaf, a Language Service Professional.

Additional Security Information

Please note: in addition to the standard pre-employment checks for appointment into the Civil Service, all candidates must also obtain National Security Vetting at Security Check (SC) clearance level for this vacancy. You will normally need to meet the minimum UK residency period as determined by the level of vetting being undertaken, which for SC is 5 years UK residency prior to your vetting application. If you have any questions about this residency requirement, please speak to the vacancy holder for this post.

Important information for existing HMRC contractual homeworkers:

This role may be suitable for existing HMRC employees who are contractual homeworkers. Occasional attendance to the office will be required where there is a business need. Please consider the advertised office locations for this role when applying and only select locations from the 'location preferences' section that you can travel to.

Terms and Conditions

Customer facing roles in HMRC require the ability to converse at ease with members of the public and provide advice in accurate spoken English and/or Welsh where required. Where this is an essential requirement, this will be tested as part of the selection process.

HMRC has a presence in every region of the UK. For more information on where you might be working, review this information on our locations.

The Civil Service values honesty and integrity and expects all candidates to abide by these principles. The evidence you provide in your application must relate to your own experiences.

Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant application(s) will be withdrawn from the process.

Recording of interviews is prohibited unless explicit agreement is sought in line with the UK General Data Protection Regulations.

Questions relating to an individual application must be emailed as detailed later in this advert.

Applicants who are successful at interview will be, as part of pre-employment screening, subject to a check on the Internal Fraud Database (IFD). This check will provide information about employees who have been dismissed for fraud or dishonesty offences. This check also applies to employees who resign or otherwise leave before being dismissed for fraud or dishonesty had their employment continued. Any applicant's details held on the IFD will be refused employment.

A candidate is not eligible to apply for a role within the Civil Service if the application is made within a 5 year period following a dismissal for carrying out internal fraud against government.

New entrants will join on the minimum of the pay band.

Please note that, if you are applying for roles on a part-time basis, the salary agreed will be pro-rata, reflective of the working hours agreed within your contract.

If you experience accessibility problems with any attachments on this advert, please contact the email address in the 'Contact point for applicants' section.

For more Information for people applying for, or thinking of applying for, roles at HM Revenue and Customs, please see link: Working for HMRC: information for applicants - GOV.UK.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.

Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).

People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.

The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Network Security Architect Remote - UK, London, Virtual, EUROPE

Start your journey with BCD: Grow, connect, collaborate and celebrate with our global team

Network Security Architect Remote

Full time, Remote United Kingdom

The Network Security Architect is a global network security position that must work independently and within the team. They will administer, test, implement, troubleshoot, and advise on Security Infrastructure architectures to include all Network Security related systems and their components. This role includes the responsibility for implementing appropriate IT security procedures. They will design, build, and oversee the implementation of secure IT network infrastructures to protect an organization's information assets from cyber threats. They assess security risks, identify vulnerabilities, and develop comprehensive strategies using a combination of hardware and software solutions. Key responsibilities include anticipating threats, implementing security protocols like firewalls and VPNs, responding to security incidents, and ensuring the network meets organizational needs while adhering to security standards.  In this role, this candidate will independently research and resolve moderately to highly complex technical problems. They will document standards, implementation procedures, and troubleshooting processes. In this role, the candidate will also be required to provide security services and expertise on internal technology projects.  

As a Network Security Architect, you will

• Design and architect end-to-end secure network solutions, including site-to-site VPNs, zero trust models, and segmentation strategies    
• Architect and secure cloud-based networks, including virtual firewalls, security groups, VPC peering, and hybrid connectivity
• Design secure, scalable network architectures—including  campus, data center, and hybrid cloud topologies—leveraging Cisco SD WAN, Firewall, ISE, and Cloud technologies  
• Lead end to end deployments: planning, staging, migration, and cutover for multi site environments
• Perform analysis of all threat/vulnerability sources, assessing any impacts to infrastructure and systems and providing an assessment, recommendations and potential actions correlative to the security threat posture and matures the current vulnerability and scanning/assessment capabilities
• Act as technical mentor for  network engineers—conducting design reviews, configuration walkthroughs, and knowledge sharing sessions
• Provide high quality customer service by listening and understanding the needs of the stake holders
• Identify and communicate threats and vulnerabilities that could impact business operations  
• Assist with communication, implementation, and analysis of compliance to security policies, standards, and procedures 
• Analyze metrics and report trends and opportunities for improvement    

About you

• You have extensive network and Information Security related technology experience  
• Extensive experience in the architecture/design, development, and implementation of large-scale Wide Area Network (WAN) architectures with a strong focus on network, firewall, Routing and Cloud  
• Extensive knowledge and experience with network. (e.g., Routing and Switching, WAN, Packet Analysis, Firewall, Capacity Planning, IT Tools, and other relevant technologies    
• Design/Implement/Troubleshoot Fortinet, ASA, FTD (Firepower Threat Defense/IDS/IPS)
• Design/Implement/Troubleshoot VPN Technologies including but not limited to Cisco IPSEC and AnyConnect (NAM/Posture),
• Experience with NAC/ISE integration with wired, wireless, VPN as well as posture
• Strong background and ability to monitor network security by analyzing Intrusion Detections reports, firewall logs and other application sources    
• Strong understanding of network security architectures, solutions, processes, frameworks, and components  
• Extensive experience with Cloud solutions such as AWS, Azure
• Thorough knowledge and experience with Network security standards (Network architecture analysis, Network Administration,  Load balancer and Firewall Engineering)
• Experience with network and performance management tools, security tools and appliances, layer 2 technologies, wireless technologies  
• Experience and understanding of network design and troubleshooting specificity as it applies to interoperability of security systems with the network                                           

About us
We’re a market leader in travel management: We help people and companies travel smart and achieve more, and our clients include some of the world’s best-known and most innovative business and consumer brands. We operate in more than 100 countries, and the majority of our 10,000+ people work virtually (because a 10-second commute usually makes awesome sense). We’re committed to sustainability and to driving success for our customers, our business and ourselves. Learn more about BCD Travel.

Your life at BCD

Working at BCD means connecting, collaborating and celebrating. You’ll be part of a virtual, dynamic and flexible work environment that fosters a good work-life balance so you can focus on what makes you happy. But don’t just take our word for it! Hear why people join BCD and more about the great perks of Life at BCD.

You’ll be offered

• Flexible working hours and work-from-home or remote opportunities
• Opportunities to grow your skillset and career
• Generous vacation days so you can rest and recharge
• A compensation package that feels fair to you, including mental, physical, and financial wellbeing tools
• Travel industry professional perks and discounts
• An inclusive work environment where diversity is celebrated

Ready to join the journey? Apply now!

We’re dedicated to building a diverse, inclusive and authentic workplace. If you’re excited about a role, but your experience doesn’t align perfectly, we still encourage you to apply.

We are committed to providing reasonable and necessary accommodations to ensure all employees can perform their roles effectively. For accommodation requests or further information, contact our Talent Acquisition department at

#LI-Remote

#LI-VP1

Information Security Officer - Nibley Court, 3 Turner Drive, Bristol, South GloucestershireCompany Description

At SBS, we’re more than just a technology company – we’re a global fintech partner helping banks and financial institutions transform, innovate, and grow. With over 5,000 employees worldwide and clients in more than 80 countries, our solutions power everything from digital banking and lending to payments and core banking systems.

As part of 74Software , we’re backed by a group of leading software companies delivering mission-critical solutions worldwide. Our focus is on delivering long-term value, leveraging cutting-edge technology, and fostering strong client partnerships. Join us and be part of a collaborative, forward-thinking team shaping the future of finance.

Job Description

? Bristol or Sheffield – hybrid – 2 office days per week.

? Salary: £55,000-£0,000 (DOE) per annum plus pension, & excellent benefits package

?  Job type:  Permanent, full time

We are on the lookout for an experienced Cloud Information Security Officer to help drive forward our commitment to providing a world-class information security management system for our products and services that protects both SBS and our customers' interests. This role will report to the Security, Risk and Compliance Lead.

What will the role involve?

• Proactively monitoring, identifying, responding to, and resolving security incidents.
• Aligning information security strategy with business goals and objectives.
• Ensuring compliance with relevant local and international laws and internal policies.
• Fostering a culture of information security awareness and continuous improvement.
• Driving the adoption of best practices in data protection and cybersecurity.
• Maintaining a strong relationship with internal teams and our customers by demonstrating an understanding of and executing best practices within information security.
• Updating and maintaining information security policies and procedures, and supporting operational collateral.
• Managing internal and external audit events (e.g., SOC1, ISO 27001) and customer information security requests to demonstrate compliance with industry best practices and contractual obligations.
• Remaining up-to-date with the latest threats and vulnerabilities to ensure operational tools and processes are in place and up to date.
• Participate in the identification, assessment, registration, and treatment of information security risks

Don't meet every single requirement? That's okay, and you aren't alone!  Research shows that women and people of colour are less likely to apply for a role unless they meet all the criteria.

At SBS, we're committed to building a diverse, inclusive team where everyone feels they belong. So if this role excites you and you're eager to grow, we'd love to hear from you - even if your experience doesn't tick every box just yet, send us your application!

Qualifications

What are we looking for?

• Minimum of 3 years of experience working in an information security role, or an information security-related qualification.
• Experience working in and securing cloud environments (AWS preferred)
• Excellent working knowledge of common security tools and platforms.
• Familiarity with GDPR, ISO 27001 and other relevant information security laws and standards.
• Excellent written and verbal communication skills, with the ability to convey complex information.
• A very strong understanding of information security concepts and best practices.
• Capable of managing emerging information security risks and how these can be mitigated.

Additional Information

What's in it for you?

At SBS, we’re committed to supporting our employees in every aspect of their lives, from health and wellbeing to financial security and lifestyle perks. Here’s a snapshot of the benefits you'll enjoy as part of our team:

? Competitive salary:  £55,000-£60,00 (DOE) per annum.

? Health & Wellbeing : Private Medical Insurance, Health Cash Plan, Dental Insurance, Eye Care Vouchers, Flu Vaccinations

? Hybrid working:  Work from home three days per week, and join us in the office for the remaining two.

?️ Finance & Protection:  Life Assurance, Critical Illness Cover, Pension Plan, Long Service Awards, Payroll Giving, Fleet car provider

? Leisure & Lifestyle : Cycle to Work Scheme, Holiday Trading, Travel Insurance

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.

Senior Security Architect - Reading, Berkshire, RG1 8DB Contract: PermanentSalary: Competitive salary up to £85,000 per annum.As the Senior Security Architect , you will be a key part of the Information Security team , focused on developing, implementing, and governing robust security architecture strategies and patterns across Thames Water. This role will support our mission to protect systems, data, and operations from cyber threats by enabling secure-by-design practices across all digital initiatives.

Reporting to the Head of Security Architecture , you will work collaboratively with key stakeholders across Thames Water to ensure new and existing technology capabilities are designed and delivered with the necessary, appropriate and proportionate security measures. This role requires deep technical expertise, strategic thinking, and strong leadership in embedding cybersecurity into the digital transformation journey.

What you’ll be doing as the Senior Security Architect:

• Security Architecture Strategy: Assist in the development and maintenance of the company-wide security architecture strategy and roadmap.
• Secure Solution Design: Lead and review security designs to ensure end-to-end solutions meet security requirements across projects and programmes.
• Security Architecture Artefacts: Create and manage security patterns, reference architectures, and technical standards for secure design and implementation.
• Threat & Risk Assessment: Conduct threat modelling and risk assessments to identify security gaps and recommend proportionate controls.
• Security Control Assurance: Validate implementation of agreed security designs through testing, reviews, and go-live assessments.
• Collaboration Across Teams: Work closely with enterprise and domain architects, cyber security, project managers, and business stakeholders to embed security into design and delivery.
• Security Governance & Compliance: Ensure adherence to internal and regulatory security standards by providing oversight throughout project and solution lifecycles.
• Vendor & Product Evaluation: Provide security input into technology procurement and vendor selection to ensure alignment with security architecture requirements.
• Security Awareness & Best Practice: Champion secure-by-design principles and contribute to developing Thames Water’s security architecture capabilities and culture.

Base location - Hybrid - Clearwater Court, Reading   
Full Time - 36 hours per week

What you should bring to the role:

Essential Experience:

• Security Architecture Frameworks: Experience with frameworks such as SABSA, TOGAF, or Zachman.
• Technical Knowledge: Proficient in designing secure solutions across cloud, on-prem, and hybrid environments, including IT and OT domains.
• Security Infrastructure: In-depth knowledge of technologies such as firewalls, WAFs, IPS, SIEM, endpoint protection, and IAM.
• Secure Systems Design: Proven experience in embedding security controls in system architecture across various platforms and environments.
• IAM Design: Direct experience designing identity and access management solutions, including Active Directory, Azure IAM, and RBAC.
• Business Engagement: Ability to translate technical security requirements into business-focused language and work effectively with stakeholders at all levels.

Essential Skills & Qualifications:

• Education: Educated to degree level or equivalent experience.
• Certifications: Security certifications such as CISSP , CISM , or equivalent.
• Communication: Strong written and verbal communication skills, capable of articulating complex issues clearly.
• Analytical Thinking: Excellent problem-solving and critical thinking skills, with the ability to balance business needs with security.
• Self-Starter: Proactive, highly motivated, and able to work independently in a fast-paced, changing environment.

Desirable Experience:

• Security Architecture Delivery: Experience working within a security architecture or similar function.
• Modelling Tools: Experience using architecture modelling software (e.g., BiZZdesign, ArchiMate, BPM tools).
• Compliance Standards: Familiarity with compliance frameworks and standards in system design (e.g., ISO 27001, NIST, and CIS).
• Architecture Artefacts: Experience in creating reusable security architecture models and patterns.

Desirable Technical Skills & Qualifications:

• Advanced Certifications: Additional certifications such as CISA , SABSA , or TOGAF are desirable.
• Security for Emerging Tech: Understanding of security considerations for AI, containerisation, Kubernetes, and cloud-native applications.

What’s in it for you?

• Competitive salary up to £85,000 per annum, depending on qualifications, skills and experience.
• Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays).
• Performance-related pay plan directly linked to both company and individual performance measures and targets.
• Generous Pension Scheme through AON.
• Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Find out more about our benefits and perks

Who are we?

We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.
Learn more about our purpose and values

Working at Thames Wate r

Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy meaningful career opportunities, flexible working arrangements and excellent benefits.

If you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region, and our planet.
Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process . If you need any adjustments, whether that’s extra time, accessible formats, or anything else just let us know , we’re here to help and support .

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business and meet colleagues.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.

Senior SAP Security Consultant - London Reference Code: -en_GBContract Type: PermanentProfessional Communities: SaaS Solutions

About the job you’re considering

If you are looking for a role where you can make a difference and work with the latest technology, this is the role for you. As an SAP Security Consultant, you will be instrumental in delivering innovative, ground-breaking projects for a range of different industries.
You will work with our clients at various stages of their journeys, from planning installations, upgrades, through to migrations to the cloud, solutions design.
You will be part of a larger project team supported by both our SAP Global team and Centre of Excellence, working closely with partners, stakeholders, and multiple areas of the wider Capgemini family.

About our UK SAP Practice Team:  Capgemini UK is a leading SAP Integration Partner, helping our clients navigate through complex SAP transformations. Capgemini UK has 1000 + SAP practitioners across UK & India and are ranked #1 for SAP S/4HANA® certifications in UK and globally. We work closely with our clients to transform their business together using the latest SAP products and architecture, a deep knowledge of industries and markets, and innovative delivery methodologies.

Hybrid working: The places that you work from day to day will vary according to your role, your needs, and those of the business; it will be a blend of Company offices, client sites, and your home; noting that you will be unable to work at home 100% of the time.
 

If you are successfully offered this position, you will go through a series of pre-employment checks, including: Identity, nationality (single or dual) or immigration status, employment history going back 3 continuous years, and unspent criminal record check (known as Disclosure and Barring Service)

Your role

We are working with a client in the UK implementing the latest SAP technologies. This is a unique opportunity to work with one of the largest SAP practices in the UK, working with a few FTSE 100 companies. The role provides a great opportunity for someone to grow their career in SAP Security, working closely with Capgemini, our client.

• Leadership and Consulting within SAP S/4HANA projects around Security and Controls
• Lead technical delivery of security solution within a project
• Performing GRC configuration and use of GRC tools in the creation and maintenance of security roles
• Interact with users from various functional and technical areas
• Participate in the design of SAP Architecture
• Build strong and enduring client relationships
You can bring your whole self to work. At Capgemini building an inclusive future is part of everyday life and will be part of your working reality. We have built a representative and welcoming environment, for everyone.

Your skills and experience

• Proven track record of SAP large scale project deliveries
• Ability to design and architect SAP Security including S/4HANA, HCM, FIORI, BI, BPC & Cloud environments
• Experience in GRC Access Control 10.1/12 implementation & upgrades
• Experience in GRC Process Control would be an added advantage.
• Security skills relating to IAG & BTP are desirable
• Experience with IAM & SSO concepts desirable
• Passionate about the latest technologies and processes within the market
• Ability to inspire a shared vision across client and Capgemini teams
• A trusted client advisor with outstanding communications skills and ability to influence

Your Security Clearance 

To be successfully appointed to this role, it is a requirement to obtain Security Check (SC) clearance. To obtain SC clearance, the successful applicant must have resided continuously within the United Kingdom for the last 5 years, along with other criteria and requirements. Throughout the recruitment process, you will be asked questions about your security clearance eligibility such as, but not limited to, country of residence and nationality. Some posts are restricted to sole UK Nationals for security reasons; therefore, you may be asked about your citizenship in the application process.

What does ‘Get The Future You Want’ mean for you? 

You will be encouraged to have a positive work-life balance. Our hybrid-first way of working means we embed hybrid working in all that we do and make flexible working arrangements the day-to-day reality for our people. All UK employees are eligible to request flexible working arrangements

You will be joining one of the World’s Most Ethical Companies®, as recognised by Ethisphere® for 12 consecutive years. We live our values by making ethical business choices every day. Working ethically is at the centre of our culture at Capgemini, meaning you will be helping to create a future we can all be proud of.

Capgemini. Get The Future You Want.

Why you should consider Capgemini 

Growing clients’ businesses while building a more sustainable, more inclusive future is a tough ask. When you join Capgemini, you’ll join a thriving company and become part of a collective of free-thinkers, entrepreneurs and industry experts. We find new ways technology can help us reimagine what’s possible. It’s why, together, we seek out opportunities that will transform the world’s leading businesses, and it’s how you’ll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge, and always pushing yourself to do better, you’ll build the skills you want. You’ll use your skills to help our clients leverage technology to innovate and grow their business. So, it might not always be easy, but making the world a better place rarely is. 

About Capgemini 

Capgemini is a global business and technology transformation partner, helping organisations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. 
It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fuelled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2024 global revenues of €22.1 billion. 

Get The Future You Want |

Graduate Information Security Officer - Office 1, The Square, 2 Broad Street West, Sheffield, YorkshireCompany Description

At SBS, we’re more than just a technology company – we’re a global fintech partner helping banks and financial institutions transform, innovate, and grow. With over 5,000 employees worldwide and clients in more than 80 countries, our solutions power everything from digital banking and lending to payments and core banking systems.

As part of 74Software , we’re backed by a group of leading software companies delivering mission-critical solutions worldwide. Our focus is on delivering long-term value, leveraging cutting-edge technology, and fostering strong client partnerships. Join us and be part of a collaborative, forward-thinking team shaping the future of finance.

Job Description

? Sheffield – Hybrid (2 days in office)
? Salary: Circa £30,000 per annum + great benefits package
? Full-time, permanent

Are you passionate about cybersecurity and ready to kickstart your career in information security? We’re looking for a Graduate Information Security Officer to join our dynamic team and help protect the systems, data, and services that power SBS and our customers.

This is a fantastic opportunity for a recent graduate or someone early in their career to gain hands-on experience, develop their skills, and grow within an established information security function. You’ll work alongside experienced professionals and receive mentoring and support to help you build a rewarding and impactful career in cyber and information security.

What will you be doing?

You’ll get involved in a wide range of activities, such as:

• Supporting the monitoring and investigation of security events and incidents.
• Learning how to identify and assess information security risks.
• Helping to update and maintain security policies, procedures, and documentation.
• Assisting with internal and external audits (e.g., ISO 27001, SOC1).
• Contributing to responses to customer security questionnaires and due diligence.
• Keeping up to date with emerging cybersecurity threats and trends.
• Supporting awareness and education activities to build a strong security culture across the business.

Qualifications

What are we looking for?

We’re not expecting you to be an expert yet – we’re looking for someone who’s curious, committed to learning, and ready to grow into the role. Ideally, you’ll have:

• A degree in Cybersecurity, Information Security, Computer Science, or a related field – or equivalent practical experience or self-taught knowledge.
• A genuine interest in information security and the desire to develop a career in the field.
• Some understanding of cloud computing concepts (AWS knowledge is a bonus!).
• Familiarity with information security principles and standards like ISO 27001 or GDPR (don’t worry – we’ll help you learn more!).
• Strong communication skills and the ability to explain complex topics clearly.
• A proactive mindset and a willingness to ask questions, solve problems, and keep learning.

Don't meet every single requirement? That's okay, and you aren't alone! Research shows that women and people of colour are less likely to apply for a role unless they meet all the criteria. We're committed to building a diverse, inclusive team where everyone feels they belong. So if this role excites you and you're eager to grow, we'd love to hear from you - even if your experience doesn't tick every box just yet, send us your application!

Additional Information

What's in it for you?

At SBS, we’re committed to supporting our employees in every aspect of their lives, from health and wellbeing to financial security and lifestyle perks. Here’s a snapshot of the benefits you'll enjoy as part of our team:

? Competitive salary:  Circa £30,000 per annum.

? Health & Wellbeing : Private Medical Insurance, Health Cash Plan, Dental Insurance, Eye Care Vouchers, Flu Vaccinations

? Hybrid working:  Work from home three days per week, and join us in the office for the remaining two.

?️ Finance & Protection:  Life Assurance, Critical Illness Cover, Pension Plan, Long Service Awards, Payroll Giving, Fleet car provider

? Leisure & Lifestyle : Cycle to Work Scheme, Holiday Trading, Travel Insurance

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.