**Permanent role**

£80k to £130k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A global investment management firm.

The role

You will play an integral role ensuring that the security strategy and security architecture are integrated effectively into the wider Enterprise Architecture domains.

The responsibilities

• Maintain and support Azure Active Directory in a hybrid cloud/on-premise environment

• Build, administer, and/or support enterprise IAM systems and solutions for privileged access management (PAM) and identity governance and administration (IGA).

• Support of access management services, such as single sign-on (SSO), multi-factor authentication (MFA), and self-service password reset (SSPR).

Essential experience

• 7-10 years of relevant experience

• IAM solutions and processes

• Privilege Identity Management

• Scripting (Powershell)

• Active Directory

Desirable experience

• Azure Active Directory

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

**Permanent role**

£90k to £140k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A Global Investment Management Firm

The role

As an Enterprise Security Architect, you will play an integral role in ensuring that the Security Strategy and security Architecture are integrated effectively into the wider Enterprise Architecture domains, with strong focus on end-to-end secure application development lifecycle, and DevSecOps practice.

The responsibilities

• Advance practices in application management, cloud management policies and standards security domains

• Develop secure coding/software development standards, patterns and “shift left” best practice, enable DevSecOps practice, and serve as technical security advisor to value stream teams to ensure secure coding practice and security related non-functional requirement are met.

• As part of architectural governance process, review security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics

Essential experience

• 8-12 years relevant experience

• Public Cloud (AWS/Azure)

• Certified in TOGAF

• CI/CD Pipeline exerience

Desirable experience

• Longevity in a permanent position

• Full-stack knowledge of IT systems

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

**Permanent role**

£65k to £75k per annum

**Hybrid home/office model**

Candidates must be permanent residents in the UK with at least 5 years history

The company

A leading UK based Legal Practice

The role

The mission is to establish a risk-managed environment that enables the firm to adequately and reasonably protect the confidentiality, integrity and availability of information used by the business and on behalf of clients.

The focus is on technical operational security and developing actionable information security and risk policies, processes, standards, plans, guidelines, controls, and frameworks to ensure people, processes and technology architectures within the enterprise are consistent, usable, and risk-managed.

The responsibilities

• Configure and optimise security and threat detection products and services providing DLP, SIEM, advanced email protection, EDR, antivirus, cloud security products, intrusion detection/prevention systems, and other industry standard security technologies.

• Proactively identify vulnerabilities through scans and assessment reports, penetration tests, targeted network traffic analysis and other methodologies

• Plan and recommend changes to increase the security of the network, computer hardware and operating systems, business and peripheral applications.

Essential experience

• Network Security experience
• Experience working in a past paced Information Security/Cyber Security environment
• Knowledge of SIEM, EDR, Trustwave, Vulnerability Management, Firewalls, and industry standard security tools.

Desirable experience

• Experience working in a Legal/Insurance company

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

**Permanent role**

£90k to £95k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A global foreign exchange service.

The role

Reporting to the Engineering Manager, you would be required to engineer and re-engineer the latest technologies including but not limited to, the evolution of the Desktop Transformation; complementing the London IT Engineering team, bringing subject matter expertise in several areas.

You would be responsible for the specific technical design, build and deployment of both new solutions and enhancements to existing solutions.

When asked to do so, you would represent the Engineering team and speak with authority, providing the necessary expertise to technically drive the project though the full lifecycle, from the initial concept, design, implementation and the handover into production support.

The responsibilities

• Provide third level support, where required, to assist the Infrastructure Service Operations teams with the investigation, escalation and resolution of technical Infrastructure issues that cannot be resolved by the team.

• Working with third parties, where relevant, to assist in their deployment of new services.

• Provide third level support, where required, to assist the second level Service Operations support team.

Essential experience

• Creation of technical governance documentation, such as Solution Outline and High Level Design as well as authoring Low Level Designs

• Exchange On Premise/Microsoft 365

• Strong understanding of designing to meet security principles and compliance

• Strong Understanding and appreciation of working on business-critical production infrastructure, applications and database services

Desirable experience

• Experience of working in a network heavily segregated by firewalls

• Understanding of building a product that will result in zero findings on a penetration test

• Demonstrate good problem management ownership and prevention of SLA breach under Incident/Problem Management processes

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

McGregor Boyall are currently recruiting for an Information Security Manager for our client based in Edinburgh.

This is a permanent role that offers hybrid working (you will be in the office 1-2 times a week).

Sponsorship is not available with this position; therefore candidates must have the right to work in the UK.

You will be part of a team that manages Information Security for aour clients' UK business lines and office locations.

This role will see you getting involved in all aspects of the Information Security Service.

This role will support the Enterprise Information Security Team in delivering the information Security strategy for the business and aligning this with the Global Information Security strategy.

Your key responsibilities will include (but not limited to):

• Playing a key role in the successful delivery of an Enterprise Information Security Function.
• Providing technical support and guidance to project teams and other business areas in relation to Information Security.
• Validating delivered solutions against approved security architecture.
• Understanding and supporting the mapping of the Security Strategy & Architecture Roadmap & Standards to protect company information assets.
• Supporting the Information Security strategy through assigned initiatives.

To be considered for this role we would love you to have the following skills and experience:

• Knowledge and understanding of Financial Services regulatory/compliance requirements in information security and data protection.
• Risk assessment/risk management skills.
• Security, including information security management, physical security, application security, network security and security incident management.
• Problem Solving skills, there will be an expectation on you to undertake complex tasks, including, analytical thinking and developing highly innovative solutions.
• Good technical knowledge of the security impact on established and up and coming technologies.
• Key understanding of working in a Digital business and the impact on information security.
• Knowledge and understanding of Financial Services regulatory/compliance requirements in information security.
• Wide and broad knowledge of Information Security, as the successful candidate will be expected to deal with varied work activities.
• Experience of working in information security management and/or related functions in financial services.
• Good Project Delivery experience

McGregor Boyall is acting as an Employment Agency in relation to this vacancy.

**Permanent role**

Up to £110k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A growing Digital Fintech Enterprise who's leading the way in the UK.

The role

As an application security architect, you will perform application security reviews to identify application design flaws; Provide hands-on technical security guidance to protect our products from known and emerging threats, vulnerabilities, and intrusion attacks

The responsibilities

• Define and evolve application security architecture and patterns based on enterprise reference architecture and threat landscape

• Integrate static and dynamic vulnerability checks for applications, open-source libraries, container registries, Kubernetes runtime workloads and APIs

• Define/Maintain guidelines, standards, and baselines for application security and secure deployments

Essential experience

• Either mobile, Front-End, or Back-End Application Security Experience

• Stakeholder Management Experience

• Experience in Threat Modelling and Risk Assessments

• Strong API Security Experience

Desirable experience

• Experience with AWS

• Relevanbt Security Certifications (SANS, CASE, OWASP, etc)

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

**Permanent role**

£70k to £80k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A global foreign exchange service.

The role

As part of the IT Security team, develop and implement the firm's IT Strategy in consultation with the IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall Strategy

Provide security advice and support for information technology projects

Research new security related products and services to ensure that the firm is equipped with appropriate industry best tools and solutions

The responsibilities

• Responding to control failures, working internally with SecOps, stakeholder engaging to course correct incidents.

• Operate and maintain controls related to SIEM, DLP, Vulnerability Management, DLP, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations.

Essential experience

• 5+ years of industry experience

• Someone who has got their hands dirty in cyber

• VM, SOC, IR, DLP experience

Desirable experience

• Architecture background a plus

• Broad security experience will stand out to them.

• Communication is key

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.

McGregor Boyall are currently seeking to recruit a Senior Security Operations Analyst for our financial services client based in Edinburgh.

This is a permanent role and our client offers a great deal of hybrid working flexibility, not only that they will support you as you grow, develop and progress within your career.

This position is an integral part of the security operations team with the objective of continually testing and improving the security posture of the business.

This is a technical role and the purpose of the role is to provide continuous operational security improvements by coordinating penetration testing, issue remediation and day to day security posture upgrade.

The role will take a threat based approach and provide an attackers viewpoint by demonstrating weaknesses in security controls. The ability to clearly communicate these risks to stakeholders is essential.

Reporting directly to the Cyber Security Operations Manager, you will work together with the Leads in the Threat, Response & Defence capabilities as well as inputting in to the Engineering function.

Your key responsibilities will include (not limited to):

• Supporting incident response, as part of the CSIRT team for major incident
• Participating in change control processes, providing an SME guidance on operational changes to ensure BAU change does not reduce security posture
• Contributing to the security transformation programme and taking ownership of security issues requiring immediate remediation
• Working within governance forums such as ITIL change control or cyber security governance committee

To be considered for the role we would love you to have a mixture of the following skills and experience:

• Passion for security and self-development to keep up to date with the evolving threat and vulnerability landscape, new technologies and service improvements
• Understanding of cloud security principles, hands-on experience with Azure Security Centre and AWS Guard Duty is beneficial
• Industry recognised certifications, e.g. CEH, OSCP, CISSP or equivalent experience
• Experience managing enterprise penetration testing programs.
• Experience with security tools, such as SIEM, IDS/IPS, vulnerability scanners, AV, web and email filtering, webapp firewalls and DDoS protections, host based protections and malware analysis
• Familiarity with common enterprise technologies e.g. Microsoft, Linux, VMWare, Citrix, etc.
• Able to work in an international matrix organisation with complex and dynamic drivers and constraints

If this sounds like you and you want to work for a business that genuinely supports career progression, please get in touch for a confidential chat.

Sponsorship is not available with this role.

McGregor Boyall is acting as an Employment Agency in relation to this vacancy.

**Permanent role**

£85 - £95k per annum

**Hybrid home/office model**

Sponsorship - NOT AVAILABLE

The company

A global metal trading firm.

The role

The Cyber Offence Team Lead runs a team that focus on offensive cyber security services whilst working closely with peers within the Information Security function and stakeholders across the wider group. The function will focus on offensive security (Red Team, Penetration Testing, Bug Bounty) but will also support defensive cyber security capabilities where needed by working with the Cyber Defense Lead.

The responsibilities

• Manage offensive security assessments and penetration testing against the firm's systems and infrastructure; Including red team testing, penetration testing, breach and attack simulation, bug bounty, and purple team testing.

• Support security incidents and act as stretch capacity for incident response and threat handling; Including on-call activity for major incidents.

• Optimise detection and response rules; Support the testing and recertify SIEM rules against threat models and detection frameworks

Essential experience

• Direct experience on penetration testing, red-team exercise and compromise assessment.

• Experience scoping penetration tests and other security assessments.

• Scripting and automation tools.

• Stakeholder Management.

Desirable experience

• Relevant security certifications such as GPEN, CEH, OWASP, etc.

• Working knowledge of the exchange industry and technologies is of benefit

McGregor Boyall is an equal opportunity employer and do not discriminate on any grounds.