15 of 15 Secrets Management Jobs in London

working +SC cleared role - must be elligible for clearance Are you an experienced CyberArk Architect who can define and deliver enterprise-grade PAM and secrets-management platforms in secure, complex environments? We are seeking a highly skilled CyberArk PAM Self-Hosted Architect to take ownership of architectural strategy … architecture and high-level design for CyberArk PAM Self-Hosted and CyberArk Conjur, defining these as strategic platforms for privileged access and secrets management. Establish and maintain reference architectures , patterns, and standards for onboarding infrastructure, applications, DevOps platforms and third parties into CyberArk. Architect CyberArk PAM Self-Hosted components ...

infrastructure and applications • Work with Security team through formal Jira workflows (treated as internal client) • Ensure compliance with regulatory requirements (FCA, VARA, ADGM) • Manage secrets and keys for cloud infrastructure Collaboration & Knowledge Sharing (10%) • Partner with Rust developers, quantitative researchers, and data engineers • Maintain detailed technical documentation • Create architecture … services, including VPC, Transit Gateway, EKS, EC2, S3, RDS, Lambda • Advanced proficiency in Terraform and Terragrunt • In-depth knowledge of Kubernetes and EKS cluster management • Strong proficiency in Ansible for server configuration management • Advanced Python scripting for automation and tooling • Expert-level Linux skills (RHEL/Rocky Linux ...

container registries, application services, and networking Implement monitoring, alerting, and observability frameworks with SLOs and diagnostic tools Enforce security through access controls, secrets management, vulnerability scanning, and policy-as-code Manage environment consistency and optimise cloud costs through performance monitoring and capacity planning Create reusable automation tools, templates … Bicep Extensive CI/CD pipeline experience with GitHub Actions or Azure Pipelines Background in observability and telemetry solutions Understanding of cloud security, identity management, and compliance frameworks Networking fundamentals and familiarity with Azure databases and messaging services Scripting skills (Bash/PowerShell/Python) and Linux system administration ...

Security Lead to validate findings, prioritise risk, implement fixes, and strengthen security controls. A strong understanding of software development, DevSecOps practices, and vulnerability management is essential. Key Responsibilities Own end-to-end remediation of AWS and workload vulnerabilities: confirm findings, assess impact, prioritise actions, and track through to closure. … Work with the AWS Security Lead to ensure remediation aligns with AWS security controls, internal risk policies, and compliance requirements. Improve and automate vulnerability management processes (e.g., scanning coverage, SLAs, exception handling, evidence capture). Embed security into CI/CD and the SDLC: shift-left reviews, secure coding ...

prem environments. +Build and manage Infrastructure-as-Code (Terraform, Ansible, CloudFormation, etc.). +Integrate security tooling into development workflows: SAST, DAST, dependency scanning, secrets management, etc. +Collaborate with engineering teams to perform threat modelling and ensure secure system design. Key Skills and Experience: +Strong experience with CI/… etc.). +Hands-on cloud experience (AWS, Azure, or GCP) with a strong focus on cloud security. +Proficiency with Infrastructure-as-Code and configuration management tools. +Strong scripting/programming abilities (Python, Bash, Go, etc.). Join a high-growth cybersecurity team where your work has real impact. ...

security across IAM, networking, compute, storage and serverless AWS security controls including IAM least privilege, VPC segmentation, private endpoints, WAF/Shield, KMS, secrets management and logging Operating AWS Security Hub, GuardDuty, Inspector, Config and Access Analyzer Vulnerability remediation across OS/packages, containers, libraries, serverless runtimes … cloud misconfigurations CI/CD and DevSecOps practices including shift-left reviews, dependency management and pipeline guardrails Infrastructure as Code security using Terraform and/or CloudFormation Python or Bash automation to streamline remediation and control validation Working with common scanning tools such as Inspector, Snyk, Trivy, Dependabot ...

only platform team responsible for designing, automating, and operating the full infrastructure stack. You will work across Linux systems, container orchestration, infrastructure-as-code, secrets management, cluster networking/storage interfaces, and cloud integration. This is not a siloed role. You will work in an environment where sharp … Work On Infrastructure as Code & Automation Designing and building infrastructure using Terraform, Helm, Ansible, and Puppet Implementing fully automated, GitOps-style provisioning and lifecycle management Codifying repeatable patterns for platform reliability, security, and scaling Containerisation & Orchestration Operating and improving large-scale containerised workloads Working with Nomad (preferred) or Kubernetes ...

only platform team responsible for designing, automating, and operating the full infrastructure stack. You will work across Linux systems, container orchestration, infrastructure-as-code, secrets management, cluster networking/storage interfaces, and cloud integration. This is not a siloed role. You will work in an environment where sharp … Work On Infrastructure as Code & Automation Designing and building infrastructure using Terraform, Helm, Ansible, and Puppet Implementing fully automated, GitOps-style provisioning and lifecycle management Codifying repeatable patterns for platform reliability, security, and scaling Containerisation & Orchestration Operating and improving large-scale containerised workloads Working with Nomad (preferred) or Kubernetes ...

DevOps pipelinesRequirements Design, implement, and maintaining secure CI/CD pipelines. Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk assessments ...

DevOps pipelines Requirements Design, implement, and maintaining secure CI/CD pipelines. Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management). Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices. Advise on threat modelling, risk ...

diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading-edge management consulting along with technology and design, corporate and digital ventures-and business purpose. We work in a uniquely collaborative model across the firm and throughout … embed security early into development and delivery workflows. Data Security Engineering: Build and operate scalable data protection solutions, including data loss prevention (DLP), secrets management, encryption, and classification. Collaborate with the IAM team to align authentication, authorization, and privileged access policies with data security controls. Deliver security capabilities ...

scripting. Workflow orchestration (Temporal preferably or similar tools). Network validation/testing tools (pyATS, NAPALM). Containerization and orchestration (Docker, Kubernetes). Secure secrets and configuration management (Vault, PKI). Experience with data center fabrics, QoS, and high-performance networking is a plus. Nice To have Observability ...

SonarQube, OWASP ZAP) Conduct and coordinate penetration testing (internal and third-party); triage and drive remediation Deploy runtime threat detection (GuardDuty, Falco, Wazuh) Manage secrets detection and scanning (GitLeaks, Vault) Build observability with ELK stack, Elastic agents, and anomaly alerting What success looks like: 3 months Deploy SAST tooling … SonarQube) across all repositories with automated PR scanning Implement DAST scanning (OWASP ZAP) for staging environments with scheduled scans Deploy secrets detection tooling (e.g., GitLeaks, TruffleHog) across all repositories Establish a baseline security posture through initial penetration test; document and prioritise remediation backlog 6 months Complete remediation ...

SonarQube, OWASP ZAP) Conduct and coordinate penetration testing (internal and third-party); triage and drive remediation Deploy runtime threat detection (GuardDuty, Falco, Wazuh) Manage secrets detection and scanning (GitLeaks, Vault) Build observability with ELK stack, Elastic agents, and anomaly alerting What success looks like: 3 months Deploy SAST tooling … SonarQube) across all repositories with automated PR scanning Implement DAST scanning (OWASP ZAP) for staging environments with scheduled scans Deploy secrets detection tooling (e.g., GitLeaks, TruffleHog) across all repositories Establish a baseline security posture through initial penetration test; document and prioritise remediation backlog 6 months Complete remediation ...

stateful agent workflow. Cloud Native (AWS): proficiency in the AWS ecosystem (Lambda, S3, IAM, DynamoDB). You can deploy secure serverless architectures and manage secrets effectively. Production Mindset: You have moved AI/ML projects beyond notebooks into high-availability production environments Desirable Attributes Domain Expertise: Experience working … Financial Crime, AML (Anti-Money Laundering), or KYC contexts. Risk & Control: Familiarity with Model Risk Management (MRM) or experience implementing human-in-the-loop workflows for sensitive data What We Offer A competitive salary, performance-based bonus, and a comprehensive benefits package. Opportunity to define the agentic architecture ...