20 of 20 Secrets Management Jobs in London

Code, RBAC, PIM, private endpoints, and secure landing zone design; AWS security experience also considered Network security engineering: firewall policy design and lifecycle management, micro-segmentation, NSG/UDR/NVA architecture, hub-spoke topology, and perimeter defence for hybrid environments WAF design, deployment, and operational tuning - Cloudflare, Azure … Application Gateway, or equivalent; custom rule authoring and false-positive management at production scale Network flow log analysis and intrusion detection engineering - building detection logic for lateral movement, beaconing, anomalous egress, and C2 patterns SIEM engineering: detection rule authoring (KQL, SPL, or equivalent), log pipeline design, alert correlation, triage ...

Privileged Access & Identity Security Engineer to join a highly technical, security-first organisation operating in a fast-paced, regulated environment. Identity, privileged access, and secrets are treated here as core security engineering problems , not just compliance controls. This role sits within the Identity & Access Management (IAM) function, with … strong emphasis on Privileged Access Management (PAM) , automation, and secure access to critical systems and platforms. Responsibilities: Privileged Access Management (PAM) Own and operate enterprise PAM platforms (e.g. CyberArk or equivalent) Design, implement, and maintain privileged access controls across Windows, Unix/Linux, and application environments Automate onboarding ...

operating internal security services at scale. Rather than writing policy or handling tickets, you’ll engineer the platforms that enable secure software delivery - spanning secrets management, PKI, secure build tooling and continuous compliance across a large Linux estate... Key Responsibilities Design and operate internal security platforms consumed … engineering and infrastructure teams Own and enhance enterprise secrets management capabilities (Vault focus), including lifecycle, rotation and access governance Lead improvements to firm-wide PKI, including certificate issuance, renewal and trust architecture Contribute to a large-scale PKI modernisation programme Build and extend tooling that supports automated compliance ...

/production environments. • Implement MLOps workflows to streamline model deployment, versioning, and monitoring for our AI/ML products. • Automate infrastructure provisioning (Terraform), configuration management, and deployment processes using scripting (Bash, Python) and automation tools. Monitoring, Observability & Reliability: • Implement comprehensive monitoring, logging, and alerting systems (Prometheus, Grafana, CloudWatch, Datadog … Security & Governance: • Implement and maintain security best practices including network security, firewalls, role-based access control (IAM), encryption at rest and in transit, and secrets management (AWS Secrets Manager, HashiCorp Vault). • Develop and enforce governance frameworks for working with LLM APIs and AI services, including data ...

Microsoft Security Defender suite: Endpoint, O365, Identity Azure AD/Entra ID security Conditional Access, M365 identity protection signals M365 Secure Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure … zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python or Bash desirable Security automation experience (policy enforcement, scanning, rule tuning) Experience Level 4–5 years in SecEng/SOC/IR roles Experience in regulated environments beneficial but not essential Nice ...

Support secure adoption of cloud-native technologies (Azure), DevSecOps pipelines, GitOps practices, and GitHub Advanced Security (GHAS). Oversee security controls for cryptography, key management, secrets management, HSM/Key Vault configurations , and cloud network security (firewalls, proxies, segmentation). Drive secure integration of AI/… with SIEM/XDR tooling and platform/application teams. Collaborate closely with data governance to ensure appropriate classification, labeling, access control, and lifecycle management of sensitive data. Essential Skills & Experience Strong understanding of security frameworks (CIS), MITRE ATT&CK, and AI/LLM security frameworks. Hands-on experience ...

following: Securing cloud native workloads, ideally within AWS and serverless architectures Managing services required to deliver secure applications such as firewalls, package management and secrets management Deep understanding of IAM, least privilege access design and secure service to service communication patterns Integrating security controls into CI/… hardened golden image pipelines for containers and virtual machines Experience integrating Wiz or similar CNAPP tools into developer workflows Experience delivering identity or access management capabilities as shared internal services Experience operating in a Platform Engineering model supporting build and run squads in a regulated environment CMC Markets ...

only touches pipelines. What you’ll do Platform and Infrastructure • Own the Azure production environment end-to-end: resource provisioning, networking, identity and access management, secrets, backups, and cost management. • Build and maintain CI/CD pipelines (GitHub Actions or Azure DevOps): predictable releases, safe rollbacks, environment promotion … experience in a platform engineering, DevOps, or backend-heavy full-stack role, with meaningful time spent running production SaaS systems. • Strong Azure experience: resource management, networking, identity (Entra ID), and at least working familiarity with AKS or App Service, Azure Functions, Service Bus, and Azure Monitor. • Solid Infrastructure ...

position please apply. Requirements 15+ years in IT across operations, infrastructure, development, or support - breadth matters as much as depth 5+ years owning production management in or alongside a trading or front office environment (any asset class) - you understand what a P1 costs a desk at 09:30 Full … communication, resolution, post-mortem, and permanent preventive action Cross-team incident command under sustained pressure - simultaneous, coherent communication to traders, engineers, vendors, and senior management SLA, SLO, and error budget design, ownership, and enforcement with internal engineering teams and external counterparties DR and BCP design and testing: runbooks, failover ...

releases, and environment governance Infrastructure-as-Code (Bicep, ARM, Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles ...

microservices trade-offs. Experience with SQL and NoSQL databases. Best practices in building scalable mobile APIs (REST, HTTPS, etc.). Good principles of security management (secrets, protocols, etc.). Experience with some Python web frameworks (Django, Flask, FastAPI, etc.). Desirable Skills 👌 Can speak, or learning to speak … tech talks, articles, YouTube videos, etc.). Experience (even non-production) with different types of programming languages: interpreted, compiled, with garbage collection, manual memory management, reference counting memory management, etc. What we can offer ✨ A real-deal startup adventure: you'll be hopping on a major project while ...

clients! They are currently looking for a skilled CyberArk Architect to join their team for a six-month contract. Working on an Identity & Access Management (IAM) as part of an IT Controls Remediation programme delivering Privileged Access Management (PAM) with CyberArk and Identity Governance & Administration (IGA) with Saviynt. … access request workflows and operational processes. The CyberArk PAM Architect will define and deliver the end-to-end architecture for a major Privileged Access Management implementation. This includes design of the CyberArk CorePAS platform, onboarding strategy for privileged accounts, vaulting, session control, credential rotation, JIT access, and integration with ...

/O, kernel bypass awareness (DPDK, io_uring) Distributed messaging and event streaming: Kafka, NATS, or equivalent; ordering guarantees, exactly-once semantics, consumer group management Production observability: metrics (Prometheus/OpenTelemetry), distributed tracing, structured logging, and alert design CI/CD pipeline design including benchmarking gates, automated performance regression … author ADRs, and elevate Rust engineering standards across a team Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management Nice to Have Front office trading environment (any asset class) - execution systems, market data infrastructure, or low-latency pricing engines FIX protocol ...

/O, kernel bypass awareness (DPDK, io_uring) Distributed messaging and event streaming: Kafka, NATS, or equivalent; ordering guarantees, exactly-once semantics, consumer group management Production observability: metrics (Prometheus/OpenTelemetry), distributed tracing, structured logging, and alert design CI/CD pipeline design including benchmarking gates, automated performance regression … author ADRs, and elevate Rust engineering standards across a team Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management Nice to Have Front office trading environment (any asset class) - execution systems, market data infrastructure, or low-latency pricing engines FIX protocol ...

access Modern IAM (RBAC, adaptive auth, passwordless) DevSecOps & IaC guardrails (Terraform/CloudFormation/CDK) Cloud security tooling (CSPM, CIEM, EDR/XDR, SIEM, secrets management) This Security Architect will: Own and evolve security reference architecture Drive zero trust network strategy Influence IAM roadmap direction Provide architectural oversight ...

Modular task decomposition Guardrails and validation layers Structured output validation (JSON schemas, rule checks) Logging, observability, fallback logic, and confidence scoring Secure credential and secrets management Governance & Scale Ensure explainability and traceability Design compliant automation aligned to enterprise standards Identify high-ROI use cases across departments Develop reusable … Automation Agent orchestration frameworks (e.g. Antigravity) Power Automate API-first integrations Event-driven architectures Engineering Python REST APIs SQL Git-based version control Secure secrets handling What We’re Looking For 5–8+ years in automation engineering, AI systems, or solutions architecture Experience deploying LLM-powered workflows in production ...

type-safe API boundary design - Vite and modern build tooling; tree-shaking, chunk strategy, module federation, and build performance optimisation in CI - State management at scale: Zustand, TanStack Query, or equivalent; separation of server, client, and ephemeral UI state - High-frequency WebSocket data at tick-by-tick rates - back … measurably improving engineering standards - patterns or tooling adopted org-wide - Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management Nice to Have o Trading UI experience (any asset class) - order books, depth ladders, RFQ workflows, option chains, or execution blotters ...

type-safe API boundary design Vite and modern build tooling; tree-shaking, chunk strategy, module federation, and build performance optimisation in CI State management at scale: Zustand, TanStack Query, or equivalent; separation of server, client, and ephemeral UI state High-frequency WebSocket data at tick-by-tick rates - back … measurably improving engineering standards - patterns or tooling adopted org-wide Cloud infrastructure - Azure preferred, AWS considered; IAM, managed services, automated and auditable deployment pipelines, secrets management Nice to Have Trading UI experience (any asset class) - order books, depth ladders, RFQ workflows, option chains, or execution blotters Micro-frontend ...

controls and policies across cloud environments and deployments. Cloud & Kubernetes Expertise: Harden and manage GCP environments and Kubernetes clusters, including IAM, network policies, and secrets management. Vulnerability Management: Automate detection, triage, and remediation of infrastructure and application vulnerabilities. Developer Enablement: Provide reusable templates and tooling to help teams … similar). Programming or scripting experience in Python, Golang, or Shell for automation tasks. Strong understanding of API security, IAM policies, network security, and secrets management. Bonus Points For: Experience in regulated fintech or compliance frameworks (SOC2, ISO 27001, PCI DSS, DORA). Certifications such as Google Cloud Professional ...

native infrastructure, and LLM integrations that actually have to work under pressure. You'll need • Strong backend engineering fundamentals • AWS hands-on experience: Bedrock, Secrets Manager, the real stuff • Production LLM/AI integration experience: evals, prompt engineering, handling unpredictable model behaviour • REST API fluency: you've integrated messy ...