Information Security jobs in United Kingdom

Designs, develops, implements, and oversees the organization’s information security and cyber resilience strategy. Develops the organization’s data security procedures and overall cyber-security framework, including the forensic tools and end-to-end process for the detection, root cause analysis and containment of cyber-attacks. Creates and maintains the organizations standards, policies and procedures are aligned with IS standards and overall IS and cyber security.

• Own the end-to-end architecture and high-level design for CyberArk PAM Self-Hosted and CyberArk Conjur as strategic platforms for Privileged Access Management and secrets management.
• Define and maintain reference architectures, patterns and standards for onboarding infrastructure, applications, DevOps platforms and third parties into CyberArk.
• Design CyberArk PAM Self-Hosted components (Vault, PVWA, PSM, CPM, PSMP, PTA, DR) for resilience, scalability, segregation of duties and regulatory compliance.
• Architect CyberArk Conjur and Credential Provider to securely manage application, machine and DevOps secrets, including integration with CI/CD pipelines, containers, Kubernetes/OpenShift and cloud platforms.
• Work closely with security, DevOps and infrastructure teams to design integrations with AD/LDAP, identity providers (SAML/OIDC), SIEM (Splunk), ITSM and ticketing tools.
• Lead CyberArk secret management solution installation, configuration, testing and handover the solution to Run and Maintain Team.
• Provide architectural leadership on privileged access risk reduction, including threat modelling, control selection and alignment with security policies and standards.
• Act as a trusted advisor to senior stakeholders (CISO, security architecture, platform owners, programme management), explaining PAM and secrets architectures in clear business terms.
• Govern and review detailed designs and implementation by SMEs and delivery partners to ensure conformance with architecture and security requirements.
• Contribute to roadmaps, business cases and investment planning for PAM and secrets management capabilities.
• Provide technical oversight and mentorship to PAM and DevOps teams, promoting best practice and knowledge sharing.

• Significant experience (typically 7+ years) in cybersecurity architecture, including a deep understanding of Privileged Access Management (PAM) in complex, regulated environments.
• Proven, hands‑on architectural experience with CyberArk PAM Self-Hosted, including most of: Vault, PVWA, PSM, CPM, PSMP, PTA, DR and associated components.
• Strong experience designing and integrating CyberArk Secret management solution Conjur and Credential provider for application and DevOps secrets management.
• Demonstrable experience designing CyberArk integrations with Microsoft Active Directory/LDAP, identity providers (SAML/OIDC), SIEM, ITSM and ticketing tools and one MFA tool.
• Understanding of DevOps and cloud-native ecosystems (e.g. Kubernetes, Jenkins, OpenShift, CI/CD pipelines, infrastructure‑as‑code) and how to embed CyberArk Conjur in these.
• Solid awareness of security and audit expectations (e.g. NCSC guidance, ISO 27001, NIST, FCA/financial or government standards).
• Strong stakeholder management skills, with the ability to communicate complex PAM and secrets topics to technical and non‑technical stakeholders, up to senior management.
• Experience working in or with secure, classified or national security‑related environments.
• Excellent documentation skills (HLD/LLD, patterns, design decisions) and ability to provide clear architectural direction.
• Has hands‑on experience of leading and delivering several CyberArk PAM and secret management projects.

• CyberArk Certifications Sentry, CDE or Guardian focusing on PAM Self-Hosted

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in‑person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.