hackajob
Senior Cyber Security Engineer or Architect

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Senior Cyber Security Engineer or Architect
hackajob is collaborating with Leidos to connect them with exceptional professionals for this role.
Senior Cyber Security Engineer/ Architect / Lead
Location: Farnborough
Security Clearance Leve High: DV - Developed Vetting
Role Overview
Everything we do is built on a commitment to do the right thing for our customers, our people and our community. Our mission and our values guide the way we do business. The foundation of our Leidos culture is our Values, Beliefs and Expectations by which we select, recognise and reward employees. They create the environment that drives us toward our mission.
Inspired to make a difference, we are committed to solving the world’s toughest problems. Passionate about customer success, we work closely with our stakeholders to understand, shape, and deliver secure solutions that enable critical outcomes.
United as a team, we are bound together by our conviction that ethics and integrity are core to how we operate. In this role, you will be a trusted security practitioner, working with minimal direction on a critical programme and helping to raise the security bar across engineering and operations.
Because of a key strategic development and a new exciting business opportunity, we have a requirement for a security-cleared Senior Cyber Security Engineer based in the UK working at our Farnborough site and remotely.
Leidos has more than 30 years’ experience of developing and running some of the largest government systems in the world. We are currently hiring to expand our UK based technical team who support our delivery for the UK Govt.
Come join our team and further develop your skills as we deliver and support systems key to the defence of the UK and partner nations.
Being part of the Leidos team is a commitment to push yourself and those around you to do better, constantly adapt and learn new technologies. We’re a passionate team and are committed to developing and growing our staff.
Leidos is a global science and technology solutions leader working to solve the world's toughest challenges in the defence, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers.
What Will You Be Doing?
To support current program delivery , we currently have a permanent vacancy for a Senior Cyber Security Engineer to support the development and transition into live of a MOD application and infrastructure solution providing support to a critical operational end user.
Leidos is seeking an enthusiastic protective security specialist to lead the implementation and assurance of security within a key defence project. You will contribute across the delivery lifecycle—shaping secure designs, defining and assuring controls, and providing senior-level security engineering support across protective and information security. You will have demonstrable experience applying recognised security frameworks (e.g., Government Functional Standard 007, NIST, CIS benchmarks) to real-world systems and services.
You will be joining a team of highly skilled and highly motivated individuals who are working on one of the UKs leading programmes.
Required Skills
The Senior Cyber Security Engineer (T4) plays a critical role in protecting and enabling mission IT by combining deep technical expertise with pragmatic risk management. You will be able to work with minimal direction on a specific programme, taking responsibility for planning, implementing, and assuring security controls across infrastructure, platforms, and applications (including cloud services). You will provide clear security advice and assurance to stakeholders, typically aligned to HMG/MOD expectations and recognised standards (e.g., NIST, CIS benchmarks), and you will support teams by sharing knowledge and guiding good practice.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Functions/outputs
Vulnerability Management, Reporting & Risk Prioritisation Endpoint, Identity & Cloud Security Engineering (AWS) Incident Response Leadership & Operational Security Secure Configuration, Hardening & Compliance Assurance Security Design Review, Change Impact Assessment & ST&V Stakeholder Engagement, Governance & Decision Support Documentation, Mentoring & Continuous Improvement
Main Objectives
Vulnerability Management, Reporting & Risk Prioritisation
Perform regular vulnerability assessments and generate actionable reporting using approved toolsets (or equivalent). The process should focus on ensuring scanners and signatures are current, coverage is agreed, and findings are prioritised based on risk, mission impact, and exploitability. You will support (and where required lead) triage with engineering teams to drive remediation to closure and provide clear risk narratives to senior stakeholders.
Code Scans: perform regular code scans to assess code quality, detect potential bugs, and identify security vulnerabilities; work with development teams to agree remediation approaches and prevent recurrence. Vulnerability Management Tooling: perform regular vulnerability management scans and ensure repositories/plugins are maintained to detect emerging vulnerabilities across endpoints, servers, and cloud workloads. Reporting: produce and quality-assure recurring vulnerability and risk reporting for the cyber security and IA lead; highlight trends, systemic issues, and recommendations for control improvements.
Endpoint, Identity & Cloud Security Engineering (AWS)
Endpoint Protection: drive endpoint security posture through regular updates, policy tuning, and validation activities aligned to current threats and programme requirements. Antivirus and Anti-malware Protection: perform assurance checks to ensure controls are deployed successfully, monitored, and kept up to date; define exceptions and compensating controls where needed. Network Controls: perform compliance checks and targeted audits of network security controls (e.g., firewall rules, segmentation, proxying) to ensure unauthorised access and threats are blocked and logged appropriately. Access Control & IAM: design and ensure access controls are implemented correctly to enforce least privilege and need-to-know across systems and data; provide oversight of privileged access, account lifecycle, and authentication policy. AWS Cloud Security: design and assure cloud security controls across networking, identity, logging/monitoring, and configuration management; validate guardrails and support secure landing zone patterns where applicable.
Incident Response Leadership & Operational Security
Incident Identification: help to recognise and confirm potential incidents through alerts, logs, and user reports; apply sound judgement to distinguish true threats from false positives. Incident Response: lead or provide senior support to containment, eradication, investigation, and recovery activities; coordinate with service owners and stakeholders to restore operations and capture lessons learned. Tickets & Requests: manage and resolve tickets raised to the Leidos Security group that require Cyber Security Engineering input; prioritise based on risk and impact, and mentor others through complex issues.
Secure Configuration, Hardening & Compliance Assurance
Patch Updates to Security Products: ensure security toolsets are kept up to date with patches and software updates; assess impact and coordinate change implementation in line with governance. System Compliance: perform and oversee regular compliance audits to ensure systems meet agreed baselines and best practices (e.g., CIS, STIG, NIST); manage exceptions with evidence-based rationale and compensating controls. Security Enforcing Function Configuration: assist in the design, review, and improvement of security enforcing functions (e.g., GPOs, system policies, cloud guardrails) to ensure they are compliant, testable, and fit for purpose. Assurance Activities: conduct periodic technical assessments (configuration reviews, control testing, threat-driven checks) to identify weaknesses and drive measurable improvements.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Security Design Review, Change Impact Assessment & ST&V
Security Impact Triage Tool (SITT): lead or support evaluation and impact assessment of proposed changes to security posture; provide clear recommendations, conditions, and required evidence for approval. Security Evaluation, Testing and Assurance (ST&V): plan and execute security evaluation and assurance activities for changes delivered through PI Planning; define test scope, coordinate evidence capture, and ensure outcomes are documented and traceable.
Stakeholder Engagement, Governance & Decision Support
Senior Cyber Security Engineers are expected to lead and contribute to governance forums and working groups, providing clear security advice, risk-based recommendations, and decision support. This may include the following depending on work activity.
You will interface with customer security representatives, accreditation/assurance stakeholders, delivery teams, and third-party/supplier engineers to agree security requirements, provide evidence, manage risks and exceptions, and support timely decisions.
Security Working Group (SWG) Customer/Supplier Security Forums Vulnerability Triage Security Workshop PI Planning Daily Standups (Blue/Green Team)
Documentation, Mentoring & Continuous Improvement
Senior Cyber Security Engineers are responsible for creating, maintaining, and reviewing high-quality documentation and security evidence. This includes High-Level & Low-Level Designs (HLD/LLD), Standard Operating Procedures (SOPs), risk assessments, and compliance/assurance reports. You will also support capability uplift through mentoring, knowledge sharing, and identifying opportunities to automate and improve security processes.
Essential Experience
Proven experience in a senior cyber security engineering role, delivering security outcomes across complex IT environments (on-prem and/or cloud). Practical experience implementing security as code and policy as code in AWS environments, leveraging tools such as AWS CloudFormation, Terraform, and AWS Organisations service control policies. Strong knowledge of secure configuration and hardening practices, and ability to apply benchmarks/standards (e.g., CIS, NIST, STIG) pragmatically. Hands-on experience with vulnerability management and risk-based prioritisation, including working with engineering teams to drive remediation. Experience supporting or leading incident response activities, including investigation, containment, and lessons learned. Ability to communicate technical security issues clearly to non-specialists and support governance/assurance decision-making. Experience producing high-quality security documentation and evidence suitable for audit/assurance. AWS security-related certifications (e.g., AWS Certified Security - Specialty) or equivalent cloud security experience.
Desirable Certifications
CISSP, CISM, or equivalent senior-level security certification. Degree or postgraduate qualification in cyber security, such as a master’s or PhD in Information Security, Cyber Security, or a related discipline.
Clearance Requirements
Clearance to Start and for Role SC/DV
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London