cover image
UK Health Security Agency

UK Health Security Agency

www.gov.uk

7 Jobs

3,322 Employees

About the Company

The UK Health Security Agency (UKHSA) is an executive agency of the Department of Health and Social Care.

The UK Health Security Agency (UKHSA) is responsible for planning, preventing and responding to external health threats, and providing intellectual, scientific and operational leadership at national and local level, as well as on the global stage.

Listed Jobs

Company background Company brand
Company Name
UK Health Security Agency
Job Title
Senior Specialist Engineer (SRE)
Job Description
**Job Title** Senior Specialist Engineer (Site Reliability Engineer) **Role Summary** Lead the design, implementation, and operation of highly available, scalable, and resilient cloud‐native and on‑premises HPC platforms. Drive automation, observability, and performance tuning to meet and exceed Service Level Objectives (SLOs) for UK Health Security Agency services. Mentor junior engineers and collaborate with high‑performance computing, AI, and research computing teams. **Expectations** - Operate within a hybrid model, spending at least 60 % of working hours at a core HQ. - Report to the Principal Specialist Engineer SRE and align with the HPC /SRE/AI unit’s objectives. - Deliver measurable improvements in reliability, performance, and capacity planning. - Enforce CI/CD pipelines, infrastructure‑as‑code (IaC), and incident‑management best practices. **Key Responsibilities** - Remediate infrastructure and operational issues, ensuring continuous service availability. - Architect, develop, and manage multi‑cloud HPC platforms and on‑premise infrastructure. - Monitor, tune, and optimize system performance to meet defined SLOs and SLIs. - Perform root‑cause analysis, post‑mortems, and implement preventive measures. - Design and maintain robust monitoring, alerting, and observability dashboards to reduce alert fatigue and accelerate response times. - Automate repetitive tasks via IaC, scripting, and tooling to reduce operational toil. - Conduct capacity and performance planning to support current and future workloads. - Define, track, and continuously improve SLOs, SLIs, and error budgets. - Advocate SRE best practices across engineering teams and provide knowledge transfer to peers. - Support AI requirements and integration within the HPC environment. **Required Skills** - Proven experience as an SRE or in a related role (≥5 years). - Strong expertise in cloud platforms (AWS, Azure, GCP) and hybrid deployments. - Hands‑on experience with CI/CD, IaC (Terraform, Pulumi, CloudFormation), and container orchestration (Kubernetes). - Proficiency in scripting/automation (Python, Bash, Go). - Deep knowledge of observability tools (Prometheus, Grafana, OpenTelemetry, ELK stack). - Performance tuning, capacity planning, and load‑testing skills. - Incident response, root‑cause analysis, and post‑mortem practices. - Excellent communication, mentoring, and collaboration abilities. - Familiarity with HPC, AI workloads, and scientific computing environments is a plus. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience). - Relevant certifications (e.g., AWS Certified Solutions Architect, GCP Professional Cloud Architect, Kubernetes Administrator, or similar) preferred.
Sutton at hone, United kingdom
On site
Senior
02-12-2025
Company background Company brand
Company Name
UK Health Security Agency
Job Title
Lead Specialist Engineer – Identity Automation
Job Description
**Job Title:** Lead Specialist Engineer – Identity Automation **Role Summary:** Lead the design, development, and maintenance of automated Identity and Access Management (IAM) solutions. Provide technical expertise across a range of Microsoft and networking technologies, ensure reliable operation of identity lifecycle services, and support users through incident and request management. **Expectations:** - Deliver robust, secure automation for IAM processes using PowerShell, Graph API, and DevOps practices. - Administer and troubleshoot core services (AD, Azure AD/Entra ID, DNS, DHCP, PKI, etc.). - Maintain high service availability, accurate documentation, and compliance with cyber‑security standards. - Collaborate with the Senior Identity & Access Management Architect and team members to align technical strategies with organizational security goals. **Key Responsibilities:** 1. Develop, test, and release IAM automation scripts and workflows (PowerShell, Graph API) following DevOps principles. 2. Manage user account lifecycle: provisioning, permission changes, de‑provisioning. 3. Monitor, audit, and incident‑manage IAM services via an ITSM platform. 4. Maintain Git repositories and version control for automation code. 5. Provide operational support during scheduled hours, ensuring timely resolution of incidents and requests. 6. Document automation processes, configurations, and service status. 7. Advise senior leadership on emerging security and identity technologies; recommend enhancements. 8. Ensure IAM services align with best practices and cyber‑security policies. **Required Skills:** - Advanced scripting in Windows PowerShell; experience with Microsoft Graph API. - Deep knowledge of Active Directory, Azure Active Directory/Entra ID, DNS, DHCP, Group Policy, and PKI (Microsoft Certification Authority). - Proficiency in Azure administration, Microsoft Defender, MBAM, and SQL. - Experience with Azure DevOps, CI/CD pipelines, and Git version control. - Strong incident and request management using ITSM tools. - Understanding of cyber‑security frameworks and IAM best practices. - Excellent problem‑solving, communication, and teamwork abilities. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent experience). - Relevant Microsoft certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, Azure Administrator Associate, Security Engineer Associate) strongly preferred. - Additional security or IAM certifications (e.g., CISSP, CISM, CompTIA Security+) considered an asset.
London, United kingdom
On site
Senior
15-12-2025
Company background Company brand
Company Name
UK Health Security Agency
Job Title
Physical Security Advisor
Job Description
**Job Title:** Physical Security Advisor **Role Summary:** Lead the security workstream for a large-scale, high‑containment research facility development project, embedding physical, personnel, and cyber‑security principles across the programme lifecycle. **Expectations:** - Deliver a comprehensive security strategy aligned with national public‑health and biosecurity priorities. - Assure continuous identification, assessment, and mitigation of security risks. - Build and maintain a security culture and management system for all design, construction, and operational phases. **Key Responsibilities:** - Partner with the Programme Director to manage the security workstream and integrate security design into all programme stages. - Define and enforce security requirements for information, personnel, construction, and cyber controls. - Liaise with national authorities (APHA, Counter‑Terrorism Security Advisor), suppliers, and internal stakeholders to develop high‑level security designs. - Monitor supplier delivery against contractual and security plans, including procurement and contract management. - Develop transition roadmaps from current to future sites, prioritising short‑term controls that mitigate immediate risks. - Oversee the development, implementation, and continuous improvement of the programme’s Security Management System. - Provide regular risk reports and updates to programme and organisational leadership. - Promote and sustain a robust security culture across all project teams. **Required Skills:** - Strategic security planning and risk management in large infrastructure projects. - Knowledge of physical, personnel, and cyber‑security best practices and frameworks (e.g., ISO/IEC 27001, NIST, UKSF). - Experience liaising with government security authorities and procurement processes. - Strong stakeholder management and communication skills. - Capability to develop and maintain security documentation, policies, and training programmes. - Project management experience within capital construction or similarly complex programmes. **Required Education & Certifications:** - Bachelor’s degree in Security Management, Information Security, Civil Engineering, or a related field. - Professional security qualifications such as Certified Protection Professional (CPP), Certified Information Systems Security Professional (CISSP), or equivalent. - Experience in public‑health or biosecurity environments preferred.
London, United kingdom
On site
19-12-2025
Company background Company brand
Company Name
UK Health Security Agency
Job Title
Security Architect – Cloud Risk and Controls
Job Description
**Job Title** Security Architect – Cloud Risk and Controls **Role Summary** Lead the design, implementation, and continuous improvement of a comprehensive Cloud Control Framework that aligns cloud services with regulatory requirements (ISO 27001, DSPT, CAF, CIS, GDS, NCSC). Act as the primary security and risk advisor for cloud delivery teams, ensuring that security controls and risk mitigation are embedded throughout the technical lifecycle and that the organization meets internal and external audit expectations. **Expectations** - Architect scalable security controls and governance processes that meet public‑sector standards. - Translate regulatory and policy requirements into actionable technical controls. - Maintain and evolve a centralised risk register, control library, and assurance evidence repository. - Deliver clear, data‑driven dashboards and KPIs to demonstrate risk posture and control effectiveness. - Facilitate secure innovation by promoting proportionate, agile security practices across cloud initiatives. - Provide expert guidance to auditors, regulators, and stakeholders on compliance readiness and control assurance. **Key Responsibilities** - Design and maintain the Cloud Control Framework and implementation roadmaps for control maturity. - Conduct risk assessments, security impact reviews, and threat analyses for new cloud services and designs. - Lead technical control reviews, compliance validation activities, and internal audit readiness. - Act as the liaison between engineering, audit, and governance teams to close control gaps. - Develop and sustain governance processes for testing, monitoring, reporting, and evidence management. - Train and upskill cloud engineering and product teams on secure architecture and operational risk. - Contribute to architecture boards, change control boards, and cloud steering groups. - Execute regulatory and audit interactions, providing evidence and corrective action plans as required. **Required Skills** - Proven experience in IT security architecture, cloud risk management, or GRC in large‑scale public‑sector cloud environments. - Deep knowledge of AWS and Azure platform security features, best practices, and control mappings. - Strong understanding of ISO 27001, DSPT, CAF, CIS, GDS, and NCSC frameworks. - Experience with threat modelling, risk assessments, and incident response within cloud services. - Ability to develop dashboards, metrics, and reporting for risk and compliance status. - Excellent stakeholder management, communication, and facilitation skills. - Familiarity with governance, change control, and architecture review processes. - Scalable architecture design and secure deployment practices in multi‑cloud or hybrid environments. **Required Education & Certifications** - Degree (Level 6) or equivalent experience in Cyber‑Security, Computer Science, Information Systems, or related technical field. - Professional certifications such as CISSP, CISM, ISO 27001 Lead Implementer, or equivalent are strongly preferred.
London, United kingdom
Hybrid
19-12-2025
View 7 more jobs at UK Health Security Agency