Nearshore Cyber

01/04/2026

[HIRING] Senior Security Platform Engineer (Detection Engineer) — Hemel Hempstead / Slough / London, UK

NTT Global Data Centers is looking for a Senior Security Platform Engineer to join their global Office of Information Security team. This is a hands-on detection engineering role with real ownership — you would be a senior member of a 24/7 cybersecurity team responsible for threat hunting, SIEM/SOAR platform management, incident response, and vulnerability analysis across NTT's global data centre infrastructure.

This is not a pure SOC analyst seat. You would lead the administration and optimisation of enterprise security platforms, direct complex incident response across multiple vectors (endpoint, EDR, malware analysis, network and computer forensics), design and execute advanced vulnerability assessments, and drive automation initiatives to streamline detection and response workflows. You would also mentor junior engineers and lead strategic security projects.
What makes this role distinctive:

NTT GDC operates critical infrastructure across multiple countries. The successful candidate will have the opportunity to expand into OT/ICS security as the function matures — NTT will provide structured training and development in OT security, so you do not need to bring that experience on day one. Candidates who do have ICS/SCADA exposure will be given preference, but it is not a gate to candidacy. If you are a strong IT detection engineer who wants to develop into critical infrastructure security, this is a rare opportunity to do that with structured support rather than being thrown in at the deep end.

What they are looking for:
— 5–10 years of experience in IT and/or Security Operations Centres
— Advanced expertise in SIEM/SOAR platform architecture, implementation, and optimisation
— Proven experience leading security incident response end to end — containment, root cause analysis, post-incident review
— Strong threat hunting capability — data correlation across network traffic, email logs, malware samples, DNS records, web server logs
— Advanced vulnerability assessment experience using both automated and manual techniques
— Solid networking, Windows, Linux, and security architecture foundations
— Experience configuring and managing security controls: RBAC, IAM, Zero Trust, UTM, Proxy, SOAR
— Familiarity with log collection mechanisms (Syslog, log file, DB API)

Preferred certifications: CySA+, PenTest+, CCSP, GCIH, OSCP, CISM, CISSP. IT certs like CCNA, CCNP, RHCSA, AZ-500, SC-200 are also valued. OT/ICS certs (GRID, GICSP) are a bonus.

Compensation: £75,000–£95,000 per annum

Location: Hybrid — Hemel Hempstead (preferred), Slough, or London, minimum 2 days per week in office. Up to 25% domestic/international travel.

Package includes: Pension, private medical insurance, training and certification budget (NTT funds SANS courses, CISSP/OSCP prep, and OT security training), annual bonus, travel allowance.

This role has been mapped against the NIST NICE Workforce Framework v2.1.0 for standardised competency alignment. Primary work roles: Defensive Cybersecurity (PD-WRL-001), Infrastructure Support (PD-WRL-004), Incident Response (PD-WRL-003), and Vulnerability Analysis (PD-WRL-007).

Read the full job description and apply here: https://recruiterflow.com/nsc/jobs/90
Referrals very welcome — if you know a detection engineer in the UK who might be interested, please share this post or send them the link. Questions? DM me or email [email protected]

Senior Security Platform Engineer (Detection Engineer) Business Unit: NTT Global Data Centers -- Office of Information Security (GDC-OIS) Work Model: Hybrid (up to 25% domestic/international travel) ROLE SUMMARY The Senior Security Platform Engineer is an advanced subject matter expert responsible f...

01/04/2026

A moment of truth for any online presenter: technical difficulties arise, causing noticeable lag and screen-sharing disruptions. These challenges are acknowledged, and a smooth transition to the subsequent slide is achieved.

01/04/2026

HIRING Senior ISMS Specialist — KL/cyberjaya

A global data centre operator is looking for a Senior Information Security Management Specialist to own ISMS governance across 20+ certification standards. This is not an audit or compliance support role. You would be the person accountable for maintaining, improving, and expanding the ISMS — reporting directly to the Senior Director of Information Security Management.

What the role involves:

Full ownership of the ISO 27001:2022 ISMS — implementation, maintenance, and continuous improvement
Risk assessments and gap analyses across multiple frameworks: NIST, PCI DSS, SSAE 18/ISAE 3402, GDPR, NIS2, DORA
Coordinating internal and external audits across a global data centre portfolio
Vulnerability management governance — tracking, reporting, and driving remediation
Building and leading the security awareness and training programme
Working with AI-enabled GRC tools and helping define guardrails for enterprise AI use

What we are looking for:

8–10 years of information security experience, with demonstrated ISMS ownership (not just contribution or audit)

Deep ISO 27001 expertise, ideally including implementation or migration experience (e.g., 2013 to 2022 transition)

Multi-framework fluency — you have worked across at least two frameworks beyond ISO 27001
Preferred certifications: CISM, CISA, CRISC, CISSP, or ISO 27001 Lead Auditor/Lead Implementer

Familiarity with the Malaysian Cyber Security Act 2024 is a plus

Compensation and logistics:

MYR 18,000–20,000/month
Hybrid — KL/Cyberjaya, with approximately 20% travel
Training and certification budget included
13th-month salary, annual bonus, EPF, medical coverage

If you have owned an ISMS and want to do it at scale for a company that operates critical infrastructure across multiple countries, I would like to hear from you. Referrals are also very welcome — if you know someone who fits, please pass this along.
Email [email protected] or DM me here.

01/04/2026

Senior ISMS Specialist — KL/cyberjaya

A global data centre operator is hiring a Senior Information Security Management Specialist. This is genuine ISMS ownership — not audit support.

ISO 27001 governance across 20+ certification standards, vulnerability management oversight, security awareness programme leadership. Multi-framework scope: NIST, PCI DSS, GDPR, NIS2.

MYR 18,000–20,000/month. Hybrid (KL/Cyberjaya), 20% travel.

Looking for 8–10 years of information security experience. Preferred certs: CISM, CISA, CRISC, CISSP, ISO 27001 LA/LI.

Interested or know someone who might be? Email [email protected]

31/03/2026

A convoluted professional trajectory demands expert guidance. While fees may rise, specialized consultants consistently deliver exceptional outcomes, proving their value in transforming challenging career narratives into compelling professional profiles.

31/03/2026

Exploring staffing agencies as a pragmatic approach to budget management. This method, alongside professional resume services, offers a structured way to navigate workforce needs and present qualifications effectively. A personal case study illustrates the potential benefits.

30/03/2026

An examination of how staffing agencies may leverage job seekers' urgency, illustrated by a case of repeated interviews without a clear outcome. This practice can create undue stress for those seeking employment.

30/03/2026

I'm a mediocre LInux sysadmin.

I gave an AI my full system audit. Here's what happened.

Last week, I ran a comprehensive diagnostic script on my Linux workstation — 2,083 lines of raw output covering every layer of the stack: CPU, GPU, thermals, storage health, network posture, kernel warnings, AppArmor profiles, listening ports, firmware versions, the works.

Then I fed the whole thing into a Claude Project, wrote a set of standing instructions about my exact configuration, and turned it into a dedicated IT assistant for one specific machine.

The difference was immediate.

Instead of asking a generic AI "how do I check if my firewall is active on Linux," I can ask "why is Postfix listening on 0.0.0.0:25 on my machine and what's the fastest safe fix given that UFW is currently inactive?" It already knows the answer to half the question. The conversation starts further upstream.

What the project knows:

Exact hardware: i9-13900HX, RTX 4070 Max-Q, 32 GB DDR5, NVMe model and firmware
OS stack: Pop!_OS 24.04, COSMIC 1.0 compositor, PipeWire 1.5.85, NVIDIA driver 580.x
GPU switching via system76-power (not optimus-manager — a common wrong assumption)
Every open port, every AppArmor profile state, every SMART gap
Known issues already triaged: the ACPI BIOS bug, the NVIDIA DRM flip-event race condition, memory pressure from 100+ Chrome processes, a recovery partition at 84% capacity

The standing instructions tell it never to suggest Snap packages (not installed), never to assume GNOME (it's COSMIC), and always to give copy-pasteable commands with the "why" explained alongside the "how."

The IT and security implications are significant.

Most security failures aren't exotic. They're an SMTP port left open on all interfaces because no one checked. A firewall that was never enabled. A three-year-old BIOS with a known embedded-controller bug. A drive with no health monitoring because smartmontools wasn't installed.
These things sit in audit reports that nobody reads, because reading them requires cross-referencing documentation, understanding what's normal for your specific hardware, and having the time to triage 2,000 lines of output.

An AI with full system context can triage that in seconds, rank the risks by priority, and hand you the exact remediation commands. That's not replacing a sysadmin. That's giving a sysadmin leverage they didn't have before.

The pattern generalises.

The same approach works for any environment where you can generate structured diagnostic output: Windows event logs, network switch configs, cloud cost reports, container orchestration health checks, security scanner outputs. Feed the context in once, write instructions that encode your environment's specific rules and constraints, and you have an assistant that doesn't make generic assumptions.

The output is only as good as the input. Which means the discipline of actually running thorough audits — and storing them somewhere structured — becomes more valuable, not less.

If you're in IT, security, or infrastructure and you haven't experimented with context-rich AI projects for environment-specific work, it's worth an afternoon. The marginal cost of the audit is a shell script. The return is an assistant that knows your stack as well as you do.

30/03/2026

Our sincere thanks to everyone who joined us live and to those catching the replay. It has been a pleasure. Until next time.

29/03/2026

While not a direct job guarantee, certifications like Security+ serve a crucial purpose: bypassing the initial screening. Without them, especially for federal or state roles, your application may never be seen.

29/03/2026

An analysis of the shift to Google Workspace, highlighting significant cost reductions and a streamlined operational approach. The move was driven by a need for greater simplicity and superior automation capabilities over existing Microsoft and Zoom solutions.