Principal Platform Engineer
Location: Yeovil - fully onsite, open to condensed hours
Duration: Until 27 Dec 2026
Rate: £99.08 per hour (Umbrella)
IR35: Inside
Clearance: Successful candidate must hold a minimum of DV (Developed Vetting) clearance. More information can be found here - National security vetting: clearance levels - GOV.UK (www.gov.uk)
Overview
We're recruiting for a Principal Platform Engineer to join a Cyber & Security Solutions environment, taking ownership of secure platform engineering delivery across on‑prem, hybrid and cloud contexts. You'll act as a technical authority within a platform domain (e.g., virtualisation) and lead secure-by-design solutions for critical defence/government programmes.
Responsibilities:
- Act as the technical authority in a platform engineering domain (e.g. virtualisation), providing specialist expertise to projects/programmes
* Lead the design and implementation of secure platforms across on‑premise, hybrid, and cloud environments
* Capture, analyse, and interpret complex customer requirements to drive system design/architecture
* Produce high- and low-level designs aligned to secure-by-design principles
* Own technical delivery for work packages (planning, estimation, progress reporting)
* Mentor and coach engineers to raise technical capability
* Contribute to technology strategy, feasibility and innovation work
* Engage stakeholders and present/justify technical solutions and design decisions
Skillset/experience required:
Core (must have):
* Windows and Linux operating systems
* Virtualisation platforms (VMware, Hyper‑V)
* Privileged Access Management concepts/implementation (CyberArk or similar)
* Secure credential storage, rotation, and access control models
* Integrating PAM into enterprise platforms/services
* Networking fundamentals (TCP/IP, DNS, DHCP, firewalls)
* Automation/scripting (PowerShell, Bash, Python, Ansible, Terraform)
* Knowledge of cyber security controls and accreditation requirements
* Experience across the systems engineering lifecycle
* Designing/implementing privileged access models across complex systems
* Delivery in highly controlled/secure environments (e.g. air‑gapped, defence)
Desirable:
* Cloud platforms (AWS/Azure) + Infrastructure as Code
* Integrating enterprise services (Active Directory, PKI, monitoring, SIEM)
* DevSecOps tooling and CI/CD pipelines
* API-driven automation of onboarding/offboarding
* SIEM/SOC integration for audit/monitoring
* Containers (Kubernetes, Docker)
* Enterprise IAM solutions
