Eames Consulting

About the Company

CREATING OPPORTUNITY.

Eames Consulting is a contingent recruitment business with international reach, specialising at the mid-to-senior level of the insurance, financial services, and technology markets.

We are driven by a common purpose: to make opportunity happen.

We create opportunity for our clients to transform their business. We create opportunity for our candidates to thrive in the right job and culture. And we create opportunities for each other to get the best out of our work and ourselves.

Our consultants are focused on specialist areas of their dedicated market spanning: actuarial, broking and underwriting, claims and operations, finance and accountancy, risk and compliance, audit, change management and technology.

Through deep and evolving sector knowledge, we embed ourselves as long-term strategic partners to our clients. Guiding people, shaping talent, building partnerships, and creating success is what we do.

We are part of the Eames Group- the parent company to our three non-competing businesses, Eames Consulting, Eames Partnership and ECMS. Founded in 2002, we have a global network with specialist consultants across in London, Zurich, Singapore, Hong Kong and New York.

*Best Banking & Financial Services Agency, 2021 Recruiter Awards*
*Best Companies 3* World-Class Ranking*

www.eamesconsulting.com

Listed Jobs

Company Name

Eames Consulting

Job Title

Risk Manager

Job Description

Job Title: Senior Cyber Third Party Risk Management Specialist Role Summary: Own and execute supplier cyber assurance reviews, from scoping through remediation tracking, to protect organizational assets. Translate cyber risks into clear, business‑oriented insights, engage vendors and internal stakeholders, and continuously strengthen the third‑party risk framework. Expectations: • 3+ years of hands‑on cyber TPRM or vendor cyber oversight experience. • Proven ability to influence and challenge both technical teams and senior leadership. Key Responsibilities: • Conduct end‑to‑end supplier cyber assurance reviews (scoping, assessment, reporting, remediation). • Evaluate and articulate cyber risks in concise, business‑focused language. • Engage vendors and internal stakeholders to ensure security expectations are met. • Collaborate across teams to improve third‑party controls and risk framework. Required Skills: • Deep knowledge of ISO27001, Cyber Essentials, CIS Critical Controls, NIST CSF, SOC 2, and DPA/GDPR. • Strong communication, relationship‑building, and influencing abilities. • Experience with risk assessment, remediation tracking, and supplier engagement. Required Education & Certifications: • Relevant security certification (CISSP, CISM, ISO27001 Lead Auditor/Implementer, Cloud Security Practitioner, or comparable).

London, United kingdom

On site

Junior

10-11-2025

Company Name

Eames Consulting

Job Title

Information Security Engineer

Job Description

**Job Title:** GSec Purview Specialist (SC Cleared) **Role Summary:** Lead the design, deployment, and management of Microsoft Purview to enforce data governance, compliance, and information protection across Microsoft 365 and Azure environments. Ensure alignment with UK Government and industry standards, integrate Purview with existing DLP and governance tools, and provide documentation and operational handover. **Expectations:** - Hold active SC Clearance. - Demonstrated experience in secure solution delivery within government or regulated sectors. - Strong knowledge of data classification, retention, and compliance frameworks. **Key Responsibilities:** - Architect, implement, and maintain Microsoft Purview solutions across M365 and Azure. - Define and enforce data classification, retention, and compliance policies. - Integrate Purview with existing DLP, Insider Risk, eDiscovery, and data governance tools. - Collaborate with security, compliance, and infrastructure teams to improve data visibility and control. - Produce detailed documentation and handover deliverables for operational teams. **Required Skills:** - Deep expertise in Microsoft Purview, M365 Compliance, and Information Protection. - Proficient with DLP, Insider Risk, eDiscovery, and Data Classification concepts. - Strong analytical, problem‑solving, and communication abilities. **Required Education & Certifications:** - Active SC Security Clearance. - Relevant technical certifications (e.g., Microsoft 365 Certified: Security Administrator Associate, Microsoft Certified: Azure Security Engineer Associate, or equivalent).

London, United kingdom

Hybrid

12-11-2025

Company Name

Eames Consulting

Job Title

Security Engineer

Job Description

Job title: Security Engineer Role Summary: Technical Delivery Specialist – Microsoft Defender for Endpoint Expactations: • Maintain active SC Clearance until at least 2029; recent SC usage within the last 12 months. • Work remotely, with occasional travel requirements. Key Responsibilities: • Lead onboarding and deployment of assets into MDE tenant across Azure, AWS, and on‑prem environments. • Configure, test, and optimise Defender for Endpoint policies, ASR rules, and security baselines. • Collaborate with stakeholders and technical teams to align efforts, provide progress reporting, and ensure “secure by design” delivery. • Perform troubleshooting, testing, and continuous improvement of MDE configurations. • Support SOC and operational teams with technical expertise and best‑practice implementation. • Review designs and implementations to ensure secure, efficient outcomes. Required Skills: • Proven hands‑on experience with Microsoft Defender for Endpoint in enterprise or government settings. • Deep knowledge of endpoint protection on Azure, AWS, and on‑prem infrastructures. • Strong communication skills for engaging technical and non‑technical stakeholders. • Experience leading technical delivery and configuration in complex, fast‑paced environments. • Scripting proficiency (e.g., PowerShell) for deployment automation. Desirable Skills: • Familiarity with Azure Arc, Microsoft Defender for Cloud, multi‑cloud EDR integration. • Background in cyber security operations or secure infrastructure delivery. Required Education & Certifications: • Relevant cybersecurity or IT degree (e.g., BSc in Computer Science, Information Security). • Certifications such as MCSA/MCSA/BC, CISSP, CISM, or equivalent are preferred.

London, United kingdom

Hybrid

13-11-2025

Company Name

Eames Consulting

Job Title

Information Security Architect

Job Description

**Job Title** Information Security Architect – Kerberos & Authentication Discovery **Role Summary** Lead a focused discovery and remediation of enterprise authentication and password management. Evaluate current Kerberos implementations, uncover risks, and develop actionable architectural recommendations for a complex environment. **Expectations** Deliver clear, high‑quality documentation and implementable remediation plans. Collaborate with technical teams to validate findings, improve Kerberos integrations, and standardise authentication processes. **Key Responsibilities** - Conduct structured discovery of authentication, Kerberos, and password management. - Analyse and document existing Kerberos deployments across AD, Windows, and Linux. - Map application and service dependencies, identify gaps, and assess architectural risks. - Review password‑reset flows, service account lifecycle, and identity lifecycle processes. - Evaluate SPN hygiene, delegation models, ticket lifetimes, encryption types, and trust relationships. - Produce concise architecture documentation and remediation recommendations. - Work with technical teams to validate findings and support Kerberos integrations. - Define repeatable processes for authentication and password management. **Required Skills** - Deep hands‑on Kerberos expertise (SPNs, delegation, ticketing, trusts). - Strong background in identity security architecture and authentication design. - Practical experience with password reset and IAM lifecycle processes. - Proficiency with troubleshooting tools (klist, setspn, Wireshark, event logs). - Excellent analytical and documentation skills. - Strong communication ability with technical and non‑technical audiences. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, or related field. - Professional certifications such as CISSP, CCSP, or equivalent recommended.

London, United kingdom

On site

20-11-2025