Principal Platform Engineer

Company: Matchtech
Apply for the Principal Platform Engineer
Location:
Job Description:

Principal Platform Engineer

Location: Yeovil – fully onsite, open to condensed hoursDuration: Until 27 Dec 2026Rate: £99.08 per hour (Umbrella)IR35: InsideClearance: Successful candidate must hold a minimum of DV (Developed Vetting) clearance. More information can be found here – National security vetting: clearance levels – GOV.UK www.gov.uk

Overview

We’re recruiting for a Principal Platform Engineer to join a Cyber & Security Solutions environment, taking ownership of secure platform engineering delivery across on-prem, hybrid and cloud contexts. You’ll act as a technical authority within a platform domain (e.g., virtualisation) and lead secure-by-design solutions for critical defence/government programmes.

Responsibilities

  • Act as the technical authority in a platform engineering domain (e.g., virtualisation), providing specialist expertise to projects/programmes
  • Lead the design and implementation of secure platforms across on-premise, hybrid, and cloud environments
  • Capture, analyse, and interpret complex customer requirements to drive system design/architecture
  • Produce high- and low-level designs aligned to secure-by-design principles
  • Own technical delivery for work packages (planning, estimation, progress reporting)
  • Mentor and coach engineers to raise technical capability
  • Contribute to technology strategy, feasibility and innovation work
  • Engage stakeholders and present/justify technical solutions and design decisions

Core (must have)

  • Windows and Linux operating systems
  • Virtualisation platforms (VMware, Hyper-V)
  • Privileged Access Management concepts/implementation (CyberArk or similar)
  • Secure credential storage, rotation, and access control models
  • Integrating PAM into enterprise platforms/services
  • Networking fundamentals (TCP/IP, DNS, DHCP, firewalls)
  • Automation/scripting (PowerShell, Bash, Python, Ansible, Terraform)
  • Knowledge of cyber security controls and accreditation requirements
  • Experience across the systems engineering lifecycle
  • Designing/implementing privileged access models across complex systems
  • Delivery in highly controlled/secure environments (e.g., air-gapped, defence)

Desirable

  • Cloud platforms (AWS/Azure) + Infrastructure as Code
  • Integrating enterprise services (Active Directory, PKI, monitoring, SIEM)
  • DevSecOps tooling and CI/CD pipelines
  • API-driven automation of onboarding/offboarding
  • SIEM/SOC integration for audit/monitoring
  • Containers (Kubernetes, Docker)
  • Enterprise IAM solutions

#J-18808-Ljbffr…

Posted: July 4th, 2026