NCC Group plc

NCC Group plc is seeking a Technical Solution Engineer for its Manchester office. This hybrid role involves supporting the design and delivery of cybersecurity solutions, providing technical assistance during pre-sales engagements, and collaborating with sales and delivery teams. The ideal candidate should have a strong understanding of IT infrastructure, basic cybersecurity knowledge, and excellent communication skills. Benefits include flexible working options, generous holiday allowance, and various financial and community programs.

NCC Group plc is seeking a VP, Platform & Security Architecture to shape and drive its platform strategy across all client-facing and managed services. The role includes defining architectural standards, leading a global team of architects, and providing strategic technology leadership. Candidates should have significant experience in defining global engineering strategies and technologies such as Splunk and ServiceNow. The position is based in Manchester with a hybrid work model.

NCC Group plc is seeking a Senior Data Platform Engineer to join their Engineering team in Manchester. This role requires strong experience in data engineering and AWS, where you'll design and optimize data pipelines to support analytics and machine learning solutions. Essential qualifications include proficiency in Python, experience with AWS services like EMR and SageMaker, and an understanding of data security principles. The company offers flexible working, generous holidays, and benefits to support employee well-being.

SOC Analyst Department: Cyber Services and Capabilities Employment Type: Fixed Term Contract Location: NLD Rijswijk Description SOC Analysts are responsible for managing and resolving security incidents that are escalated from Junior SOC Analysts. They work closely with junior team members to guide incident analysis, perform deeper investigations to assess business impact, and recommend actions to prevent similar incidents in the future. In this role, SOC Analysts act as the link between Junior and Senior SOC Analysts, ensuring smooth communication and effective coordination across the team. They also play a key part in maintaining and improving SOC tools, processes, procedures, and automation to strengthen the organisation's overall security posture. This is a critical position within the security function, requiring strong technical expertise, excellent analytical skills, and the ability to support and mentor less experienced analysts. For those seeking a challenging and rewarding career in IT security, the SOC Analyst role offers an excellent opportunity to make a significant impact while advancing your expertise. Key Responsibilities Manage and investigate security incidents escalated from Junior SOC Analysts. Perform deeper incident analysis and determine impact and recommended actions. Prioritise, classify, and assign incoming alerts. Create and refine alert policies to reduce noise. Conduct periodic threat hunting on lower priority alerts. Maintain and optimise SOC tools, processes, and documentation. Prepare clear incident reports and case templates. Support and mentor Junior SOC Analysts. Skills, Knowledge & Expertise Skills & Experience Experience: 2-4 years in a relevant security or SOC role Education: Bachelor's degree or higher Security Knowledge: Advanced understanding of cybersecurity concepts and practices Programming / Scripting: Basic proficiency Security Tools: Advanced experience with common SOC and security monitoring tools Core Competencies Strong analytical mindset with critical thinking skills High level of accuracy and ability to prioritise workload Customer focused approach; acts as an ambassador for the business Collaborative working style with strong organisational awareness Commitment to personal development Clear and effective written and verbal communication Ability to remain calm under pressure High integrity and professionalism Job Benefits You will be working in a place at the top of cyber security where your ideas are valued. You cannot always tell people the details about your work, but you can tell them that you contribute to a safer society. We also offer you: A good salary that matches the things you have already done and will do. A favourable pension scheme, twenty six vacation days (+4 mandatory days off) and 8% holiday pay for a full time contract. Many development opportunities: you can gain and share knowledge through training courses, TechTalks, events and our own Fox Academy. A laptop and business phone. Do you use your own phone? Then you will receive an allowance of up to € 25. An allowance for your internet at home of up to €40 and a working from home allowance. A performance bonus and profit sharing because we value your effort.

SOC Analyst Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description Today, it is an unavoidable fact that your business-critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. When you do not have enough internal resources, time, or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value add activities. NCC Group provides a range of managed and hosted services delivered from our Global Security Operations Centre (SOC), which operates 24/7, 365 days a year. Our team of over 100 accredited security experts is available around the clock, dealing daily with over 200 million log events and providing support for thousands of network devices. NCC Group's MXDR Team provides world class Extended Detection and Response (XDR) services, detecting, responding to, and mitigating cyber attacks on our customers' networks in our Security Operations Centres. We use a plethora of detection tools such as the Microsoft Security Stack, Splunk, EDR, IDS & IPS tools, and many more - all integrated with NCC Group's Unified Cyber Platform (UCP). The MXDR Team is looking for L2 SOC Analysts with a passion for security to join the team, helping customers get the most out of our services and protect their networks. This is an opportunity to join a technically advanced and talented team and help NCC Group build and deliver world class services to our customers. This role is ideal for a seasoned SOC Analyst with experience in cybersecurity looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents. Key Responsibilities Monitor global systems for potential threats, vulnerabilities, and indicators of compromise. Perform in depth analysis of security alerts utilizing both NCC Group's UCP and the underlying detection platform where necessary. Provide incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience. Document and adhere to processes related to security monitoring procedures. Provide customer service that always exceeds our customers' expectations. Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors. Compile and review service focused reports. Act as an escalation point for junior team members, aiding and mentoring where necessary. Contribute to the continuous improvement of SOC procedures and documentation. Perform other SOC duties as assigned. Skills, Knowledge & Expertise Core Technical Skills & Experience Practical experience with security and networking tools such as Microsoft XDR (Sentinel, Defender) and Splunk Enterprise/Cloud/Enterprise Security Strong understanding of network protocols, endpoint detection, and digital forensics In depth knowledge of Windows and Linux operating systems Hands on experience analysing common security incidents and supporting endpoint security Ability to remain calm and effective during high pressure and sensitive security situations Desirable Certifications Not mandatory, but a strong advantage if held or equivalent knowledge demonstrated. Microsoft: SC 200, AZ 500, AZ 900, MS 500 Splunk: Certified User, Power User, Advanced Power User, Enterprise Security Administrator CrowdStrike: CCFR, CCFH CREST: CPSA, CRIA, CMRE, CNIA, CHIA CompTIA: Security+, Network+, CySA+ Cisco: CCNA SANS: GCIA, GCIH, GSEC Other relevant certifications Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. (This differs for SOC shift workers, please speak to your TA partner for more information). Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

VP, Platform & Security Architecture Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Reporting To: Damien Childs Location: UK / Hybrid Function: Global Leadership - Platform, Security & Architecture Description VP, Platform & Security Architecture This senior leadership role is responsible for shaping and driving NCC Group's Platform and Security Architecture strategy across all platforms that have commercial or revenue impact, including those which are client facing or used in the delivery of billable services. This senior leadership role will lead enterprise wide adoption of architectural standards of client facing professional and managed services platforms, material improvements in platform resilience, security and scalability, delivery of high value innovation initiatives, increased client confidence and stronger presales conversion and improvements in operational efficiency. The role with lead a global team of architects and provides deep technical leadership while setting architectural standards, influencing platform evolution, and guiding strategic decision making across engineering, operations and product. Act as the recognised subject matter authority in cyber platform engineering, cloud security and advanced detection technologies, with extensive experience engaging and advising at C suite level driving shareholder value, strengthening shareholder confidence, and shaping enterprise decisions through strong commercial and technical insight. With proven experience leading engineering functions within professional and managed services organisations, this role provides strategic technology leadership, defining and executing platform strategies which strengthen competitive advantage, enhance customer value, improve operational performance and contribute to long term shareholder confidence. Key Responsibilities Serve as the CTO level architectural authority for NCC Group's client facing platform estate, defining the future direction of the Group's platform and cyber capabilities. Define and govern architectural standards for all NCC Group professional service and managed service platforms, ensuring a unified, scalable and secure technology foundation across the organisation. Maintain a close partnership with the VP, Global Technical Services (GTS) to ensure all security architecture decisions and designs align with and adhere to Group IT principles and standards. When required, lead high complexity customer workshops spanning consulting, implementation, technical assurance and managed services, and support strategic sales opportunities by providing authoritative architectural direction and senior level technical assurance. Whilst an initial focus of the role prioritises GMS platforms, MXDR capabilities and cyber tooling ecosystems, the remit of this role extends to the full NCC Group platform estate, shaping end to end platform strategy for the Group, including Professional Services Automation (PSA) software. Partner with senior leadership to set long term technology strategy and innovation pathways, ensuring alignment with Group objectives and market evolution. Lead the evaluation and integration of emerging technologies, including AI/ML enhanced detection, workflow automation, and next generation platform engineering capabilities. Design multitenant platform architectures, secure cloud patterns, integration models and advanced telemetry pipelines to support Group wide solutions. Develop reference architectures, design patterns and engineering frameworks used across SecDevOps, Cyber Defence and broader platform engineering teams. Provide senior level oversight for complex or atypical deployments, such as hybrid estates, containerised workloads, multicloud environments and high risk or regulated customer verticals by enabling and guiding the architecture team to resolve technical challenges. While the team handles the majority of technical issues, this role serves as the ultimate escalation point for the most critical or strategically significant scenarios. Provide deep technical guidance to engineering teams covering design decisions, platform hardening, security patterns and infrastructure as code best practices. Drive the exploration, prototyping and validation of advanced cyber defence capabilities such as threat analytics, autonomous detection, workflow automation and AI augmented security operations, ensuring these innovations are assessed through rigorous cost-benefit and feasibility analysis to support NCC Group's strategic outcomes. Partner with platform engineering to mature AI driven workflows, including summarisation, detection generation, anomaly analysis and autonomous response models, ensuring all developments deliver measurable value, operational efficiency and strategic alignment with NCC Group's long term platform vision. Provide senior level architectural advisory support across engineering, operations, product, commercial and executive functions, ensuring that platform strategy is coherent, scalable and aligned with NCC Group's long term direction. Skills & Experience Significant demonstrable experience in defining and leading global engineering strategy for professional and managed services platforms, including technologies such as Splunk, ServiceNow, Cyber HQ and other large scale operational, monitoring and automation platforms. Strong planning and organisational skills, with the ability to manage multiple priorities. Effective communication skills, able to convey complex information clearly to different audiences. Strong stakeholder management and relationship building capabilities. Problem solving and analytical thinking, with sound judgement and decision making. Ability to work autonomously while collaborating effectively across teams. High attention to detail and commitment to quality and accuracy. Adaptability and resilience in a fast paced, changing environment. Proactive approach to identifying risks, issues, and improvement opportunities. Any other reasonable duties as required by management from time to time. Behaviours Focus on Clients & Customers Work as One NCC Always Learning Inclusive & Respectful Deliver Brilliantly

Senior Analyst - Tactical Intelligence Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Description Senior Analyst - Tactical Intelligence UK (Manchester, Cheltenham or London), Spain (Madrid), the Netherlands (Rijswijk) The purpose of this role is to strengthen the organisation's cyber defence capabilities by generating high quality, actionable threat intelligence that informs detection, response, and strategic decision making. The position exists to proactively identify, analyse, and communicate emerging threats, including adversary behaviours, malware, and infrastructure, while ensuring intelligence outputs are operationally relevant, technically robust, and aligned to business and security priorities. Operating across the full intelligence lifecycle, the role transforms complex technical findings into meaningful insights for both technical and non technical stakeholders, enabling the organisation to anticipate adversary activity, enhance detection engineering, support incident response, and advance intelligence led security operations. The role also contributes to continuous improvement through research, tooling development, collaboration with wider security teams, and active participation in the broader threat intelligence community. Key Responsibilities Threat Intelligence Analysis and Research Identify, track, and document threat actors, their TTPs, infrastructure, and indicators of compromise across the full intelligence lifecycle. Monitor and analyse Command and Control (C2) infrastructures, malicious domains, and emerging campaigns, providing context rich assessments that combine technical findings with geopolitical and regional context. Map observed threat activity to established frameworks (e.g., MITRE ATT&CK) and produce structured intelligence outputs using formats such as STIX/TAXII. Conduct technical analysis of malware samples to support intelligence assessments, including static and dynamic analysis to extract configurations, identify capabilities, and attribute activity to known threat actors. Stay current with the evolving threat landscape, proactively identifying emerging threats, novel attack vectors, and shifts in adversary tradecraft. Documentation and Reporting Produce high quality finished intelligence products, including threat actor profiles, campaign analyses, and technical advisories, suitable for both technical and non technical audiences. Document and report on malware behaviour, TTPs, and indicators derived from technical analysis, leveraging internal TIP tooling to generate and disseminate IoCs. Contribute to external communications through blog posts, conference presentations, or published research that highlights significant threat intelligence findings. Respond to Requests for Information (RFIs) from internal and external stakeholders, delivering timely, actionable intelligence. Tool Development and Detection Develop and maintain detection signatures such as YARA rules based on malware analysis and threat research. Identify network and host based detection opportunities. Manage and optimise threat intelligence platforms, sources, and feeds to improve analysis efficiency and intelligence output quality. Develop scripts and tooling to support analysis workflows, including automation of intelligence collection, enrichment, or dissemination tasks. Evaluate and recommend new tools or platforms to strengthen the team's analytical capabilities. Collaboration and Information Sharing Support and mentor other analysts within the GTI team, providing guidance on analytical tradecraft and technical methodology. Work closely with DFIR and SOC teams to provide threat context, malware insights, and intelligence support during investigations and incidents. Generate detection leads from intelligence and malware analysis, maintaining a structured handoff process. Contribute to intelligence led threat hunting by producing targeted threat assessments and hypotheses for the threat hunting team, and maintaining a feedback loop on findings. Partner with external partners, information sharing communities, and industry forums to maintain situational awareness and contribute to collective defence. Skills, Knowledge & Expertise Core Skills and Experience Demonstrated experience in Cyber Threat Intelligence analysis with a strong understanding of the intelligence lifecycle, including experience in threat actor tracking, APT research, and C2 infrastructure analysis. Strong understanding of networking protocols (e.g., TCP/IP, DNS) and how adversaries leverage network infrastructure. Familiarity with frameworks such as MITRE ATT&CK and structured intelligence formats, including STIX/TAXII. Experience supporting or interfacing with DFIR and SOC teams in an operational capacity. Understanding of offensive security reconnaissance and attacker methodologies. Desirable Skills and Experience Experience performing triage level malware analysis, including behavioural analysis, sandbox detonation, and basic static analysis. Exposure to reverse engineering tools is beneficial but not essential. Experience developing YARA rules and other detection signatures based on technical analysis. Familiarity with programming or scripting languages such as Python for developing analysis tools, automation, and data processing. Experience with threat intelligence platforms such as OpenCTI, MISP, or similar. Exposure to geopolitical risk analysis and its impact on the cyber threat landscape. Track record of published research, blog posts, or conference presentations in the threat intelligence domain. Qualifications (desired but not required) Certifications such as SANS FOR578 (Cyber Threat Intelligence), CREST Threat Intelligence Analyst (CRTIA), GREM, or equivalent. Ways of working Focusing on Clients and Customers. Working as One NCC. Always Learning. Being Inclusive and Respectful. Delivering Brilliantly. Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

Technical Solution Engineer Department: Sales Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Description Position Title: Technical Solution Engineer Location: London, Cheltenham or Manchester - Hybrid The Technical Solutions Engineer is a technical role within NCC Group's Sales Engineering & Field Strategy team, supporting the design and delivery of cybersecurity solutions across professional and managed services. This role provides technical assistance during pre sales engagements, ensuring client requirements are understood and accurately scoped. Technical Solutions Engineers contribute to proposals, statements of work, and quality assurance processes, working closely with Solution Architects and Sales teams to deliver high quality, client focused solutions. This position is ideal for individuals with a strong technical foundation and a desire to develop expertise in solution architecture and cybersecurity consulting. It requires excellent communication skills, attention to detail, and the ability to collaborate effectively across teams. Summary Support pre sales engagements by gathering and validating client requirements. Assist in producing client facing documentation, including proposals and statements of work. Provide technical input during internal quality assurance processes to ensure accuracy and feasibility. Collaborate with Sales, Delivery, and Product Management teams to align solutions with client needs. Participate in client meetings and calls to provide technical support and clarify scope. Maintain awareness of NCC Group's service offerings and emerging cybersecurity trends. Contribute to internal knowledge sharing and training initiatives. Support Solution Architects and Senior Solution Architects on complex engagements. What we are looking for in you Strong understanding of IT infrastructure, network architecture, and cloud services (Azure, AWS). Basic knowledge of cybersecurity principles, penetration testing methodologies, and risk management. Familiarity with at least one security framework (e.g. ISO 27001, NIST, PCI DSS). Ability to explain technical concepts to non technical audiences. Strong written and verbal communication skills. Proficiency in Microsoft Office and documentation tools. Ability to manage time effectively and prioritize tasks. Desired Requirements Exposure to cybersecurity consulting or technical delivery roles. Knowledge of managed security services and incident response. Understanding of compliance and regulatory requirements. Security certifications such as CompTIA Security+, or equivalent experience. Familiarity in OT industry and prioritizing safety of people, equipment and the environment when working in hazardous or 'operating environments' is desirable. Ways of working Focusing on Clients and Customers. Working as One NCC. Always Learning. Being Inclusive and Respectful. Delivering Brilliantly. What do we offer in return? Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

SOC Analyst Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR London Description Today, it is an unavoidable fact that your business-critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. When you do not have enough internal resources, time, or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activities. NCC Group provides a range of managed and hosted services delivered from our Global Security Operations Centre (SOC), which operates 24/7, 365 days a year. Our team of over 100 accredited security experts is available around the clock, dealing daily with over 200 million log events and providing support for thousands of network devices. NCC Group's MXDR Team provides world-class Extended Detection and Response (XDR) services, detecting, responding to, and mitigating cyber-attacks on our customers' networks in our Security Operations Centres. We use a plethora of detection tools such as the Microsoft Security Stack, Splunk, EDR, IDS & IPS tools, and many more, all integrated with NCC Group's Unified Cyber Platform (UCP). The MXDR Team is looking for L2 SOC Analysts with a passion for security to join the team, helping customers get the most out of our services and protect their networks. This is an opportunity to join a technically advanced and talented team and help NCC Group build and deliver world-class services to our customers. This role is ideal for a seasoned SOC Analyst with experience in cybersecurity looking to broaden their scope of cyber skills with a strong focus on detection and response to cyber incidents. Key Responsibilities Monitor global systems for potential threats, vulnerabilities, and indicators of compromise. Perform in-depth analysis of security alerts utilising both NCC Group's UCP and explore further using the underlying detection platform where necessary. Provide incident remediation and prevention documentation and recommendations to customers based on defined procedures and analyst experience. Document and adhere to processes related to security monitoring procedures. Provide customer service that always exceeds our customers' expectations. Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors. Compile and review service-focused reports. Act as an escalation point for junior team members, aiding and mentoring where necessary. Contribute to the continuous improvement of SOC procedures and documentation. Perform other SOC duties as assigned. Skills, Knowledge & Expertise Core Technical Skills & Experience Practical experience with security and networking tools such as Microsoft XDR (Sentinel, Defender) and Splunk Enterprise/Cloud/Enterprise Security Strong understanding of network protocols, endpoint detection, and digital forensics In depth knowledge of Windows and Linux operating systems Hands on experience analysing common security incidents and supporting endpoint security Ability to remain calm and effective during high pressure and sensitive security situations Desirable Certifications Not mandatory, but a strong advantage if held or equivalent knowledge demonstrated. Microsoft: SC 200, AZ 500, AZ 900, MS 500 Splunk: Certified User, Power User, Advanced Power User, Enterprise Security Administrator CrowdStrike: CCFR, CCFH CREST: CPSA, CRIA, CMRE, CNIA, CHIA CompTIA: Security+, Network+, CySA+ Cisco: CCNA SANS: GCIA, GCIH, GSEC Other relevant certifications Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave differs for SOC shift workers, please speak to your TA partner for more information). Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco-friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

Senior Data Platform Engineer Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Description Manchester, Cheltenham or London We are seeking a skilled Data Engineer to join our Engineering team, responsible for designing, building, and optimising scalable data pipelines that power advanced analytics and machine learning solutions. You will play a key role in enabling data-driven decision-making by delivering high-quality, reliable datasets to tools such as Amazon SageMaker and other analytics platforms. Key Responsibilities We are looking for a Data Engineer to work closely with the Data Science team to develop robust data pipelines that feed analytics and machine learning tools such as Amazon SageMaker and third-party platforms like Databricks. You will leverage AWS technologies such as EMR, S3, EKS and Airflow to process and orchestrate high-volume datasets, ensuring solutions are scalable, resilient and cost-efficient. You will also play a key role in embedding data loss prevention (DLP) principles and controls into data pipelines to protect sensitive information, while ensuring data is reliable, accessible, well-governed and optimised for downstream consumption. Skills, Knowledge & Expertise Essential Strong experience in data engineering within AWS cloud environments. Hands on experience with AWS big data technologies such as EMR, S3 and SageMaker. Proficiency in Python for building scalable data pipelines and processing frameworks. Experience with Apache Spark for distributed data processing. Experience designing and maintaining scalable batch and real time data pipelines. Solid understanding of ETL/ELT design patterns and data modelling techniques. Experience with workflow orchestration tools such as Apache Airflow (ideally deployed on AWS). Familiarity with containerisation and orchestration using Docker and Kubernetes (EKS). Experience with infrastructure as code (e.g. Terraform) and CI/CD/GitOps practices. Proven ability to optimise performance and reduce cloud costs through partitioning, clustering and workload management. Understanding of data security principles, including data loss prevention (DLP). Desirable Experience with Databricks or similar third party big data platforms. Knowledge of real time streaming technologies (e.g. Kafka, Kinesis). Experience implementing data governance and compliance frameworks. Familiarity with monitoring and observability tools in AWS environments. Exposure to Lakehouse or modern data platform architectures. Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco-friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

NCC Group plc is looking for a SOC Analyst to manage security incidents and mentor Junior SOC Analysts. The role requires a Bachelor's degree, 2-4 years of relevant experience, and advanced knowledge of cybersecurity concepts. You will work collaboratively to improve SOC processes and tools while contributing to a safer society. The position offers a good salary, a favourable pension scheme, and many development opportunities including training and performance bonuses.

NCC Group plc is looking for a SOC Analyst in Cheltenham to join their Cyber Services and Capabilities team. The role involves monitoring global systems for potential threats, performing in-depth analyses using their Unified Cyber Platform, and providing actionable recommendations to customers. Candidates should have practical experience with Microsoft XDR and Splunk, alongside strong knowledge of network protocols. The position offers a range of benefits including flexible working and generous holiday allowance.

NCC Group plc is seeking a SOC Analyst in Greater London to monitor and analyze security threats, provide incident remediation, and mentor junior team members. This full-time position requires practical experience with Microsoft XDR, Splunk, and significant knowledge of network protocols, Windows, and Linux systems. The ideal candidate is experienced in cybersecurity and able to work effectively under pressure. Benefits include flexible work options, generous holiday allowance, and a range of financial and wellness programs.

Cyber Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk Description Position Title: Cyber Security Consultant Location: Rijswijk, NL Role Purpose: A cyber security consultant is a professional with experience and knowledge in the field of cyber security. Typically showing some relevant industry experience, they possess a combination of technical expertise, problem-solving skills, and a keen understanding of cyber security risks and mitigation tactics. Consultants are often team members in security projects, and are adept at taking on responsibilities that require both technical know-how and the ability to handle client small projects or parts of larger projects. Collaborating with team and sharing knowledge across team to share lessons learned. Key Responsibilities Deliver client engagements as part of a team; Participate in risk assessments and security audits, providing remedies and preventive measures (e.g. in line with security frameworks and compliance requirements) Develop and execute security training for clients. Develop and execute awareness projects for clients. Collaborate with IT and development teams to integrate security practices into the business processes. Create reports and/or presentations for clients across various levels of an organisation. Draft security policies, guidelines, and control frameworks in alignment with regulatory requirements. Skills, Knowledge and Expertise Technical Skills Knowledge and use of some relevant tools, methods and techniques; Proficient in at least one security area such as network security, application security, endpoint security, and cloud security; Basic understanding of security protocols, authentication, authorization, and security vulnerabilities Basic capability in executing security assessments, penetration testing and vulnerability analyses; Didactical skills to develop and provide trainings and crisis exercises Basic familiarity with security frameworks (e.g., ISO 27001, NIST, NIS2, DORA) and compliance requirements (e.g., GDPR, HIPAA) Prerequisite: Ability to script or program in languages such as Python, PowerShell, or Bash for purposes like automation and tool development. Personal Skills Dutch language verbal and writing Strong analytical and critical thinking abilities; Effective communication skills (written and verbal, both internal and external facing) across various levels of an organization; Collaboration and teamwork within multi-disciplinary teams; Project management skills for small client projects; Time management and the ability to work in multiple projects simultaneously; Reporting & Presentation skills for external presentations to clients after a project; Certifications Examples such as: CISM, CISSP. Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco-friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

Senior Engineer - MXDR Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Manchester Hardman Boulevard Description As a Senior MXDR Engineer, you are a true multitasker with both technical depth and strong communication skills. Deploying and maintaining MXDR solutions is your core responsibility - your "bread and butter." You assess customer needs, collaborate with stakeholders across organizational levels, and ensure their environments become safer and more resilient against threats. Your expertise is also a trusted resource within the team. Whether it's helping the SOC interpret the logging associated with a Splunk alert, troubleshooting CPU spikes of CrowdStrike agents during a DFIR engagement, or assisting SDM in interpreting technical questions - you're the go to person. This role requires a broad skill set. A major focus is on technical consultancy, meaning a strong technical foundation, professional communication skills, and a passion for continuous learning are essential. We're looking for someone with experience with SIEM & EDR tools. We see MXDR as Microsoft Sentinel, Splunk, CrowdStrike or Sentinel One. Familiarity with these platforms is a strong plus. Because this is a customer facing role, you should feel confident engaging with clients in both in person and digital environments. As part of a global organization, proficiency in written and spoken English is a must. Key Responsibilities Implement and support MXDR solutions for customers, ensuring effective deployment and configuration. Independently operate in multidisciplinary teams for projects, proactively contributing to client deliverables and addressing internal and external technical and organizational challenges. Serve as a Subject Matter Expert on specific MXDR tools, supporting and advising customers and colleagues across teams. Continuously improve the MXDR services through automation, process enhancements and knowledge sharing. Skills, Knowledge & Expertise Expert knowledge of cybersecurity and proficiency in one or multiple MXDR technologies. Demonstrated ability to analyze and interpret complex data. Strong leadership and communication skills. Exceptional client engagement and problem solving skills. Job Benefits Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

NCC Group plc is seeking an Executive (Delivery) Security Consultant to join their Cyber Services and Capabilities department. This full-time role focuses on delivering superior cyber security solutions, managing client engagements, and collaborating across teams. Ideal candidates should have extensive experience in network and application security, fluency in Dutch, and strong project management skills. The position offers flexible working options, generous holiday allowance, and various well-being initiatives.

Executive (Delivery) Security Consultant Department: Cyber Services and Capabilities Employment Type: Full Time Location: NLD Rijswijk Description Role Overview: The Executive (Delivery) Security Consultant is a professional with experience and knowledge in the field of cyber security. Shows a proven track record of relevant industry experience, they possess a combination of high level technical expertise, problem solving skills, and a keen understanding of cyber security risks and mitigation tactics. As a key member of the team, the executive Consultant provides oversight and guidance, effectively bridging the gap between junior consultants and senior management. The Consultant additionally manages client projects or defined parts of those projects as needed. Collaborating and managing the team and sharing knowledge across team to share lessons learned. The executive consultant has a broad network and is experienced in working with C level stakeholders. Key Responsibilities Deliver client engagements as lead consultant or part of a team Design, implement, and administer complex security architectures and solutions Conduct independently risk assessments and security audits, providing remedies and preventive measures including C level/boardroom sessions Manage or collaborate with IT and development teams to integrate security practices into the business processes Creating reports or presentations for clients Advise management on high level security strategies Draft independently security policies, guidelines, and control frameworks in alignment with regulatory requirements Skills, Knowledge and Expertise Technical Skills Proficient in areas such as network security, application security, endpoint security, and cloud security Good understanding of security protocols, authentication, authorization, and vulnerabilities Experience in executing security assessments, board room sessions, coaching C level audiences In depth knowledge with security frameworks (e.g., ISO 27001, NIST, NIS2, DORA) and compliance requirements (e.g., GDPR, HIPAA) In depth knowledge with common cyber security tools (e.g., SIEM, firewalls, IDS/IPS, antivirus software) Personal Skills This role requires professional fluency in Dutch, written and spoken, as you will be supporting a Dutch speaking client group Strong analytical and critical thinking abilities Effective communication skills (written and verbal, both internal and external facing) across various levels of an organization Collaboration and teamwork within multi disciplinary teams Project management skills for client projects Time management and the ability to handle multiple projects simultaneously Reporting & Presentation skills for external presentations to clients after a project Commercially sensitive. Certifications are an advantage Offensive Security (OSCP, OSEP, OSWP) for TAS consultants; CISM, CISSP for C&I consultants. Ways of Working Focusing on Clients and Customers. Always Learning. Delivering Brilliantly. Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

NCC Group plc in Manchester is seeking a Senior Engineer - MXDR to implement and support MXDR solutions for clients. The ideal candidate will possess deep cybersecurity expertise and a strong background in technologies like Microsoft Sentinel and Splunk. Responsibilities include independent project operation and serving as a Subject Matter Expert. The position promotes client engagement, problem-solving skills, and offers a variety of benefits including flexible working and a generous holiday allowance.

Senior Engineer - MXDR Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR Cheltenham Jessop House Description As a Senior MXDR Engineer, you are a true multitasker with both technical depth and strong communication skills. Deploying and maintaining MXDR solutions is your core responsibility - your "bread and butter." You assess customer needs, collaborate with stakeholders across organizational levels, and ensure their environments become safer and more resilient against threats. Your expertise is also a trusted resource within the team. Whether it's helping the SOC interpret the logging associated with a Splunk alert, troubleshooting CPU spikes of CrowdStrike agents during a DFIR engagement, or assisting SDM in interpreting technical questions - you're the go-to person. This role requires a broad skill set. A major focus is on technical consultancy, meaning a strong technical foundation, professional communication skills, and a passion for continuous learning are essential. We're looking for someone with experience with SIEM & EDR tools. We see MXDR as Microsoft Sentinel, Splunk, CrowdStrike or Sentinel One. Familiarity with these platforms is a strong plus. Because this is a customer facing role, you should feel confident engaging with clients in both in person and digital environments. As part of a global organization, proficiency in written and spoken English is a must. Key Responsibilities Implement and support MXDR solutions for customers, ensuring effective deployment and configuration. Independently operate in multidisciplinary teams for projects, proactively contributing to client deliverables and addressing internal and external technical and organizational challenges. Serve as a Subject Matter Expert on specific MXDR tools, supporting and advising customers and colleagues across teams. Continuously improve the MXDR services through automation, process enhancements and knowledge sharing. Skills, Knowledge & Expertise Expert knowledge of cybersecurity and proficiency in one or multiple MXDR technologies. Demonstrated ability to analyze and interpret complex data. Strong leadership and communication skills. Exceptional client engagement and problem solving skills. Job Benefits We have a high performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

Senior Engineer - MXDR Department: Cyber Services and Capabilities Employment Type: Full Time Location: GBR London Description As a Senior MXDR Engineer, you are a true multitasker with both technical depth and strong communication skills. Deploying and maintaining MXDR solutions is your core responsibility - your "bread and butter." You assess customer needs, collaborate with stakeholders across organizational levels, and ensure their environments become safer and more resilient against threats. Your expertise is also a trusted resource within the team. Whether it's helping the SOC interpret the logging associated with a Splunk alert, troubleshooting CPU spikes of CrowdStrike agents during a DFIR engagement, or assisting SDM in interpreting technical questions - you're the go to person. This role requires a broad skill set. A major focus is on technical consultancy, meaning a strong technical foundation, professional communication skills, and a passion for continuous learning are essential. We're looking for someone with experience with SIEM & EDR tools. We see MXDR as Microsoft Sentinel, Splunk, CrowdStrike or Sentinel One. Familiarity with these platforms is a strong plus. Because this is a customer facing role, you should feel confident engaging with clients in both in person and digital environments. As part of a global organization, proficiency in written and spoken English is a must. Key Responsibilities Implement and support MXDR solutions for customers, ensuring effective deployment and configuration. Independently operate in multidisciplinary teams for projects, proactively contributing to client deliverables and addressing internal and external technical and organizational challenges. Serve as a Subject Matter Expert on specific MXDR tools, supporting and advising customers and colleagues across teams. Continuously improve the MXDR services through automation, process enhancements and knowledge sharing. Skills, Knowledge & Expertise Expert knowledge of cybersecurity and proficiency in one or multiple MXDR technologies. Demonstrated ability to analyze and interpret complex data. Strong leadership and communication skills. Exceptional client engagement and problem solving skills. Job Benefits We have a high-performance culture which is balanced evenly with world class well being initiatives and benefits: Flexible Working: Balance your work and personal life with our flexible working options. Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. Medicash & Critical Illness Scheme Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. Green Car Scheme: Drive green and save money with our eco-friendly car scheme. Cycle Scheme: Stay fit and healthy with our cycle to work scheme. Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.