Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
19/06/2026
Full time
Position Summary The Senior Security Analyst is a dedicated security operations role providing continuous security coverage for a client operating in a regulated industry. You are embedded within a small, senior team delivering operational security services across detection, investigation, response, and proactive security operations, with direct responsibility for outcomes. You own security incidents end-to-end, from initial detection through investigation, containment, and coordination of remediation with internal and third-party teams. When the incident queue is clear, you carry out proactive security operations work including vulnerability scanning, web application scanning, breach and attack simulation, and validation of security tooling, actively maintaining and improving the client's security posture. Beyond incident response, you liaise directly with the client's IT and cloud teams to ensure remediation actions are completed, and you coordinate across teams to drive issues through to resolution. You bridge the gap between security operations and engineering, escalating platform issues to the security engineering team and supporting engineers during major incidents. The tooling scope has a strong Microsoft orientation. You work alongside the client's SOC provider where applicable, receiving escalated SIEM alerts while also monitoring and operating endpoint, vulnerability, and simulation tooling directly. You have direct access for investigation and threat hunting purposes. You bring experience beyond security tooling, with the ability to navigate the infrastructure and application technologies within the client's hybrid (on-premise and cloud) environment. Role Mission To deliver reliable, high-quality operational security for the client by owning detection, investigation, and response, while proactively strengthening the security environment through hands-on security operations work and cross-team coordination. Objectives & Key Results The key objectives will be to: Maintain SLA compliance for incident detection, investigation, and response across all priority levels Own security incidents through to resolution, ensuring remediation actions are completed Operate and validate proactive security tooling (e.g. Qualys, XM Cyber, AttackIQ) to an agreed schedule, identifying and acting on findings Reduce detection gaps by contributing to detection rule tuning, false-positive reduction, and threat hunting activities Share insights that improve SOC response times, detection accuracy, and coverage Maintain high standards of documentation, communication, and compliance to audit standards Support the security engineering team during major incidents and platform changes Complete a minimum of 40 hours of professional training per year, aligned to client requirements Duties and Responsibilities Essential Roles & Responsibilities Incident Detection, Investigation & Response Monitor and investigate alerts from Microsoft Defender and related email, endpoint and cloud security tooling Receive and act on escalated alerts from the client's SOC provider or SIEM platform Take ownership of all security incidents, validating indicators of compromise and determining impact Perform detailed investigations using KQL queries in Microsoft Sentinel and telemetry from across the security stack, going beyond initial triage to full root-cause analysis Reconstruct event chains and identify root causes, including correlation across endpoint, identity, cloud, and network data sources Determine credibility and severity of threats in the context of the client's risk profile and regulatory obligations Investigate potential IOCs using multi-source telemetry and threat intelligence Make evidence-based decisions on containment actions and remediation plans, coordinating response actions with the client's IT, cloud, and workplace teams Recommend immediate defensive or containment actions where appropriate, and support teams across the business in the resolution of incidents and post-event analysis and reporting Handle incidents end-to-end where tooling and access allow, escalating to the security engineering team or client security leadership when required Operate within tight SLAs appropriate to a regulated client environment
The Role The Senior Security Engineer (Team Leader) is responsible for leading a dedicated security engineering team, combining hands-on platform engineering with technical leadership and people management. You will own security platform architecture, act as the primary escalation point for complex issues, and ensure platforms remain secure, resilient, and compliant within a regulated environment. Key Responsibilities Act as technical lead for security engineering and platform architecture Serve as primary escalation point for complex and major incidents Provide technical leadership and mentoring to engineers and analysts Line manage and develop the security engineering and analyst teams Own platform maintenance, configuration, and lifecycle management Ensure security platforms are integrated across hybrid environments Oversee patching, upgrades, and platform performance Drive platform improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards, and governance Represent engineering in client governance and audit activities Coordinate cross-team resolution of complex technical issues Experience & Knowledge Essential: Significant experience in security engineering and platform management Strong leadership experience managing technical teams Deep knowledge of Microsoft Defender and SIEM platforms (e.g. Sentinel) Experience in hybrid cloud and on-prem environments Strong understanding of security architecture and frameworks Experience in regulated environments (e.g. financial services) Strong stakeholder and client engagement skills Experience with automation and scripting (PowerShell, Python, etc.) Desirable: Experience with vulnerability and exposure management tools Knowledge of security frameworks (NIST, ISO 27001, CIS) Relevant security certifications (e.g. CISSP, AZ-500, SC-100)
28/05/2026
Full time
The Role The Senior Security Engineer (Team Leader) is responsible for leading a dedicated security engineering team, combining hands-on platform engineering with technical leadership and people management. You will own security platform architecture, act as the primary escalation point for complex issues, and ensure platforms remain secure, resilient, and compliant within a regulated environment. Key Responsibilities Act as technical lead for security engineering and platform architecture Serve as primary escalation point for complex and major incidents Provide technical leadership and mentoring to engineers and analysts Line manage and develop the security engineering and analyst teams Own platform maintenance, configuration, and lifecycle management Ensure security platforms are integrated across hybrid environments Oversee patching, upgrades, and platform performance Drive platform improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards, and governance Represent engineering in client governance and audit activities Coordinate cross-team resolution of complex technical issues Experience & Knowledge Essential: Significant experience in security engineering and platform management Strong leadership experience managing technical teams Deep knowledge of Microsoft Defender and SIEM platforms (e.g. Sentinel) Experience in hybrid cloud and on-prem environments Strong understanding of security architecture and frameworks Experience in regulated environments (e.g. financial services) Strong stakeholder and client engagement skills Experience with automation and scripting (PowerShell, Python, etc.) Desirable: Experience with vulnerability and exposure management tools Knowledge of security frameworks (NIST, ISO 27001, CIS) Relevant security certifications (e.g. CISSP, AZ-500, SC-100)
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
28/05/2026
Full time
The Role The Senior Security Engineer is responsible for the day-to-day operation, maintenance, and optimisation of security platforms supporting a financial services client in a regulated environment. This is a hands-on engineering role where you will ensure security tooling is fully operational, integrated, and performing as expected. You will work closely with the 24/7 Security Analyst team, supporting investigations, resolving platform issues, and driving improvements across detection and response capabilities. This role is client-aligned with 3 days onsite in London . Key Responsibilities Maintain and configure security platforms including SIEM, XDR/EDR, vulnerability and cloud security tooling Perform lifecycle activities including patching, upgrades, and configuration changes Ensure security platforms are fully integrated across on-prem and cloud environments Monitor platform health, performance, and availability, resolving issues proactively Support service transitions, upgrades, and controlled change activities Act as escalation point for platform issues raised by the Security Analyst team Provide engineering support during complex incidents and investigations Implement platform-level changes to support incident response and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure all platforms meet regulatory, audit, and compliance requirements Contribute to governance, reporting, and continuous improvement initiatives Experience & Knowledge Essential: Strong experience in security engineering and platform management Experience supporting SOC tooling and security operations environments Hands-on experience with Microsoft Defender and Microsoft Sentinel Strong understanding of SIEM, XDR, and security platform integrations Experience in hybrid (on-prem and cloud) environments Strong troubleshooting skills across platforms, integrations, and data pipelines Experience with scripting/automation (PowerShell, Python or similar) Strong understanding of networking, cloud, and infrastructure fundamentals Experience in regulated environments (e.g. financial services) Strong documentation and communication skills Desirable: Experience with vulnerability and scanning tools (e.g. Qualys) Familiarity with exposure management and BAS tools (XM Cyber, AttackIQ) Knowledge of DLP, email security, and cloud security platforms Awareness of PAM and data security tools (e.g. CyberArk, Varonis)
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
14/04/2021
Full time
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
07/04/2021
Full time
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
07/04/2021
Full time
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
31/03/2021
Full time
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
31/03/2021
Full time
About The Role Essential duties & responsibi li ties Responsible for working in a 24x7 Security Operation Center (SOC) environment Provide analysis and trending of security log data from a large number of heterogeneous security devices. Provide Incident Response (IR) support when analysis confirms actionable incident...... click apply for full job details
About The Role The role of the Junior IT Support Engineer within the IT Support team is to assist with the provision, support and maintenance of the IT equipment used by internal users across multiple locations. The role requires a combination of hardware and software skills and an ability to work with all types of people on a professional basis...... click apply for full job details
23/03/2021
Full time
About The Role The role of the Junior IT Support Engineer within the IT Support team is to assist with the provision, support and maintenance of the IT equipment used by internal users across multiple locations. The role requires a combination of hardware and software skills and an ability to work with all types of people on a professional basis...... click apply for full job details
About The Role The role of the IT Support Engineer within the IT Support team is to assist with the provision, support and maintenance of the IT equipment used by internal users across multiple locations. The role requires a combination of hardware and software skills and an ability to work with all types of people on a professional basis...... click apply for full job details
17/03/2021
Full time
About The Role The role of the IT Support Engineer within the IT Support team is to assist with the provision, support and maintenance of the IT equipment used by internal users across multiple locations. The role requires a combination of hardware and software skills and an ability to work with all types of people on a professional basis...... click apply for full job details
About The Role Position summary As a member of the Managed Security Services team, you will be responsible for helping to build, deliver, and evolve our Managed Cloud Security services in AWS and/or Azure. Reporting to the Managed Security Services Practice Lead and working closely with the Managed Security Service Product Manager, you will research technologies, design, and build new services for t...... click apply for full job details
17/03/2021
Full time
About The Role Position summary As a member of the Managed Security Services team, you will be responsible for helping to build, deliver, and evolve our Managed Cloud Security services in AWS and/or Azure. Reporting to the Managed Security Services Practice Lead and working closely with the Managed Security Service Product Manager, you will research technologies, design, and build new services for t...... click apply for full job details
About The Role The primary function of the Penetration Tester in the CST team is to continually review the customers' defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Penetration Tester is also responsible for pre-engagement activities including scoping, statements...... click apply for full job details
17/03/2021
Full time
About The Role The primary function of the Penetration Tester in the CST team is to continually review the customers' defined scope for vulnerabilities, identify additional targets that should be included in the scope, and report these to the client in a timely, accurate, and comprehensive manner. The Penetration Tester is also responsible for pre-engagement activities including scoping, statements...... click apply for full job details
About The Role The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer's external attack surface for new vulnerabilities, changes in the sc...... click apply for full job details
17/03/2021
Full time
About The Role The Continuous Security Testing service is a consultant led vulnerability identification and verification service which makes use of automated vulnerability scanning along with significant manual testing against a broad scope in a continuing engagement. The purpose of the service is to continually monitor a customer's external attack surface for new vulnerabilities, changes in the sc...... click apply for full job details
